Global | ALL INDUSTRIES

ISO/IEC 27017

The International Organization for Standardization (ISO) is an independent, non-governmental organization with an international membership of 163 national standards bodies.

The ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

Additional implementation guidance for relevant controls specified in ISO/IEC 27002
Additional controls with implementation guidance that specifically relate to cloud services

This standard provides controls and implementation guidance for both cloud service providers like Google and our cloud service customers.

ISO/IEC 27017 provides cloud-based guidance on 37 ISO/IEC 27002 controls, along with seven new cloud controls that address:

Who is responsible for what between the cloud service provider and the cloud customer
The removal/return of assets when a contract is terminated
Protection and separation of the customer’s virtual environment
Virtual machine configuration
Administrative operations and procedures associated with the cloud environment
Customer monitoring of activity within the cloud
Virtual and cloud network environment alignment

Google Cloud Platform, Google Workspace, Chrome, and Apigee are certified as ISO/IEC 27017 compliant.

GCP, Google Workspace, and Apigee ISO 27017 certificates may be requested via the Compliance Reports Manager. Potential customers can reach out to sales for more information.

Google Cloud services that are in scope for ISO/IEC 27017

Google Cloud Platform

Access Approval

Access Context Manager

Access Transparency

AI Platform

AI Platform Data Labeling

AI Platform Notebooks

AI Platform Training and Prediction

Anthos Config Management (ACM)

Anthos Service Mesh (ASM)

API Gateway

Apigee

App Engine

Artifact Registry

Assured Workloads for Government

AutoML Natural Language

AutoML Tables

AutoML Translation

AutoML Video

AutoML Vision

BeyondCorp Enterprise

BigQuery

BigQuery Data Transfer Service

Binary Authorization

Certificate Authority Service

Cloud Asset Inventory

Cloud Bigtable

Cloud Billing

Cloud Build

Cloud CDN

Cloud Composer

Cloud Console

Cloud Console App

Cloud Data Fusion

Cloud Data Loss Prevention

Cloud Debugger

Cloud Deployment Manager

Cloud DNS

Cloud Endpoints

Cloud External Key Manager (Cloud EKM)

Cloud Filestore

Cloud Functions

Cloud Functions for Firebase

Cloud Healthcare

Cloud HSM

Cloud Interconnect

Cloud Key Management Service

Cloud Life Sciences (formerly Google Genomics)

Cloud Load Balancing

Cloud Logging

Cloud Monitoring

Cloud NAT (Network Address Translation)

Cloud Natural Language API

Cloud Profiler

Cloud Router

Cloud Run

Cloud Run for Anthos

Cloud Scheduler

Cloud SDK

Cloud Shell

Cloud Source Repositories

Cloud Spanner

Cloud SQL

Cloud Storage

Cloud Storage for Firebase

Cloud Tasks

Cloud Trace

Cloud Translation

Cloud Vision

Cloud VPN

Compute Engine

Connect

Container Registry

Data Catalog

Database Migration Service

Dataflow

Datalab

Dataproc

Datastore

DataStream

Dialogflow

Document AI

Firebase Authentication

Firebase Test Lab

Firestore

Game Servers

GCP Marketplace

Google Cloud Armor

Google Cloud Identity-Aware Proxy

Google Kubernetes Engine

Hub

Identity & Access Management (IAM)

Identity Platform

IoT Core

Key Access Justification (Access Sovereignty)

Managed Service for Microsoft Active Directory (AD)

Memorystore

Network Intelligence Center

Network Service Tiers

Persistent Disk

Pub/Sub

reCAPTCHA Enterprise

Resource Manager API

Secret Manager

Security Command Center

Service Directory

Service Infrastructure

Speech-to-Text

Storage Transfer Service

Talent Solution

Text-to-Speech

Traffic Director

Video Intelligence API

Virtual Private Cloud

VPC Service Controls

Google Workspace

Admin Console

Assignments

Calendar

Classroom

Cloud Identity

Cloud Search

Contacts

Currents

Docs

Drive

Forms

Gmail

Google Chat

Google Meet

Groups

Hangouts

Jamboard

Keep

Mobile Device Management

Sheets

Sites

Slides

Tasks

Vault

Voice

Chrome

Chrome Sync

Chrome Services: Chrome Enterprise Upgrade, Chrome Education Upgrade, Chrome Nonprofit Upgrade, Chrome Kiosk, Chromebook Enterprise

Apigee

ISO/IEC 27001

Learn more

ISO/IEC 27018

Learn more

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Get started for free

Take the next step

Start your next project, explore interactive tutorials, and manage your account.

Contact sales

Learn security best practices
See our best practices
Solve common problems
Watch security use-case videos
Work with a partner
See our security partners

Learn security best practices
See our best practices
Solve common problems
Watch security use-case videos
Work with a partner
See our security partners

ISO/IEC 27017

Related documentation

Google Cloud services that are in scope for ISO/IEC 27017

Google Cloud Platform

Google Workspace

Chrome

Apigee

Quick links

Related offerings

ISO/IEC 27001

ISO/IEC 27018

Take the next step

Take the next step