The Salesforce Corporate Services report covers the common controls across Services offered by Salesforce. These Corporate Services include: Salesforce Board of Directors, Hiring Practices and Staff Development, Security Training, Risk Management, Monitoring of Internal Controls, Physical Security, Environmental Safeguards, Vendor Audit Program, Logical Security, Network Architecture and Management, Endpoint Protection, Network and Web Application Security Assessments, Threat and Vulnerability Management, Change Management, Security Monitoring, Incident Management, Contingency Planning and Business Continuity.
The Salesforce Corporate Services controls relied on by each Service are described in the individual Service level SOC2 reports.