Security logo

Global | All Industries

Standardized Information Gathering (SIG) Questionnaire

Shared Assessments SIG questionnaire allows organizations to build, customize, analyze, and store vendor assessments for managing third party risk.

Google Cloud aligns with Shared Assessments Standard Information Gathering (SIG) questionnaire and the Agreed Upon Procedures (AUP) with control documentation found in Google Cloud’s CSA STAR self-assessment along with a third-party assessment-based certification.

The Cloud Security Alliance Security, Trust, and Assurance Registry (STAR) allows CSPs to submit two components: the Cloud Controls Matrix (CCM) and the Consensus Assessments Initiative Questionnaire (CAIQ). The CCM maps to the Shared Assessments SIG v6.0 and AUP v5.0.

Google Cloud regularly updates and publishes a completed CAIQ and has achieved a third-party assessment-based certification (CSA STAR Level 2: Attestation) for Google Cloud Platform (GCP) and Google Workspace, resulting in a CSA Star SOC2+ report.


CSA STAR

Learn more

CyberGRX

Learn more

TruSight

Learn more