What are the AWS provided services used by security checks to establish the compliance requirements?
AWS Services in Scope by Compliance Program Show
We include generally available services in the scope of our compliance efforts based on the expected use case, feedback and demand. If a service is not currently listed as in scope of the most recent assessment, it does not mean that you cannot use the service. It is part of the shared responsibility for your organization to determine the nature of the data. Based on the nature of what you are building on AWS, you should determine if the service will process or store customer data and how it will or will not impact the compliance of your customer data environment. We encourage you to discuss your workload objectives and goals with your AWS account team; they will be able to evaluate your proposed use case and architecture, and how our security and compliance processes overlay that architecture. Need to connect with an AWS business representative? This webpage provides a list of AWS Services in Scope of AWS assurance programs. Unless specifically excluded, generally available features of each of the services are considered in scope of the assurance programs, and are reviewed and tested at the next opportunity for assessment. Refer to the AWS Documentation for the features of an AWS service. ✓ = This service is currently in scope and is reflected in current reports. For more specific details on status, please refer to each compliance program tab below.
Want More Information About Services in Scope?AWS support for Internet Explorer ends on 07/31/2022. Supported browsers are Chrome, Firefox, Edge, and Safari. Learn more » For each enabled control, AWS Security Hub runs security checks. A security check determines whether your resources are in compliance with the control requirements. Some checks run on a regular schedule. Other checks only run when there is a change to the resource state. See Schedule for running security checks. Many security checks use AWS Config managed or custom rules to establish the compliance requirements. To run these checks, you must have AWS Config enabled. See How Security Hub uses AWS Config rules to run security checks. Others use custom Lambda functions, which are managed by Security Hub and are not visible to customers. For each check, Security Hub creates or updates a finding. See Generating and updating control findings. Security Hub uses the findings to assess your security posture for each control and across an entire standard. See Determining the overall status of a control from its findings and Determining the security score for a security standard. Topics
The AWS Compliance Center is a central location to research cloud-related regulatory requirements and how they impact your industry. Select the country you are interested in, and the AWS Compliance Center will display the country’s regulatory position regarding the adoption of cloud services. AWS has customers throughout the world and is continually adapting to
evolving regulations, so please contact us if your country of interest is not listed and you would like more information about AWS. Introducing AWS Compliance Center (1:40) BenefitsIdentify Regulatory RequirementsA central location to research the regulatory environments of over 50 countries. Browse Country-Specific ResourcesA variety of resources to help you better understand how to meet your global
regulatory requirements. Discover AWS Compliance ProgramsCompliance standards and industry certifications across geographies for our infrastructure and services. Review requirements We are
continually adapting to evolving regulations. Check often for updates. Learn more Sign up for a free account Instantly get access to the AWS Free Tier. Sign up Start building in the console Get started building in the AWS Management Console. Sign in AWS support for Internet Explorer ends on 07/31/2022. Supported browsers are Chrome, Firefox, Edge, and Safari. Learn more » Which AWS service provides access to security and compliance documents?AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS security and compliance reports and select online agreements.
Which services will help businesses ensure compliance in AWS?AWS Compliance Programs. CSA. Cloud Security Alliance Controls.. CyberGRX. Third Party Risk Management.. CyberVadis. Third Party Risk Management.. ISO 9001. Global Quality Standard.. ISO 22301. Security and resilience.. ISO 27001. Security Management Controls.. ISO 27017. Cloud Specific Controls.. ISO 27701. Privacy Information Management.. Which service of AWS provides security services?AWS data protection services provide encryption and key management and threat detection that continuously monitors and protects your accounts and workloads. AWS Identity Services enable you to securely manage identities, resources, and permissions at scale.
Which AWS service can be used to help generate the documentation required by various compliance standards?The AWS PCI Compliance Package is available to customers through AWS Artifact, a self-service portal for on-demand access to AWS compliance reports. Sign in to AWS Artifact in the AWS Management Console, or learn more at Getting Started with AWS Artifact.
|