2414359 - How to Request SOC 1, SOC 2, SOC 1 / SSAE 16 and SOC 2 / SSAE 16 Audit Reports for Successfactors

• How to request SOC 1 and SOC 2 audit reports for  SF
• How to request SOC 1 / SSAE 16 and SOC 2 / SSAE 16 audit reports 
• What is the process for getting SOC reports

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."

 SAP SuccessFactors HCM Suite

This KBA is only applicable for Successfactor Product. Other SAP product's  requests related to SOC Audit reports  should be handled by respective product teams.

Overview

• The SOC 1 reports provide information about controls, at a service organization level, relevant to the customer organization´s internal control over financial reporting (also referred to as IT General Controls).
• The SOC 2 reports provide the management of a service organization, customers, and others, a report about the controls of a service organization relevant to the security, availability, and/or processing integrity of the service organization's system, and/or the confidentiality and privacy of the data processed by that system.

Requesting SOC Reports and/or Bridge Letter

• This can be done self service directly from the compliance finder: Compliance Finder
  
  
  
  
• Via the the key account manager: The Key Account Managers can request the reports on behalf of their customers, so please reach out to your Customer Success representative to obtain these reports.

• Compliance Finder - SuccessFactors

Audit Reports, Auditing, SOC 1, SOC 2, SSAE16, Security Reports, SOC Reports, Bridge Letter , KBA , LOD-SF-PLT-PSI , Product Security Inquiries , LOD-SF-PLT-AUDR , Request Audit Report (Not Change Audit) , How To