2414359 - How to Request SOC 1, SOC 2, SOC 1 / SSAE 16 and SOC 2 / SSAE 16 Audit Reports for Successfactors

• How to request SOC 1 and SOC 2 audit reports for  SF
• How to request SOC 1 / SSAE 16 and SOC 2 / SSAE 16 audit reports 
• What is the process for getting SOC reports

"Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental."

 SAP SuccessFactors HCM Suite

This KBA is only applicable for Successfactor Product. Other SAP product's  requests related to SOC Audit reports  should be handled by respective product teams.

Overview

• The SOC 1 reports provide information about controls, at a service organization level, relevant to the customer organization´s internal control over financial reporting (also referred to as IT General Controls).
• The SOC 2 reports provide the management of a service organization, customers, and others, a report about the controls of a service organization relevant to the security, availability, and/or processing integrity of the service organization's system, and/or the confidentiality and privacy of the data processed by that system.

Requesting SOC Reports and/or Bridge Letter

• This can be done self service directly from the compliance finder: Compliance Finder
  
  
  
  

  Important note: Once a new report is requested, it might take at least 30 days for the report to be generated and sent to the requestor. For any related questions, use the support channels on the Security Compliance Report Request website:

  • In case of any questions regarding the SOC request process, the responsible Account Executive (AE) should be contacted.
  • Furthermore, if the Customer Success Partner (CSP) can be reached directly, it is recommended to check with them.
  • However, if contact with the CSP is not possible, the responsible partner should be contacted for advice on the required actions to obtain the SOC report.

  According to the process, the SAP contact person should be the AE (Account Executive), CSP (Customer Success Partner), or CSM (Customer Success Manager).

• Compliance Finder - SuccessFactors

Audit Reports, Auditing, SOC 1, SOC 2, SSAE16, Security Reports, SOC Reports, Bridge Letter, SOC2, SOC1 , KBA , LOD-SF-PLT-PSI , Product Security Inquiries , LOD-SF-PLT-AUDR , Request Audit Report (Not Change Audit) , How To