The Sovereign Cloud will launch in 2022; its level of sovereignty will be continuously increased until 2024. The final phase of the roll-out will see a Sovereign Cloud Stack (SCS) with three layers. In the first phase, starting in 2022, T-Systems will take over control of external key management (EKM) and the key access justifications (KAJ). The first phase comprises checking and logging access to personally identifiable information (PII). During the second phase, starting in 2023, T-Systems will take on identity and access management. This also includes audits and logging access to all client data, including permission changes. In the third step, starting in 2024, all relevant platform controls will be transferred to T-Systems, including the root certificate authority (RCA) for the encryption of data in transit and data at rest.