Standards, Regulations & Certifications

To help you with compliance and reporting, we share information, best practices, and easy access to documentation. Our products regularly undergo independent verification of security, privacy, and compliance controls, achieving certifications against global standards to earn your trust. We’re constantly working to expand our coverage.

Cloud Computing Compliance Controls Catalog (C5)

Information security of cloud services.

The Cloud Computing Compliance Controls Catalogue (C5) was developed by the German Federal Office for Information Security (BSI) as a mechanism for assessing the information security of cloud services. As an audit standard, C5 helps establish a framework of trust between cloud customers and cloud providers by leveraging internationally recognized security standards, such as ISO 27001.

In addition to setting a baseline for cloud security, C5 focuses on increasing the level of transparency by adding specific controls that cloud customers can use as part of their risk assessment.

Through an independent, third party audit, Google Cloud (G Suite and Google Cloud Platform) has achieved C5 attestation. Google Cloud customers can use the C5 attestation as verification of compliance and as part of their assessment for using Google Cloud services. The C5 attestation for Google Cloud Platform and G Suite can be requested by contacting your Field Sales Representative or the Google Support team.

The following Google Cloud Platform products are included under the C5 attestation:

Google Cloud Platform:
G Suite:
Additional Google Products:
Google Product APIs:
G Suite Admin SDK:
Supporting Services :
  • Gmail Delivery
  • Gmail Frontend / Middleware
  • Gmail Medley
  • Gmail Spam