Governmental logo

NIST 800-171

The National Institute of Standards and Technology (NIST), within the U.S. Department of Commerce, creates standards and guidelines pertaining to information security. NIST’s Special Publication 800-171 focuses on protecting the confidentiality of Controlled Unclassified Information (CUI) in non-federal information systems and organizations, and defines security requirements to achieve that objective. The security controls of NIST 800-171 can be mapped directly to NIST 800-53. This mapping is available on page D-2 of the publication NIST.SP.800-171.

The Google Cloud services below have undergone an independent third-party assessment that confirms our compliance with NIST 800-53 controls in scope for FedRAMP, which includes all requisite controls described in NIST 800-171.

Google Cloud services that are in scope for NIST 800-171 third party assessment

Admin SDK
Admin Settings API
Apps Email Audit API
Calendar Resource API
Directory API (replaced Provisioning API)
Domain Shared Contacts API
Email Settings API
Enterprise License Manager API
Groups Migration API
Groups Settings
Reports API
Reseller API
Chrome Sync (for G Suite for Education domains only)
Contacts
Directory Sync
Docs APIs
Apps Activity API
Calendar API
Contacts API
Drive REST API (replaced Documents List API)
Gmail REST API (replaced Email Migration API)
Sheets API
Sites API
Tasks API
Drawings
Google Tasks
Groups for Business
Hangouts Classic
Sites Classic

Relevant products & services