Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

Documents

Sort by: Document	Sort by: Last Updated	Infrastructure	Sort by: Certification	Sort by: Service
Incident Response Plan Summary	2021-05-07	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Online Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Customer 360 Audiences Data.com Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
DoD IL2 - MuleSoft Government Cloud	2021-05-04	AWS	DoD IL2	MuleSoft Government Cloud MuleSoft Government Cloud
FedRAMP - MuleSoft Government Cloud	2021-05-04	AWS	FedRAMP Moderate	MuleSoft Government Cloud MuleSoft Government Cloud
SOC 1 Report - Salesforce Services on Hyperforce	2021-04-28	Hyperforce	SOC 1	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report - Salesforce Services on Hyperforce	2021-04-28	Hyperforce	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 3 Report - Salesforce Services on Hyperforce	2021-04-28	Hyperforce	SOC 3	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 1 Bridge (Gap) Letter - Commerce Cloud	2021-04-12	First party	SOC 1	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
PCI Attestation of Compliance (AoC) - Salesforce Services on Hyperforce	2021-04-01	Hyperforce	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
PCI Responsibility Matrix - Salesforce Services on Hyperforce	2021-04-01	Hyperforce	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
SOC 1 Bridge (Gap) Letter - Corporate & Salesforce Services	2021-03-31	First party, AWS	SOC 1	Salesforce Services and Additional Services Vlocity Salesforce Services and Additional Services Vlocity Government Cloud Government Cloud Plus Show more
SOC 1 Bridge (Gap) Letter - Government Cloud Plus	2021-03-31	First party	SOC 1	Government Cloud Plus Government Cloud Plus
SOC 1 Bridge (Gap) Letter - Heroku	2021-03-31	AWS	SOC 1	Heroku Heroku
SOC 1 Bridge (Gap) Letter - Mulesoft	2021-03-31	AWS	SOC 1	MuleSoft MuleSoft
ASIP Santé HDS Certificate	2021-03-29	First party, AWS, Hyperforce	ASIP Santé HDS	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Customer 360 Audiences Show more
ISO 27001:2013 Certificate	2021-03-29	First party, AWS, Hyperforce	ISO 27001	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Customer 360 Audiences Government Cloud Government Cloud Plus Show more
ISO 27017:2015 Certificate	2021-03-29	First party, AWS, Hyperforce	ISO 27017	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Customer 360 Audiences Government Cloud Government Cloud Plus Show more
ISO 27018:2019 Certificate	2021-03-29	First party, AWS, Hyperforce	ISO 27018	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Customer 360 Audiences Government Cloud Government Cloud Plus Show more
NEN 7510-1:2017 Certificate	2021-03-29	First party, AWS, Hyperforce	NEN 7510	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Customer 360 Audiences Government Cloud Government Cloud Plus Show more
DR Test Summary 2020 - MuleSoft	2021-03-23	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
ISMAP Cloud Service List	2021-03-18	First party, AWS	ISMAP	Salesforce Services and Additional Services Heroku Salesforce Services and Additional Services Heroku
Vulnerability/Penetration Report Summary - Customer 360 Audiences	2021-03-17	Hyperforce	External Security Assessments	Customer 360 Audiences Customer 360 Audiences
SOC 1 Report - Customer 360 Audiences	2021-03-16	Hyperforce	SOC 1	Customer 360 Audiences Customer 360 Audiences
SOC 2 Report - Customer 360 Audiences	2021-03-16	Hyperforce	SOC 2	Customer 360 Audiences Customer 360 Audiences
SOC 3 Report - Customer 360 Audiences	2021-03-16	Hyperforce	SOC 3	Customer 360 Audiences Customer 360 Audiences
ISO Statement of Applicability - V2.9 (English)	2021-03-15	First party, AWS, Hyperforce	ISO 27001	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Government Cloud Government Cloud Plus Show more
ISO Statement of Applicability - V2.9 (French)	2021-03-15	First party, AWS, Hyperforce	ISO 27001	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Government Cloud Government Cloud Plus Show more
