| SOV-1 Strategic Sovereignty | SEAL-3 | |
| SOV-2 Legal & Jurisdictional Sovereignty | SEAL-2 | |
| SOV-3 Data & AI Sovereignty | SEAL-3 | |
| SOV-4 Operational Sovereignty | SEAL-3 | |
| SOV-5 Supply Chain Sovereignty | SEAL-3 | |
| SOV-6 Technology Sovereignty | SEAL-3 | |
| SOV-7 Security & Compliance Sovereignty | SEAL-3 | |
| SOV-8 Environmental Sustainability | SEAL-3 |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-1.1 | EU/EEA legal entity control | 4. Entirely within the EU | 125/125 | SEAL-4 | high | eu_entity: SAP SE is a German (Walldorf) Societas Europaea incorporated under EU law; the scoped SAP Sovereign Cloud offer is owned and operated entirely within the EU -> opt4. (src: https://news.sap.com/2026/04/sap-cloud-infrastructure-it-grundschutz-certification-data-centers-germany/) |
| SOV-1.2 | Change of control risk | 5. Very unlikely | 125/125 | SEAL-4 | high | SAP is a DAX/EURO STOXX 50 constituent with dispersed shareholding and German roots; takeover by a non-EU sovereign entity is very unlikely -> opt5 (kept, all-seal-4 factor). |
| SOV-1.3 | Control over roadmap | 3. Governance bodies exist with EU actors participation | 83/125 | SEAL-3 | medium | EU-controlled roadmap with own R&D and EU governance participation (DSAG user group, BSI oversight on sovereign offer, Gaia-X) -> opt3 (governance bodies with EU actor participation). |
| SOV-1.4 | Financial independence from non-EU capital | 5. Entirely EU-based funding | 125/125 | SEAL-4 | high | SAP is a profitable self-funding listed EU company financed through European capital markets and operating cash flow -> opt5 (kept, all-seal-4 factor). |
| SOV-1.5 | EU economic contribution | 4. Majority in the EU | 94/125 | SEAL-4 | high | HQ, majority of R&D and a very large employee base are in Germany/EU, making the EU economic contribution dominant -> opt4 (kept, all-seal-4 factor). |
| SOV-1.6 | Participation in EU strategic programs | 4. Strong participation | 94/125 | SEAL-4 | medium | Strong participation in EU strategic programs (Gaia-X, Delos sovereign cloud for German administration, EU AI Cloud, EUR 20bn sovereign-cloud commitment) -> opt4 (kept, all-seal-4 factor). |
| SOV-1.7 | Alignment with EU industrial strategies | 3. Measured achievement and dedicated governance | 83/125 | SEAL-4 | medium | Dedicated sovereign-cloud governance and published measured investment plans (EUR 20bn over a decade) aligned with EU industrial strategy -> opt3 (kept, all-seal-4 factor). |
| SOV-1.8 | Resilience to cut-off | 5. Full autonomy and continuity | 125/125 | SEAL-4 | medium | own_stack: the SAP Sovereign Cloud offer runs on SAP-owned EU data centers on open-source IaaS with SAP-developed core software and a documented continuity plan (SAP publicly states 'no kill switches'); residual foreign chips are hardware-only -> opt5 'Full autonomy and continuity'. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-2.1 | Primary legal jurisdiction | 3. Exclusively EU law | 167/167 | SEAL-4 | medium | The scoped sovereign offer is contracted under EU/member-state (German) law only, with EU-only data and EU sub-processors -> opt3 'Exclusively EU law'. (src: https://news.sap.com/2026/06/vs-nfd-authorization-sap-cloud-infrastructure/) |
| SOV-2.2 | Extraterritorial laws exposure | 4. Legal structures shielding from foreign law | 125/167 | SEAL-2 | medium | immunity not certified: eu_entity with EU-only ops and structural shielding, but SAP SE has US subsidiaries (operational nexus) and holds no SecNumCloud/EUCS-High, so immunity is structural not verified -> opt4 'Legal structures shielding' (seal-2 ceiling). (src: https://news.sap.com/2026/06/vs-nfd-authorization-sap-cloud-infrastructure/) |
