Amazon Web Services: Risk and Compliance

***Unable to locate subtitle***

Amazon Web Services: Risk and Compliance

Copyright ? 2024 Amazon Web Services, Inc. and/or its affiliates. All rights reserved.

Amazon Web Services: Risk and Compliance

***Unable to locate subtitle***

Amazon Web Services: Risk and Compliance: ***Unable to locate subtitle***

Copyright ? 2024 Amazon Web Services, Inc. and/or its affiliates. All rights reserved.

Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon.

Amazon Web Services: Risk and Compliance

Table of Contents

***Unable to locate subtitle***

Amazon Web Services: Risk and Compliance ................................................................................ 1 Abstract ........................................................................................................................................................... 1 Are you Well-Architected? .......................................................................................................................... 1

Introduction ..................................................................................................................................... 2 Shared responsibility model ........................................................................................................... 3 Evaluating and integrating AWS controls ...................................................................................... 5 AWS risk and compliance program ................................................................................................ 6

AWS business risk management ............................................................................................................... 6 Operational and business management .................................................................................................. 6 Control environment and automation ..................................................................................................... 7 Controls assessment and continuous monitoring .................................................................................. 8 AWS certifications, programs, reports, and third-party attestations ................................................. 9 Cloud Security Alliance ............................................................................................................................... 9 Customer cloud compliance governance ..................................................................................... 11 Conclusion ...................................................................................................................................... 12 Contributors ................................................................................................................................... 13 Further reading .............................................................................................................................. 14 Document Revisions ...................................................................................................................... 15 Notices ............................................................................................................................................ 16

iii

Amazon Web Services: Risk and Compliance

***Unable to locate subtitle***

Amazon Web Services: Risk and Compliance

Publication date: March 11, 2021 (Document Revisions)

Abstract

AWS serves a variety of customers, including those in regulated industries. Through our shared responsibility model, we enable customers to manage risk effectively and efficiently in the IT environment, and provide assurance of effective risk management through our compliance with established, widely recognized, frameworks, and programs. This paper outlines the mechanisms that AWS has implemented to manage risk on the AWS side of the Shared Responsibility Model, and the tools that customers can leverage to gain assurance that these mechanisms are being implemented effectively.

Are you Well-Architected?

The AWS Well-Architected Framework helps you understand the pros and cons of the decisions you make when building systems in the cloud. The six pillars of the Framework allow you to learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems. Using the AWS Well-Architected Tool, available at no charge in the AWS Management Console, you can review your workloads against these best practices by answering a set of questions for each pillar.

For more expert guidance and best practices for your cloud architecture--reference architecture deployments, diagrams, and whitepapers--refer to the AWS Architecture Center.

Abstract

1

Amazon Web Services: Risk and Compliance

***Unable to locate subtitle***

Introduction

AWS and its customers share control over the IT environment. Therefore, security is a shared responsibility. When it comes to managing security and compliance in the AWS Cloud, each party has distinct responsibilities. A customer's responsibility depends on which services they are using. However, in general, customers are responsible for building their IT environment in a manner that aligns with their specific security and compliance requirements.

This paper provides more details about each party's security responsibilities and the ways customers can benefit from the AWS Risk and Compliance Program.

2

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download