Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

Salesforce Services

Applicable to the services branded as Sales Cloud, Service Cloud, Community Cloud, Chatter, Lightning Platform including Force.com, Salesforce Private Connect, IoT Explorer including IoT Plus, Site.com, Database.com, Einstein Analytics including Einstein Discovery, WDC, Messaging, Financial Services Cloud, Health Cloud, Sustainability Cloud, Consumer Goods Cloud, Manufacturing Cloud, Emergency Program Management, Service Cloud Voice, Salesforce CPQ and Salesforce Billing, Salesforce Maps, Salesforce Order Management, B2B Commerce on Lightning Experience, Workplace Command Center, Shift Management, and the Salesforce.org LLC "Salesforce.org" services branded as Salesforce Advisor Link, foundationConnect provisioned on or after August 19, 2019, Accounting Subledger, Salesforce.org Insights Platform: Data Integrity, and Nonprofit Cloud Case Management. Some specific certifications and reports may not apply to all services in the above list. Please refer to the "Audits and Certifications" section of the "Salesforce Security, Privacy and Architecture" document for any limitations — https://trust.salesforce.com/en/trust-and-compliance-documentation/

Applicable certifications and documents

Sort by: Document	Sort by: Last Updated	Sort by: Certification
Vulnerability Response Plan Summary	2020-10-06	Standard Questionnaires, FAQ's and Whitepapers
Vulnerability/Penetration Report Summary - Salesforce Services Data Mask Add-on	2020-10-05	External Security Assessments
Vulnerability/Penetration Report Summary - Salesforce Services	2020-09-30	External Security Assessments
CSA CAIQ - Salesforce Services	2020-09-24	Standard Questionnaires, FAQ's and Whitepapers
SOC 1 Bridge (Gap) Letter - Corporate & Salesforce Services	2020-09-15	SOC 1
DR Testing (Site Switching) Summary	2020-09-02	Disaster Recovery & BCP
Vulnerability/Penetration Report Summary - Salesforce Mobile (Andr./iOS)	2020-08-06	External Security Assessments
IRAP Assessment letter [Official]	2020-08-04	IRAP
IRAP Customer Configuration User Guide Health Check [Official]	2020-08-04	IRAP
IRAP Customer Configuration User Guide [Official]	2020-08-04	IRAP
Salesforce ASD Essential Eight Maturity report	2020-08-04	IRAP
Salesforce Services IRAP Assessment Report [Official]	2020-08-04	IRAP
Security and Compliance Best Practices and FAQ - Work.com	2020-07-30	Standard Questionnaires, FAQ's and Whitepapers
Network Vulnerability Assessment	2020-07-16	PCI DSS
PCI Attestation of Compliance (AoC) - Salesforce Services	2020-07-15	PCI DSS
PCI Responsibility Matrix - Salesforce Services	2020-07-15	PCI DSS
SOC 2 Report - Salesforce Services	2020-07-14	SOC 2
SOC 1 Report - Salesforce Services	2020-07-10	SOC 1
SOC 3 Report - Salesforce Services	2020-07-10	SOC 3
TRUSTe APEC Processor Seal	2020-07-10	TRUSTe APEC Processor Seal
SOC 1 Report - Corporate Services	2020-06-30	SOC 1
SOC 2 Report - Corporate Services	2020-06-30	SOC 2
HITRUST Certificate	2020-05-28	HITRUST
ASP/SaaS Certificate (Japan)	2020-05-13	ASP/SaaS
SOC 2 Report - Salesforce Maps	2020-04-30	SOC 2
Salesforce Vulnerability Management Overview (EN)	2020-04-23	Standard Questionnaires, FAQ's and Whitepapers
Salesforce Vulnerability Management Overview (JP)	2020-04-23	Standard Questionnaires, FAQ's and Whitepapers
ASIP Santé HDS Certificate	2020-03-12	ASIP Santé HDS
C5 (ISAE 3000) Report - Salesforce Services	2020-03-04	C5 (ISAE 3000)
Vulnerability/Penetration Report Summary - Salesforce Events Mobile (Andr./iOS)	2020-02-18	External Security Assessments
Vulnerability/Penetration Report Summary - Einstein Analytics Mobile (Andr./iOS)	2020-02-05	External Security Assessments
Report on compliance with NEN7510 requirements	2020-01-30	NEN 7510
ISO 27017 Certificate	2020-01-22	ISO 27017
ISO 27018 Certificate	2020-01-22	ISO 27018
ISO 27001 Certificate	2020-01-21	ISO 27001
Vulnerability/Penetration Report Summary - Field Service Lightning (Andr./iOS)	2020-01-10	External Security Assessments
Vulnerability/Penetration Report Summary - Einstein Analytics	2020-01-03	External Security Assessments
Vulnerability/Penetration Report Summary - Messaging and LiveMessage	2019-11-19	External Security Assessments
Vulnerability/Penetration Report Summary - Salesforce Authenticator (Andr./iOS)	2019-11-19	External Security Assessments
Privacy Shield Registration	2019-11-18	Privacy Shield
Salesforce Binding Corporate Rules	2019-11-18	Salesforce BCRs
ISO Statement of Applicability	2019-11-04	ISO 27001
[Whitepaper] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud	2019-11-01	HIPAA
DR/BCP Summary - Salesforce Services	2019-10-04	Disaster Recovery & BCP
Incident Response Plan Summary	2019-09-16	Standard Questionnaires, FAQ's and Whitepapers
NISC Security Standard (Japan)	2019-08-08	Standard Questionnaires, FAQ's and Whitepapers
FISC (Japan)	2019-02-26	Standard Questionnaires, FAQ's and Whitepapers
CS Gold Mark License (Japan)	2018-09-26	CS Gold Mark
Vulnerability/Penetration Report Summary - Einstein Discovery	2017-12-07	External Security Assessments
Financial Services Cloud Resources	N/A	Financial Services Compliance
GDPR - DPIA General Whitepaper	N/A	GDPR
GDPR - DPIA Salesforce Services	N/A	GDPR
[Video] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud	N/A	HIPAA

Salesforce Services

Applicable certifications and documents

Additional Information

Trailhead

Trust | Compliance

Salesforce Services

Applicable certifications and documents

Additional Information

Trailhead