You can access GitHub's compliance reports in your organization settings.
- SOC 1, Type 2
- SOC 2, Type 2
- Cloud Security Alliance CAIQ self-assessment (CSA CAIQ)
- ISO/IEC 27001:2013 certification
- GitHub.com Services Continuity and Incident Management Plan
Note: To view compliance reports, your organization must use GitHub Enterprise Cloud. For more information about how you can try GitHub Enterprise Cloud for free, see "Setting up a trial of GitHub Enterprise Cloud."
In the top right corner of GitHub.com, click your profile photo, then click Your organizations.
Next to the organization, click Settings.
In the "Security" section of the sidebar, click Authentication security.
Under "Compliance reports", to the right of the report you want to access, click Download or View.