Google Maps Platform now have ISO 27001, SOC 2 and SOC 3 security certifications for 25 Google Maps Platform products. Certifications such as these provide independent third-party validations of their ongoing commitment to world-class security and help their customers with their own compliance efforts. Google has spent years building one of the world’s most advanced infrastructures, and through Google Maps Platform they make it available to enterprises worldwide to power their geospatial applications.
About ISO 27001 certification
The International Organisation for Standardisation (ISO) is an independent, non-governmental international organisation with an international membership of 163 national standards bodies. The ISO/IEC 27000 family of standards helps organisations keep their information assets secure. ISO/IEC 27001 outlines and provides the requirements for an information security management system (ISMS), specifies a set of best practices, and details the security controls that can help manage information risks.
Google Maps Platform and their Common Infrastructure are now certified as ISO/IEC 27001 compliant. The 27001 standard does not mandate specific information security controls, but the framework and checklist of controls it lays out allow Google to ensure a comprehensive and continually improving model for security management.
About SOC 2 certification
The SOC 2 is a report based on the Auditing Standards Board of the American Institute of Certified Public Accountants' (AICPA) existing Trust Services Criteria (TSC). The purpose of this report is to evaluate an organisation’s information systems relevant to security, availability, processing integrity, confidentiality, and privacy.
The AICPA created the Statement on Standards for Attestation Engagements No. 18 (SSAE 18) to keep pace with globally recognised international accounting standards. SSAE 18 aligns closely with the International Standard on Assurance Engagements 3402 (ISAE 3402), both of which are used to generate a report by an objective third party attesting to a set of assertions made by an organisation about its controls. The Service Organisation Controls (SOC) framework is the method by which the control of financial information is measured.
Google Maps Platform undergoes a regular third-party audit to certify individual products against this standard.
About SOC 3 certification
Like SOC 2, the SOC 3 report has been developed based on the Auditing Standards Board of the American Institute of Certified Public Accountants’ (AICPA) Trust Service Criteria (TSC). The SOC 3 is a public report of internal controls over security, availability, processing integrity, and confidentiality.
The AICPA created the Statement on Standards for Attestation Engagements No. 18 (SSAE 18) to keep pace with globally recognised international accounting standards. SSAE 18 aligns closely with the International Standard on Assurance Engagements 3402 (ISAE 3402). SSAE 18 and ISAE 3402 are used to generate a report by an objective third-party attesting to a set of assertions made by an organisation about its controls. The Service Organisation Controls (SOC) framework is the method by which the control of financial information is measured.
Google Maps Platform undergoes a regular third-party audit to certify individual products against this standard as well.
These new certifications complement their existing CSA STAR and ISO 22301 certifications. They look forward to securing additional certifications in the future that help companies better understand their security efforts and infrastructure so they feel confident building with Google Maps Platform.
28East is a trusted Google Maps Partner. Get in touch today to find out how your business can benefit from Google Maps Platform’s offerings.