NEW - BEYOND IS GOOGLE CLOUD’S Strategic Cyber Security Partner of the Year 2026

Product Specific Terms - GCP Security & Governance Review

1. Supplier Obligations

The Supplier shall:

1.1. conduct a GCP Security and Governance Review of the Customer’s GCP environment (maximum of 5 GCP projects per review);

1.2. create and present a GCP Security and Governance Review Presentation; and

1.3. agree with the Customer a mutually agreeable date to conduct the GCP Security and Governance Review.

2. Customer Obligations

The Customer shall:

2.1. provide Supplier with a list of Customer Named Contacts to receive the GCP Security and Governance Review Presentation; and

2.2. provide Supplier with written confirmation of the GCP domain identity and grant Supplier the necessary system access rights for Supplier to conduct the GCP Security and Governance Review.

3. Charges

3.1. Unless otherwise set out in the relevant Order Form, Supplier shall invoice the Customer on the Effective Date.

4. Definitions

4.1. The following definitions apply in these Product Specific Terms:

Actionable Recommendations: means a list of recommended actions provided by Supplier to the Customer to address GCP configuration in accordance with Google best practices.

Customer Named Contact: means an authorised Customer appointed individual.

GCP Security and Governance Review: means an assessment of the Customer’s GCP environment to make GCP security recommendations based on Google best practices. The review will include: organisational structure; unauthorised resources and billing accounts; IAM best practises; role based access control; firewalls and security; and service account security.

GCP Security and Governance Review Presentation: means a presentation or document containing Actionable Recommendations or findings of the GCP Security and Governance Review.