Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

SOC 2 Report - Corporate Services

SOC 2 Audience Studio and Data Studio B2B Commerce B2C Commerce / Commerce Cloud Data.com Einstein Platform Heroku IoT Cloud LiveMessage, myTrailhead, Salesforce Anywhere, Quip, Philan. Cloud and Elevate Marketing Cloud Marketing Cloud Account Engagement MuleSoft Salesforce Government Cloud Salesforce Government Cloud Plus Salesforce Services and Additional Services Tableau Vlocity

The Salesforce Corporate Services report covers the common controls across Services offered by Salesforce. These Corporate Services include: Salesforce Board of Directors, Hiring Practices and Staff Development, Security Training, Risk Management, Monitoring of Internal Controls, Physical Security, Environmental Safeguards, Vendor Audit Program, Logical Security, Network Architecture and Management, Endpoint Protection, Network and Web Application Security Assessments, Threat and Vulnerability Management, Change Management, Security Monitoring, Incident Management, Contingency Planning and Business Continuity. The Salesforce Corporate Services controls relied on by each Service are described in the individual Service level SOC2 reports.

Latest version

Covers period 2022-05-01 through 2022-10-31

Last updated on 2022-12-05

Previous version

Covers period 2021-11-01 through 2022-04-30

Last updated on 2022-06-24

Previous version

Covers period 2021-05-01 through 2021-10-31

Last updated on 2021-12-08

Previous version

Covers period 2020-11-01 through 2021-04-30

Last updated on 2021-06-23

Previous version

Covers period 2020-05-01 through 2020-10-31

Last updated on 2021-06-23