Government and public sector logo

U.S. | Government and public sector

NIST SP 800-53

The National Institute of Standards and Technology (NIST), within the U.S. Department of Commerce, creates standards and guidelines pertaining to information security. NIST developed Special Publication 800-53 (NIST SP 800-53) to build on statutory responsibilities laid out in the Federal Information Security Management Act (FISMA), Public Law (P.L.) 107-347, which is a federal law that requires U.S. government agencies to create, review, and report on agency-wide practices that prioritize information security. NIST 800-53 mandates specific security and privacy controls required for federal government and critical infrastructure.

Through an independent, third-party assessment, Google Cloud has received an attestation letter confirming that a subset of our Google Cloud and Google Workspace services are operating in compliance with NIST SP 800-53 controls.

Google Cloud services that are in scope for NIST SP 800-53

For a complete list of products in scope for NIST SP 800-53, kindly refer to the Google Cloud FedRAMP Compliance Card.

NIST 800-171

Learn more


Learn more