Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

Documents

Sort by: Document	Sort by: Last Updated	Infrastructure	Sort by: Certification	Sort by: Service
SOC1 Customer Update Letter - B2C	2021-04-08	First party	SOC 1	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
PCI Attestation of Compliance (AoC) - Salesforce Services on Hyperforce	2021-04-01	Hyperforce	PCI DSS	Salesforce Services B2B Commerce Salesforce Services B2B Commerce
PCI Responsibility Matrix - Salesforce Services on Hyperforce	2021-04-01	Hyperforce	PCI DSS	Salesforce Services B2B Commerce Salesforce Services B2B Commerce
SOC 1 Bridge (Gap) Letter - Corporate & Salesforce Services	2021-03-31	First party, AWS	SOC 1	Salesforce Services Government Cloud Salesforce Services Government Cloud Government Cloud Plus Vlocity myTrailhead Show more
SOC 1 Bridge (Gap) Letter - Government Cloud Plus	2021-03-31	First party	SOC 1	Government Cloud Plus Government Cloud Plus
SOC 1 Bridge (Gap) Letter - Heroku	2021-03-31	AWS	SOC 1	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
SOC 1 Bridge (Gap) Letter - Mulesoft	2021-03-31	AWS	SOC 1	MuleSoft MuleSoft
ASIP Santé HDS Certificate	2021-03-29	First party, AWS, Hyperforce	ASIP Santé HDS	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku Pardot MuleSoft Quip Einstein Platform Customer 360 Data Manager Show more
ISO 27001:2013 Certificate	2021-03-29	First party, AWS, Hyperforce	ISO 27001	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Heroku Pardot MuleSoft Quip Einstein Platform Customer 360 Data Manager Salesforce.org Philanthropy Cloud and Elevate Show more
ISO 27017:2015 Certificate	2021-03-29	First party, AWS, Hyperforce	ISO 27017	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Heroku Pardot MuleSoft Quip Einstein Platform Customer 360 Data Manager Salesforce.org Philanthropy Cloud and Elevate Show more
ISO 27018:2019 Certificate	2021-03-29	First party, AWS, Hyperforce	ISO 27018	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Heroku Pardot MuleSoft Quip Einstein Platform Customer 360 Data Manager Salesforce.org Philanthropy Cloud and Elevate Show more
NEN 7510-1:2017 Certificate	2021-03-29	First party, AWS, Hyperforce	NEN 7510	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Messaging and LiveMessage Heroku Pardot MuleSoft Quip Einstein Platform Customer 360 Data Manager Show more
DR Test Summary 2020 - MuleSoft	2021-03-23	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
ISMAP Cloud Service List	2021-03-18	First party, AWS	ISMAP	Salesforce Services Heroku Salesforce Services Heroku
Vulnerability/Penetration Report Summary - Customer 360 Audiences	2021-03-17	Hyperforce	External Security Assessments	Customer 360 Audiences Customer 360 Audiences
SOC 1 Report - Customer 360 Audiences	2021-03-16	Hyperforce	SOC 1	Customer 360 Audiences Customer 360 Audiences
SOC 2 Report - Customer 360 Audiences	2021-03-16	Hyperforce	SOC 2	Customer 360 Audiences Customer 360 Audiences
SOC 3 Report - Customer 360 Audiences	2021-03-16	Hyperforce	SOC 3	Customer 360 Audiences Customer 360 Audiences
ISO Statement of Applicability - V2.9 (English)	2021-03-15	First party, AWS, Hyperforce	ISO 27001	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Heroku Pardot MuleSoft Quip Einstein Platform Salesforce.org Philanthropy Cloud and Elevate Show more
ISO Statement of Applicability - V2.9 (French)	2021-03-15	First party, AWS, Hyperforce	ISO 27001	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Heroku Pardot MuleSoft Quip Einstein Platform Salesforce.org Philanthropy Cloud and Elevate Show more
Vulnerability Scan Report - Tableau Online	2021-03-09	AWS	Standard Questionnaires, FAQ's and Whitepapers	Tableau Tableau
DR/BCP Summary - Salesforce Services	2021-03-04	First party, AWS	Disaster Recovery & BCP	Salesforce Services Salesforce Services
PCI Responsibility Matrix - Salesforce.org Payment Services	2021-03-02	AWS	PCI DSS	Salesforce.org Philanthropy Cloud and Elevate Salesforce.org Philanthropy Cloud and Elevate
SOC 1 Bridge (Gap) Letter - Commerce Cloud	2021-03-01	First party	SOC 1	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
