Global | All industries
ISO/IEC 27001
The International Organization for Standardization (ISO) is an independent, non-governmental international organization with an international membership of 163 national standards bodies. The ISO/IEC 27000 family of standards helps organizations keep their information assets secure.
ISO/IEC 27001:2022 outlines and provides the requirements for an information security management system (ISMS), specifies a set of best practices, and details the security controls that can help manage information risks.
Google Cloud Platform, Google Workspace, Apigee and our Common Infrastructure are certified as ISO/IEC 27001:2022 compliant. The 27001 standard does not mandate specific information security controls, but the framework and checklist of controls it lays out allow Google to ensure a comprehensive and continually improving model for security management.
Google Cloud, Google Workspace, and Apigee ISO/IEC 27001 certificates may be requested using the Compliance Reports Manager. Potential customers can reach out to sales for more information.
Google Cloud services that are in scope for ISO/IEC 27001
Chronicle SIEM and Google Cloud Threat Intelligence
for Chronicle are covered by the
SecOps Services Agreement.
* Indicates that the scope of this certification
applies to this offering where Google acts as a
processor of Service Data (in addition to Google
acting as a processor of Customer Data). Google’s
processing of Service Data as a processor is subject
to agreement with relevant enterprise customers of
this offering.
Related offerings
ISO/IEC 27017
ISO/IEC 27018