Vulnerability Scan Report - Tableau Online	2021-03-09	AWS	Standard Questionnaires, FAQ's and Whitepapers	Tableau Online Tableau Online
DR/BCP Summary - Salesforce Services	2021-03-04	First party, AWS	Disaster Recovery & BCP	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Responsibility Matrix - Salesforce.org Payment Services	2021-03-02	AWS	PCI DSS
DR Testing (Site Switching) Summary	2021-02-26	First party, AWS	Disaster Recovery & BCP	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 1 Report - Commerce Cloud Digital	2021-02-26	First party	SOC 1	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 2 Report - Commerce Cloud Digital	2021-02-26	First party	SOC 2	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 2 Report - Commerce Cloud Order Management	2021-02-26	First party	SOC 2	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Commerce Cloud Digital	2021-02-26	First party	SOC 3	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Commerce Cloud Order Management	2021-02-26	First party	SOC 3	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
SOC 3 Report - Interaction Studio	2021-02-26	AWS	SOC 3	Marketing Cloud Marketing Cloud
SOC 3 Report - Vlocity Digital Commerce Gateway & Order Management Plus	2021-02-26	First party	SOC 3	Vlocity Vlocity
Vulnerability/Penetration Report Summary - ClickSoftware FSE - WebApp & API	2021-02-23	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Interaction Studio	2021-02-22	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
DR Summary - Tableau	2021-02-19	AWS	Disaster Recovery & BCP	Tableau Online Tableau Online
PCI Responsibility Matrix - MuleSoft	2021-02-17	AWS	PCI DSS	MuleSoft MuleSoft
SOC 2 Report - Interaction Studio	2021-02-17	AWS	SOC 2	Marketing Cloud Marketing Cloud
DR Summary - MuleSoft	2021-02-12	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
Vulnerability/Penetration Report Summary - Heroku	2021-02-12	AWS	External Security Assessments	Heroku Heroku
UK Cloud Security Principles	2021-02-11	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
DR Summary - MuleSoft	2021-02-05	AWS	Disaster Recovery & BCP
PCI Attestation of Compliance (AoC) - Mobify	2021-02-04	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
IRS 1075 Attestation Letter - Government Cloud Plus	2021-02-02	First party	IRS 1075	Government Cloud Plus Government Cloud Plus
NIST SP 800-171 Attestation Letter - Government Cloud Plus	2021-02-01	First party	NIST SP 800-171	Government Cloud Plus Government Cloud Plus
PCI Attestation of Compliance (AoC) - Government Cloud Plus	2021-02-01	First party	PCI DSS	Government Cloud Plus Government Cloud Plus
SOC 3 Report - Government Cloud Plus	2021-02-01	First party	SOC 3	Government Cloud Plus Government Cloud Plus
C5 (ISAE 3000) Report - Salesforce Services	2021-01-29	First party, AWS	C5 (ISAE 3000)	Salesforce Services and Additional Services Salesforce Services and Additional Services
DR Summary - ExactTarget	2021-01-27	First party	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
SOC 1 Report - Mulesoft	2021-01-27	AWS	SOC 1	MuleSoft MuleSoft
SOC 2 Report - Mulesoft	2021-01-27	AWS	SOC 2	MuleSoft MuleSoft
SOC 3 Report - MuleSoft	2021-01-27	AWS	SOC 3	MuleSoft MuleSoft
PCI Attestation of Compliance (AoC) - MuleSoft	2021-01-26	AWS	PCI DSS	MuleSoft MuleSoft
Vulnerability/Penetration Report Summary - Tableau Mobile (Android)	2021-01-26	AWS	External Security Assessments	Tableau Online Tableau Online
Vulnerability/Penetration Report Summary - Tableau Mobile (iOS)	2021-01-26	AWS	External Security Assessments	Tableau Online Tableau Online
Vulnerability/Penetration Report Summary - Tableau Online (TOL)	2021-01-26	AWS	External Security Assessments	Tableau Online Tableau Online
Vulnerability/Penetration Report Summary - Tableau Server	2021-01-26	First party, AWS, Hyperforce	External Security Assessments	Tableau Online Tableau Online
SOC 2 Report (Type 1) - Workplace Command Center and Employee Wellness Check	2021-01-22	First party	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Salesforce.org Philanthropy Cloud	2021-01-21	AWS	External Security Assessments	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
