Salesforce maintains a comprehensive set of compliance certifications and attestations to validate our #1 value of Trust.
ISO Statement of Applicability - V2.8 (French)
ISO 27017 provides guidance on the information security aspects of cloud computing, recommending the implementation of cloud-specific information security controls that supplement the guidance of the ISO 27002 and ISO 27001 standards. This code of practice provides additional information security controls implementation guidance specific to cloud service providers. The standard advises both cloud service customers and cloud service providers, with the primary guidance laid out side-by-side in each section.