You can access GitHub's compliance reports in your enterprise settings.
- SOC 1, Type 2
- SOC 2, Type 2
- Cloud Security Alliance CAIQ self-assessment (CSA CAIQ)
- ISO/IEC 27001:2013 certification
- GitHub.com Services Continuity and Incident Management Plan
In the top-right corner of GitHub.com, click your profile photo, then click Your enterprises.
In the list of enterprises, click the enterprise you want to view.
In the enterprise account sidebar, click Compliance.
Under "Resources", to the right of the report you want to access, click Download or View.