About GitHub's compliance reports
You can access GitHub's compliance reports in your organization settings.
- SOC 1, Type 2
- SOC 2, Type 2
- Cloud Security Alliance CAIQ self-assessment (CSA CAIQ - Level 1)
- ISO/IEC 27001:2013 certification
- ISO/IEC 27701:2019 (Processor) certification
- ISO/IEC 27018:2019 certification
- Cloud Security Alliance STAR certification (CSA STAR - Level 2)
- GitHub.com Services Continuity and Incident Management Plan
Accessing compliance reports for your organization
Note: To view compliance reports, your organization must use GitHub Enterprise Cloud. For more information about how you can try GitHub Enterprise Cloud for free, see "Setting up a trial of GitHub Enterprise Cloud."
If you are not using GitHub Enterprise Cloud, you can find similar reports at GitHub Security.
-
In the top right corner of GitHub.com, click your profile photo, then click Your organizations.
-
Next to the organization, click Settings.
-
In the "Security" section of the sidebar, click Compliance.
-
To the right of the report you want to access, click Download or View.