Monday 22 February 2021

AWS certifications, programs, reports, and third-party attestations

AWS regularly undergoes independent third-party attestation audits to provide

assurance that control activities are operating as intended. More specifically, AWS is

audited against a variety of global and regional security frameworks dependent on

region and industry. AWS participates in over 50 different audit programs.

The results of these audits are documented by the assessing body and made available

for all AWS customers through AWS Artifact. 


AWS Artifact is a no cost self-service portal for on-demand access to AWS compliance reports. When new reports are released, they are made available in AWS Artifact, allowing customers to continuously monitor the security and compliance of AWS with immediate access to new reports.

Depending on a country’s or industry’s local regulatory or contractual requirements,

AWS may also undergo audits directly with customers or governmental auditors. These

audits provide additional oversight of the AWS control environment to ensure that

customers have the tools to help themselves operate confidently, compliantly, and in a

risk-based manner using AWS services.


For more detailed information about the AWS certification programs, reports, and thirdparty attestations, visit the AWS Compliance Program webpage amazon web services jobs

Cloud Security Alliance

AWS participates in the voluntary Cloud Security Alliance (CSA) Security, Trust &

Assurance Registry (STAR) Self-Assessment to document its compliance with CSApublished best practices. The CSA is “the world’s leading organization dedicated to

defining and raising awareness of best practices to help ensure a secure cloud

computing environment”


(CAIQ) provides a set of questions the CSA anticipates a cloud customer and/or a cloud

auditor would ask of a cloud provider. It provides a series of security, control, and

process questions, which can then be used for a wide range of efforts, including cloud

provider selection and security evaluation.


There are two resources available to customers that document the alignment of AWS to

the CSA CAIQ. The first is the CSA CAIQ Whitepaper, and the second is a more

detailed control mapping to our SOC-2 controls which is available to via AWS Artifact.

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Cisco Updates Certified Network Design Engineer Curriculum

Cisco has updated its CCDA® Associate Certification Preparation Program in Network Design. Updating curricula and exam requirements will ens...