PCI DSS 4.0.1 Letter of Engagement - 6.4.2, 6.4.3, and 11.6.1

The PCI Responsibility Matrix outlines which parties (e.g., service providers like Salesforce and their customers) are accountable for specific PCI DSS controls required to protect payment card data. It serves as a guide for defining shared and individual responsibilities, ensuring that each party understands its role in maintaining compliance.

Files

Available versions for download

Reporting Start Date	Reporting End Date	Updated On	Notes	Actions
2025-03-28	2026-03-28	2025-03-28	-	Login to download

Services covered

Services related to this document

Salesforce Services (First Party)

Applicable to the core salesforce services branded as B2B Commerce on Lightning Experience, Chatter, Consumer Good Cloud, Customer 360 Audiences (Salesforce UCI Org SPARC), Database.com, Einstein Rela

PCI DSS 4.0.1 Letter of Engagement - 6.4.2, 6.4.3, and 11.6.1

Files

Services covered

Salesforce Services (First Party)

Salesforce Services (Hyperforce)