Skip to Content
Contáctenos
Chatee ahora Chat fuera de línea
Obtenga ayuda en vivo y chatee con un representante de SAP.
Contáctenos
Envíenos un correo electrónico con comentarios, preguntas o críticas.

SAP Cloud Platform SOC 2 Audit Report 2018 H2

The scope of this SOC report includes the SAP Cloud Platform services hosted in SAP SE's data centers St. Leon–Rot, Germany as well as in the co-location data centers in Frankfurt (Germany), Sydney (Australia), Phoenix (Arizona, USA), Ashburn (Virginia, USA), Sterling (Virginia, USA), Tokyo (Japan), Osaka (Japan), Riyadh (Saudi Arabia), Toronto (Canada), Moscow (Russian Federation), Sao Paulo (Brazil), Dubai (United Arab Emirates) and Amsterdam (Netherlands). 

 

SAP Cloud Platform is the SAP Business Application Platform-as-a-Service (PaaS) offering. As an essential part of SAP’s cloud strategy it enables SAP and its partners and customers to develop, deploy, run, operate, and use applications in a cloud environment.

 

The cloud platform is built to enable interoperability and at the same time to ensure security and integrity required by applications operating in a distributed network environment.

 

SAP Cloud Platform is a multitenant public cloud offering which allows application providers, including SAP itself, to build lightweight, collaborative, network-oriented applications to complement and extend existing SAP solutions. 

 

Additionally, SAP provides and operates SaaS solutions on SAP Cloud Platform. Those also leverage the SAP Cloud Platform management system and operational controls. Therefore, everywhere in this system description where referred to SAP Cloud Platform, all services, tools, applications, SaaS solutions, part of or running on SAP Cloud Platform, are included as described in the chapter Technical Overview.

 

SAP Cloud Platform is a product implemented by SAP, and as such, it uses the Innovation Cycle framework for product and solution creation, certified with ISO 9001:2015.

 

SOC2 reports fulfill various information and assurance needs of customers and aim to place trust in SAPs service organization systems, processes and controls. These narratives are related to the trust principles Security, Availability, Confidentiality Processing Integrity or Privacy which must be met to demonstrate a well-designed system. SOC2 also contains details on performed tests and their results. SOC2 Type 1 covers management’s description of a service organization’s system and the suitability of the design of controls at a specific point in time, whereas a SOC2 Type 2 also includes the operating effectiveness of controls for a dedicated period of time.

 

SAP Cloud Platform has regularly prepared SOC2 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period 1. May 2018 to 31. October 2018, the location St. Leon–Rot, Germany as well as in the co-location data centers in Frankfurt (Germany), Sydney (Australia), Phoenix (Arizona, USA), Ashburn (Virginia, USA), Sterling (Virginia, USA), Tokyo (Japan), Osaka (Japan), Riyadh (Saudi Arabia), Toronto (Canada), Moscow (Russian Federation), Sao Paulo (Brazil), Dubai (United Arab Emirates) and Amsterdam (Netherlands) and the trust principles Security, Availability and Confidentiality.

 

The use of these reports is restricted. A copy of this report is available for all SAP customers and prospects with non-disclosure agreement in place.

Back to top