| SOV-2.3 | Data access pathways for non-EU authorities | 5. Requests always rejected by the provider | 167/167 | SEAL-4 | medium | no foreign_parent: the operator is German (SAP SE), not US/PRC controlled, so there is no CLOUD Act/FISA pathway through a foreign parent; the sovereign offer commits to reject/challenge access requests (EU-only data, EU Access, BSI oversight) -> opt5 'Requests always rejected' (same basis as S3NS/STACKIT). (src: https://news.sap.com/2026/06/vs-nfd-authorization-sap-cloud-infrastructure/) |
| SOV-2.4 | Export control restrictions | 4. Part of offer shielded from restrictions towards EU MSs | 125/167 | SEAL-3 | medium | EU-headquartered vendor not subject to export bans toward EU Member States; the sovereign offer is shielded from restrictions toward EU MSs -> opt4. |
| SOV-2.5 | Origin of IP | 4. Mostly within the EU | 125/167 | SEAL-4 | high | Core BTP IP (HANA, ABAP, CAP, Kyma, Gardener, Cloud Foundry runtime) is SAP-developed originating largely in Germany/EU, with some embedded third-party components -> opt4 'Mostly within the EU' (kept, all-seal-4 factor). |
| SOV-2.6 | IP holder jurisdiction | 4. EU law with exceptions | 125/167 | SEAL-4 | high | Principal IP holder is SAP SE under German/EU law, with some licensed third-party components under other jurisdictions -> opt4 'EU law with exceptions'. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-3.1 | Customer control over encryption keys | 4. Customer primary control but provider can read data | 150/200 | SEAL-3 | medium | SAP Data Custodian and customer-managed-key (BYOK/HYOK) options give customers primary key control, but as operator SAP retains technical ability to read, so not exclusive customer-only -> opt4. |
| SOV-3.2 | Transparent data flows & access logs | 4. Full customer-controlled visibility, not real-time | 150/200 | SEAL-3 | low | Sovereign offer provides full customer-controlled audit and access logging via trust center/SIEM integration, though not uniformly real-time across all services -> opt4 'Full customer-controlled visibility, not real-time'. |
| SOV-3.3 | Secure deletion & proof of erasure | 4. Deletion technically verified with access logs | 150/200 | SEAL-3 | low | Deletion is technically performed and evidenced via access logs and retention policy under C5/IT-Grundschutz controls -> opt4 'Deletion technically verified with access logs'. |
| SOV-3.4 | Data location strictly in EU/EEA | 5. Exclusively EU, no third-country fallback | 200/200 | SEAL-4 | medium | eu_exclusive: the SAP Sovereign Cloud option stores and processes data exclusively in SAP-owned EU data centers (Walldorf/St. Leon-Rot) with EU Access restricting sub-processors to EEA, contractually no third-country fallback -> opt5 'Exclusively EU'. (src: https://news.sap.com/2026/04/sap-cloud-infrastructure-it-grundschutz-certification-data-centers-germany/) |
| SOV-3.5 | AI services sovereignty | 4. EU-led AI, foreign accelerators | 150/200 | SEAL-3 | medium | Sovereign AI offering is EU-led (SAP ABAP model, EU-hosted) running on foreign accelerators; the sovereign-scoped AI keeps models/inference in EU rather than brokering to non-EU APIs -> opt4 'EU-led AI, foreign accelerators'. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-4.1 | Portability & interoperability | 4. Formal migration services available | 125/167 | SEAL-4 | medium | Built on Kubernetes/Cloud Foundry/Kyma with documented export/migration paths, multi-cloud abstraction (Gardener) and formal SAP migration services -> opt4 'Formal migration services available'. |
| SOV-4.2 | Ability to operate without foreign dependencies | 4. Ops predominantly EU-based teams | 125/167 | SEAL-3 | medium | eu_ops: the sovereign offer is operated by SAP in EU-owned data centers by predominantly EU-based, cleared/nationally-approved teams (VS-NfD authorization) -> opt4 'Ops predominantly EU-based teams'. |
| SOV-4.3 | Skill availability in the EU | 3. Majority EU, escalation abroad | 84/167 | SEAL-3 | medium | Very large EU engineering base (Germany), with escalation possible abroad in the global org; sovereign offer staffed by approved EU personnel -> opt3 'Majority EU, escalation abroad'. |
