U.S. | Government and public sector
The National Institute of Standards and Technology (NIST),
within the U.S. Department of Commerce, creates standards
and guidelines pertaining to information security.
NIST’s Special Publication 800-171 focuses
on protecting the confidentiality of Controlled Unclassified
Information (CUI) in non-federal information systems and
organizations, and defines security requirements to achieve
that objective. The security controls of NIST 800-171 can be
to NIST 800-53.
This mapping is available on
page D-2 of the publication NIST.SP.800-171.
The Google Cloud services below have undergone an
independent third-party assessment that confirms our
compliance with NIST 800-53 controls in scope for FedRAMP,
which includes all requisite controls described in NIST