Common MS

SAP Cloud Platform

SAP Cloud Platform is an open business platform designed to help customers innovate, integrate and extend applications with agility, flexibility and choice. Thanks to the multi-cloud foundation customers can leverage the latest cloud-native technologies and benefit from major hyperscaler infrastructures.

Features

• Runtimes & Containers: Deploy, run, and manage your applications.
• Data Management: Define how your data is stored, organized, retained.
• User Experience: Deliver personalized, responsive, and simple user experience.
• Analytics: Embed advanced analytics and gain real-time insight.
• AI & Machine Learning: Enhance your solutions using intelligent services.
• Integration: Securely integrate your cloud and on-premise applications
• Orchestration: Define how your business processes run across solutions.
• Document Management: Process, store and manage your digital content.
• Data Privacy & Security: Ensure that your solutions run securely.
• User Management: Define user access to your solutions.

Benefits

• Build innovative business applications with one holistic enterprise cloud platform
• Extend your cloud or on-prem applications by adding new functionality
• Integrate your applications in the cloud and on-prem seamlessly
• Modernize and personalize the user experience across multiple devices
• Manage and analyze all your business data
• Multi-cloud foundation that embraces all major hyperscaler infrastructures

£0.00 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at samina.baig@commonms.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

790481656585562

Contact

Samina Baig
+44 7768581576
samina.baig@commonms.com

Service scope

• Service constraints: General Constraints:; Upload limit: an application deployed in the Neo environment can be up to 1.5 GB. If the application is packaged as a WAR file, the size of the unzipped content is taken into account.; For information on constraints in the Cloud Foundry environment, see http://docs.cloudfoundry.org/devguide/deploy-apps/large-app-deploy.html#limits_tableInformation published on non-SAP site.; For security reasons, applications cannot be accessed via HTTP.; ; SAP can use the following maintenance windows for Scheduled Downtimes as listed below.; Up to 4 times per year: ; Europe: FRI 10 p.m. – SAT 2 a.m. UTC
• System requirements:
  • Browsers: Google Chrome, Firefox, IE11, Edge, Safari
  • SAP CP Tools (Java and SDK) run with Java 7/8

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SAP Online ticketing support is part of the SAP Enterprise Support for Cloud Services.; As part of SAP’s ONE Support approach, which provides a consistent support experience for Cloud Services and on-premise solutions, SAP offers the following support levels; SAP Enterprise Support, cloud editions, SAP Preferred Success and SAP Preferred Care. SAP Enterprise Support, cloud editions is included in the subscription fees for SAP Cloud Services. SAP Preferred Success and SAP Preferred Care is offered for an additional fee, as an add-on to SAP Enterprise Support, cloud editions, for certain SAP Cloud Solutions listed under https://support.sap.com/preferredsuccessproductlist.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: - 24x7 Mission Critical Support for P1 and P2 issues (English only).; - Non-Mission Critical Support for P3 and P4 issues during business hours (English only)- Monday to Friday 8 amto 6 pm (Local Time Zone), excluding local holidays; - Customer Interaction Center 24x7
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: There are plenty of choices for training in the SAP Cloud Platform environment: official SAP training courses, delivered on the different SAP locations around the world or remotely using SAP Live Virtual Class, and free publicly available training on the OpenSAP platform (http://open.sap.com).; Besides, the user documentation is also publicly available on https://help.hana.ondemand.com/
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Reporting Tools are available to enable customers to extract their data at the end of the service
• End-of-contract process: The customer will be offered the opportunity to extend their commitment , should they decide not to continue wiht the service, they must ensure that all data is extracted before the access to the service is terminated on the contract end date

