The scope of the ISO/IEC 27001:2022 certification is limited to the information security management system (ISMS) which provides SAP Sovereign Cloud Delivery Operations and includes the support of confidentiality, integrity, and availability pertaining to all business operations and information assets related to the operation and provisioning of hardened SAP products, as well as the provisioning of related services, for government and public sector customers in Canada, Australia, New Zealand, and the United Kingdom. As part of these actions, SAP Sovereign Cloud Delivery Operations builds Shared Management Services (SMS), which are used in the administration, security, monitoring and automation of SAP products in accordance with the ISO/IEC 27001:2022 Statement of Applicability version 1.2 dated September 10, 2024, and extended to include the ISO/IEC 27017:2015 extended control set for cloud security; and the ISO/IEC 27018:2019 extended control set for PII protection.
Download the Document