| SOV-4.4 | Support channels | 3. Majority in EU, non-EU escalations | 84/167 | SEAL-3 | medium | Sovereign offer with EU Access keeps support within EEA/Switzerland with cleared personnel; majority EU support with non-EU escalation -> opt3 'Majority in EU, non-EU escalations'. |
| SOV-4.5 | Documentation & knowledge transfer | 3. EU primary with non-EU fallback | 84/167 | SEAL-4 | low | EU-primary documentation and knowledge repositories with global English-language fallback; not enforced EU-only end-to-end -> opt3 'EU primary with non-EU fallback'. |
| SOV-4.6 | Subcontractor & supplier jurisdiction | 4. Ability to source alternatives or internalise | 125/167 | SEAL-3 | medium | own_stack: the sovereign offer's critical subprocessors are SAP-owned EU facilities, with documented ability to source alternatives or internalise -> opt4 'Ability to source alternatives or internalise'. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-5.1 | Origin of components (physical parts) | 3. Transparent with exceptions | 72/143 | SEAL-3 | low | SAP-owned EU data centers with disclosed hardware provenance under C5/IT-Grundschutz/TSI audits, though residual non-EU chips remain -> opt3 'Transparent with exceptions'. |
| SOV-5.2 | Manufacturing location | 3. Mixed sourcing, EU audit rights | 72/143 | SEAL-3 | low | Hardware is foreign-designed but assembled/integrated in SAP-owned EU data centers with EU audit rights under C5/IT-Grundschutz/TSI -> opt3 'Mixed sourcing, EU audit rights' (same basis as STACKIT/S3NS). |
| SOV-5.3 | Embedded code/firmware provenance | 2. Partial disclosure | 36/143 | SEAL-4 | low | Firmware/embedded code in underlying servers and network gear is supplied by non-EU OEMs with partial provenance transparency -> opt2 (factor is all-seal-4; kept conservative). |
| SOV-5.4 | Origin of software | 4. Large majority maintained by EU teams | 107/143 | SEAL-3 | high | no foreign_core: the platform core (HANA, ABAP, CAP, integration suite, Kyma, Gardener) is SAP EU IP, designed and maintained substantially by EU teams; not licensed Google/MS tech -> opt4 'Large majority maintained by EU teams'. |
| SOV-5.5 | Software build/release jurisdiction | 4. EU control & execution | 107/143 | SEAL-3 | low | Build and release of SAP software is controlled and executed by SAP, an EU company, with EU-based engineering control and execution -> opt4 'EU control & execution'. |
| SOV-5.6 | Single point of dependency | 4. Few non-EU in non-critical services, documented | 107/143 | SEAL-3 | medium | In the sovereign offer the critical infrastructure is SAP-owned EU; remaining non-EU dependencies (chips, some OEM components) are non-critical and documented -> opt4 'Few non-EU in non-critical services, documented'. |
| SOV-5.7 | Supply chain transparency | 4. Most suppliers auditable | 107/143 | SEAL-3 | low | SAP publishes subprocessor lists and trust-center information and audits suppliers under C5/IT-Grundschutz; most suppliers auditable for the sovereign offer -> opt4 'Most suppliers auditable'. |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-6.1 | Interoperability & open interfaces | 4. Standards-based and broadly compatible | 150/200 | SEAL-3 | medium | BTP exposes standards-based interfaces (Kubernetes, OData, REST, Cloud Foundry) and broadly compatible APIs -> opt4 'Standards-based and broadly compatible'. |
| SOV-6.2 | Open standards compliance | 4. Policy for most core services | 150/200 | SEAL-3 | medium | Open-standards policy across most core runtimes (Kubernetes, Istio, OCI containers, OData, OpenAPI, CAP) -> opt4 'Policy for most core services'. |
| SOV-6.3 | Open source availability | 3. Open source, centralised governance | 100/200 | SEAL-3 | medium | no foreign_core: core remains SAP-controlled but significant components are genuinely open-sourced (Kyma, Gardener, CAP, UI5) under open governance rather than source-available-only -> opt3 'Open source, centralised governance'. |
