Issue link: https://read.uberflip.com/i/1191854
Amazon Web Services Navigating GDPR Compliance on AWS 4 Strong Compliance Framework and Security Standards According to the GDPR, appropriate technical and organizational measures might need to include "the ability to ensure the ongoing confidentiality, integrity, availability and resilience of the processing systems and services", as well as reliable restore, testing, and overall risk management processes. AWS Compliance Program AWS Compliance enables customers to understand the robust controls in place at AWS to maintain security and data protection in the AWS Cloud. When systems are built in the AWS Cloud, compliance responsibilities are shared. By tying together governance- focused, audit-friendly service features with applicable compliance or audit standards, AWS Compliance enablers, such as AWS Config, AWS CloudTrail, AWS Identity and Access Management, Amazon GuardDuty, and AWS Security Hub, build on traditional programs, which helps customers to establish and operate in an AWS security- controlled environment. The IT infrastructure that AWS provides to its customers is designed and managed in alignment with security best practices and a variety of IT security standards, including: • SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70) • SOC 2 • SOC 3 • FISMA, DIACAP, and FedRAMP • DoD SRG • PCI DSS Level 1 • ISO 9001 / ISO 27001 • ITAR • FIPS 140-2 • MTCS Tier 3