SalesforceSalesforce / Trust
SOC 1 Report - Corporate Services

SOC 1 Report - Corporate Services

The Salesforce Corporate Services report covers the common controls across Services offered by Salesforce. These Corporate Services include: Salesforce Board of Directors, Hiring Practices and Staff Development, Security Training, Risk Management, Monitoring of Internal Controls, Physical Security, Environmental Safeguards, Vendor Audit Program, Logical Security, Network Architecture and Management, Endpoint Protection, Network and Web Application Security Assessments, Threat and Vulnerability Management, Change Management, Security Monitoring, Incident Management, Contingency Planning and Business Continuity. The Salesforce Corporate Services controls relied on by each Service are described in the individual Service level SOC1 reports.

Files

Available versions for download

Reporting Start DateReporting End DateUpdated OnNotesActions
2025-04-30-2025-06-04-
Login to download
2024-05-01-2024-12-09-
Login to download
2023-11-012024-04-302024-06-10-
Login to download
2023-05-012023-10-312023-12-15-
Login to download
2022-11-012023-04-302023-06-09-
Login to download
2022-05-012022-10-312022-12-05-
Login to download

Services covered

Services related to this document

Agentforce & Einstein Platform

Agentforce & Einstein Platform

Applicable to the services and features branded as: Agentforce (collectively, “Agentforce”) which includes the following features: Agentforce Assistant, Agentforce Sales Coach, Agentforce SDR, Agent

B2C Commerce / Commerce Cloud (Hyperforce)

B2C Commerce / Commerce Cloud (Hyperforce)

Applicable to the services branded as B2C Commerce/Commerce Cloud on Hyperforce

Data Cloud

Data Cloud

Applicable to the services branded as Data Cloud, Customer Data Cloud (aka Salesforce Data Cloud), or Customer Data Platform (formerly branded as Salesforce CDP).

General (not service specific)

General (not service specific)

Applicable to Salesforce as an entity without the context of a specific service (Corporate Services)

Heroku

Heroku

Applicable to the services branded as Heroku.

Marketing Cloud - Account Engagement

Marketing Cloud - Account Engagement

Applicable to the services branded as Marketing Cloud Account Engagement (formerly branded as Pardot).

MuleSoft

MuleSoft

Applicable to the services branded as MuleSoft or the Anypoint Platform (MuleSoft Services).

Salesforce Professional Services

Salesforce Professional Services

Applicable to professional services performed by SFDC, its Affiliates, or its or their respective permitted subcontractors under an SOW or Order Form, including the provision of any Deliverables speci

Salesforce Services (First Party)

Salesforce Services (First Party)

Applicable to the core salesforce services branded as B2B Commerce on Lightning Experience, Chatter, Consumer Good Cloud, Customer 360 Audiences (Salesforce UCI Org SPARC), Database.com, Einstein Rela

Salesforce Services (Hyperforce)

Salesforce Services (Hyperforce)

Applicable to the core salesforce services branded as B2B Commerce on Lightning Experience, Chatter, Consumer Good Cloud, Customer 360 Audiences (Salesforce UCI Org SPARC), Database.com, Einstein Rela