SAP Trust Center
SAP Integrated Business Planning SOC 2 (ISAE 3000) Audit Report 2021 H1
The scope of this SOC report includes the SAP Integrated Business Planning services as offered for the live productive customer systems that are hosted in SAP SE's data centers St. Leon–Rot (Germany) Frankfurt (Germany), Newtown Square (USA), Sterling (USA), Moscow (Russia), Riyadh (Saudi Arabia), Dubai (UAE), Shanghai (China), Sydney (Australia) and Tokyo (Japan).
SAP Integrated Business Planning is SAP's platform for real-time and integrated planning, built on SAP HANA (High Performance Analytic Appliance), utilizing HANA’s Analytical features to the maximum. SAP Integrated Business Planning is being developed to deliver integrated, unified planning across Sales and Operations, Demand, Inventory, Supply and Response planning, as well as the Supply Chain Control Tower for dashboard analytics and monitoring. SAP Integrated Business Planning delivers a paradigm of user experience and efficiency, leveraging real-time dashboards, advanced predictive analytics, interactive simulation, embedded social collaboration and Microsoft Excel-enabled planning tables.
The SAP Integrated Business Planning has five modules, addressing different business/planning areas Sales & Operations (S&OP), Demand, Inventory, Response & Supply, and Supply Chain Control Tower. A customer can subscribe to any of these solutions offered individually, and the commercials are based on the solution selected.
SOC 2 reports fulfill various information and assurance needs of customers and aim to place trust in SAPs service organization systems, processes and controls. These narratives are related to the trust principles Security, Availability, Confidentiality Processing Integrity or Privacy which must be met to demonstrate a well-designed system. SOC 2 also contains details on performed tests and their results. SOC 2 Type 1 covers management’s description of a service organization’s system and the suitability of the design of controls at a specific point in time, whereas a SOC 2 Type 2 also includes the operating effectiveness of controls for a dedicated period of time.
SAP Integrated Business Planning has regularly prepared SOC 2 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period 1. November 2020 to 30. April 2021, the locations St. Leon–Rot (Germany) Frankfurt (Germany), Newtown Square (USA), Sterling (USA), Moscow (Russia), Riyadh (Saudi Arabia), Dubai (UAE), Shanghai (China), Sydney (Australia) and Tokyo (Japan) and the trust principle Security, Availability and Confidentiality.
The use of these reports is restricted. A copy of this report is available for all SAP customers and prospects with non-disclosure agreement in place.