SAP Trust Center
SAP Enterprise Cloud Services SOC 1 (ISAE 3402) Audit Report 2021 H2
The scope of this SOC report includes
· RISE with SAP S/4HANA Cloud,
· RISE with SAP S/4HANA Cloud, Private Cloud, Tailored Option
· SAP HANA Enterprise Cloud Credit & Overage, Advanced Edition (BYOL)
as well as passive, renewals only
· SAP S/4 HANA Cloud, Extended Edition
This offering has the following predecessors
o STE (Single Tenant Edition)
o CPO (Cloud Private Option)
o CPE (Cloud Private Edition)
· SAP Credit & Overage HANA Enterprise Cloud Advanced Edition (Subscription)
· SAP HANA Enterprise Cloud Advanced Edition (Subscription)
· SAP HANA Enterprise Cloud Classic (Subscription and BYOL)
Services are offered on SAP infrastructure, Amazon Web Services, Microsoft Azure or Google Cloud Platform. A detailed list of locations of the datacenter is available within the report.
RISE with SAP S/4 HANA Cloud, Private Edition, Private Cloud, Tailored Option, as well as the predecessors, SAP S/4 HANA Cloud Extended Edition, SAP HANA Enterprise Cloud Advanced Edition, SAP HANA Enterprise Classic and SAP Credit & Overage HANA Enterprise Cloud Advanced Edition are fully scalable and secure private managed cloud solutions available only from SAP. It empowers organizations to unlock the full value of SAP Enterprise Cloud Services in the cloud — accelerating growth and innovation, driving IT and business transformation, quickly delivering business outcomes, and reducing risk. SAP S/4 HANA Cloud, Extended Edition Service is using the SAP Enterprise Cloud Services architecture and processes but includes also specific SAP products, use rights and services.
The SAP Enterprise Cloud Services reference architecture helps the customer to use flexible services for modular and rapid deployment. SOC 1 reports specifically address service organizations internal control over financial reporting and controls specified by the service provider. The SOC 1 reports are intended
solely for the information and use of existing user entities (for existing customers of the service organization), their financial statement auditors and management of the service organization. SOC 1 reports are prepared in accordance with Statement on Standards for Attestation Engagements (SSAE) No.18, a new guidance that the auditors use to conduct a SOC 1 engagement. SOC 1 Type 1 covers management’s description of a service organization’s system and the suitability of the design of controls at a specific point in time, whereas a SOC 1 Type 2 also includes the operating effectiveness of controls for a dedicated time period.
RISE with SAP S/4 HANA Cloud, Private Edition, Private Cloud, Tailored Option, as well as the predecessors, SAP S/4 HANA Cloud Extended Edition, SAP HANA Enterprise Cloud Advanced Edition, SAP HANA Enterprise Classic and SAP Credit & Overage HANA Enterprise Cloud Advanced Edition has regularly prepared SOC1 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period May,1st 2021 to October 31st 2021.
The use of these reports is restricted. A copy of this report is available for all SAP customers and prospects with non-disclosure agreement in place.