DR Testing (Site Switching) Summary	2021-02-26	First party, AWS	Disaster Recovery & BCP	Salesforce Services Salesforce Services
SOC 1 Report - Commerce Cloud Digital	2021-02-26	First party	SOC 1	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 2 Report - Commerce Cloud Digital	2021-02-26	First party	SOC 2	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 2 Report - Commerce Cloud Order Management	2021-02-26	First party	SOC 2	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Commerce Cloud Digital	2021-02-26	First party	SOC 3	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Commerce Cloud Order Management	2021-02-26	First party	SOC 3	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Interaction Studio	2021-02-26	AWS	SOC 3	Marketing Cloud Marketing Cloud
SOC 3 Report - Vlocity Digital Commerce Gateway & Order Management Plus	2021-02-26	First party	SOC 3	Vlocity Vlocity
Vulnerability/Penetration Report Summary - ClickSoftware FSE - WebApp & API	2021-02-23	First party	External Security Assessments	ClickSoftware ClickSoftware
Vulnerability/Penetration Report Summary - Interaction Studio	2021-02-22	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
DR Summary - Tableau	2021-02-19	AWS	Disaster Recovery & BCP	Tableau Tableau
PCI Responsibility Matrix - MuleSoft	2021-02-17	AWS	PCI DSS	MuleSoft MuleSoft
SOC 2 Report - Interaction Studio	2021-02-17	AWS	SOC 2	Marketing Cloud Marketing Cloud
DR Summary - MuleSoft	2021-02-12	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
Vulnerability/Penetration Report Summary - Heroku	2021-02-12	AWS	External Security Assessments	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
UK Cloud Security Principles	2021-02-11	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services Salesforce Services
DR Summary - MuleSoft	2021-02-05	AWS	Disaster Recovery & BCP
PCI Attestation of Compliance (AoC) - Mobify	2021-02-04	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
IRS 1075 Attestation Letter - Government Cloud Plus	2021-02-02	First party	IRS 1075	Government Cloud Plus Government Cloud Plus
NIST SP 800-171 Attestation Letter - Government Cloud Plus	2021-02-01	First party	NIST SP 800-171	Government Cloud Plus Government Cloud Plus
PCI Attestation of Compliance (AoC) - Government Cloud Plus	2021-02-01	First party	PCI DSS	Government Cloud Plus Government Cloud Plus
SOC 3 Report - Government Cloud Plus	2021-02-01	First party	SOC 3	Government Cloud Plus Government Cloud Plus
C5 (ISAE 3000) Report - Salesforce Services	2021-01-29	First party, AWS	C5 (ISAE 3000)	Salesforce Services Salesforce Services
DR Summary - ExactTarget	2021-01-27	First party	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
SOC 1 Report - Mulesoft	2021-01-27	AWS	SOC 1	MuleSoft MuleSoft
SOC 2 Report - Mulesoft	2021-01-27	AWS	SOC 2	MuleSoft MuleSoft
SOC 3 Report - MuleSoft	2021-01-27	AWS	SOC 3	MuleSoft MuleSoft
PCI Attestation of Compliance (AoC) - MuleSoft	2021-01-26	AWS	PCI DSS	MuleSoft MuleSoft
Vulnerability/Penetration Report Summary - Tableau Mobile (Android)	2021-01-26	AWS	External Security Assessments	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Mobile (iOS)	2021-01-26	AWS	External Security Assessments	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Online (TOL)	2021-01-26	AWS	External Security Assessments	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Server	2021-01-26	First party, AWS, Hyperforce	External Security Assessments	Tableau Tableau
SOC 2 Report (Type 1) - Workplace Command Center and Employee Wellness Check	2021-01-22	First party	SOC 2	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Salesforce.org Philanthropy Cloud	2021-01-21	AWS	External Security Assessments	Salesforce.org Philanthropy Cloud and Elevate Salesforce.org Philanthropy Cloud and Elevate
Vulnerability/Penetration Report Summary-Hyperforce/Unified Cloud Infrastructure	2021-01-13	Hyperforce	External Security Assessments	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Quip	2021-01-12	AWS	External Security Assessments	Quip Quip