Vulnerability/Penetration Report Summary-Hyperforce/Unified Cloud Infrastructure	2021-01-13	Hyperforce	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Quip	2021-01-12	AWS	External Security Assessments	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
DR Summary - Heroku	2021-01-07	AWS	Disaster Recovery & BCP	Heroku Heroku
SOC 1 Report - Salesforce Services	2021-01-07	First party, AWS	SOC 1	Salesforce Services and Additional Services Einstein Platform Salesforce Services and Additional Services Einstein Platform Government Cloud Show more
SOC 2 Report - Salesforce Services	2021-01-07	First party, AWS	SOC 2	Salesforce Services and Additional Services Einstein Platform Salesforce Services and Additional Services Einstein Platform Government Cloud Show more
SOC 3 Report - Salesforce Services	2021-01-07	First party, AWS	SOC 3	Salesforce Services and Additional Services Salesforce Services and Additional Services
HITRUST Certificate - ExactTarget	2021-01-06	First party	HITRUST	Marketing Cloud Marketing Cloud
HITRUST Certificate - Salesforce Services	2021-01-06	First party, AWS	HITRUST	Salesforce Services and Additional Services Government Cloud Salesforce Services and Additional Services Government Cloud
SOC 1 Report - Heroku	2021-01-05	AWS	SOC 1	Heroku Heroku
SOC 2 Report - Heroku	2021-01-05	AWS	SOC 2	Heroku Heroku
SOC 3 Report - Heroku	2021-01-05	AWS	SOC 3	Heroku Heroku
Salesforce Binding Corporate Rules	2021-01-01	First party, AWS, Hyperforce	Salesforce BCRs	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Online Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Government Cloud Show more
Vulnerability/Penetration Report Summary - Salesforce Services	2020-12-22	First party, AWS	External Security Assessments	Salesforce Services and Additional Services Government Cloud Salesforce Services and Additional Services Government Cloud
Vulnerability/Penetration Report Summary - Tableau CRM Mobile (Andr./iOS)	2020-12-22	First party	External Security Assessments	Salesforce Services and Additional Services Government Cloud Salesforce Services and Additional Services Government Cloud
Vulnerability/Penetration Report Summary - Field Service Lightning (Andr./iOS)	2020-12-21	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Salesforce Mobile (Andr./iOS)	2020-12-21	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
Network Vulnerability Assessment	2020-12-20	First party, AWS	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce
SOC 2 Report (Type 1) - Field Service	2020-12-18	AWS	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report (Type 1) - Vlocity Managed Packages	2020-12-18	First party	SOC 2	Vlocity Vlocity
SOC 2 Report - Vlocity Digital Commerce Gateway & Order Management Plus	2020-12-18	AWS	SOC 2	Vlocity Vlocity
Vulnerability/Penetration Report Summary - Salesforce Authenticator (Andr./iOS)	2020-12-18	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 1 Report - Corporate Services	2020-12-15	First party, AWS, Hyperforce	SOC 1	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Government Cloud Government Cloud Plus Show more
SOC 2 Report - Audience Studio	2020-12-15	AWS	SOC 2	Audience Studio and Data Studio Audience Studio and Data Studio
SOC 2 Report - Corporate Services	2020-12-15	First party, AWS, Hyperforce	SOC 2	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Data.com Government Cloud Government Cloud Plus Show more
SOC 2 Report - ExactTarget and Advertising Studio	2020-12-15	First party	SOC 2	Marketing Cloud Marketing Cloud
SOC 2 Report - Pardot	2020-12-15	AWS	SOC 2	Pardot Pardot
SOC 2 Report (Type 1) - Einstein Bots	2020-12-15	AWS	SOC 2	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Advertising Studio	2020-12-15	First party	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - ExactTarget	2020-12-15	First party	External Security Assessments	Marketing Cloud Marketing Cloud
