Identity & Security

Google Cloud completes BSI C5 audit

Die deutsche Version ist hier: Google Cloud jetzt mit C5-Testat

At Google Cloud, we are committed to earning customer trust through transparency. That’s why we work diligently to provide our customers with the information they need to confidently assess the information security of our cloud services. As a part of our commitment to protecting the privacy and security of your information, we’re continuously achieving third-party verification against the rigorous standards that matter most to our customers across the globe.

Thus, we are pleased to announce that Google Cloud (G Suite and Google Cloud Platform) has completed a third party audit against the German Federal Office for Information Security’s Cloud Computing Compliance Controls Catalogue (commonly referred to as BSI C5), a standard developed in 2016 as a mechanism for assessing the information security of cloud services.

As Germany’s national cybersecurity authority, the BSI designed the C5 to set a baseline for cloud security, focusing on 17 security domains, including physical security, information security, identity and access management. The BSI C5 leverages internationally recognized security standards such as ISO 27001 and the Cloud Controls Matrix of the Cloud Security Alliance, a few of the many standards adopted by Google Cloud. You can learn more about the BSI C5 here.

By establishing a framework of trust between cloud customers and cloud providers, the BSI C5 enhances transparency by adding specific controls that cloud customers can use as part of their risk assessment. Google Cloud customers can use our BSI C5 report prepared by an independent auditor as part of their assessment of Google Cloud services. The BSI C5 audit report for Google Cloud Platform and G Suite, completed by an independent third party, is available to customers by request.

For more information on the standards, regulations, and certifications Google Cloud helps customers meet, please visit our Compliance site.