What security measure would you look for in a SaaS company? If the company were an international company, what questions would you have before signing a contract?

In 1987, Adrian Di Marco started Technology One in Brisbane, Australia. Today, Technology One has over 1,200 employees $50 million  in innovation. In 2017 Adrian Di Marco stepped down and Edward Chung was appointed the new CEO. Technology One is a provider of global SaaS enterprise solutions for many industries throughout Australia, the United Kingdom, Indonesia and Vietnam.

What security measure would you look for in a SaaS company? If the company were an international company, what questions would you have before signing a contract? Are there specific regulations to look for based on having a cloud-based system or data storage that must be addressed?