DR Summary - Audience Studio	2020-12-11	AWS	Disaster Recovery & BCP	Marketing Cloud Audience Studio and Data Studio Marketing Cloud Audience Studio and Data Studio
Vulnerability/Penetration Report Summary - Audience Studio and Data Studio	2020-12-11	AWS	External Security Assessments	Audience Studio and Data Studio Audience Studio and Data Studio
Vulnerability/Penetration Report Summary - Predictive Intelligence	2020-12-11	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Social Studio	2020-12-11	First party	External Security Assessments	Marketing Cloud Marketing Cloud
BCP Summary	2020-12-08	First party, AWS, Hyperforce	Disaster Recovery & BCP	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio MuleSoft Tableau Online Pardot LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Customer 360 Audiences Show more
Network Vulnerability Assessment - Heroku	2020-12-03	AWS	PCI DSS	Heroku Heroku
ISO Statement of Applicability - V2.8 (English)	2020-11-13	First party, AWS	ISO 27001	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce Government Cloud Government Cloud Plus Show more
ISO Statement of Applicability - V2.8 (French)	2020-11-13	First party, AWS	ISO 27001	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce Government Cloud Government Cloud Plus Show more
SOC 3 Report - Datorama	2020-11-10	AWS	SOC 3	Marketing Cloud Marketing Cloud
SOC 3 Report - Einstein.AI	2020-11-10	AWS	SOC 3	Einstein Platform Einstein Platform
SOC 3 Report - Einstein Platform	2020-11-10	AWS	SOC 3	Einstein Platform Einstein Platform
SOC 3 Report - Quip	2020-11-10	AWS	SOC 3	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
Vulnerability/Penetration Report Summary - MuleSoft	2020-11-10	AWS	External Security Assessments	MuleSoft MuleSoft
CSA CAIQ - Tableau	2020-10-23	AWS	Standard Questionnaires, FAQ's and Whitepapers	Tableau Online Tableau Online
PCI Responsibility Matrix - Heroku	2020-10-14	AWS	PCI DSS	Heroku Heroku
DR Summary - Social Studio	2020-10-12	First party	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
DR Summary - Pardot	2020-10-09	AWS	Disaster Recovery & BCP	Marketing Cloud Pardot Marketing Cloud Pardot
Vulnerability/Penetration Report Summary - myTrailhead	2020-10-06	AWS	External Security Assessments	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
Vulnerability/Penetration Report Summary - Salesforce Services Data Mask Add-on	2020-10-05	First party, AWS	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
CSA CAIQ - Salesforce Services	2020-09-24	First party, AWS	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Government Cloud Salesforce Services and Additional Services Government Cloud
CSA CAIQ - Mulesoft (EN)	2020-09-17	AWS	Standard Questionnaires, FAQ's and Whitepapers	MuleSoft MuleSoft
DR Summary - Datorama	2020-09-09	AWS	Disaster Recovery & BCP	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - B2B Commerce	2020-09-09	First party	External Security Assessments	B2B Commerce B2B Commerce
Vulnerability/Penetration Report Summary - Tableau CRM	2020-08-26	AWS	External Security Assessments	Salesforce Services and Additional Services Government Cloud Salesforce Services and Additional Services Government Cloud
PCI Attestation of Compliance (AoC) - Salesforce.org Payment Services	2020-08-13	AWS	PCI DSS
SOC 2 Report - ClickSoftware	2020-08-13	First party	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
PCI Attestation of Compliance (AoC) - Commerce Cloud	2020-08-07	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
Vulnerability/Penetration Report Summary - Messaging and LiveMessage	2020-08-07	AWS	External Security Assessments	Salesforce Services and Additional Services LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Salesforce Services and Additional Services LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Government Cloud Show more
IRAP Assessment letter [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
IRAP Customer Configuration User Guide Health Check [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
IRAP Customer Configuration User Guide [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
