U.S. | Government and public sector
The National Institute of Standards and Technology (NIST),
within the U.S. Department of Commerce, creates standards
and guidelines pertaining to information security. NIST
developed Special Publication 800-53 (NIST SP 800-53) to
build on statutory responsibilities laid out in the Federal
Information Security Management Act (FISMA), Public Law
(P.L.) 107-347, which is a federal law that requires U.S.
government agencies to create, review, and report on
agency-wide practices that prioritize information security.
NIST 800-53 mandates specific security and privacy controls
required for federal government and critical infrastructure.
Through an independent, third-party assessment, Google
Cloud has received an attestation letter confirming that a
subset of our Google Cloud Platform and Google Workspace
services are operating in compliance with NIST 800-53