ComplyJet's Google Workspace integration keeps your core identity layer audit-ready. ComplyJet imports your employees and accounts from the Google Workspace Admin Directory and continuously verifies that multi-factor authentication is enforced, departed employees lose access, and every account belongs to one identified person.
As your identity provider, Google Workspace is where access begins and ends. ComplyJet turns it into continuous, audit-ready evidence of who has access and how it is controlled, so access reviews stop being a quarterly fire drill. The Google Workspace integration takes minutes to connect via OAuth and requires no custom configuration.
24/7
Continuous monitoring
Compliance automation
How ComplyJet automates SOC 2 / ISO 27001 for Google Workspace
Proving access is controlled used to mean exporting user lists, cross-checking them against HR records by hand, and screenshotting MFA settings before each audit. Most teams repeat this every quarter, and the evidence is stale the moment it is captured.
1
Connect once
Connect Google Workspace to ComplyJet with read-only access. No changes to your directory, takes under 10 minutes.
2
Monitor continuously
ComplyJet imports your accounts and continuously tracks MFA enforcement, account ownership, and access lifecycle.
3
Collect evidence automatically
Every passing and failing access check is timestamped and stored as audit evidence, with no screenshots and no manual cross-referencing.
4
Get alerted on drift
The moment an account loses MFA, an ex-employee keeps access, or a shared login appears, ComplyJet flags it in real time so you can remediate before it becomes an audit finding.
The result: your SOC 2 and ISO 27001 evidence is always current, your auditor gets a clean documented trail, and access reviews become a continuous background process instead of a scramble.
See the Google Workspace integration live
30 minutes. We'll walk through exactly how ComplyJet governs access through Google Workspace, collects evidence, and maps checks to SOC 2, ISO 27001, and HIPAA.
Google Workspace resources
What Resources does ComplyJet sync from Google Workspace?
ComplyJet pulls and monitors the following Google Workspace data in real time. Click any resource to see what's tracked.
Google Workspace integration: Google Workspace Users & Groups
Employee and group records imported from the Admin Directory, with MFA status and account-to-employee mapping.
Google Workspace Account & Login Settings
Account and login configuration used to verify access governance across the organization.
Continuous checks
What automated tests does ComplyJet run on Google Workspace?
ComplyJet continuously verifies access governance across Google Workspace, with every result stored as audit evidence. Click the area to see the checks.
Identity & Access
MFA, account lifecycle, unique accounts
Accounts protected with multi-factor authentication: Verifies MFA is enforced on all Google Workspace accounts so credentials alone cannot grant access.
Access revoked on employee departure: Verifies no active Google Workspace accounts remain mapped to former employees.
Shared account use detected and flagged: Ensures every Google Workspace account is linked to exactly one individual, so access can be attributed and reviewed.
Google Workspace customers
Teams already running Google Workspace with ComplyJet
Real startups. Real Google Workspace stacks. Real audit outcomes.
Setup
How to Integrate Google Workspace with ComplyJet
Takes under 10 minutes. No code required, and ComplyJet never gets write access to your directory.
1
Log in to ComplyJet and go to Integrations
Find Google Workspace in the integrations list and click Connect.
2
Authorize Google Workspace with read-only access
ComplyJet connects to the Admin SDK Directory API with read-only scope. No write access to your directory is required.
3
Authorize the connection in ComplyJet
ComplyJet validates the connection and begins importing your users and accounts.
4
ComplyJet begins syncing immediately
Your users and accounts appear within minutes, access checks start running, and evidence collection begins.
Need help with multi-domain directories or large user bases? Reach out to our support team.
Framework coverage
What Controls Are Automated Across SOC 2 / ISO 27001 / HIPAA
ComplyJet maps every Google Workspace check to the relevant framework controls and maintains an always-current evidence record for your auditor.
SOC 2
Logical access, network security, monitoring, audit trail, availability
CC6.1
Logical access security: MFA enforcement, access revocation on termination, unique account assignment.
CC6.2
User registration and authorization: accounts provisioned to identified individuals and reviewed.
CC6.3
Access authorization: access rights governed and attributable to current employees.
ISO 27001
Access control, authentication, logging, network security, cryptography, backup
A.5.15
Access control: MFA enforcement, account uniqueness, access revocation on departure.
A.5.16
Identity management: every account linked to an identified individual.
A.5.17
Authentication information: multi-factor authentication required across accounts.
A.5.18
Access rights: rights granted, reviewed, and revoked through the identity provider.
HIPAA
Access control, encryption, audit controls, integrity, transmission security
§164.312(a)(1)
Access control: MFA enforcement and access revocation on termination.
§164.312(a)(2)(i)
Unique user identification: each account linked to one individual.
§164.312(d)
Person or entity authentication: multi-factor authentication enforced across accounts.
.svg){kind=logo}
.png)
.png)
.png)
