The Association of Banks in Singapore (“ABS”) established the Guidelines on Control Objectives and Procedures for Outsourced Service Providers, also called the “ABS Guidelines,” which provide information security guidelines for Outsourced Service Providers (“OSPs”) who wish to provide services to Financial Institutions (“FIs”) operating in Singapore. These guidelines form the minimum/baseline controls that OSPs that wish to offer services to FIs should have in place.
In order to demonstrate that an OSP meets the ABS Guidelines, it can undergo a third-party audit to receive an Outsourced Service Provider Audit Report (OSPAR) attestation. Obtaining an OSPAR attestation illustrates to an FI that an OSP’s controls are designed and operating effectively to meet the control objectives that are relevant in the provision of outsourced services and maintain the same level of governance, rigor, and consistency as if the services were still managed by the FIs themselves.
Google Cloud has obtained an OSPAR attestation for 75 Google Cloud Platform (GCP) products and 45 Google Workspace services. To obtain this report, Google Cloud worked diligently to document its controls against the ABS Guidelines, undergoing an audit by an independent third party.
The GCP and Google Workspace OSPAR attestations are available to our existing customers and may be requested via customer support. Navigate directly to the console for GCP and the contact center for Google Workspace. Potential customers can reach out to sales for more information.