Using the service

• Web browser interface: Yes
• Using the web interface: SAP Cloud Cockpit is the central Web-based user interface for administrators, providing access to a number of functions for configuring and managing applications and connecting them to services on the cloud platform. Use the cockpit to manage resources, services, security, monitor application metrics, and perform actions on cloud applications.; The cockpit provides an overview of the applications available in the different technologies supported by SAP Cloud Platform, and shows other key information about the subaccount. The tiles contain links for direct navigation to the relevant information.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: The SAP Accessibility Standard has been adapted over the years when certain new regulations were passed, for example the levels A/AA of Web Content Accessibility Guidelines (WCAG) 2.0 have been incorporated. Currently the SAP Accessibility Standard reflects the base principles of the US Rehabilitation Act Section 508 and on the Web Content Accessibility Guidelines (WCAG) 2.0 (level A/AA) and BITV 2.0 requirements according to WCAG 2.0 level A und AA.; The "SAP Accessibility Status Documents" inform about product-specific accessibility features, describing the testing environment and report its current status on standards, guidelines and requirements. ; For requests, please contact accessibility@sap.com.
• API: No
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: You can use the Cloud Foundry command line interface (CF CLI) to deploy and manage your applications.; Commands for the Cloud Foundry Environment Overview:; deploy: Deploy a new Multi-Target Application (MTA) or synchronize changes to an existing MTA; bg-deploy: Deploy a Multi-Target Application using “blue-green” (zero-downtime) deployment; undeploy: Undeploy a Multi-Target Application (MTA); mta: Display information about a deployed Multi-Target Application (MTA); mtas: List all deployed Multi-Target Applications (MTA); mta-ops: List all active operations for Multi-Target Applications; download-mta-op-logs: Download the log files for one or more operations concerning Multi-Target Applications; purge-mta-config: Purge all configuration entries and subscriptions, which are no longer valid

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: SAP guarantees the contracted resources in the SAP Clous Platform services and proactively monitor, take actions and inform the customers of any incident that could impact any metric of Service Level Agreement .
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics:
  • Metrics of a Java Application: Heap usage, busy threads
  • Database metrics
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: SAP SE

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: AES 256 bits encryption
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Databases
  • Files required at application level
• Backup controls: The users need to request the support team the specific requirements regarding backups.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: System Availability SLA: 99.5% System Availability percentage during each Month for productive versions.; Credit: 2% of Monthly Subscription Fees for each 1% below System Availability SLA, not to exceed 100% of Monthly Subscription Fees.; Customer may claim a credit in the amount described above in case of SAP’s failure to meet the System Availability SLA, which credit Customer may apply to a future invoice relating to the SAP Cloud Service that did not meet the System Availability SLA.; Claims under this Service Level Agreement for SAP Cloud Services must be made in good faith and by submitting a support case within thirty (30) business days after the end of the relevant Month in which SAP did not meet the System Availability SLA.
• Approach to resilience: This information is available upon request
• Outage reporting: There are both e-mail alerts and a public dashboard (Cloud Availability Center).; The Cloud Availability Center provides our customers a consolidated and transparent view of the service availability and performance of their cloud products. By Logging on to the Cloud Availability Center you get a personalized dashboard with your cloud service status.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: All processes and policies are defined following best industry standards. Most of those policies are internal and are audited in our SOC2 Audit which is made twice a year and available to our customer
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LGAI Technological Center, S.A (Applus+)
• ISO/IEC 27001 accreditation date: 13/09/2019
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO 9001 – Quality Management System
  • ISO/IEC 27001 – Security Management System
  • ISO/IEC 20000 Service Management

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: This information can be provided upon request. Public information for our Data processing Agreement and Security policies available here: https://www.sap.com/corporate/en/company/security.html

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All processes and policies are defined following best industry standards. Most of those policies are internal and are audited in our SOC2 Audit which is made twice a year and available to our customer
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: All processes and policies are defined following best industry standards. Most of those policies are internal and are audited in our SOC2 Audit which is made twice a year and available to our customer
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: All processes and policies are defined following best industry standards. Most of those policies are internal and are audited in our SOC2 Audit which is made twice a year and available to our customer
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: All processes and policies are defined following best industry standards. Most of those policies are internal and are audited in our SOC2 Audit which is made twice a year and available to our customer

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: SAP has put in place a data processing agreement and technical and organizational data-protection measures that provide robust security for every customer instance and tenancy.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Energy efficiency and procurement of green electricity enabled SAP to eliminate greenhouse gas emissions in our data centers globally. Annual reviews have confirmed that SAP data centers are not only better than other comparable data centers, but continue to improve.

Social Value

• Fighting climate change:

  Fighting climate change

  N/A
• Covid-19 recovery:

  Covid-19 recovery

  N/A
• Tackling economic inequality:

  Tackling economic inequality

  N/A
• Equal opportunity:

  Equal opportunity

  N/A
• Wellbeing:

  Wellbeing

  N/A

Pricing

• Price: £0.00 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Trial offers access to a single own schema in HANA limited to 1 GB of space. ; Certain system-wide or administrative features are not available. ; Only one member per account.; Onlu one app can be up-and-running.; Finally, support and service levels of course are limited for the free trial account.
• Link to free trial: https://cloudplatform.sap.com/try.html

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at samina.baig@commonms.com. Tell them what format you need. It will help if you say what assistive technology you use.