Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	We devote significant resources to our security program that we believe is reasonably designed to mitigate our cybersecurity and information technology risk. We believe our cybersecurity program is reasonably designed to protect our information systems, software, networks, and other assets against, and mitigate the effects of cybersecurity incidents where unauthorized parties attempt, among other things, to disrupt or degrade service or our operations; misuse or abuse technology and information systems; make unauthorized disclosure of data; or otherwise cause harm to the Company, our customers, suppliers, or dealers, or other key stakeholders. We employ capabilities, processes, and other security measures we believe are reasonably designed to reduce and mitigate these risks, and have requirements for our suppliers and service providers to do the same. Despite having thorough due diligence, onboarding, and cybersecurity assessment processes in place for our suppliers and service providers, the responsibility ultimately rests with those parties to establish and maintain their respective cybersecurity programs. Our ability to monitor the cybersecurity practices of third parties is limited and there can be no assurance that we can prevent or mitigate the risk of any compromise or failure in the information systems, software, networks, and other assets owned or controlled by each of them. When we become aware that a supplier or service provider’s cybersecurity has been compromised, we attempt to mitigate the risk to the Company, including, if appropriate and feasible, by terminating the supplier’s connection to our information systems. In an effort to effectively prevent, detect, and respond to cybersecurity threats, we employ a multi-layered cybersecurity risk management program supervised by our Chief Information Security Officer, whose team is responsible for leading enterprise-wide cybersecurity strategy, policy, architecture, and processes. This responsibility includes identifying, considering, and assessing potentially material cybersecurity incidents on an ongoing basis, establishing processes designed to prevent and monitor potential cybersecurity risks, implementing mitigation and remedial measures, and maintaining our cybersecurity program. Our program is informed by and designed to comply with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). Our program leverages both internal and external techniques and expertise. Internally, we perform penetration tests, internal tests/code reviews, and red team exercises, among other things, to evaluate aspects of our cybersecurity program. We also perform phishing and social engineering simulations with, and provide cybersecurity training for, personnel with Company email and access to Company assets, and regularly circulate security awareness newsletters to employees. Externally, we monitor notifications from the U.S. Computer Emergency Readiness Team (“CERT”) and various Information Sharing and Analysis Centers (each an “ISAC”); review customer, media, and third-party cybersecurity reports; and operate a bug bounty program. Our cybersecurity program also includes disaster recovery and incident response plans, including a ransomware response plan which is regularly tested and evaluated in tabletop simulations. The Company’s global cybersecurity incident response is also overseen by our Chief Information Security Officer. Our Chief Information Security Officer has served in that role for over 7 years and has over a decade of engineering and operations expertise with cybersecurity technologies and services. Our Chief Information Security Officer reports to our Chief Enterprise Technology Officer who has spent over two decades managing cybersecurity risks as a leader at enterprise software and Fortune 50 companies. Our Chief Enterprise Technology Officer reports directly to our Chief Executive Officer. When a cybersecurity threat or incident is identified, our policy is to review and triage the threat or incident, and to then manage it to conclusion in accordance with our cybersecurity incident response processes. When a cybersecurity incident is determined to be significant, it is addressed by management committees using processes that leverage subject-matter expertise from across the Company. Further, we have in the past and may in the future engage with third-party advisors and government and law enforcement agencies as part of our incident management processes. All cybersecurity incidents that are identified as reasonably having the potential to be highly significant to the Company are brought to the attention of both the Chief Enterprise Technology Officer and Chief Policy Officer and General Counsel by the Chief Information Security Officer as part of our cybersecurity incident response processes.
Cybersecurity Risk Management Processes Integrated [Text Block]	Cybersecurity risk identification, assessment, and management are integrated into our overall enterprise risk management program. As part of its enterprise risk management efforts, the Board meets with senior management, including the executive leadership team, to assess and respond to critical business risks. These critical enterprise risks are assessed by senior management annually and discussed with the Board. Then each of the top risks are validated, prioritized, and assigned risk owners who are responsible to oversee risk assessment, develop and implement mitigation plans, and provide regular updates to the Board (and/or Board committee assigned to the risk). In this way, critical business risks, including cybersecurity risk, benefit from both top-down and bottom-up risk management efforts that we believe are reasonably designed to escalate key risk and control issues to senior management and the Board. As a result of this enterprise risk management process, cybersecurity threats have been and continue to be identified as one of the Company’s critical business risks, with our Chief Enterprise Technology Officer and Chief Information Security Officer assigned as the executive risk owners. The Chief Enterprise Technology Officer and Chief Information Security Officer monitor the prevention, mitigation, detection, and remediation of cybersecurity incidents through their management of, and participation in, the cybersecurity risk management and strategy processes described above, including through the operation of the Company’s global cybersecurity incident response plans, which include provisions for escalation to the Chief Policy Officer and General Counsel, as well as the Board and its committees, as appropriate. As discussed below, the executive risk owners for cybersecurity risk report out to the Audit Committee and, in some cases, the Board, on a regular basis as part of our enterprise risk management process.
