SAP Trust Center
SAP Fieldglass SOC 1 (ISAE 3402) Audit Report 2021
SAP Fieldglass provides a cloud-based Vendor Management System (VMS) to manage services procurement and external workforce programs. Hundreds of global businesses leverage our industry-leading technology to gain visibility into their external labor, project-based services including Statements of Work (SOWs), independent contractors, and additional flexible talent pools.
SOC 1 specific:
A SOC 1 is an audit of the operating effectiveness of our internal control environment. Internal controls include, but are not limited to, employee background checks, physical and logical access controls, the entire Systems Development Life-Cycle (SDLC), and IT change control. This report serves as a window into how we operate as a service provider.
A SOC 1 Type 2 report provides independent third-party verification by a licensed 3rd party accounting firm as to whether control activities were suitably designed and operating effectively during the audit period. SAP Fieldglass operates on a 12-month audit period. The scope of the audit includes both our corporate headquarters and R&D technology center where all software planning, design, development, testing and support activities are performed. This single report is designed to satisfy both domestic and overseas customers.
Our SOC 1 Type 2 assessment is conducted in accordance with the Statement on Standards for Attestation Engagements No. 18 (SSAE 18) and the International Standards for Assurance Engagements No. 3402 (ISAE 3402). This version of the report covers the audit period 1. October 2020 to 31. October 2021.
A copy of this report is available for businesses that have signed an MNDA with SAP Fieldglass. This report is confidential and must not be redistributed.