| https://trust.salesforce.com/ | New window External Subdomain | Salesforce / Trust |
| /en | | Categories |
| /en/services | | Services |
| /en/documents | | Documents |
| /en/truste-apec-processor-seal | | APEC Certification for Processors and Controllers Asia-Pacific Economic Cooperation Privacy Recognition for Processors Certification |
| /en/c5-isae-3000 | | C5 (ISAE 3000) ISAE 3000 Report on the Cloud Computing Compliance Controls Catalogue (C5) |
| /en/cccs-assessment | | CCCS Assessment Canadian Centre for Cyber Security (CCCS) Assessment |
| /en/cjis | | CJIS Establishes and enforces rigorous security standards to protect sensitive criminal justice information |
| /en/csa-star | | CSA STAR Registry of security and privacy controls for cloud computing offerings |
| /en/cybergrx | | CyberGRX CyberGRX assessments apply a dynamic and comprehensive approach to third party risk assessment |
| /en/dora | | Digital Operational Resilience Act (DORA) European Union's Digital Operational Resilience Act (DORA), addressing digital operational risk for the financial s... |
| /en/dod-il2 | | DoD IL2 Cloud computing security requirements for the US Department of Defense for Impact Level 2 |
| /en/dod-il4 | | DoD IL4 Cloud computing security requirements for the US Department of Defense for Impact Level 4 |
| /en/dod-il5 | | DoD IL5 Cloud computing security requirements for the US Department of Defense for Impact Level 5 |
| /en/eu-cloud-code-of-conduct | | EU Cloud Code of Conduct Adherence with EU Cloud Code of Conduct, Verification-ID: 2022LVL02SCOPE3110 and 2022LVL02SCOPE3111 |
| /en/external-security-assessments | | External Security Assessments Attestation of penetration tests and security assessments performed by third parties |
| /en/faqs-and-white-papers | | FAQ's and White Papers Answers to common questions and white papers |
| /en/fedramp-high | | FedRAMP High U.S. government program providing a standard approach to security, authorization and monitoring |
| /en/fedramp-moderate | | FedRAMP Moderate U.S. government program providing a standard approach to security, authorization and monitoring |
| /en/financial-services-compliance | | Financial Services Compliance How Salesforce helps support financial service institutions with regulatory requirements |
| /en/gdpr | | GDPR How Salesforce helps support our customers on their GDPR compliance journeys |
| /en/hipaa | | HIPAA U.S. Privacy requirements for personal health information held by covered entities |
| /en/hitrust | | HITRUST Comprehensive, flexible and efficient approach to regulatory compliance and risk management |
| /en/irap | | IRAP Security assessment for Australian government customers |
| /en/ismap | | ISMAP Japanese government program to assess and register cloud services that meet government security requirements |
| /en/iso-27001 | | ISO 27001 Compliance with specific information security and risk management requirements |
| /en/iso-27017 | | ISO 27017 Adherence with ISO/IEC 27002 Code of Practice controls for cloud services |
| /en/iso-27018 | | ISO 27018 Adherence with Code of Practice controls for protection of personal information |
| /en/nen-7510 | | NEN 7510 Protecting health information for organizations in the Netherlands |
| /en/nist-sp-800171 | | NIST SP 800-171 U.S. security requirements for protecting Controlled Unclassified Information in Nonfederal Systems and Organizations |
| /en/other | | Other Reports and Certificates Various reports and certificates not applicable to other categories |
| /en/pci-dss | | PCI DSS Validation of controls around cardholder data to reduce credit card fraud |
| /en/disaster-recovery-bcp | | Resilience, BCP & DR Business Continuity and Disaster Recovery |
| /en/salesforce-bcrs | | Salesforce BCRs Binding Corporate Rules for the Processing of European Personal Data |
| /en/soc-1 | | SOC 1 Type II report covering internal controls over financial reporting systems |
| /en/soc-2 | | SOC 2 Type II report covering Security, Availability, Integrity, Confidentiality, and Privacy |
| /en/soc-3 | | SOC 3 Public report of Security, Availability, Integrity, Confidentiality, and Privacy controls |
| /en/ens | | Spain Esquema Nacional de Seguridad (ENS) Set of security standards applied to service providers for servicing the Spanish Public Sector and government agenc... |
| /en/tisax | | TISAX A European information security assessment (ISA) for the automotive industry. |
| /en/txramp | | TX-RAMP Texas Risk and Authorization Management Program provides a stand approach for security assessment and authorization |
| /en/us-data-privacy-framework-dpf | | U.S. Data Privacy Framework (DPF) A framework for complying with EU, UK and Swiss privacy requirements |
| /en/wcag-21-aa | | WCAG 2.1 AA WCAG defines how to make web content more accessible to people with disabilities |
| https://www.salesforce.com/com... | New window External Subdomain | Legal |
| https://trailblazer.me/terms | New window External | Terms of Service |
| https://www.salesforce.com/com... | New window External Subdomain | Privacy Information |
| https://www.salesforce.com/com... | New window External Subdomain | Responsible Disclosure |
| https://trust.salesforce.com/ | New window External Subdomain | Trust |
| https://www.salesforce.com/for... | New window External Subdomain | Contact |
| https://www.salesforce.com/for... | New window External Subdomain | Your Privacy Choices |
Meta Title
(Nice to have)