For the SAP SE confidentiality, availability and integrity of information have great value. We have taken extensive measures on protection of customer information. Therefore, we follow the question catalogue of information security of the German Association of the Automotive Industry (VDA ISA). The TISAX (Trusted Information Security Assessment Exchange) Assessments are conducted by the accredited audit providers that demonstrate their qualification at regular intervals. The result is exclusively retrievable over the ENX Portal: https://enx.com/tisax.
The scope of this assessment includes the SAP Ariba services hosted in SAP SE’s data centers St. Leon-Rot, Germany and in the co-location data centers Amsterdam, Netherlands. The SAP Ariba services are operated from the SAP subsidiaries Palo Alto (USA), Pittsburgh (USA), Bangalore (India) and Prague (Czech Republic).
The SAP Ariba Cloud Solutions are offered as public cloud, multi-tenant Software-as-a-Service. The following SAP Ariba solutions including the modules or applications as mentioned below as sub items are subject to this description:
- Ariba Network
- SAP Ariba Discovery
- Payment Capability (SAP Ariba Payables)
- Spot Buy Capability
- Document Automation Feature
- SAP Ariba Commerce Automation
SAP Ariba Supply Chain Collaboration (formerly Ariba Advanced Supply Chain Automation)
- Discounting Capability (SAP Ariba Payables)
The ENX Association supports with TISAX on behalf of VDA the common acceptance of Information Security Assessments in the automotive industry. TISAX and TISAX results are not intended for general public.