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]	In 2024, we did not identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition. For a discussion of whether and how cybersecurity incidents, ransomware attacks, and other disruptions to our operational information systems, security systems, vehicles, and services could reasonably be expected to affect the Company, including its business strategy, results of operations or financial condition, see our risk factors above in Item 1A. generally and, in particular, “Operational information systems, security systems, vehicles, and services could be affected by cybersecurity incidents, ransomware attacks, and other disruptions and impact Ford, Ford Credit, their suppliers, and dealers” on page 22.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board has delegated primary responsibility for the oversight of cybersecurity and information technology risks, and the Company’s preparedness for these risks, to the Audit Committee.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Board has delegated primary responsibility for the oversight of cybersecurity and information technology risks, and the Company’s preparedness for these risks, to the Audit Committee. As part of its oversight responsibilities, the Audit Committee receives regular updates on our cybersecurity practices as well as cybersecurity and information technology risks from our Chief Information Security Officer. These updates include topics related to cybersecurity practices, cyber risks, and risk management processes, such as updates to our cybersecurity programs and mitigation strategies, and other cybersecurity developments. In addition to these regular updates, as part of our incident response processes, the Chief Enterprise Technology Officer, in collaboration with the Chief Information Security Officer and Chief Policy Officer and General Counsel, provides updates on certain cybersecurity incidents to the Audit Committee and, in some cases, the Board. The Audit Committee reviews and provides input into and oversight of our cybersecurity processes, and in the event Ford determines it has experienced a material cybersecurity incident, the Audit Committee is notified about the incident in advance of filing a Current Report on Form 8-K.
Cybersecurity Risk Role of Management [Text Block]	The Chief Enterprise Technology Officer and Chief Information Security Officer monitor the prevention, mitigation, detection, and remediation of cybersecurity incidents through their management of, and participation in, the cybersecurity risk management and strategy processes described above, including through the operation of the Company’s global cybersecurity incident response plans, which include provisions for escalation to the Chief Policy Officer and General Counsel, as well as the Board and its committees, as appropriate.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The Company’s global cybersecurity incident response is also overseen by our Chief Information Security Officer. Our Chief Information Security Officer has served in that role for over 7 years and has over a decade of engineering and operations expertise with cybersecurity technologies and services. Our Chief Information Security Officer reports to our Chief Enterprise Technology Officer who has spent over two decades managing cybersecurity risks as a leader at enterprise software and Fortune 50 companies. Our Chief Enterprise Technology Officer reports directly to our Chief Executive Officer.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Chief Enterprise Technology Officer and Chief Information Security Officer monitor the prevention, mitigation, detection, and remediation of cybersecurity incidents through their management of, and participation in, the cybersecurity risk management and strategy processes described above, including through the operation of the Company’s global cybersecurity incident response plans, which include provisions for escalation to the Chief Policy Officer and General Counsel, as well as the Board and its committees, as appropriate.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We devote significant resources to our security program that we believe is reasonably designed to mitigate our cybersecurity and information technology risk. We believe our cybersecurity program is reasonably designed to protect our information systems, software, networks, and other assets against, and mitigate the effects of cybersecurity incidents where unauthorized parties attempt, among other things, to disrupt or degrade service or our operations; misuse or abuse technology and information systems; make unauthorized disclosure of data; or otherwise cause harm to the Company, our customers, suppliers, or dealers, or other key stakeholders. We employ capabilities, processes, and other security measures we believe are reasonably designed to reduce and mitigate these risks, and have requirements for our suppliers and service providers to do the same. Despite having thorough due diligence, onboarding, and cybersecurity assessment processes in place for our suppliers and service providers, the responsibility ultimately rests with those parties to establish and maintain their respective cybersecurity programs. Our ability to monitor the cybersecurity practices of third parties is limited and there can be no assurance that we can prevent or mitigate the risk of any compromise or failure in the information systems, software, networks, and other assets owned or controlled by each of them. When we become aware that a supplier or service provider’s cybersecurity has been compromised, we attempt to mitigate the risk to the Company, including, if appropriate and feasible, by terminating the supplier’s connection to our information systems.