| SOV-6.4 | Service architecture transparency | 4. Large corpus of public insight | 150/200 | SEAL-3 | medium | Large corpus of public documentation (help portal, trust center, discovery center, SAP Community) detailing service architecture -> opt4 'Large corpus of public insight'. |
| SOV-6.5 | HPC sovereignty | 2. EU-hosted, foreign stack | 50/200 | SEAL-3 | low | Any HPC/AI acceleration relies on foreign accelerator stacks hosted in EU data centers -> opt2 'EU-hosted, foreign stack' (seal 3). |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-7.1 | Security certification (EAL) | 4. EAL3 | 107/143 | SEAL-3 | medium | Sovereign offer holds C5 Type II + ISO 27001/IT-Grundschutz (BSI) + TSI L3+ + VS-NfD classified-handling authorization, mapping to EAL3-equivalent per the key (C5 + national high-assurance) -> opt4 'EAL3'. (src: https://news.sap.com/2026/06/vs-nfd-authorization-sap-cloud-infrastructure/) |
| SOV-7.2 | EU regulatory compliance (GDPR/NIS2/DORA) | 5. Fully compliant to all, independently audited | 143/143 | SEAL-4 | high | Independently audited C5 Type II, ISO 27001/IT-Grundschutz, SOC 1/2 Type 2, ISO 22301, TSI L3+ and NIS2/KRITIS alignment -> opt5 'Fully compliant, independently audited' (kept, all-seal-4 factor). |
| SOV-7.3 | EU-based SOC & incident handling | 4. Entire lifecycle by EU teams, EU threat intel | 107/143 | SEAL-3 | medium | Sovereign offer runs security operations and incident response by EU teams with EU threat intel under BSI oversight -> opt4 'Entire lifecycle by EU teams, EU threat intel'. |
| SOV-7.4 | Control over security monitoring/logging | 4. Full direct access, logs stored in EU | 107/143 | SEAL-3 | low | Customers get full direct monitoring/audit-log access via portals and SIEM integration with logs stored in EU for the sovereign offer -> opt4 'Full direct access, logs stored in EU'. |
| SOV-7.5 | Disclosure of incidents | 4. Partial compliance, monitored flow, SLAs | 107/143 | SEAL-3 | medium | Incident disclosure per GDPR/NIS2/DORA with monitored flow and contractual SLAs -> opt4 'Partial compliance, monitored flow, SLAs'. |
| SOV-7.6 | Maintenance autonomy | 3. Moderate autonomy (notice + testing, except zero-day) | 72/143 | SEAL-4 | low | Managed PaaS with maintenance notice and testing windows for customers (except zero-day) -> opt3 'Moderate autonomy'. |
| SOV-7.7 | Auditability | 5. Full independent audit by any entity | 143/143 | SEAL-4 | medium | audit_rights: the sovereign offer under BSI oversight plus C5/IT-Grundschutz/VS-NfD tender terms grants full audit rights to the contracting authority and independent EU bodies -> opt5 'Full independent audit by any entity'. (src: https://news.sap.com/2026/06/vs-nfd-authorization-sap-cloud-infrastructure/) |
| ID | Factor | Value | Score | SEAL | Conf. | Justification |
|---|---|---|---|---|---|---|
| SOV-8.1 | Energy efficiency (PUE) | 3. PUE < 1.5 + roadmap | 125/250 | SEAL-4 | low | SAP-owned EU data centers target low PUE (<1.5) with an efficiency roadmap; no platform-wide PUE<1.3 publicly verified -> opt3 'PUE < 1.5 + roadmap'. |
| SOV-8.2 | Hardware reuse & recycling | 4. Circular economy, EU-aligned | 188/250 | SEAL-4 | low | SAP reports EU-aligned circular-economy hardware lifecycle practices in its sustainability reporting -> opt4 'Circular economy, EU-aligned'. |
| SOV-8.3 | Environmental impact reporting | 4. Detailed EU methodology | 188/250 | SEAL-3 | medium | Detailed annual sustainability/integrated reporting with GHG-protocol emissions methodology aligned with EU/ESG requirements -> opt4 'Detailed EU methodology'. |
| SOV-8.4 | Energy supplies | 5. Only green EU energy supplies | 250/250 | SEAL-4 | medium | SAP-owned data centers run on 100% renewable electricity matched with EKOenergy certificates -> opt5 'Only green EU energy supplies' (kept, all-seal-4 factor). (src: https://www.sap.com/about/trust-center/data-center.html) |