Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

Documents

Sort by: Document	Sort by: Last Updated	Infrastructure	Sort by: Certification	Sort by: Service
Vulnerability/Penetration Report Summary - ExactTarget	2021-11-24	First party	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Heroku	2021-11-18	AWS	External Security Assessments	Heroku Heroku
SOC 2 Report - ClickSoftware Field Service Edge	2021-11-15	AWS	SOC 2	ClickSoftware Field Service Edge (FSE) ClickSoftware Field Service Edge (FSE)
Vulnerability/Penetration Report Summary - MuleSoft	2021-11-15	AWS	External Security Assessments	MuleSoft MuleSoft
ISO Statement of Applicability - v3.0 (English)	2021-11-12	First party, AWS, Hyperforce	ISO 27001	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce CDP Salesforce Government Cloud Government Cloud Plus Show more
IRAP Assessment Report - Salesforce Services on Hyperforce AU [PROTECTED]	2021-11-09	Hyperforce	IRAP	Salesforce Services and Additional Services Vlocity Salesforce Services and Additional Services Vlocity
IRAP Engagement letter - Salesforce Services on Hyperforce AU [PROTECTED]	2021-11-09	Hyperforce	IRAP	Salesforce Services and Additional Services Vlocity Salesforce Services and Additional Services Vlocity
Network Vulnerability Assessment	2021-11-03	First party, AWS	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Salesforce Binding Corporate Rules	2021-11-01	First party, AWS, Hyperforce	Salesforce BCRs	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Slack Salesforce Government Cloud Show more
ISO 27001:2013 Certificate	2021-10-28	First party, AWS, Hyperforce	ISO 27001	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce CDP Salesforce Government Cloud Government Cloud Plus Show more
ISO 27017:2015 Certificate	2021-10-28	First party, AWS, Hyperforce	ISO 27017	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce CDP Salesforce Government Cloud Government Cloud Plus Show more
ISO 27018:2019 Certificate	2021-10-28	First party, AWS, Hyperforce	ISO 27018	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce CDP Salesforce Government Cloud Government Cloud Plus Show more
NEN 7510-1:2017 Certificate	2021-10-28	First party, AWS, Hyperforce	NEN 7510	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce CDP Salesforce Government Cloud Government Cloud Plus Show more
FISC (Japan)	2021-10-27	First party	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
CSA CAIQ - Tableau	2021-10-25	AWS	CSA STAR	Tableau Tableau
IRAP Assessment Report - Slack	2021-10-21	AWS	IRAP	Slack Slack
IRAP Engagement letter - Slack	2021-10-21	AWS	IRAP	Slack Slack
Vulnerability/Penetration Report Summary - MacOS Tableau Desktop Application	2021-10-14	First party	External Security Assessments	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Online (TOL)	2021-10-14	AWS	External Security Assessments	Tableau Tableau
Vulnerability/Penetration Report Summary - Windows Tableau Desktop Application	2021-10-14	First party	External Security Assessments	Tableau Tableau
Vulnerability/Penetration Report Summary - Advertising Studio	2021-10-08	First party	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Pardot	2021-10-08	AWS	External Security Assessments	Pardot Pardot
Vulnerability/Penetration Report Summary - Salesforce CDP	2021-10-08	Hyperforce	External Security Assessments	Salesforce CDP Salesforce CDP
Vulnerability/Penetration Report Summary - Social Studio	2021-10-08	First party	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Salesforce Services Data Mask Add-on	2021-10-06	First party, AWS	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Attestation of Compliance (AoC) - Salesforce Services	2021-10-01	First party, AWS	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce Salesforce Government Cloud Show more
SOC 2 Report - Audience Studio	2021-10-01	AWS	SOC 2	Audience Studio and Data Studio Audience Studio and Data Studio
Vulnerability Management and Response Plan Summary	2021-09-27	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Salesforce CDP Data.com Salesforce Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
CSA CAIQ - ExactTarget (EN)	2021-09-21	First party	CSA STAR	Marketing Cloud Marketing Cloud
