compliance - bobbae/gcp GitHub Wiki
GCP products regularly undergo independent verification of their security, privacy, and compliance controls, achieving certifications, attestations, and audit reports to demonstrate compliance. There are resource documents and mappings for compliance support when formal certifications or attestations may not be required or applied.
https://cloud.google.com/security/
https://cloud.google.com/security/compliance
Cloud governance is a set of practices that help ensure users operate in the cloud in ways that they want, that the operations are efficient, and that the user can monitor and correct operations as needed. A cloud governance framework is not a new set of concepts or practices, but the application of existing governance practices to cloud operations.
Data governance is a principled approach to manage data during its lifecycle — from acquisition, to use, to disposal.
Risk Management and Compliance is as important in the cloud as it is in conventional on-premises environments. To help organizations in regulated industries meet their compliance requirements, Google Cloud offers automated capabilities that ensure the effectiveness of products and processes.
https://cloud.google.com/security/compliance/offerings/#/
https://cloud.google.com/assured-workloads
https://cloud.google.com/security/compliance/compliance-reports-manager
https://cloud.google.com/security/gdpr/resource-center
https://cloud.google.com/security/gdpr
https://cloud.google.com/blog/products/identity-security/risk-and-compliance-as-code
https://cloud.google.com/files/PCI_DSS_Shared_Responsibility_GCP_v32.pdf
Encryption As a Service
https://learn.hashicorp.com/tutorials/vault/eaas-transit
https://cloud.google.com/blog/products/compliance/continuous-compliance-engineering-gcp-case-studies