In an effort to effectively prevent, detect, and respond to cybersecurity threats, we employ a multi-layered cybersecurity risk management program supervised by our Chief Information Security Officer, whose team is responsible for leading enterprise-wide cybersecurity strategy, policy, architecture, and processes. This responsibility includes identifying, considering, and assessing potentially material cybersecurity incidents on an ongoing basis, establishing processes designed to prevent and monitor potential cybersecurity risks, implementing mitigation and remedial measures, and maintaining our cybersecurity program. Our program is informed by and designed to comply with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF). Our program leverages both internal and external techniques and expertise. Internally, we perform penetration tests, internal tests/code reviews, and red team exercises, among other things, to evaluate aspects of our cybersecurity program. We also perform phishing and social engineering simulations with, and provide cybersecurity training for, personnel with Company email and access to Company assets, and regularly circulate security awareness newsletters to employees. Externally, we monitor notifications from the U.S. Computer Emergency Readiness Team (“CERT”) and various Information Sharing and Analysis Centers (each an “ISAC”); review customer, media, and third-party cybersecurity reports; and operate a bug bounty program. Our cybersecurity program also includes disaster recovery and incident response plans, including a ransomware response plan which is regularly tested and evaluated in tabletop simulations.

The Company’s global cybersecurity incident response is also overseen by our Chief Information Security Officer. Our Chief Information Security Officer has served in that role for over 7 years and has over a decade of engineering and operations expertise with cybersecurity technologies and services. Our Chief Information Security Officer reports to our Chief Enterprise Technology Officer who has spent over two decades managing cybersecurity risks as a leader at enterprise software and Fortune 50 companies. Our Chief Enterprise Technology Officer reports directly to our Chief Executive Officer.

When a cybersecurity threat or incident is identified, our policy is to review and triage the threat or incident, and to then manage it to conclusion in accordance with our cybersecurity incident response processes. When a cybersecurity incident is determined to be significant, it is addressed by management committees using processes that leverage subject-matter expertise from across the Company. Further, we have in the past and may in the future engage with third-party advisors and government and law enforcement agencies as part of our incident management processes. All cybersecurity incidents that are identified as reasonably having the potential to be highly significant to the Company are brought to the attention of both the Chief Enterprise Technology Officer and Chief Policy Officer and General Counsel by the Chief Information Security Officer as part of our cybersecurity incident response processes.

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity risk identification, assessment, and management are integrated into our overall enterprise risk management program. As part of its enterprise risk management efforts, the Board meets with senior management, including the executive leadership team, to assess and respond to critical business risks. These critical enterprise risks are assessed by senior management annually and discussed with the Board. Then each of the top risks are validated, prioritized, and assigned risk owners who are responsible to oversee risk assessment, develop and implement mitigation plans, and provide regular updates to the Board (and/or Board committee assigned to the risk). In this way, critical business risks, including cybersecurity risk, benefit from both top-down and bottom-up risk management efforts that we believe are reasonably designed to escalate key risk and control issues to senior management and the Board.

As a result of this enterprise risk management process, cybersecurity threats have been and continue to be identified as one of the Company’s critical business risks, with our Chief Enterprise Technology Officer and Chief Information Security Officer assigned as the executive risk owners. The Chief Enterprise Technology Officer and Chief Information Security Officer monitor the prevention, mitigation, detection, and remediation of cybersecurity incidents through their management of, and participation in, the cybersecurity risk management and strategy processes described above, including through the operation of the Company’s global cybersecurity incident response plans, which include provisions for escalation to the Chief Policy Officer and General Counsel, as well as the Board and its committees, as appropriate. As discussed below, the executive risk owners for cybersecurity risk report out to the Audit Committee and, in some cases, the Board, on a regular basis as part of our enterprise risk management process.

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Text Block]

In 2024, we did not identify any cybersecurity threats that have materially affected or are reasonably likely to materially affect our business strategy, results of operations, or financial condition. For a discussion of whether and how cybersecurity incidents, ransomware attacks, and other disruptions to our operational information systems, security systems, vehicles, and services could reasonably be expected to affect the Company, including its business strategy, results of operations or financial condition, see our risk factors above in Item 1A. generally and, in particular, “Operational information systems, security systems, vehicles, and services could be affected by cybersecurity incidents, ransomware attacks, and other disruptions and impact Ford, Ford Credit, their suppliers, and dealers” on page 22.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board has delegated primary responsibility for the oversight of cybersecurity and information technology risks, and the Company’s preparedness for these risks, to the Audit Committee.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Board has delegated primary responsibility for the oversight of cybersecurity and information technology risks, and the Company’s preparedness for these risks, to the Audit Committee. As part of its oversight responsibilities, the Audit Committee receives regular updates on our cybersecurity practices as well as cybersecurity and information technology risks from our Chief Information Security Officer. These updates include topics related to cybersecurity practices, cyber risks, and risk management processes, such as updates to our cybersecurity programs and mitigation strategies, and other cybersecurity developments. In addition to these regular updates, as part of our incident response processes, the Chief Enterprise Technology Officer, in collaboration with the Chief Information Security Officer and Chief Policy Officer and General Counsel, provides updates on certain cybersecurity incidents to the Audit Committee and, in some cases, the Board. The Audit Committee reviews and provides input into and oversight of our cybersecurity processes, and in the event Ford determines it has experienced a material cybersecurity incident, the Audit Committee is notified about the incident in advance of filing a Current Report on Form 8-K.

Cybersecurity Risk Role of Management [Text Block]

The Chief Enterprise Technology Officer and Chief Information Security Officer monitor the prevention, mitigation, detection, and remediation of cybersecurity incidents through their management of, and participation in, the cybersecurity risk management and strategy processes described above, including through the operation of the Company’s global cybersecurity incident response plans, which include provisions for escalation to the Chief Policy Officer and General Counsel, as well as the Board and its committees, as appropriate.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true