Zuletzt geändert am 21. Juli 2025 | Vorherige Versionen
Großgeschriebene Begriffe haben die in der jeweiligen Vereinbarung zwischen Kunde oder Partner und Google angegebene Bedeutung.
Die folgenden Dienste unterliegen mindestens einem der folgenden Punkte: Zertifizierung von Google nach ISO 27001, Zertifizierung nach ISO 27017, Zertifizierung nach ISO 27018, PCI-DSS-Zertifizierung, SOC 1-Bericht, SOC 2-Bericht und SOC 3-Bericht sowie dem Penetrationstestbericht. Durch done in der nachfolgenden Tabelle wird angezeigt, dass der Dienst (Zeile) in den Bereich der angegebenen Zertifizierung oder des Berichts fällt (Spalte).
| Dienst | Zertifizierungen nach ISO 27001, 27017, 27018 | SOC 1-, 2-, 3-Bericht | PCI-DSS-Zertifizierung | Penetrationstests |
|---|---|---|---|---|
| Zugriffsgenehmigung | done | done | done | done |
| Access Context Manager | done | done | done | done |
| Access Transparency | done | done | done | done |
| Agent Assist | done | done | done | |
| AI Platform Data Labeling | done | done | done | done |
| AI Platform Neural Architecture Search (NAS) | done | done | done | |
| AI Platform Training und Prediction | done | done | done | done |
| AlloyDB | done | done | done | |
| Anthos Identity Service (AIS) | done | done | done | |
| Anthos on AWS | done (nur ISO 27001) | |||
| Anthos on Azure | done (nur ISO 27001) | |||
| Anti-Money Laundering AI | done (nur ISO 27001) | done | ||
| API Gateway | done | done | done | done |
| Apigee | done | done | done | done |
| App Engine | done | done | done | done |
| Artifact Registry | done | done | done | done |
| Assured Workloads für Behörden | done | done | done | done |
| AutoML Natural Language | done | done | done | done |
| AutoML Tables | done | done | done | done |
| AutoML Translation | done | done | done | done |
| AutoML Video | done | done | done | done |
| AutoML Vision | done | done | done | done |
| Backup for GKE | done | done | done | done |
| Bare-Metal-Lösung | done | done | done | done |
| Batch | done | done | done | done |
| BeyondCorp Enterprise | done | done | done | done |
| BigQuery | done | done | done | done |
| BigQuery Data Transfer Service | done | done | done | done |
| Bigtable | done | done | done | done |
| Binärautorisierung | done | done | done | done |
| Certificate Authority Service | done | done | done | done |
| Cloud Asset Inventory | done | done | done | done |
| Cloud Billing | done | done | done | done |
| Cloud Build | done | done | done | done |
| Cloud CDN | done | done | done | done |
| Cloud Composer | done | done | done | done |
| Cloud Console | done | done | done | done |
| Cloud Console App | done | done | done | done |
| Cloud Data Fusion | done | done | done | done |
| Cloud Deployment Manager | done | done | done | done |
| Cloud DNS | done | done | done | done |
| Cloud Endpoints | done | done | done | done |
| Cloud External Key Manager (Cloud EKM) | done | done | done | done |
| Cloud Filestore | done | done | done | done |
| Cloud Firewall | done (nur ISO 27001) | done | done | |
| Cloud Functions | done | done | done | done |
| Cloud Functions for Firebase | done | done | done | done |
| Cloud Healthcare | done | done | done | done |
| Cloud HSM | done | done | done | done |
| Cloud IDS | done | done | done | done |
| Cloud Interconnect | done | done | done | done |
| Cloud Key Management Service | done | done | done | done |
| Cloud Life Sciences | done | done | done | done |
| Cloud Load Balancing | done | done | done | done |
| Cloud Logging | done | done | done | done |
| Cloud Monitoring | done | done | done | done |
| Cloud NAT (Network Address Translation) | done | done | done | done |
| Cloud Natural Language API | done | done | done | done |
| Cloud Profiler | done | done | done | done |
| Cloud Router | done | done | done | done |
| Cloud Run | done | done | done | done |
| Cloud Run for Anthos | done | done | done | done |
| Cloud Scheduler | done | done | done | done |
| Cloud SDK | done | done | done | done |
| Cloud Shell | done | done | done | done |
| Cloud Source Repositories | done | done | done | done |
| Cloud Speaker ID | done | done | done | done |
| Cloud SQL | done | done | done | done |
| Cloud Storage | done | done | done | done |
| Cloud Storage for Firebase | done | done | done | done |
| Cloud Tasks | done | done | done | done |
| Cloud Trace | done | done | done | done |
| Cloud Translation | done | done | done | done |
| Cloud Vision | done | done | done | done |
| Cloud VPN | done | done | done | done |
| Cloud Workstations | done (nur ISO 27001) | done | done | done |
| Compute Engine | done | done | done | done |
| Config Management | done | done | done | done |
| Connect | done | done | done | done |
| Contact Center AI | done | done | done | done |
| Container Registry | done | done | done | done |