Salesforce ACSC Essential Eight Maturity report	2021-09-21	Hyperforce	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
Spain Esquema Nacional de Seguridad (ENS) High	2021-09-20	First party	Spain Esquema Nacional de Seguridad (ENS)	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Spain Esquema Nacional de Seguridad (ENS) High (Hyperforce)	2021-09-20	Hyperforce	Spain Esquema Nacional de Seguridad (ENS)	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Vulnerability/Penetration Report Summary - Commerce Cloud Order Management	2021-09-18	First party	External Security Assessments	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
Salesforce Security Tips for Guest User Access Controls (Japan)	2021-09-16	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 1 Bridge (Gap) Letter - Commerce Cloud	2021-09-16	First party	SOC 1	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 1 Bridge (Gap) Letter - Corporate & Salesforce Services	2021-09-16	First party, AWS	SOC 1	Salesforce Services and Additional Services Vlocity Salesforce Services and Additional Services Vlocity Salesforce Government Cloud Government Cloud Plus Show more
SOC 1 Bridge (Gap) Letter - Government Cloud Plus	2021-09-16	First party	SOC 1	Government Cloud Plus Government Cloud Plus
SOC 1 Bridge (Gap) Letter - Heroku	2021-09-16	AWS	SOC 1	Heroku Heroku
SOC 1 Bridge (Gap) Letter - Mulesoft	2021-09-16	AWS	SOC 1	MuleSoft MuleSoft
SOC 1 Bridge (Gap) Letter - Salesforce CDP	2021-09-16	Hyperforce	SOC 1	Salesforce CDP Salesforce CDP
SOC 1 Bridge (Gap) Letter - Salesforce Services on Hyperforce	2021-09-16	Hyperforce	SOC 1	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Vulnerability/Penetration Report Summary - Salesforce Services	2021-09-16	First party, AWS	External Security Assessments	Salesforce Services and Additional Services Salesforce Government Cloud Salesforce Services and Additional Services Salesforce Government Cloud
[Whitepaper] Tableau Secure Development	2021-09-08	AWS	Standard Questionnaires, FAQ's and Whitepapers	Tableau Tableau
CSA STAR Registry - Salesforce Services	2021-09-07	First party	CSA STAR	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Omni Channel Inventory	2021-09-01	AWS, Hyperforce	External Security Assessments	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
DR Testing (Site Switching) Summary	2021-08-30	First party, AWS	Disaster Recovery & BCP	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 1 Report - Salesforce CDP	2021-08-26	Hyperforce	SOC 1	Salesforce CDP Salesforce CDP
SOC 1 Report - Salesforce Services on Hyperforce	2021-08-26	Hyperforce	SOC 1	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
SOC 2 Report - Salesforce CDP	2021-08-26	Hyperforce	SOC 2	Salesforce CDP Salesforce CDP
SOC 2 Report - Salesforce Services on Hyperforce	2021-08-26	Hyperforce	SOC 2	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
SOC 3 Report - Salesforce CDP	2021-08-26	Hyperforce	SOC 3	Salesforce CDP Salesforce CDP
SOC 3 Report - Salesforce Services on Hyperforce	2021-08-26	Hyperforce	SOC 3	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
APEC Controller Certification - Slack	2021-08-25	AWS	APEC Certification for Processors and Controllers	Slack Slack
APEC Processors Certification - Slack	2021-08-25	AWS	APEC Certification for Processors and Controllers	Slack Slack
CSA CAIQ - Slack (EN)	2021-08-25	AWS	CSA STAR	Slack Slack
CSA STAR Registry - Slack	2021-08-25	AWS	CSA STAR	Slack Slack
DR Summary - Slack	2021-08-25	AWS	Disaster Recovery & BCP	Slack Slack
FedRAMP - Slack	2021-08-25	AWS	FedRAMP Moderate	Slack Slack
ISO/IEC 27001:2013 Certificate - Slack	2021-08-25	AWS	ISO 27001	Slack Slack
ISO/IEC 27017:2015 Certificate - Slack	2021-08-25	AWS	ISO 27017	Slack Slack
ISO/IEC 27018:2019 Certificate - Slack	2021-08-25	AWS	ISO 27018	Slack Slack
SOC2 HITRUST Report - Slack	2021-08-25	AWS	SOC 2	Slack Slack
SOC 2 Report - Slack	2021-08-25	AWS	SOC 2	Slack Slack
SOC 3 Report - Slack	2021-08-25	AWS	SOC 3	Slack Slack
Vulnerability/Penetration Report Summary - Slack	2021-08-25	AWS	External Security Assessments	Slack Slack
[Whitepaper] Security at Slack	2021-08-25	AWS	Standard Questionnaires, FAQ's and Whitepapers	Slack Slack