DR Summary - Heroku	2021-01-07	AWS	Disaster Recovery & BCP	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
SOC 1 Report - Salesforce Services	2021-01-07	First party, AWS	SOC 1	Salesforce Services Government Cloud Salesforce Services Government Cloud Einstein Platform Show more
SOC 2 Report - Salesforce Services	2021-01-07	First party, AWS	SOC 2	Salesforce Services Government Cloud Salesforce Services Government Cloud Einstein Platform Show more
SOC 3 Report - Salesforce Services	2021-01-07	First party, AWS	SOC 3	Salesforce Services Salesforce Services
HITRUST Certificate - ExactTarget	2021-01-06	First party	HITRUST	Marketing Cloud Marketing Cloud
HITRUST Certificate - Salesforce Services	2021-01-06	First party, AWS	HITRUST	Salesforce Services Government Cloud Salesforce Services Government Cloud
SOC 1 Report - Heroku	2021-01-05	AWS	SOC 1	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
SOC 2 Report - Heroku	2021-01-05	AWS	SOC 2	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
SOC 3 Report - Heroku	2021-01-05	AWS	SOC 3	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
Salesforce Binding Corporate Rules	2021-01-01	First party, AWS, Hyperforce	Salesforce BCRs	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Vlocity Messaging and LiveMessage Heroku Pardot IoT Cloud MuleSoft Quip Einstein Platform myTrailhead Tableau Salesforce.org Philanthropy Cloud and Elevate Show more
Vulnerability/Penetration Report Summary - Salesforce Services	2020-12-22	First party, AWS	External Security Assessments	Salesforce Services Government Cloud Salesforce Services Government Cloud Salesforce.org Philanthropy Cloud and Elevate Show more
Vulnerability/Penetration Report Summary - Tableau CRM Mobile (Andr./iOS)	2020-12-22	First party	External Security Assessments	Salesforce Services Government Cloud Salesforce Services Government Cloud
Vulnerability/Penetration Report Summary - Field Service Lightning (Andr./iOS)	2020-12-21	First party	External Security Assessments	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Salesforce Mobile (Andr./iOS)	2020-12-21	First party	External Security Assessments	Salesforce Services Salesforce Services
Network Vulnerability Assessment	2020-12-20	First party, AWS	PCI DSS	Salesforce Services B2B Commerce Salesforce Services B2B Commerce
SOC 2 Report (Type 1) - Field Service	2020-12-18	AWS	SOC 2	Salesforce Services Salesforce Services
SOC 2 Report (Type 1) - Vlocity Managed Packages	2020-12-18	First party	SOC 2	Vlocity Vlocity
SOC 2 Report - Vlocity Digital Commerce Gateway & Order Management Plus	2020-12-18	AWS	SOC 2	Vlocity Vlocity
Vulnerability/Penetration Report Summary - Salesforce Authenticator (Andr./iOS)	2020-12-18	First party	External Security Assessments	Salesforce Services Salesforce Services
SOC 1 Report - Corporate Services	2020-12-15	First party, AWS, Hyperforce	SOC 1	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Vlocity Messaging and LiveMessage Heroku Pardot Desk.com IoT Cloud MuleSoft Quip Einstein Platform myTrailhead Salesforce IQ Salesforce.org Philanthropy Cloud and Elevate Show more
SOC 2 Report - Audience Studio	2020-12-15	AWS	SOC 2	Audience Studio and Data Studio Audience Studio and Data Studio
SOC 2 Report - Corporate Services	2020-12-15	First party, AWS, Hyperforce	SOC 2	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Vlocity Messaging and LiveMessage Heroku Pardot Desk.com IoT Cloud MuleSoft Quip Einstein Platform myTrailhead Salesforce IQ Data.com Salesforce.org Philanthropy Cloud and Elevate Show more
SOC 2 Report - ExactTarget and Advertising Studio	2020-12-15	First party	SOC 2	Marketing Cloud Marketing Cloud
SOC 2 Report - Pardot	2020-12-15	AWS	SOC 2	Pardot Pardot
SOC 2 Report (Type 1) - Einstein Bots	2020-12-15	AWS	SOC 2	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Advertising Studio	2020-12-15	First party	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - ExactTarget	2020-12-15	First party	External Security Assessments	Marketing Cloud Marketing Cloud
DR Summary - Audience Studio	2020-12-11	AWS	Disaster Recovery & BCP	Marketing Cloud Audience Studio and Data Studio Marketing Cloud Audience Studio and Data Studio
Vulnerability/Penetration Report Summary - Audience Studio and Data Studio	2020-12-11	AWS	External Security Assessments	Audience Studio and Data Studio Audience Studio and Data Studio
Vulnerability/Penetration Report Summary - Predictive Intelligence	2020-12-11	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Social Studio	2020-12-11	First party	External Security Assessments	Marketing Cloud Marketing Cloud
BCP Summary	2020-12-08	First party, AWS, Hyperforce	Disaster Recovery & BCP	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Pardot MuleSoft Customer 360 Audiences Tableau Salesforce.org Philanthropy Cloud and Elevate Show more
Network Vulnerability Assessment - Heroku	2020-12-03	AWS	PCI DSS	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
ISO Statement of Applicability - V2.8 (English)	2020-11-13	First party, AWS	ISO 27001	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Heroku Pardot MuleSoft Quip Einstein Platform Salesforce.org Philanthropy Cloud and Elevate Show more
ISO Statement of Applicability - V2.8 (French)	2020-11-13	First party, AWS	ISO 27001	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Heroku Pardot MuleSoft Quip Einstein Platform Salesforce.org Philanthropy Cloud and Elevate Show more
SOC 3 Report - Datorama	2020-11-10	AWS	SOC 3	Marketing Cloud Marketing Cloud
SOC 3 Report - Einstein.AI	2020-11-10	AWS	SOC 3	Einstein Platform Einstein Platform
SOC 3 Report - Einstein Platform	2020-11-10	AWS	SOC 3	Einstein Platform Einstein Platform
SOC 3 Report - Quip	2020-11-10	AWS	SOC 3	Quip Quip
Vulnerability/Penetration Report Summary - MuleSoft	2020-11-10	AWS	External Security Assessments	MuleSoft MuleSoft
CSA CAIQ - Tableau	2020-10-23	AWS	Standard Questionnaires, FAQ's and Whitepapers	Tableau Tableau
PCI Responsibility Matrix - Heroku	2020-10-14	AWS	PCI DSS	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
DR Summary - Social Studio	2020-10-12	First party	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
DR Summary - Pardot	2020-10-09	AWS	Disaster Recovery & BCP	Marketing Cloud Pardot Marketing Cloud Pardot
Vulnerability/Penetration Report Summary - myTrailhead	2020-10-06	AWS	External Security Assessments	myTrailhead myTrailhead
Vulnerability/Penetration Report Summary - Salesforce Services Data Mask Add-on	2020-10-05	First party, AWS	External Security Assessments	Salesforce Services Salesforce Services
CSA CAIQ - Salesforce Services	2020-09-24	First party, AWS	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services Government Cloud Salesforce Services Government Cloud
CSA CAIQ - Mulesoft (EN)	2020-09-17	AWS	Standard Questionnaires, FAQ's and Whitepapers	MuleSoft MuleSoft
DR Summary - Datorama	2020-09-09	AWS	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - B2B Commerce	2020-09-09	First party	External Security Assessments	B2B Commerce B2B Commerce
Vulnerability/Penetration Report Summary - Tableau CRM	2020-08-26	AWS	External Security Assessments	Salesforce Services Government Cloud Salesforce Services Government Cloud
PCI Attestation of Compliance (AoC) - Salesforce.org Payment Services	2020-08-13	AWS	PCI DSS	Salesforce.org Philanthropy Cloud and Elevate Salesforce.org Philanthropy Cloud and Elevate
SOC 2 Report - ClickSoftware	2020-08-13	First party	SOC 2	ClickSoftware ClickSoftware
PCI Attestation of Compliance (AoC) - Commerce Cloud	2020-08-07	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
Vulnerability/Penetration Report Summary - Messaging and LiveMessage	2020-08-07	AWS	External Security Assessments	Salesforce Services Government Cloud Salesforce Services Government Cloud Messaging and LiveMessage Show more
IRAP Assessment letter [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services Salesforce Services
IRAP Customer Configuration User Guide Health Check [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services Salesforce Services
IRAP Customer Configuration User Guide [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services Salesforce Services
Salesforce ASD Essential Eight Maturity report	2020-08-04	First party, AWS	IRAP	Salesforce Services Salesforce Services
Salesforce Services IRAP Assessment Report [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Datorama	2020-08-04	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Einstein Vision, Language & Voice	2020-08-03	AWS	External Security Assessments	Einstein Platform Einstein Platform
Security and Compliance Best Practices and FAQ - Work.com	2020-07-30	First party, AWS	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Pardot	2020-07-24	AWS	External Security Assessments	Pardot Pardot
UK Cyber Essentials Plus Certificate	2020-07-17	First party, AWS, Hyperforce	UK Cyber Essentials Plus
International Transfers of EU Personal Data to Salesforce's Services FAQ	2020-07-16	First party, AWS, Hyperforce	Privacy Shield	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Vlocity Messaging and LiveMessage Heroku Pardot Desk.com IoT Cloud MuleSoft MuleSoft Government Cloud Quip Einstein Platform myTrailhead Salesforce IQ Customer 360 Data Manager Data.com Tableau ClickSoftware Salesforce.org Philanthropy Cloud and Elevate Show more
PCI Attestation of Compliance (AoC) - Salesforce Services	2020-07-15	First party, AWS	PCI DSS	Salesforce Services Government Cloud Salesforce Services Government Cloud B2B Commerce Show more
PCI Responsibility Matrix - Salesforce Services	2020-07-15	First party, AWS	PCI DSS	Salesforce Services Government Cloud Salesforce Services Government Cloud B2B Commerce Show more
SOC 2 Report - Datorama	2020-07-15	AWS	SOC 2	Marketing Cloud Marketing Cloud
TRUSTe APEC Processor Seal	2020-07-10	First party	TRUSTe APEC Processor Seal	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio B2B Commerce Messaging and LiveMessage Heroku Pardot Desk.com IoT Cloud MuleSoft Quip Einstein Platform myTrailhead Customer 360 Data Manager Show more
PCI Attestation of Compliance (AoC) - Heroku	2020-07-08	AWS	PCI DSS	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
SOC 2 Report - Einstein.AI	2020-07-07	AWS	SOC 2	Einstein Platform Einstein Platform
SOC 2 Report - Einstein Platform	2020-07-07	AWS	SOC 2	Einstein Platform Einstein Platform
SOC 2 Report - Predictive Intelligence	2020-07-06	AWS	SOC 2	Marketing Cloud Marketing Cloud
SOC 2 Report - Social Studio	2020-07-06	First party	SOC 2	Marketing Cloud Marketing Cloud
SOC 2 Report - Quip	2020-07-01	AWS	SOC 2	Quip Quip
FedRAMP Government Cloud Plus	2020-06-17	First party	FedRAMP High	Government Cloud Plus Government Cloud Plus
DoD IL2 Government Cloud	2020-06-11	First party	DoD IL2	Government Cloud Government Cloud
DoD IL2 Government Cloud Plus	2020-06-11	First party	DoD IL2	Government Cloud Plus Government Cloud Plus
DoD IL4	2020-06-11	First party	DoD IL4	Government Cloud Government Cloud
FedRAMP Government Cloud	2020-06-10	First party	FedRAMP Moderate	Government Cloud Government Cloud
SOC 2 Report - Tableau	2020-06-05	AWS	SOC 2	Tableau Tableau
SOC 3 Report - Tableau	2020-06-05	AWS	SOC 3	Tableau Tableau
Vulnerability Response Plan Summary	2020-05-31	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Messaging and LiveMessage Heroku Pardot Desk.com IoT Cloud MuleSoft MuleSoft Government Cloud Quip Einstein Platform myTrailhead Salesforce IQ Customer 360 Data Manager Customer 360 Audiences Data.com Tableau Salesforce.org Philanthropy Cloud and Elevate Show more
ASP/SaaS Certificate (Japan)	2020-05-16	First party	ASP/SaaS	Salesforce Services Salesforce Services
PrivacyMark Certificate (Japan)	2020-05-12	First party	PrivacyMark
SOC 1 Report - Government Cloud Plus	2020-04-30	First party	SOC 1	Government Cloud Plus Government Cloud Plus
SOC 2 Report - Government Cloud Plus	2020-04-30	First party	SOC 2	Government Cloud Plus Government Cloud Plus
SOC 2 Report (Type 1) - Salesforce Maps	2020-04-30	AWS	SOC 2	Salesforce Services Salesforce Services
SOC 2 Report (Type 1) - Salesforce.org	2020-04-30	First party, AWS	SOC 2	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Service Cloud Einstein	2020-04-20	AWS	External Security Assessments	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Sales Cloud Einstein	2020-04-17	AWS	External Security Assessments	Einstein Platform Einstein Platform
DR/BCP Summary - Commerce Cloud	2020-04-13	First party	Disaster Recovery & BCP	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
CSA CAIQ - Heroku	2020-02-28	AWS	Standard Questionnaires, FAQ's and Whitepapers	Heroku Salesforce.org Philanthropy Cloud and Elevate Heroku Salesforce.org Philanthropy Cloud and Elevate
Vulnerability/Penetration Report Summary - Marketing Cloud Mobile (Andr./iOS)	2020-02-25	First party	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Salesforce Events Mobile (Andr./iOS)	2020-02-18	First party	External Security Assessments	Salesforce Services Salesforce Services
BCP Summary - Mulesoft	2020-01-29	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
ISO 27001/27017/27018 Certificate - Misc. Services	2020-01-21	AWS	ISO 27001	Marketing Cloud Messaging and LiveMessage Marketing Cloud Messaging and LiveMessage
CSA CAIQ - ExactTarget (EN)	2020-01-17	First party	Standard Questionnaires, FAQ's and Whitepapers	Marketing Cloud Marketing Cloud
CSA CAIQ - ExactTarget (JP)	2020-01-17	First party	Standard Questionnaires, FAQ's and Whitepapers	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Salesforce Inbox Mobile (Andr./iOS)	2019-12-20	First party	External Security Assessments	Einstein Platform Einstein Platform
[Whitepaper] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud	2019-11-01	First party, AWS	HIPAA	Salesforce Services Government Cloud Salesforce Services Government Cloud Government Cloud Plus Show more
PCI Responsibility Matrix - Commerce Cloud	2019-10-01	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
Incident Response Plan Summary	2019-09-16	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Vlocity Messaging and LiveMessage Heroku Pardot Desk.com IoT Cloud MuleSoft MuleSoft Government Cloud Quip Einstein Platform myTrailhead Salesforce IQ Customer 360 Data Manager Customer 360 Audiences Data.com Tableau Salesforce.org Philanthropy Cloud and Elevate Show more
CSA CAIQ - Mulesoft (JP)	2019-09-10	AWS	Standard Questionnaires, FAQ's and Whitepapers	MuleSoft MuleSoft
NISC Security Standard (Japan)	2019-08-08	First party	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services Salesforce Services
CSA CAIQ - Pardot (EN)	2019-06-18	AWS	Standard Questionnaires, FAQ's and Whitepapers	Pardot Pardot
CSA CAIQ - Pardot (JP)	2019-06-18	AWS	Standard Questionnaires, FAQ's and Whitepapers	Pardot Pardot
CSA CAIQ - Quip	2019-06-18	AWS	Standard Questionnaires, FAQ's and Whitepapers	Quip Quip
CSA CAIQ - Audience Studio and Data Studio	2019-05-01	AWS	Standard Questionnaires, FAQ's and Whitepapers	Audience Studio and Data Studio Audience Studio and Data Studio
FISC (Japan)	2019-02-26	First party	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services Salesforce Services
CS Gold Mark License (Japan)	2018-09-26	First party	CS Gold Mark	Salesforce Services Salesforce Services
Vulnerability/Penetration Report Summary - Einstein Discovery	2017-12-07	AWS	External Security Assessments	Salesforce Services Government Cloud Salesforce Services Government Cloud
Financial Services Cloud Resources	N/A	First party, AWS, Hyperforce	Financial Services Compliance	Salesforce Services Salesforce Services
GDPR - Data Protection Impact Assessments & Salesforce Services	N/A	First party, AWS, Hyperforce	GDPR	Salesforce Services B2C Commerce / Commerce Cloud Salesforce Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Government Cloud B2B Commerce Government Cloud Plus Vlocity Messaging and LiveMessage Heroku Pardot Desk.com IoT Cloud MuleSoft MuleSoft Government Cloud Quip Einstein Platform myTrailhead Salesforce IQ Customer 360 Data Manager Data.com Tableau ClickSoftware Salesforce.org Philanthropy Cloud and Elevate Show more
[Video] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud	N/A	First party, AWS	HIPAA	Salesforce Services Marketing Cloud Salesforce Services Marketing Cloud Government Cloud Government Cloud Plus Heroku MuleSoft Quip Show more

Trust | Compliance

Documents

Additional Information

Trailhead