Salesforce ASD Essential Eight Maturity report	2020-08-04	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
Salesforce Services IRAP Assessment Report [Official]	2020-08-04	First party, AWS	IRAP	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Datorama	2020-08-04	AWS	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Einstein Vision, Language & Voice	2020-08-03	AWS	External Security Assessments	Einstein Platform Einstein Platform
Security and Compliance Best Practices and FAQ - Work.com	2020-07-30	First party, AWS	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Pardot	2020-07-24	AWS	External Security Assessments	Pardot Pardot
UK Cyber Essentials Plus Certificate	2020-07-17	First party, AWS, Hyperforce	UK Cyber Essentials Plus
International Transfers of EU Personal Data to Salesforce's Services FAQ	2020-07-16	First party, AWS, Hyperforce	Privacy Shield	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Online Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Data.com Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
PCI Attestation of Compliance (AoC) - Salesforce Services	2020-07-15	First party, AWS	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce Government Cloud Show more
PCI Responsibility Matrix - Salesforce Services	2020-07-15	First party, AWS	PCI DSS	Salesforce Services and Additional Services B2B Commerce Salesforce Services and Additional Services B2B Commerce Government Cloud Show more
SOC 2 Report - Datorama	2020-07-15	AWS	SOC 2	Marketing Cloud Marketing Cloud
TRUSTe APEC Processor Seal	2020-07-10	First party	TRUSTe APEC Processor Seal	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Show more
PCI Attestation of Compliance (AoC) - Heroku	2020-07-08	AWS	PCI DSS	Heroku Heroku
SOC 2 Report - Einstein.AI	2020-07-07	AWS	SOC 2	Einstein Platform Einstein Platform
SOC 2 Report - Einstein Platform	2020-07-07	AWS	SOC 2	Einstein Platform Einstein Platform
SOC 2 Report - Predictive Intelligence	2020-07-06	AWS	SOC 2	Marketing Cloud Marketing Cloud
SOC 2 Report - Social Studio	2020-07-06	First party	SOC 2	Marketing Cloud Marketing Cloud
SOC 2 Report - Quip	2020-07-01	AWS	SOC 2	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
FedRAMP Government Cloud Plus	2020-06-17	AWS	FedRAMP High	Government Cloud Plus Government Cloud Plus
DoD IL2 - Salesforce Government Cloud	2020-06-11	First party	DoD IL2	Government Cloud Government Cloud
DoD IL2 - Salesforce Government Cloud Plus	2020-06-11	AWS	DoD IL2	Government Cloud Plus Government Cloud Plus
DoD IL4	2020-06-11	First party	DoD IL4	Government Cloud Government Cloud
FedRAMP - Salesforce Government Cloud	2020-06-10	First party	FedRAMP Moderate	Government Cloud Government Cloud
SOC 2 Report - Tableau	2020-06-05	AWS	SOC 2	Tableau Online Tableau Online
SOC 3 Report - Tableau	2020-06-05	AWS	SOC 3	Tableau Online Tableau Online
Vulnerability Response Plan Summary	2020-05-31	First party, AWS, Hyperforce	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Online Pardot Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Customer 360 Audiences Data.com Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
ASP/SaaS Certificate (Japan)	2020-05-16	First party	ASP/SaaS	Salesforce Services and Additional Services Salesforce Services and Additional Services
PrivacyMark Certificate (Japan)	2020-05-12	First party	PrivacyMark
SOC 1 Report - Government Cloud Plus	2020-04-30	First party	SOC 1	Government Cloud Plus Government Cloud Plus
SOC 2 Report - Government Cloud Plus	2020-04-30	First party	SOC 2	Government Cloud Plus Government Cloud Plus
SOC 2 Report (Type 1) - Salesforce Maps	2020-04-30	AWS	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
SOC 2 Report (Type 1) - Salesforce.org	2020-04-30	First party, AWS	SOC 2	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Service Cloud Einstein	2020-04-20	AWS	External Security Assessments	Einstein Platform Einstein Platform
Vulnerability/Penetration Report Summary - Sales Cloud Einstein	2020-04-17	AWS	External Security Assessments	Einstein Platform Einstein Platform