C5 (ISAE 3000) Report - Salesforce Services	2021-08-18	First party, AWS	C5 (ISAE 3000)	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Attestation of Compliance (AoC) - Salesforce.org Payment Services	2021-08-13	AWS	PCI DSS	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Responsibility Matrix - Salesforce.org Payment Services	2021-08-13	AWS	PCI DSS	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report - Salesforce Maps	2021-08-13	AWS	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 3 Report - Salesforce Maps	2021-08-13	AWS	SOC 3	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Attestation of Compliance (AoC) - Commerce Cloud	2021-08-06	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
PCI Responsibility Matrix - Commerce Cloud	2021-08-06	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
Medical Information System Security Management Guideline (Japan)	2021-08-05	First party	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report - Tableau	2021-08-04	AWS	SOC 2	Tableau Tableau
SOC 3 Report - Tableau	2021-08-04	AWS	SOC 3	Tableau Tableau
SOC 1 Report - Commerce Cloud Digital	2021-08-02	First party	SOC 1	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 2 Report - Commerce Cloud Digital	2021-08-02	First party	SOC 2	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Commerce Cloud Digital	2021-08-02	First party	SOC 3	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 2 Report - Datorama	2021-07-30	AWS	SOC 2	Marketing Cloud Marketing Cloud
SOC 3 Report - Datorama	2021-07-30	AWS	SOC 3	Marketing Cloud Marketing Cloud
UK Cyber Essentials Plus Certificate	2021-07-29	First party, AWS, Hyperforce	UK Cyber Essentials Plus	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate ClickSoftware Field Service Edge (FSE) IoT Cloud Customer 360 Data Manager Salesforce CDP Data.com MuleSoft Government Cloud Show more
Vulnerability/Penetration Report Summary - Tableau CRM & Einstein Discovery	2021-07-29	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Government Cloud Salesforce Services and Additional Services Salesforce Government Cloud
Salesforce Services SWIPO Data Portability Transparency Statement	2021-07-27	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report - Vlocity Managed Packages	2021-07-20	First party	SOC 2	Vlocity Vlocity
SOC 3 Report - Vlocity Managed Packages	2021-07-20	First party	SOC 3	Vlocity Vlocity
SOC 1 Report - Mulesoft	2021-07-19	AWS	SOC 1	MuleSoft MuleSoft
SOC 2 Report - Mulesoft	2021-07-19	AWS	SOC 2	MuleSoft MuleSoft
SOC 2 Report - Social Studio	2021-07-19	First party	SOC 2	Marketing Cloud Marketing Cloud
SOC 3 Report - MuleSoft	2021-07-19	AWS	SOC 3	MuleSoft MuleSoft
SOC 3 Report - Social Studio	2021-07-19	First party	SOC 3	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Sales Cloud Einstein	2021-07-16	AWS	External Security Assessments	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Service Cloud Einstein	2021-07-16	AWS	External Security Assessments	Einstein Platform Einstein Platform
PCI Responsibility Matrix - Salesforce Services	2021-07-15	First party, AWS	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce Salesforce Government Cloud Show more
Salesforce Ransomware Mitigation Summary	2021-07-12	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud B2B Commerce Show more
US Dept. of Defense Cybersecurity Maturity Model (CMMC) & Salesforce Whitepaper	2021-07-09	First party, AWS	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Government Cloud Government Cloud Plus Salesforce Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
PCI Attestation of Compliance (AoC) - Heroku	2021-07-08	AWS	PCI DSS	Heroku Heroku
Network Vulnerability Assessment - Heroku	2021-07-07	AWS	PCI DSS	Heroku Heroku
ISO 27001:2013 Certificate - ClickSoftware Field Service Edge (FSE)	2021-07-06	AWS	ISO 27001	ClickSoftware Field Service Edge (FSE) ClickSoftware Field Service Edge (FSE)
ISO 27017:2015 Certificate - ClickSoftware Field Service Edge (FSE)	2021-07-06	AWS	ISO 27017	ClickSoftware Field Service Edge (FSE) ClickSoftware Field Service Edge (FSE)
