Standardized Information Gathering (SIG)

Standardized Information Gathering (SIG)

Shared Assessments ("SIG questionnaire") allows organizations to build, customize, analyze and store vendor assessments for managing third party risk.
The SIG questionnaire framework helps assess Google Cloud against risk areas including cybersecurity, IT, privacy, data security, and business resiliency, and is aligned to many industry standards (i.e., ISO/IEC 27002:2013, PCI, NIST SP 800-53 Rev 4, HIPAA, and GDPR).
NSPECT.IO Uses Google Cloud for marketplace and other operations which has filled out the SIG core questionnaire, answering 956 controls questions scoped to CSA CCM and ISO/IEC 27002 controls.

31302093 ISMS17 2022-08-02 english_page-0001.jpg
31302093 ISMS17 2022-08-02 english_page-