Trust | Compliance

CertificationsServicesDocuments

Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

Salesforce Services and Additional Services

Applicable to the services branded as B2B Commerce on Lightning Experience, Chatter, Consumer Good Cloud, Customer 360 Audiences (Salesforce UCI Org SPARC), Database.com, Einstein Relationship Intelligence, Emergency Program Management, Employee Productivity, Experience Cloud (formerly Community Cloud), Financial Services Cloud, Health Cloud, IoT Explorer (including IoT Plus), Intelligent Form Reader, IT Service Center - IT Agent, Lightning Platform (including Force.com and Salesforce Connect), Loyalty Cloud, Manufacturing Cloud, Messaging, Privacy Center, Public Sector Solutions, Sales Cloud, Service Cloud (including Field Services managed package), Salesforce Private Connect, Salesforce CPQ and Salesforce Billing, Salesforce Maps, Salesforce Order Management, Service Cloud, Service Cloud Voice, Shift Management, Site.com, Sustainability Cloud, Tableau CRM (formerly Einstein Analytics) (including Einstein Discovery), WDC, Workplace Command Center. Also applicable to the Salesforce.org LLC ("Salesforce.org") services branded as Accounting Subledger, Admissions Connect, foundationConnect (provisioned on or after August 19, 2019), Grants Management, Nonprofit Cloud Case Management, Salesforce Advisor Link, Salesforce.org Insights Platform: Data Integrity, Student Success Hub. Some specific certifications and reports may not apply to all services in the above list. Please refer to the "Audits and Certifications" section of the "Salesforce Security, Privacy and Architecture" document for any limitations — https://trust.salesforce.com/en/trust-and-compliance-documentation/
Salesforce Services and Additional Services