ISO 27018:2019 Certificate - ClickSoftware Field Service Edge (FSE)	2021-07-06	AWS	ISO 27018	ClickSoftware Field Service Edge (FSE) ClickSoftware Field Service Edge (FSE)
SOC 2 Report - Marketing Cloud Einstein	2021-07-02	AWS	SOC 2	Marketing Cloud Marketing Cloud
SOC 3 Report - Marketing Cloud Einstein	2021-07-02	AWS	SOC 3	Marketing Cloud Marketing Cloud
SOC 1 Report - Government Cloud Plus	2021-07-01	First party	SOC 1	Government Cloud Plus Government Cloud Plus
SOC 1 Report - Heroku	2021-07-01	AWS	SOC 1	Heroku Heroku
SOC 1 Report - Salesforce Services	2021-07-01	First party, AWS	SOC 1	Salesforce Services and Additional Services Einstein Platform Salesforce Services and Additional Services Einstein Platform B2B Commerce Salesforce Government Cloud Show more
SOC 2 Report - Heroku	2021-07-01	AWS	SOC 2	Heroku Heroku
SOC 2 Report - Salesforce Services	2021-07-01	First party, AWS	SOC 2	Salesforce Services and Additional Services Einstein Platform Salesforce Services and Additional Services Einstein Platform B2B Commerce Salesforce Government Cloud Show more
SOC 3 Report - Heroku	2021-07-01	AWS	SOC 3	Heroku Heroku
SOC 3 Report - Salesforce Services	2021-07-01	First party, AWS	SOC 3	Salesforce Services and Additional Services Einstein Platform Salesforce Services and Additional Services Einstein Platform Salesforce Government Cloud Show more
SOC 2 Report - ExactTarget and Advertising Studio	2021-06-29	First party	SOC 2	Marketing Cloud Marketing Cloud
SOC 2 Report - Field Service	2021-06-29	AWS	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 3 Report - ClickSoftware Field Service Edge (FSE)	2021-06-29	AWS	SOC 3	ClickSoftware Field Service Edge (FSE) ClickSoftware Field Service Edge (FSE)
SOC 3 Report - ExactTarget and Advertising Studio	2021-06-29	First party	SOC 3	Marketing Cloud Marketing Cloud
SOC 3 Report - Field Service	2021-06-29	AWS	SOC 3	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 1 Report - Corporate Services	2021-06-23	First party, AWS, Hyperforce	SOC 1	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Salesforce Government Cloud Government Cloud Plus Show more
SOC 2 Report - Corporate Services	2021-06-23	First party, AWS, Hyperforce	SOC 2	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Data.com Salesforce Government Cloud Government Cloud Plus Show more
SOC 2 Report - Einstein Bots	2021-06-23	AWS	SOC 2	Einstein Platform Einstein Platform
SOC 3 Report - Einstein Bots	2021-06-23	AWS	SOC 3	Einstein Platform Einstein Platform
SOC 2 Report - Salesforce Anywhere (including Quip)	2021-06-22	AWS	SOC 2	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
SOC 3 Report - Salesforce Anywhere (including Quip)	2021-06-22	AWS	SOC 3	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
Salesforce Security Tips for Guest User Access Controls	2021-06-17	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report - Einstein.AI	2021-06-15	AWS	SOC 2	Einstein Platform Einstein Platform
SOC 2 Report - Einstein Platform	2021-06-15	AWS	SOC 2	Einstein Platform Einstein Platform
SOC 3 Report - Einstein.AI	2021-06-15	AWS	SOC 3	Einstein Platform Einstein Platform
SOC 3 Report - Einstein Platform	2021-06-15	AWS	SOC 3	Einstein Platform Einstein Platform
NIST SP 800-171 Attestation Letter - Government Cloud	2021-06-14	First party	NIST SP 800-171	Salesforce Government Cloud Salesforce Government Cloud
CSA CAIQ - Audience Studio and Data Studio	2021-06-09	AWS	CSA STAR	Audience Studio and Data Studio Audience Studio and Data Studio
UK NHS Data Security and Protection Toolkit (DSPT)	2021-06-09	First party	NHS DSPT	Salesforce Services and Additional Services Salesforce Services and Additional Services
Network Vulnerability Assessment - Hyperforce APAC (South East - Australia)	2021-06-03	Hyperforce	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
ISMAP Cloud Service List	2021-06-02	First party	ISMAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
ISMAP Cloud Service List (Heroku)	2021-06-02	AWS	ISMAP	Heroku Heroku
SOC 2 Report - Government Cloud Plus	2021-06-01	First party	SOC 2	Government Cloud Plus Government Cloud Plus
