Compliance - bobbae/gcp GitHub Wiki
GCP products regularly undergo independent verification of their security, privacy, and compliance controls, achieving certifications, attestations, and audit reports to demonstrate compliance. There are resource documents and mappings for compliance support when formal certifications or attestations may not be required or applied.
https://cloud.google.com/security/
https://cloud.google.com/security/compliance
Governance
Cloud Governance
Cloud governance is a set of practices that help ensure users operate in the cloud in ways that they want, that the operations are efficient, and that the user can monitor and correct operations as needed. A cloud governance framework is not a new set of concepts or practices, but the application of existing governance practices to cloud operations.
Data Governance
Data governance is a principled approach to manage data during its lifecycle — from acquisition, to use, to disposal.
Compliance Engineering
Risk Management and Compliance is as important in the cloud as it is in conventional on-premises environments. To help organizations in regulated industries meet their compliance requirements, Google Cloud offers automated capabilities that ensure the effectiveness of products and processes.
Compliance Offerings
https://cloud.google.com/security/compliance/offerings/#/
Assured Workloads
https://cloud.google.com/assured-workloads
Compliance Reports Manager
https://cloud.google.com/security/compliance/compliance-reports-manager
GDPR Resource Center
https://cloud.google.com/security/gdpr/resource-center
GDPR and Google
https://cloud.google.com/security/gdpr
Risk and Compliance as Code
https://cloud.google.com/blog/products/identity-security/risk-and-compliance-as-code
PCI Responsibility Matrix
https://cloud.google.com/files/PCI_DSS_Shared_Responsibility_GCP_v32.pdf
Vault EaaS
Encryption As a Service
https://learn.hashicorp.com/tutorials/vault/eaas-transit
Compliance as Code
Case study
https://cloud.google.com/blog/products/compliance/continuous-compliance-engineering-gcp-case-studies