Accessing compliance reports for your organization

You can access GitHub's compliance reports, such as our SOC reports and Cloud Security Alliance CAIQ self-assessment (CSA CAIQ), for your organization.

Who can use this feature?

Organization owners can access compliance reports for the organization.

In this article

About GitHub's compliance reports

You can access GitHub's compliance reports in your organization settings.

  • SOC 3
  • Cloud Security Alliance CAIQ self-assessment (CSA CAIQ - Level 1)
  • ISO/IEC 27001:2022 certification

Accessing compliance reports for your organization

  1. In the upper-right corner of GitHub, click your profile picture, then click Organizations.

  2. Select an organization by clicking on it.

  3. Under your organization name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of the tabs in an organization's profile. The "Settings" tab is outlined in dark orange.

  4. In the "Security" section of the sidebar, click Compliance.

  5. To the right of the report you want to access, click Download or View.

    Screenshot of the "Resources" section of the "Compliance" page. Next to a report, a button, labeled "Download," is outlined in orange.