Network Vulnerability Assessment - Hyperforce AMER (East)	2021-05-27	Hyperforce	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Network Vulnerability Assessment - Hyperforce APAC (South - India)	2021-05-27	Hyperforce	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
Salesforce Secure Development Lifecycle Overview	2021-05-25	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Salesforce CDP Data.com MuleSoft Government Cloud Show more
Vulnerability/Penetration Report Summary - Salesforce Inbox Mobile (Andr./iOS)	2021-05-25	First party	External Security Assessments	Einstein Platform Einstein Platform
CSA CAIQ - Interaction Studio (EN)	2021-05-18	AWS	CSA STAR	Marketing Cloud Marketing Cloud
IRAP Assessment letter [Official]	2021-05-17	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Datorama	2021-05-14	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
Salesforce Security (Incident) Response Plan	2021-05-07	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Salesforce CDP Data.com Salesforce Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
DoD IL2 - MuleSoft Government Cloud	2021-05-04	AWS	DoD IL2	MuleSoft Government Cloud MuleSoft Government Cloud
FedRAMP - MuleSoft Government Cloud	2021-05-04	AWS	FedRAMP Moderate	MuleSoft Government Cloud MuleSoft Government Cloud
SOC 3 Report - Government Cloud Plus	2021-04-30	First party	SOC 3	Government Cloud Plus Government Cloud Plus
PCI Attestation of Compliance (AoC) - Salesforce Services on Hyperforce	2021-04-01	Hyperforce	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Responsibility Matrix - Salesforce Services on Hyperforce	2021-04-01	Hyperforce	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
ASIP Santé HDS Certificate	2021-03-29	First party, AWS, Hyperforce	ASIP Santé HDS	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce CDP Show more
DR Test Summary 2020 - MuleSoft	2021-03-23	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
ISO Statement of Applicability - V2.9 (French)	2021-03-15	First party, AWS, Hyperforce	ISO 27001	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce Government Cloud Government Cloud Plus Show more
Vulnerability Scan Report - Tableau Online	2021-03-09	AWS	Standard Questionnaires, FAQ's and Whitepapers	Tableau Tableau
DR/BCP Summary - Salesforce Services	2021-03-04	First party, AWS	Disaster Recovery & BCP	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report - Commerce Cloud Order Management	2021-02-26	First party	SOC 2	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Commerce Cloud Order Management	2021-02-26	First party	SOC 3	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Interaction Studio	2021-02-26	AWS	SOC 3	Marketing Cloud Marketing Cloud
SOC 3 Report - Vlocity Digital Commerce Gateway & Order Management Plus	2021-02-26	First party	SOC 3	Vlocity Vlocity
Vulnerability/Penetration Report Summary - ClickSoftware FSE - WebApp & API	2021-02-23	AWS	External Security Assessments	ClickSoftware Field Service Edge (FSE) ClickSoftware Field Service Edge (FSE)
Vulnerability/Penetration Report Summary - Interaction Studio	2021-02-22	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
DR Summary - Tableau	2021-02-19	AWS	Disaster Recovery & BCP	Tableau Tableau
PCI Responsibility Matrix - MuleSoft	2021-02-17	AWS	PCI DSS	MuleSoft MuleSoft
SOC 2 Report - Interaction Studio	2021-02-17	AWS	SOC 2	Marketing Cloud Marketing Cloud
DR Summary - MuleSoft	2021-02-12	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
UK Cloud Security Principles	2021-02-11	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Attestation of Compliance (AoC) - Mobify	2021-02-04	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
IRS 1075 Attestation Letter - Government Cloud Plus	2021-02-02	AWS	IRS 1075	Government Cloud Plus Government Cloud Plus
NIST SP 800-171 Attestation Letter - Government Cloud Plus	2021-02-01	AWS	NIST SP 800-171	Government Cloud Plus Government Cloud Plus
PCI Attestation of Compliance (AoC) - Government Cloud Plus	2021-02-01	First party	PCI DSS	Government Cloud Plus Government Cloud Plus
DR Summary - ExactTarget	2021-01-27	First party	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
PCI Attestation of Compliance (AoC) - MuleSoft	2021-01-26	AWS	PCI DSS	MuleSoft MuleSoft
