Standards, regulations & certifications

To help you with compliance and reporting, we share information, best practices, and easy access to documentation. Our products regularly undergo independent verification of security, privacy, and compliance controls, achieving certifications against global standards to earn your trust. We're constantly working to expand our coverage.

This site contains information about Google's certifications and compliance standards it satisfies as well as general information about certain region or sector-specific regulations.

NIST 800-53

Security and privacy requirements for United States Federal information systems.

National Institute of Standards and Technology Special Publication 800-53 (Rev 4) was released in April 2013. This publication has been developed by NIST to further its statutory responsibilities under the Federal Information Security Management Act (FISMA), Public Law (P.L.) 107-347. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems.

The services below have undergone an independent third party assessment that confirmed the services are operating in compliance with NIST 800-53 controls. The attestation letter can be found here.

The list of services covered include:

G Suite Editions
G Suite Services
Google Cloud Platform services: