ISO/IEC logo

Global | All industries

ISO/IEC 27018

The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies.

ISO/IEC 27018 relates to one of the most critical components of cloud privacy: the protection of personally identifiable information (PII). This standard focuses in two ways on security controls for public-cloud service providers that process PII:

  • Builds upon existing ISO/IEC 27002 controls by adding specific items for cloud privacy
  • Provides entirely new security controls for personal data

Google Cloud, Google Workspace, Chrome, and Apigee are certified as ISO/IEC 27018 compliant.

Google Cloud, Google Workspace, and Apigee ISO 27018 certificates may be requested via the Compliance Reports Manager. Potential customers can reach out to sales for more information.


Google Cloud services that are in scope for ISO/IEC 27018

Chronicle (Security) and Threat Intelligence for Chronicle are covered by the Chronicle terms of service.

Where we are simplifying the name of our service, we have also included its former name in parentheses.

* Indicates that the scope of this certification applies to this offering where Google acts as a processor of Service Data (in addition to Google acting as a processor of Customer Data). Google’s processing of Service Data as a processor is subject to agreement with relevant enterprise customers of this offering.

ISO/IEC 27001

Learn more

ISO/IEC 27017

Learn more