Vulnerability/Penetration Report Summary - Tableau Mobile (Blackberry)	2021-01-26	AWS	External Security Assessments	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Mobile (iOS/Android)	2021-01-26	AWS	External Security Assessments	Tableau Tableau
Vulnerability/Penetration Report Summary - Tableau Server	2021-01-26	First party	External Security Assessments	Tableau Tableau
SOC 2 Report (Type 1) - Workplace Command Center and Employee Wellness Check	2021-01-22	First party	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Salesforce.org Philanthropy Cloud	2021-01-21	AWS	External Security Assessments	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
Vulnerability/Penetration Report Summary-Hyperforce/Unified Cloud Infrastructure	2021-01-13	Hyperforce	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Quip	2021-01-12	AWS	External Security Assessments	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
DR Summary - Heroku	2021-01-07	AWS	Disaster Recovery & BCP	Heroku Heroku
HITRUST Certificate - ExactTarget	2021-01-06	First party	HITRUST	Marketing Cloud Marketing Cloud
HITRUST Certificate - Salesforce Services	2021-01-06	First party, AWS	HITRUST	Salesforce Services and Additional Services Salesforce Government Cloud Salesforce Services and Additional Services Salesforce Government Cloud
Vulnerability/Penetration Report Summary - Tableau CRM Mobile (Andr./iOS)	2020-12-22	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Government Cloud Salesforce Services and Additional Services Salesforce Government Cloud
Vulnerability/Penetration Report Summary - Field Service Lightning (Andr./iOS)	2020-12-21	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Salesforce Mobile (Andr./iOS)	2020-12-21	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report - Vlocity Digital Commerce Gateway & Order Management Plus	2020-12-18	AWS	SOC 2	Vlocity Vlocity
Vulnerability/Penetration Report Summary - Salesforce Authenticator (Andr./iOS)	2020-12-18	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report - Pardot	2020-12-15	AWS	SOC 2	Pardot Pardot
DR Summary - Audience Studio	2020-12-11	AWS	Disaster Recovery & BCP	Marketing Cloud Audience Studio and Data Studio Marketing Cloud Audience Studio and Data Studio
Vulnerability/Penetration Report Summary - Audience Studio and Data Studio	2020-12-11	AWS	External Security Assessments	Audience Studio and Data Studio Audience Studio and Data Studio
Vulnerability/Penetration Report Summary - Marketing Cloud Einstein	2020-12-11	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
BCP Summary	2020-12-08	First party, AWS, Hyperforce	Disaster Recovery & BCP	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio MuleSoft Tableau Pardot LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce CDP Show more
PCI Responsibility Matrix - Heroku	2020-10-14	AWS	PCI DSS	Heroku Heroku
DR Summary - Social Studio	2020-10-12	First party	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
DR Summary - Pardot	2020-10-09	AWS	Disaster Recovery & BCP	Marketing Cloud Pardot Marketing Cloud Pardot
Vulnerability/Penetration Report Summary - myTrailhead	2020-10-06	AWS	External Security Assessments	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
CSA CAIQ - Salesforce Services	2020-09-24	First party, AWS	CSA STAR	Salesforce Services and Additional Services Salesforce Government Cloud Salesforce Services and Additional Services Salesforce Government Cloud
CSA CAIQ - Mulesoft (EN)	2020-09-17	AWS	CSA STAR	MuleSoft MuleSoft
DR Summary - Datorama	2020-09-09	AWS	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - B2B Commerce	2020-09-09	First party	External Security Assessments	B2B Commerce B2B Commerce
Vulnerability/Penetration Report Summary - Messaging and LiveMessage	2020-08-07	AWS	External Security Assessments	Salesforce Services and Additional Services LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce Services and Additional Services LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce Government Cloud Show more
IRAP Customer Configuration User Guide Health Check [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
IRAP Customer Configuration User Guide [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
