SAP Cloud for Customer System supported by infrastructure managed by SAP Converged Cloud is an SAP Customer Relationship Management (CRM) Software-as-a-Service offering, powered by SAP HANA. It is a set of solutions for sales and service teams. All solutions are pre-integrated with SAP Business Suite and the solutions are supported on a wide range of browsers and mobile devices.

SAP Cloud for Customer System supported by infrastructure managed by SAP Converged Cloud is a multi-tenant cloud offering that bridge sales, customer service and social CRM together.

In Q3 2020, the SAP Board approved the migration to SAP’s Next-Generation Cloud Delivery model, with the goal of modernizing SAP’s cloud delivery infrastructure, transitioning the majority of the cloud solutions to run on the Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, or Alibaba Cloud, as well as SAP Cloud infrastructure solution (4+1) and retiring and shutting down the legacy infrastructure platforms by the end of 2022. 

Converged Cloud is SAP’s standardized Infrastructure as a Service (IaaS) to support all of SAP’s cloud business on a global scale. It provides a vendor agnostic and harmonized Hardware Infrastructure architecture as well as an infrastructure orchestration and automation layer in all major SAP data centers. With Converged Cloud it is possible to deploy applications into data centers without the need to deploy a solution specific infrastructure stack before it can be deployed. 

Converged Cloud is compiled out of three main clusters. Converged Cloud Enterprise Edition, Converged Cloud Industry Edition and Monsoon 2 (Cluster 2). Monsoon 2 is out of scope for this audit. Converged Cloud has two architectural variants catering to varying customer demand.

Converged Cloud Enterprise Edition: IaaS used for general purpose solutions using no distro for OpenStack and VMware as hypervisor technology. Distro is short term for Linux distribution, which is an operating system made from a software collection, which is based upon Linux kernel and often packaged as management system.

Converged Cloud Industry Edition: IaaS specialized on Big Data and IoT as well as the SAP Cloud Platform on Cloud Foundry. It is based on SUSE OpenStack Cloud 7 and KVM hypervisor technology.

SOC 1 reports specifically address service organizations internal control over financial reporting and controls specified by the service provider. The SOC 1 reports are intended solely for the information and use of existing user entities (for ex. Exiting customers of the service organization), their financial statement auditors and management of the service organization. SOC 1 reports are prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No.16, a new guidance that the auditors use to conduct a SOC 1 engagement. SOC 1 Type 1 covers management’s description of a service organization’s system and the suitability of the design of controls at a specific point in time, whereas a SOC 1 Type 2 also includes the operating effectiveness of controls for a dedicated period of time.

SAP Cloud for Customer on SAP Converged Cloud has regularly prepared SOC 1 Type 1 audit reports by an independent 3rd party accountant. This version of the report covers the audit period as of 30. September 2022, the locations Frankfurt (Germany), Riyadh (Saudi Arabia), Sydney (Australia), Virginia (USA), Dubai (UAE) and Shanghai (China).

The use of these reports is restricted. A copy of this report is available for all SAP Cloud for Customer on SAP Converged Cloud customers who had productive and had financially relevant systems during the audit period covered by the report.