Compliance engineered for the Cloud
Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.
Salesforce Enterprise Resilience/BCP Summary
This document summarizes the Salesforce Enterprise Resilience framework, Business Continuity Planning (BCP) and Disaster Recovery (DR) programs maintained by Salesforce for its Cloud services. This framework encompasses various programs such as Risk Management, Business Continuity, Crisis Management, Third Party Risk Management, Cyber Resilience, Incident Response, and Disaster Recovery. Each program is managed and regularly reviewed to ensure alignment with industry standards and regulatory compliance. The Enterprise Resilience Board oversees these efforts, ensuring Salesforce can meet commercial, compliance, and operational needs. Specific measures include annual risk assessments, business continuity plans, crisis management teams, third-party risk evaluations, cyber resilience strategies, and a robust incident response system. The elements of the Salesforce Enterprise Resilience framework are verified by external auditors as part of our regular compliance audits. These audit reports and certifications are made available on our self-service compliance documentation portal.
Latest version
Valid from 2025-01-01
Last updated on 2025-04-01