Salesforce ASD Essential Eight Maturity report	2020-08-04	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Einstein Vision, Language & Voice	2020-08-03	AWS	External Security Assessments	Einstein Platform Einstein Platform
Security and Compliance Best Practices and FAQ - Work.com	2020-07-30	First party, AWS	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
International Transfers of EU Personal Data to Salesforce's Services FAQ	2020-07-16	First party, AWS, Hyperforce	Privacy Shield	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Data.com Salesforce Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
APEC Processor Seal - Salesforce	2020-07-10	First party	APEC Certification for Processors and Controllers	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Show more
FedRAMP Government Cloud Plus	2020-06-17	AWS	FedRAMP High	Government Cloud Plus Government Cloud Plus
DoD IL2 - Salesforce Government Cloud	2020-06-11	First party	DoD IL2	Salesforce Government Cloud Salesforce Government Cloud
DoD IL2 - Salesforce Government Cloud Plus	2020-06-11	AWS	DoD IL2	Government Cloud Plus Government Cloud Plus
DoD IL4	2020-06-11	First party	DoD IL4	Salesforce Government Cloud Government Cloud Plus Salesforce Government Cloud Government Cloud Plus
FedRAMP - Salesforce Government Cloud	2020-06-10	First party	FedRAMP Moderate	Salesforce Government Cloud Salesforce Government Cloud
Salesforce Services IRAP Assessment Report [Official]	2020-06-01	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
ASP/SaaS Certificate (Japan)	2020-05-16	First party	ASP/SaaS	Salesforce Services and Additional Services Salesforce Services and Additional Services
PrivacyMark Certificate (Japan)	2020-05-12	First party	PrivacyMark
SOC 2 Report (Type 1) - Salesforce.org	2020-04-30	First party, AWS	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
DR/BCP Summary - Commerce Cloud	2020-04-13	First party	Disaster Recovery & BCP	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
CSA CAIQ - Heroku	2020-02-28	AWS	CSA STAR	Heroku Heroku
Vulnerability/Penetration Report Summary - Marketing Cloud Mobile (Andr./iOS)	2020-02-25	First party	External Security Assessments	Marketing Cloud Marketing Cloud
BCP Summary - Mulesoft	2020-01-29	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
ISO 27001/27017/27018 Certificate - Misc. Services	2020-01-21	AWS	ISO 27001	Marketing Cloud LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Marketing Cloud LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
CSA CAIQ - ExactTarget (JP)	2020-01-17	First party	CSA STAR	Marketing Cloud Marketing Cloud
[Whitepaper] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud	2019-11-01	First party, AWS, Hyperforce	HIPAA	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Heroku MuleSoft Vlocity B2B Commerce Salesforce CDP Salesforce Government Cloud Government Cloud Plus Show more
CSA CAIQ - Mulesoft (JP)	2019-09-10	AWS	CSA STAR	MuleSoft MuleSoft
NISC Security Standard (Japan)	2019-08-08	First party	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
CSA CAIQ - Pardot (EN)	2019-06-18	AWS	CSA STAR	Pardot Pardot
CSA CAIQ - Pardot (JP)	2019-06-18	AWS	CSA STAR	Pardot Pardot
CSA CAIQ - Quip	2019-06-18	AWS	CSA STAR	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
CS Gold Mark License (Japan)	2018-09-26	First party	CS Gold Mark	Salesforce Services and Additional Services Salesforce Services and Additional Services
Financial Services Cloud Resources	N/A	First party, AWS, Hyperforce	Financial Services Compliance	Salesforce Services and Additional Services Salesforce Services and Additional Services
GDPR - Data Protection Impact Assessments & Salesforce Services	N/A	First party, AWS, Hyperforce	GDPR	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Data.com Salesforce Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
[Video] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud	N/A	First party, AWS, Hyperforce	HIPAA	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Heroku MuleSoft Vlocity B2B Commerce Salesforce CDP Salesforce Government Cloud Government Cloud Plus Show more

Trust | Compliance

Documents

Additional Information

Trailhead