Certifications and Audit Reports. For the production systems which run the Cloud Service and during the term of the Agreement SAP shall maintain, at its own expense, applicable certifications or audit reports: (a) As a minimum, SAP engages an internationally recognized independent third party auditor to review the measures in place in protection of the Cloud Service: (i) Certifications may be based on ISO 27001 or other standards (scope as defined in certificate). (ii) For certain SAP Cloud Services, SAP additionally provides a valid ISAE3402 or SSAE16-SOC 1 Type 2 and/or ISAE3000 or SSAE16-SOC 2 Type 2 report. Upon Customer’s request, SAP shall inform Customer about the applicable certifications and audit standards available for the Cloud Service concerned. (b) Upon Customer’s request, SOC-Audit reports or ISO certifications are available through the third party auditor or SAP, as applicable.
Appears in 2 contracts
Sources: Data Processing Agreement, Data Processing Agreement
Certifications and Audit Reports. For the production systems which run the Cloud Service and during the term of the Agreement SAP shall maintain, at its own expense, applicable certifications or audit reports:
: (a) As a minimum, SAP engages an internationally recognized independent third party auditor to review the measures in place in protection of the Cloud Service: (i) Certifications may be based on ISO 27001 or other standards (scope as defined in certificate). (ii) For certain SAP Cloud Services, SAP additionally provides a valid ISAE3402 or SSAE16-SOC 1 Type 2 and/or ISAE3000 or SSAE16-SOC 2 Type 2 report. Upon Customer’s request, SAP shall inform Customer about the applicable certifications and audit standards available for the Cloud Service concerned.
. (b) Upon Customer’s request, SOC-Audit reports or ISO certifications are available through the third party auditor or SAP, as applicable.. 6.2
Appears in 1 contract
Sources: Data Processing Agreement