SAP SuccessFactors Employee Central Payroll SOC 2 (ISAE 3000) Audit Report 2022 H1

The scope of this SOC report includes the SAP SuccessFactors Employee Central Payroll as offered for the live productive customer systems that are hosted in SAP SE's data centers St. Leon– Rot (Germany) and Newtown Square (USA) as well as in the co-location Sydney (Australia), Riyadh (Saudi Arabia) and Dubai (UAE).

The integration in SAP SuccessFactors Employee Central enables the customer to import payment relevant data (e.g., banking information) from the core HR into SAP SuccessFactors Employee Central Payroll. Communication between SAP SuccessFactors Employee Central and SAP SuccessFactors Employee Central Payroll is done via a standardized interface. It provides defined integration scenarios for accessing data in SAP SuccessFactors Employee Central as input for SAP SuccessFactors Employee Central Payroll. Furthermore, payment relevant changes in SAP SuccessFactors Employee Central are automatically synchronized with the SAP SuccessFactors Employee Central Payroll.

SOC 2 reports fulfill various information and assurance needs of customers and aim to place trust in SAPs service organization systems, processes and controls. These narratives are related to the trust principles Security, Availability, Confidentiality Processing Integrity or Privacy which must be met to demonstrate a well-designed system. SOC 2 also contains details on performed tests and their results. SOC 2 Type 1 covers management’s description of a service organization’s system and the suitability of the design of controls at a specific point in time, whereas a SOC 2 Type 2 also includes the operating effectiveness of controls for a dedicated period of time.

SAP SuccessFactors Employee Central Payroll as regularly prepared SOC 2 Type 2 audit reports by an independent 3rd party accountant. This version of the report covers the audit period 1. May 2021 to 31. March 2022, the locations St. Leon– Rot (Germany) and Newtown Square (USA) as well as in the co-location Sydney (Australia), Riyadh (Saudi Arabia) and Dubai (UAE) and the trust service criteria Security and Confidentiality.

The use of these reports is restricted. A copy of this report is available for all SAP customers and prospects with non-disclosure agreement in place.