| Cyber Insurance Hub | done | done | done | done |
| Data Catalog | done | done | done | done |
| Database Migration Service | done | done | done | done |
| Dataflow | done | done | done | done |
| Dataform | done (nur ISO 27001) | done | done | done |
| Dataplex | done | done | done | done |
| Dataproc | done | done | done | done |
| Dataproc Metastore | done | done | done | |
| Datastore | done | done | done | done |
| DataStream | done | done | done | done |
| Dialogflow | done | done | done | done |
| Discovery-Lösungen: | done | done | ||
| Document AI | done | done | done | done |
| Document AI Warehouse | done | done | done | done |
| Earth Engine | done (nur ISO 27001) | done | done | |
| Eventarc | done | done | done | done |
| Firebase App Check | done (nur ISO 27001) | done | done | |
| Firebase Authentication | done | done | done | done |
| Firebase Test Lab | done | done | done | |
| Firestore | done | done | done | done |
| GCVE | done | done | done | |
| Gemini für Google Cloud | done | done | ||
| Generative AI on Vertex AI (früher Unterstützung von generativer KI in Vertex AI) | done | done | ||
| Google Cloud Armor | done | done | done | done |
| Google Cloud Deploy | done | done | done | done |
| Google Cloud Identity-Aware Proxy | done | done | done | done |
| Google Cloud Marketplace | done | done | done | done |
| Google Distributed Cloud Connected | done (nur ISO 27001) | done (nur SOC 2) | done | |
| Google Kubernetes Engine | done | done | done | done |
| Healthcare Data Engine (HDE) | done | done | done | |
| Hub | done | done | done | done |
| Identity & Access Management (IAM) | done | done | done | done |
| Identity Platform | done | done | done | done |
| Insights | done | done | done | done |
| IoT Core | done | done | done | done |
| Key Access Justifications (Access Sovereignty) | done | done | done | done |
| Looker (Google Cloud Core) | done | done | done | done |
| Looker Studio | done | done | done | done |
| Managed Service for Microsoft Active Directory (AD) | done | done | done | done |
| Memorystore | done | done | done | done |
| Migrate to Virtual Machines | done | done | ||
| Migration Center | done | done | done | |
| Network Connectivity Center | done | done | done | |
| Network Intelligence Center | done | done | done | done |
| Netzwerkdienststufen | done | done | done | done |
| Persistent Disk | done | done | done | done |
| Pub/Sub | done | done | done | done |
| reCAPTCHA Enterprise | done | done | done | done |
| Recommendations AI | done | done | ||
| Recommender | done | done | done | done |
| Resource Manager API | done | done | done | done |
| Retail Search | done | done | ||
| Secret Manager | done | done | done | done |
| Security Command Center | done | done | done | done |
| Sensitive Data Protection | done | done | done | done |
| Service Directory | done | done | done | done |
| Service Infrastructure | done | done | done | done |
| Spanner | done | done | done | done |
| Spectrum Access System | done | done | done | |
| Speech-to-Text | done | done | done | done |
| Storage Transfer Service | done | done | done | done |
| Tables | done(nur ISO 27001) | done | ||
| Talent Solution | done | done | done | done |
| Text-to-Speech | done | done | done | done |
| Traffic Director | done | done | done | done |
| Transcoder API | done | done | ||
| Transfer Appliance | done(nur ISO 27001) | done | done | |
| Vertex AI Conversation (früher Generative AI App Builder) | done | done | ||
| Vertex AI Platform (früher Vertex AI) | done | done | done | done |
| Vertex AI Search (früher Gen App Builder – Enterprise Search) | done | done | done | |
| Video Intelligence API | done | done | done | done |
| Virtual Private Cloud | done | done | done | done |
| VirusTotal | done(nur ISO 27001) | done | done | |
| VPC Service Controls | done | done | done | done |
| Web Risk API | done | done | done | done |
| Workflows | done | done | done | done |
| Arbeitslastmanager | done | done | done | |
| BigQuery Omni | done | done | done | done |
| Media CDN | done (nur ISO 27001) | done | ||
| Anthos Clusters on Bare Metal | done | |||
| Anthos Clusters on VMware | done | |||
| Anthos Identity Service – Software | done(nur ISO 27001) | |||
| Binärautorisierung – Software | done(nur ISO 27001) | |||
| Cloud Logging – Software | done(nur ISO 27001) | |||
| Cloud Monitoring – Software | done(nur ISO 27001) | |||
| Cloud Run for Anthos – Software | done(nur ISO 27001) | |||
| Config Management – Software | done(nur ISO 27001) | |||
| Connect – Software: | done(nur ISO 27001) | |||
| Migrate to Containers | done | |||
| Service Mesh – Software | done(nur ISO 27001) |
Google Workspace- und Cloud Identity-Dienste, die unter das Complianceprogramm fallen
Die Begriffe haben die in der jeweiligen Vereinbarung zwischen dem Kunden und Google angegebene Bedeutung.
