Government and public sector logo

U.S. | Government and public sector

NIST SP 800-171

The National Institute of Standards and Technology (NIST), within the U.S. Department of Commerce, creates standards and guidelines pertaining to information security. NIST’s Special Publication 800-171 focuses on protecting the confidentiality of Controlled Unclassified Information (CUI) in non-federal information systems and organizations, and defines security requirements to achieve that objective. The security controls of NIST 800-171 can be mapped directly to NIST 800-53. This mapping is available on page D-2 of the publication NIST.SP.800-171.

The Google Cloud services below have undergone an independent third-party assessment that confirms our compliance with NIST 800-53 controls in scope for FedRAMP, which includes all requisite controls described in NIST 800-171.

Google Cloud services that are in scope for NIST 800-171 third party assessment


Learn more

NIST 800-53

Learn more

NIST 800-34

Learn more