Standards, Regulations & Certifications

To help you with compliance and reporting, we share information, best practices, and easy access to documentation. Our products regularly undergo independent verification of security, privacy, and compliance controls, achieving certifications against global standards to earn your trust. We’re constantly working to expand our coverage.

ISO 27001

Managing information risks.

The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies.

The ISO/IEC 27000 family of standards helps organizations keep information assets secure. ISO/IEC 27001 is a security standard that outlines and provides the requirements for an information security management system (ISMS). It specifies a set of best practices and details a list of security controls concerning the management of information risks.

While the 27001 standard does not mandate specific information security controls, the framework and checklist of controls it lays out allows Google to ensure a comprehensive and continually improving model for security management.

Google Cloud Platform, our Common Infrastructure, and G Suite are certified as ISO 27001 compliant.

Google Cloud services that are in scope for ISO 27001:

Google Cloud Platform:
G Suite:
Additional Google Products:
Google Product APIs:
G Suite Admin SDK:
Service / Dependency :
  • Gmail Delivery
  • Gmail Frontend / Middleware
  • Gmail Medley
  • Gmail Spam