Also read PCI DSS compliance on GCP 

and Google GOV Cloud

NIST 800-53 seems to have far more controls than the base CIS standards for GCP.

Using a tool such as prisma, the number of non compliant resources that are caught by NIST is far more inclusive than those caught by CIS GCP v1.2.0