Salesforce ComplianceSalesforce / Trust
Compliance engineered for the Cloud
Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.

ISO/IEC 27017:2015 Certificate

ISO 27017 Agentforce & Einstein Platform B2C Commerce / Commerce Cloud (Hyperforce) Data Cloud General (not service specific) Heroku Marketing Cloud - Account Engagement Marketing Cloud - Advertising Marketing Cloud - Engagement (Hyperforce) Marketing Cloud - Growth Marketing Cloud - Intelligence MuleSoft Quip Salesforce Government Cloud Plus Salesforce Government Cloud Plus - Defense Salesforce Professional Services Salesforce Services (First Party) Salesforce Services (Hyperforce) Tableau Cloud Tableau Next

ISO 27017 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO 27002 and ISO 27001 standards. This code of practice provides additional information security controls implementation guidance specific to cloud service providers. The standard advises both cloud service customers and cloud service providers, with the primary guidance laid out side-by-side in each section.
Latest version
Covers period 2025-07-17 through 2027-01-27
Last updated on 2025-07-23