SAP Trust Center
SAP Cloud for Customer SOC 1 (ISAE 3402) Audit Report 2020 H2
The scope of this SOC report includes the SAP Cloud for Customer solutions as offered for the live productive customer systems that are hosted in SAP SE's data centers St. Leon– Rot (Germany) and Newtown Square (USA) as well as in the co-location Sydney, Australia; Amsterdam (Netherlands), Dubai (UAE), Frankfurt (Germany), Moscow (Russia), Riyadh (Saudi Arabia), Sao Paulo (Brazil), Shanghai (China), Sterling (USA) and Sydney (Australia).
SAP Cloud for Customer: A SAP CRM Software-as-a-Service (SaaS) offering, powered by SAP HANA®. It is a set of solutions for sales and service teams to drive revenue growth, reduce sales cycle times, improve sales and service efficiency, and increase customer satisfaction and loyalty. All solutions are pre-integrated with SAP Business Suite for complete end-to-end business process integration, and the solutions are supported on a wide range of browsers and mobile devices. SAP Cloud for Customer is a multitenant cloud offering which brings sales, customer service and social CRM together.
SAP Cloud for Customer is comprised of the following:
SAP Sales Cloud: SAP Sales Cloud is designed for sales professionals, sales partners, sales leaders, and sales organizations to help them better understand, target, engage, attract, and retain their customers throughout the end-customer journey. The solution allows access to latest information on customers, accounts, and opportunities. With the integrated sales analytics, companies can create reports based on their specific needs and get contextual, customer information and sales insight. Global and local teams can support each other to close deals faster by using the collaboration functionality.
SAP Service Cloud: SAP Service Cloud is designed for service professionals, call center agents, service partners, service leaders, and customer service and support organizations to help them better understand, engage, service, support, and retain their customers throughout the end-customer lifecycle. The solution offers service request management across multiple channels, service level agreements, escalation and workflow processes, telephony integration, agent cockpit, and knowledge management integration
SOC 1 reports specifically address service organizations internal control over financial reporting and controls specified by the service provider. The SOC1 reports are intended solely for the information and use of existing user entities (for ex. Exiting customers of the service organization), their financial statement auditors and management of the service organization. SOC 1 reports are prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No.18, a new guidance that the auditors use to conduct a SOC 1 engagement. SOC 1 Type 1 covers management’s description of a service organization’s system and the suitability of the design of controls at a specific point in time, whereas a SOC 1 Type 2 also includes the operating effectiveness of controls for a dedicated period of time.
SAP Cloud for Customer has regularly prepared SOC 1 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period 1. May 2020 to 31. October 2020, the locations San Jose (California), Amsterdam (Netherlands, Moscow (Russia), Shanghai (China), Dubai (UAE), Riyadh (Saudi Arabia) and Sydney (Australia) as well as in co-locations Sunnyvale, California (USA).
The use of these reports is restricted. A copy of this report is available for all SAP Ariba customers who had productive and had financially-relevant systems during the audit period covered by the report.