Applicable documents by certification

Sort by:
Document
Sort by:
Last Updated
InfrastructureSort by:
Certification
FISC (Japan)
2021-06-09
First party
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
UK NHS Data Security and Protection Toolkit (DSPT)
2021-06-09
First party
NHS DSPTNHS DSPT
Network Vulnerability Assessment - Hyperforce APAC (South East - Australia)
2021-06-03
Hyperforce
PCI DSSPCI DSS
ISMAP Cloud Service List
2021-06-02
First party, AWS
ISMAPISMAP
Network Vulnerability Assessment - Hyperforce AMER (East)
2021-05-27
Hyperforce
PCI DSSPCI DSS
Network Vulnerability Assessment - Hyperforce APAC (South - India)
2021-05-27
Hyperforce
PCI DSSPCI DSS
Salesforce Secure Development Lifecycle Overview
2021-05-25
First party, AWS, Hyperforce
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
Medical Information System Security Management Guideline (Japan)
2021-05-20
First party
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
IRAP Assessment letter [Official]
2021-05-17
First party, AWS
IRAPIRAP
Salesforce Services IRAP Assessment Report [Official]
2021-05-17
First party, AWS
IRAPIRAP
Salesforce Security (Incident) Response Plan
2021-05-07
First party, AWS, Hyperforce
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
SOC 1 Report - Salesforce Services on Hyperforce
2021-04-28
Hyperforce
SOC 1SOC 1
SOC 2 Report - Salesforce Services on Hyperforce
2021-04-28
Hyperforce
SOC 2SOC 2
SOC 3 Report - Salesforce Services on Hyperforce
2021-04-28
Hyperforce
SOC 3SOC 3
PCI Attestation of Compliance (AoC) - Salesforce Services on Hyperforce
2021-04-01
Hyperforce
PCI DSSPCI DSS
PCI Responsibility Matrix - Salesforce Services on Hyperforce
2021-04-01
Hyperforce
PCI DSSPCI DSS
SOC 1 Bridge (Gap) Letter - Corporate & Salesforce Services
2021-03-31
First party, AWS
SOC 1SOC 1
ASIP Santé HDS Certificate
2021-03-29
First party, AWS, Hyperforce
ASIP Santé HDSASIP Santé HDS
ISO 27001:2013 Certificate
2021-03-29
First party, AWS, Hyperforce
ISO 27001ISO 27001
ISO 27017:2015 Certificate
2021-03-29
First party, AWS, Hyperforce
ISO 27017ISO 27017
ISO 27018:2019 Certificate
2021-03-29
First party, AWS, Hyperforce
ISO 27018ISO 27018
NEN 7510-1:2017 Certificate
2021-03-29
First party, AWS, Hyperforce
NEN 7510NEN 7510
Vulnerability/Penetration Report Summary - Salesforce Services
2021-03-26
First party, AWS
External Security AssessmentsExternal Security Assessments
ISO Statement of Applicability - V2.9 (English)
2021-03-15
First party, AWS, Hyperforce
ISO 27001ISO 27001
ISO Statement of Applicability - V2.9 (French)
2021-03-15
First party, AWS, Hyperforce
ISO 27001ISO 27001
DR/BCP Summary - Salesforce Services
2021-03-04
First party, AWS
Disaster Recovery & BCPDisaster Recovery & BCP
DR Testing (Site Switching) Summary
2021-02-26
First party, AWS
Disaster Recovery & BCPDisaster Recovery & BCP
Vulnerability/Penetration Report Summary - ClickSoftware FSE - WebApp & API
2021-02-23
AWS
External Security AssessmentsExternal Security Assessments
UK Cloud Security Principles
2021-02-11
First party, AWS, Hyperforce
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
C5 (ISAE 3000) Report - Salesforce Services
2021-01-29
First party, AWS
C5 (ISAE 3000)C5 (ISAE 3000)
SOC 2 Report (Type 1) - Workplace Command Center and Employee Wellness Check
2021-01-22
First party
SOC 2SOC 2
Vulnerability/Penetration Report Summary-Hyperforce/Unified Cloud Infrastructure
2021-01-13
Hyperforce
External Security AssessmentsExternal Security Assessments
SOC 1 Report - Salesforce Services
2021-01-07
First party, AWS
SOC 1SOC 1
SOC 2 Report - Salesforce Services
2021-01-07
First party, AWS
SOC 2SOC 2
SOC 3 Report - Salesforce Services
2021-01-07
First party, AWS
SOC 3SOC 3
HITRUST Certificate - Salesforce Services
2021-01-06
First party, AWS
HITRUSTHITRUST
Salesforce Binding Corporate Rules
2021-01-01
First party, AWS, Hyperforce
Salesforce BCRsSalesforce BCRs
Vulnerability/Penetration Report Summary - Tableau CRM Mobile (Andr./iOS)
2020-12-22
First party
External Security AssessmentsExternal Security Assessments
Vulnerability/Penetration Report Summary - Field Service Lightning (Andr./iOS)
2020-12-21
First party
External Security AssessmentsExternal Security Assessments
Vulnerability/Penetration Report Summary - Salesforce Mobile (Andr./iOS)
2020-12-21
First party
External Security AssessmentsExternal Security Assessments
Network Vulnerability Assessment
2020-12-20
First party, AWS
PCI DSSPCI DSS
SOC 2 Report (Type 1) - Field Service
2020-12-18
AWS
SOC 2SOC 2
Vulnerability/Penetration Report Summary - Salesforce Authenticator (Andr./iOS)
2020-12-18
First party
External Security AssessmentsExternal Security Assessments
SOC 1 Report - Corporate Services
2020-12-15
First party, AWS, Hyperforce
SOC 1SOC 1
SOC 2 Report - Corporate Services
2020-12-15
First party, AWS, Hyperforce
SOC 2SOC 2
BCP Summary
2020-12-08
First party, AWS, Hyperforce
Disaster Recovery & BCPDisaster Recovery & BCP
Vulnerability/Penetration Report Summary - Salesforce Services Data Mask Add-on
2020-10-05
First party, AWS
External Security AssessmentsExternal Security Assessments
CSA CAIQ - Salesforce Services
2020-09-24
First party, AWS
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
Vulnerability/Penetration Report Summary - Tableau CRM
2020-08-26
AWS
External Security AssessmentsExternal Security Assessments
SOC 2 Report - ClickSoftware
2020-08-13
AWS
SOC 2SOC 2
Vulnerability/Penetration Report Summary - Messaging and LiveMessage
2020-08-07
AWS
External Security AssessmentsExternal Security Assessments
IRAP Customer Configuration User Guide Health Check [Official]
2020-08-04
First party, AWS
IRAPIRAP
IRAP Customer Configuration User Guide [Official]
2020-08-04
First party, AWS
IRAPIRAP
Salesforce ASD Essential Eight Maturity report
2020-08-04
First party, AWS
IRAPIRAP
Security and Compliance Best Practices and FAQ - Work.com
2020-07-30
First party, AWS
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
International Transfers of EU Personal Data to Salesforce's Services FAQ
2020-07-16
First party, AWS, Hyperforce
Privacy ShieldPrivacy Shield
PCI Attestation of Compliance (AoC) - Salesforce Services
2020-07-15
First party, AWS
PCI DSSPCI DSS
PCI Responsibility Matrix - Salesforce Services
2020-07-15
First party, AWS
PCI DSSPCI DSS
TRUSTe APEC Processor Seal
2020-07-10
First party
TRUSTe APEC Processor SealTRUSTe APEC Processor Seal
Vulnerability Response Plan Summary
2020-05-31
First party, AWS, Hyperforce
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
ASP/SaaS Certificate (Japan)
2020-05-16
First party
ASP/SaaSASP/SaaS
SOC 2 Report (Type 1) - Salesforce Maps
2020-04-30
AWS
SOC 2SOC 2
SOC 2 Report (Type 1) - Salesforce.org
2020-04-30
First party, AWS
SOC 2SOC 2
Vulnerability/Penetration Report Summary - Salesforce Events Mobile (Andr./iOS)
2020-02-18
First party
External Security AssessmentsExternal Security Assessments
[Whitepaper] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud
2019-11-01
First party, AWS
HIPAAHIPAA
NISC Security Standard (Japan)
2019-08-08
First party
Standard Questionnaires, FAQ's and WhitepapersStandard Questionnaires, FAQ's and Whitepapers
CS Gold Mark License (Japan)
2018-09-26
First party
CS Gold MarkCS Gold Mark
Vulnerability/Penetration Report Summary - Einstein Discovery
2017-12-07
AWS
External Security AssessmentsExternal Security Assessments
Financial Services Cloud Resources
N/A
First party, AWS, Hyperforce
Financial Services ComplianceFinancial Services Compliance
GDPR - Data Protection Impact Assessments & Salesforce Services
N/A
First party, AWS, Hyperforce
GDPRGDPR
[Video] Salesforce And The HIPAA Security Rule: Securing EPHI In The Cloud
N/A
First party, AWS
HIPAAHIPAA

Additional Information

Trailhead

Salesforce.com | Careers | Privacy Information

© Copyright 2021 Salesforce.com, inc. All rights reserved.