Compliance engineered for the Cloud

Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

SOC 1 Report - Corporate Services

SOC 1 Agentforce & Einstein Platform B2C Commerce / Commerce Cloud (Hyperforce) Data Cloud General (not service specific) Heroku Marketing Cloud - Account Engagement MuleSoft Salesforce Government Cloud Plus Salesforce Government Cloud Plus - Defense Salesforce Professional Services Salesforce Services (First Party) Salesforce Services (Hyperforce)

The Salesforce Corporate Services report covers the common controls across Services offered by Salesforce. These Corporate Services include: Salesforce Board of Directors, Hiring Practices and Staff Development, Security Training, Risk Management, Monitoring of Internal Controls, Physical Security, Environmental Safeguards, Vendor Audit Program, Logical Security, Network Architecture and Management, Endpoint Protection, Network and Web Application Security Assessments, Threat and Vulnerability Management, Change Management, Security Monitoring, Incident Management, Contingency Planning and Business Continuity. The Salesforce Corporate Services controls relied on by each Service are described in the individual Service level SOC1 reports.

Latest version

Valid from 2025-04-30

Last updated on 2025-06-04

Previous version

Valid from 2024-05-01

Last updated on 2024-12-09

Previous version

Covers period 2023-11-01 through 2024-04-30

Last updated on 2024-06-10

Previous version

Covers period 2023-05-01 through 2023-10-31

Last updated on 2023-12-15

Previous version

Covers period 2022-11-01 through 2023-04-30

Last updated on 2023-06-09

Previous version

Covers period 2022-05-01 through 2022-10-31

Last updated on 2022-12-05