Die folgenden Dienste unterliegen mindestens einem der folgenden Punkte: Zertifizierung von Google nach ISO 27001, Zertifizierung nach ISO 27017, Zertifizierung nach ISO 27018, SOC 1-Bericht, SOC 2-Bericht und SOC 3-Bericht sowie dem Penetrationstestbericht. Durch done in der nachfolgenden Tabelle wird angezeigt, dass der Dienst (Zeile) in den Bereich der angegebenen Zertifizierung oder des Berichts fällt (Spalte).
| Dienst | Zertifizierungen nach ISO 27001, 27017, 27018 | SOC 1-, 2-, 3-Bericht | Penetrationstests |
|---|---|---|---|
| Admin-Konsole | done | done | done |
| Alert Center API | done(nur ISO 27001) | done | done |
| Apps Email Audit API | done(nur ISO 27001) | done | done |
| Apps Script | done(nur ISO 27001) | done | done |
| AppSheet | done | done (nur SOC 2/3) | done |
| Tool „Aufgaben“ | done | done | done |
| Kalender | done | done | done |
| Calendar API | done(nur ISO 27001) | done | done |
| Classroom | done | done | done |
| Cloud Identity | done | done | done |
| Cloud Search | done | done | done |
| Kontakte | done | done | done |
| Data Transfer API | done(nur ISO 27001) | done | done |
| Directory API | done(nur ISO 27001) | done | done |
| Docs | done | done | done |
| Domain Shared Contacts API | done(nur ISO 27001) | done | done |
| Drive | done | done | done |
| Drive Activity API | done(nur ISO 27001) | done | done |
| Drive REST API | done(nur ISO 27001) | done | |
| Enterprise License Manager | done(nur ISO 27001) | done | |
| Formulare | done | done | done |
| Gmail | done | done | done |
| Gmail REST API | done(nur ISO 27001) | done | |
| Google Chat | done | done | done |
| Google Meet | done | done | done |
| Google Workspace Migrate | done | done | done |
| Groups | done | done | done |
| Groups Migration API | done(nur ISO 27001) | done | done |
| Groups Settings API | done(nur ISO 27001) | done | done |
| Notizen | done | done | done |
| Mobilgeräteverwaltung | done | done | done |
| People API | done(nur ISO 27001) | done | |
| Reports API | done(nur ISO 27001) | done | done |
| Reseller API | done(nur ISO 27001) | done | done |
| SAML-basierte SSO API | done(nur ISO 27001) | done | done |
| Service Mesh | done | done | done |
| Sheets | done | done | done |
| Sheets API | done(nur ISO 27001) | done | |
| Sites | done | done | done |
| Präsentationen | done | done | done |
| Tasks | done | done | done |
| Tasks API | done(nur ISO 27001) | done | |
| Vault | done | done | done |
| Voice | done | done | done |
Andere Dienste, die unter das Complianceprogramm fallen
Großgeschriebene Begriffe haben die in der jeweiligen Vereinbarung zwischen Kunde oder Partner und Google angegebene Bedeutung.
Diese Dienste unterliegen mindestens einem der folgenden Punkte: Zertifizierung von Google nach ISO 27001, Zertifizierung nach ISO 27017, Zertifizierung nach ISO 27018, SOC 1-Bericht, SOC 2-Bericht und SOC 3-Bericht sowie dem Penetrationstestbericht. Durch done in der nachfolgenden Tabelle wird angezeigt, dass der Dienst (Zeile) in den Bereich der angegebenen Zertifizierung oder des Berichts fällt (Spalte).
| Dienst | Zertifizierungen nach ISO 27001, 27017, 27018 | SOC 1-, 2-, 3-Bericht | Penetrationstests |
|---|---|---|---|
| Looker (Original) | done | done | done |
SecOps-Dienste, die unter das Compliance-Programm fallen
Die SecOps-Dienste, die unter mindestens eine der ISO 27001-, ISO 27017- und ISO 27018-Zertifizierungen von Google sowie die SOC 1-, SOC 2- und SOC 3-Berichte fallen, sind auf der Seite „SecOps-Dienste, die unter das Compliance-Programm fallen“ unter https://cloud.google.com/security/compliance/secops/services-in-scope separat aufgeführt.
Vorherige Versionen
- 3. Juli, 2025
- 1. Juli, 2025
- 4. April, 2025
- 30. Januar, 2025
- 5. September, 2024
- 4. September, 2024
- 25. März, 2024
- 5. Februar, 2024
- 8. Januar, 2024
- 12. Oktober, 2023
- 25. September, 2023
- 22. September 2023
- 11. September 2023
- 13. Juli 2023
- 14. Juni 2023
- 7. Juni, 2023
- 9. Mai, 2023
- 6. Januar, 2023
- 18. Oktober, 2022
- 11. Oktober, 2022
- 19. September, 2022
- 17. August, 2022
- 19. Juli, 2022
- 24. Februar, 2022
- 2. February, 2022
- 13. Dezember, 2021
- 6. Oktober, 2021
- 13. April, 2021
- 27. Januar, 2021
- 1. Dezember, 2020
- 20. Juli, 2020
- 23. Juni, 2020
- 3. April, 2020
- 14. Februar, 2020
- 30. Januar, 2020
- 13. Januar, 2020
- 9. April, 2019
- 16. Januar, 2019
- 11. Dezember, 2018
- 13. November, 2017
- 20. Juli, 2017
- 14. Juni, 2017