Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

Salesforce Professional Services

Applicable to professional services performed by SFDC, its Affiliates, or its or their respective permitted subcontractors under an SOW or Order Form, including the provision of any Deliverables specified in such SOW or Order Form. Controls applicable to certain aspects of the Professional Services (e.g. asset management, employee training, and hiring practices) are covered by Salesforce’s common enterprise-level controls applicable to Salesforce’s company-wide corporate environment (“Salesforce’s Corporate Environment”). The security and privacy-related audits and certifications included in the list below are applicable to Salesforce’s Corporate Environment, as further described in the Professional Services Security Privacy and Architecture Documentation.

Please refer to the "Audits and Certifications" section of the service-specific Security, Privacy and Architecture documentation for details regarding the security and privacy related audits and certifications received.

Applicable documents by category

Filter this list

Name	Updated On	Infrastructure	Category
CMMI Level 3 Appraisal Report	2025-02-21	First party, Hyperforce	Other Reports and Certificates
ISO 9001:2015 - Salesforce, Inc.	2025-01-31	First party	Other Reports and Certificates
Salesforce Enterprise Resilience/BCP Summary	2025-01-29	First party, AWS, Hyperforce	Resilience, BCP & DR
ISO Statement of Applicability (English)	2025-01-28	First party, AWS, Hyperforce	ISO 27001
ISO Statement of Applicability (French)	2025-01-28	First party, AWS, Hyperforce	ISO 27001
SOC 1 Bridge (Gap) Letter - Spiff on Hyperforce	2025-01-06	Hyperforce	SOC 1
Salesforce Third Party Risk Management Overview	2025-01-02	First party, AWS, Hyperforce	FAQ's and White Papers
Vulnerability Management and Response Plan Summary	2025-01-02	First party, AWS, Hyperforce	FAQ's and White Papers
ISO/IEC 27001:2022 Certificate	2024-12-20	First party, AWS, Hyperforce	ISO 27001
ISO/IEC 27017:2015 Certificate	2024-12-20	First party, AWS, Hyperforce	ISO 27017
ISO/IEC 27018:2019 Certificate	2024-12-20	First party, AWS, Hyperforce	ISO 27018
Professional Services Infrastructure and Sub-processors	2024-12-17	First party, AWS, Hyperforce	GDPR
Professional Services Security Privacy and Architecture	2024-12-17	First party, AWS, Hyperforce	GDPR
SOC 1 Report - Corporate Services	2024-12-09	First party, AWS, Hyperforce	SOC 1
SOC 2 Report - Corporate Services	2024-12-09	First party, AWS, Hyperforce	SOC 2
Professional Services Data Processing Addendum	2024-12-01	First party, AWS, Hyperforce	GDPR
Salesforce Security (Incident) Response Plan	2024-09-05	First party, AWS, Hyperforce	FAQ's and White Papers
Salesforce Health & Safety Policy	2024-06-26	First party, AWS, Hyperforce, Azure, GCP	Resilience, BCP & DR
Infrastructure and Sub-processors for Professional Services	2024-03-19	First party, AWS, Hyperforce	GDPR
Security Perspective on the Shared Responsibility Model	2023-07-24	First party, AWS, Hyperforce	FAQ's and White Papers
Salesforce Enterprise Security Overview (JP)	2022-10-04	First party, AWS, Hyperforce	FAQ's and White Papers
Salesforce Security (Incident) Response Plan (JP)	2022-10-04	First party, AWS, Hyperforce	FAQ's and White Papers
Security Perspective on the Shared Responsibility Model (JP)	2022-08-02	First party, AWS, Hyperforce	FAQ's and White Papers
Salesforce Enterprise Security Overview	2022-03-11	First party, AWS, Hyperforce	FAQ's and White Papers