The AWS Compliance Program helps customers to understand the robust controls in place at AWS to maintain security and compliance in the cloud. By tying together governance-focused, audit-friendly service features with applicable compliance or audit standards, AWS Compliance Enablers build on traditional programs, helping customers to establish and operate in an AWS security control environment.
IT standards we comply with are broken out by Certifications and Attestations; Laws, Regulations and Privacy; and Alignments and Frameworks. Compliance certifications and attestations are assessed by a third-party, independent auditor and result in a certification, audit report, or attestation of compliance. AWS customers remain responsible for complying with applicable compliance laws, regulations and privacy programs. Compliance alignments and frameworks include published security or compliance requirements for a specific purpose, such as a specific industry or function.
CSA
Cloud Security Alliance Controls
ISO 9001
Global Quality
Standard
ISO 27001
Security
Management
Controls
ISO 27017
Cloud Specific
Controls
ISO 27018
Personal Data
Protection
pci dss level 1
payment card
standard
soc 1
audit controls
report
soc 2
security, availability,
& confidentiality report
soc 3
general controls
report
cjis
criminal justice
information services
DoD SRG
department of
defense data processing
FedRAMP
government data
standards
ferpa
educational privacy
act
fips
government
security standards
fisma
federal information
security management
GxP
quality guidelines
and regulations
hipaa
protected health
information
hitrust csf
Health Information
Trust Alliance
Common Security
Framework
ITAR
Internation Arms
Regulations
MPAA
Protected Media
Content
NIST
National Institute of
Standards and
Technology
pipeda
Canada’s Federal
Private Sector
Privacy Legislation
SEC Rule 17a-
4(f)
Financial Data
Standards
VPAT / Section
508
Accessibility
Standards
