[ad_1]
The AWS International Safety & Compliance Acceleration (GSCA) Program has launched AWS Buyer Compliance Guides (CCGs) on the AWS Compliance Sources web page to assist prospects, AWS Companions, and assessors rapidly perceive how industry-leading compliance frameworks map to AWS service documentation and safety greatest practices.
CCGs supply safety steering mapped to 16 completely different compliance frameworks for greater than 130 AWS companies and integrations. Prospects can choose from the frameworks and companies accessible to see how safety “within the cloud” applies to AWS companies via the lens of compliance.
CCGs give attention to safety subjects and technical controls that relate to AWS service configuration choices. The guides don’t cowl safety subjects or controls which are constant throughout AWS companies or these particular to buyer organizations, equivalent to insurance policies or governance. Consequently, the guides are shorter and are targeted on the distinctive safety and compliance issues for every AWS service.
We worth your suggestions on the guides. Take our CCG survey to inform us about your expertise, request new companies or frameworks, or recommend enhancements.
CCGs present summaries of the consumer guides for AWS companies and map configuration steering to safety management necessities from the next frameworks:
Nationwide Institute of Requirements and Know-how (NIST) 800-53
NIST Cybersecurity Framework (CSF)
NIST 800-171
System and Group Controls (SOC) II
Heart for Web Safety (CIS) Vital Controls v8.0
ISO 27001
NERC Vital Infrastructure Safety (CIP)
Fee Card Trade Information Safety Normal (PCI-DSS) v4.0
Division of Protection Cybersecurity Maturity Mannequin Certification (CMMC)
HIPAA
Canadian Centre for Cyber Safety (CCCS)
New York’s Division of Monetary Companies (NYDFS)
Federal Monetary Establishments Examination Council (FFIEC)
Cloud Controls Matrix (CCM) v4
Info Safety Guide (ISM-IRAP) (Australia)
Info System Safety Administration and Evaluation Program (ISMAP) (Japan)
CCGs might help prospects within the following methods:
Shorten the method of manually looking the AWS consumer guides to grasp safety “within the cloud” particulars and align configuration steering to compliance necessities
Decide the scope of controls relevant in danger assessments or audits primarily based on which AWS companies are working in buyer workloads
Help prospects who carry out due diligence assessments on new AWS companies into account to be used of their group
Present assessors or danger groups with assets to determine which safety areas are dealt with by AWS companies and that are the shopper’s duty to implement, which could affect the scope of proof required for assessments or inside safety checks
Present a foundation for creating safety documentation equivalent to management responses or procedures that is likely to be required to fulfill varied compliance documentation necessities or fulfill evaluation proof requests
The AWS International Safety & Compliance Acceleration (GSCA) Program connects prospects with AWS companions that may assist them navigate, automate, and speed up constructing compliant workloads on AWS by serving to to scale back time and price. GSCA helps companies globally that want to fulfill safety, privateness, and compliance necessities for healthcare, privateness, nationwide safety, and monetary sectors. To attach with a GSCA compliance specialist, full the GSCA Program questionnaire.
In case you have suggestions about this publish, submit feedback within the Feedback part beneath. In case you have questions on this publish, contact AWS Assist.
[ad_2]
Source link