The International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies.
ISO/IEC 27701 is a global privacy standard that focuses on the collection and processing of personally identifiable information (PII). This standard was developed to help organizations comply with international privacy frameworks and laws, and focuses on three main factors :
- Extends the requirements of ISO/IEC 27001 and ISO/IEC 27002 to include data privacy;
- Provides a framework for implementing, maintaining, and continuously improving a Privacy Information Management System (PIMS);
- Includes requirements and guidance for organizations acting as PII controllers and PII processors.
Google Cloud Platform and Google Workspace have received an accredited ISO/IEC 27701 certification as a PII processor after undergoing an audit by an independent third party.
Is Google Cloud Platform certified for ISO/IEC 27701? If so, can I get a copy of the certificate?
We have obtained an accredited ISO/IEC 27701 certificate for GCP. In order to get a copy of the certificate, visit the Related Documentation section of this page.
Is Google Workspace certified for ISO/IEC 27701? If so, can I get a copy of the certificate?
We have obtained an accredited ISO/IEC 27701 certificate for Google Workspace. In order to get a copy of the certificate, visit the Related Documentation section of this page.
How can I use the Google Cloud Platform and/or Google Workspace certification for my own organization’s compliance efforts?
Our accredited certification demonstrates Google Cloud’s long-standing commitment to privacy and providing the most trusted experience for our customers. By meeting the rigorous standards outlined by ISO/IEC 27701, Google Cloud customers can leverage the many benefits our certification, including:
A universal set of privacy controls, verified by a trusted third party in accordance with the requirements of their accreditation body, that can serve as a solid foundation for the implementation of a privacy program
The ability to rely on Google Cloud Platform's accredited ISO/IEC 27701 certification in your own compliance efforts
Reduced time and expense for both internal and third-party auditors, who can now demonstrate compliance with several privacy objectives within a single audit cycle
Greater clarity on privacy-related roles and responsibilities, which can facilitate efforts to comply with privacy regulations such as GDPR