Skip to main content

Accessing compliance reports for your organization

You can access GitHub's compliance reports, such as our SOC reports and Cloud Security Alliance CAIQ self-assessment (CSA CAIQ), for your organization.

Organization owners can access compliance reports for the organization.

About GitHub's compliance reports

You can access GitHub's compliance reports in your organization settings.

  • SOC 1, Type 2
  • SOC 2, Type 2
  • Cloud Security Alliance CAIQ self-assessment (CSA CAIQ)
  • ISO/IEC 27001:2013 certification
  • GitHub.com Services Continuity and Incident Management Plan

Note: To view compliance reports, your organization must use GitHub Enterprise Cloud. For more information about how you can try GitHub Enterprise Cloud for free, see "Setting up a trial of GitHub Enterprise Cloud."

Accessing compliance reports for your organization

  1. In the top right corner of GitHub.com, click your profile photo, then click Your organizations. Your organizations in the profile menu

  2. Next to the organization, click Settings. The settings button

  3. In the "Security" section of the sidebar, click Authentication security.

  4. Under "Compliance reports", to the right of the report you want to access, click Download or View.

    Screenshot of download button to the right of a compliance report

Further reading