DR/BCP Summary - Commerce Cloud	2020-04-13	First party	Disaster Recovery & BCP	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
CSA CAIQ - Heroku	2020-02-28	AWS	Standard Questionnaires, FAQ's and Whitepapers	Heroku Heroku
Vulnerability/Penetration Report Summary - Marketing Cloud Mobile (Andr./iOS)	2020-02-25	First party	External Security Assessments	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Salesforce Events Mobile (Andr./iOS)	2020-02-18	First party	External Security Assessments	Salesforce Services and Additional Services Salesforce Services and Additional Services
BCP Summary - Mulesoft	2020-01-29	AWS	Disaster Recovery & BCP	MuleSoft MuleSoft
ISO 27001/27017/27018 Certificate - Misc. Services	2020-01-21	AWS	ISO 27001	Marketing Cloud LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Marketing Cloud LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
CSA CAIQ - ExactTarget (EN)	2020-01-17	First party	Standard Questionnaires, FAQ's and Whitepapers	Marketing Cloud Marketing Cloud
CSA CAIQ - ExactTarget (JP)	2020-01-17	First party	Standard Questionnaires, FAQ's and Whitepapers	Marketing Cloud Marketing Cloud
Vulnerability/Penetration Report Summary - Salesforce Inbox Mobile (Andr./iOS)	2019-12-20	First party	External Security Assessments	Einstein Platform Einstein Platform
[Whitepaper] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud	2019-11-01	First party, AWS	HIPAA	Salesforce Services and Additional Services Government Cloud Salesforce Services and Additional Services Government Cloud Government Cloud Plus Show more
PCI Responsibility Matrix - Commerce Cloud	2019-10-01	First party	PCI DSS	B2C Commerce / Commerce Cloud B2C Commerce / Commerce Cloud
CSA CAIQ - Mulesoft (JP)	2019-09-10	AWS	Standard Questionnaires, FAQ's and Whitepapers	MuleSoft MuleSoft
NISC Security Standard (Japan)	2019-08-08	First party	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
CSA CAIQ - Pardot (EN)	2019-06-18	AWS	Standard Questionnaires, FAQ's and Whitepapers	Pardot Pardot
CSA CAIQ - Pardot (JP)	2019-06-18	AWS	Standard Questionnaires, FAQ's and Whitepapers	Pardot Pardot
CSA CAIQ - Quip	2019-06-18	AWS	Standard Questionnaires, FAQ's and Whitepapers	LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate
CSA CAIQ - Audience Studio and Data Studio	2019-05-01	AWS	Standard Questionnaires, FAQ's and Whitepapers	Audience Studio and Data Studio Audience Studio and Data Studio
FISC (Japan)	2019-02-26	First party	Standard Questionnaires, FAQ's and Whitepapers	Salesforce Services and Additional Services Salesforce Services and Additional Services
CS Gold Mark License (Japan)	2018-09-26	First party	CS Gold Mark	Salesforce Services and Additional Services Salesforce Services and Additional Services
Vulnerability/Penetration Report Summary - Einstein Discovery	2017-12-07	AWS	External Security Assessments	Salesforce Services and Additional Services Government Cloud Salesforce Services and Additional Services Government Cloud
Financial Services Cloud Resources	N/A	First party, AWS, Hyperforce	Financial Services Compliance	Salesforce Services and Additional Services Salesforce Services and Additional Services
GDPR - Data Protection Impact Assessments & Salesforce Services	N/A	First party, AWS, Hyperforce	GDPR	Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Salesforce Services and Additional Services B2C Commerce / Commerce Cloud Marketing Cloud Audience Studio and Data Studio Heroku MuleSoft Tableau Online Pardot Vlocity Einstein Platform B2B Commerce LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate IoT Cloud Customer 360 Data Manager Data.com Government Cloud Government Cloud Plus MuleSoft Government Cloud Show more
[Video] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud	N/A	First party, AWS	HIPAA	Salesforce Services and Additional Services Marketing Cloud Salesforce Services and Additional Services Marketing Cloud Heroku MuleSoft Government Cloud Government Cloud Plus Show more

Trust | Compliance

Documents

Additional Information

Trailhead