SAP Business ByDesign Cloud Computing Compliance Criteria Catalog (C5:2020) Audit Report 2023 H1
SAP Business ByDesign is a cloud-based Software-as-a-Service (SaaS) ERP offering for mid-market companies and subsidiaries, powered by SAP HANA®. With SAP Business ByDesign (ByD), organizations can manage their entire business with a single cloud ERP solution. It is suited for mid-market companies and subsidiaries of large corporations. This complete and integrated Software-as-a-Service (SaaS) suite supports financials, human resources, sales, procurement, customer service, supply chain management and more. Additionally, ByD has integration capabilities with a variety of SAP’s LoB based cloud solutions like SuccessFactors, Concur etc.
SAP ByD infrastructure is located at the following SAP-owned data centers, colocation, and SAP Converged Cloud data centers listed below:
DC Locations |
Colorado Springs, USA |
Frankfurt, Germany |
Shanghai, China |
Sydney, Australia |
St. Leon Rot, Germany |
Walldorf, Germany (geographically separated) |
The Cloud Computing Compliance Controls Catalogue (abbreviated “C5”) is intended primarily for cloud service providers as well as their customers and auditors. It is defined which requirements (also referred to as controls in this context) the cloud providers have to comply with or which minimum requirements the cloud providers should be obliged to meet. The catalogue is divided into 17 thematic sections (e.g. organization of information security, physical security). The surrounding parameters provide additional information on the data location, provision of services, place of jurisdiction, certifications and duties of investigation and disclosure towards government agencies and contain a system description.
SAP Business ByDesign has regularly prepared C5 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period October 1, 2022 to March 31, 2023.
The use of these reports is restricted. A copy of this report is available for all SAP customers and prospects with non-disclosure agreement in place.
SAP Business ByDesign is a cloud-based Software-as-a-Service (SaaS) ERP offering for mid-market companies and subsidiaries, powered by SAP HANA®. With SAP Business ByDesign (ByD), organizations can manage their entire business with a single cloud ERP solution. It is suited for mid-market companies and subsidiaries of large corporations. This complete and integrated Software-as-a-Service (SaaS) suite supports financials, human resources, sales, procurement, customer service, supply chain management and more. Additionally, ByD has integration capabilities with a variety of SAP’s LoB based cloud solutions like SuccessFactors, Concur etc.
SAP ByD infrastructure is located at the following SAP-owned data centers, colocation, and SAP Converged Cloud data centers listed below:
DC Locations |
Colorado Springs, USA |
Frankfurt, Germany |
Shanghai, China |
Sydney, Australia |
St. Leon Rot, Germany |
Walldorf, Germany (geographically separated) |
The Cloud Computing Compliance Controls Catalogue (abbreviated “C5”) is intended primarily for cloud service providers as well as their customers and auditors. It is defined which requirements (also referred to as controls in this context) the cloud providers have to comply with or which minimum requirements the cloud providers should be obliged to meet. The catalogue is divided into 17 thematic sections (e.g. organization of information security, physical security). The surrounding parameters provide additional information on the data location, provision of services, place of jurisdiction, certifications and duties of investigation and disclosure towards government agencies and contain a system description.
SAP Business ByDesign has regularly prepared C5 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period October 1, 2022 to March 31, 2023.
The use of these reports is restricted. A copy of this report is available for all SAP customers and prospects with non-disclosure agreement in place.