Amazon Web Services (AWS) has successfully completed a comprehensive onboarding audit with no findings for ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, 20000-1:2018, and 22301:2019, as well as the Cloud Security Alliance (CSA) STAR Cloud Controls Matrix (CCM) v4.0. The audit, conducted by Ernst and Young CertifyPoint auditors, resulted in the reissuance of certificates on July 22, 2024. The audit aimed to evaluate compliance with the established international standards.
During this audit, we expanded the scope of the certification to include three new AWS services:
- AWS Payment Cryptography
- Amazon Security Lake
- Amazon WorkSpaces Thin Client
For a comprehensive list of AWS services certified under ISO and CSA STAR, please visit the AWS ISO and CSA STAR Certified page. Customers can also access these certifications within the AWS Management Console via AWS Artifact. For further insights on cloud security, check out this blog post that dives deeper into related topics.
If you have any feedback regarding this announcement, feel free to share your thoughts in the Comments section below.
About the Authors
Michael Johnson
Michael is a Compliance Program Manager at AWS, bringing over 27 years of experience in information technology and information security management. He holds a Master of Science in Electronics and has earned various professional certifications including CCSP, CISSP, CISM, CDPSE, ISO 27001 Lead Auditor, HITRUST CSF, Archer Certified Consultant, and AWS CCP.
David Wright
David is also a Compliance Program Manager at AWS, spearheading numerous security and privacy initiatives. With 15 years of experience in information security, he holds CISSP, CDPSE, CISA, PMP, CSX, AWS Solutions Architect – Associate, and AWS Security Specialty certifications.
Sarah Thompson
Sarah is a Compliance Program Manager at AWS, with five years of experience in information security. She holds a Master of Science degree in Management Information Systems and possesses professional certifications like CISA.
For additional resources, explore this page that provides authoritative insights on compliance and security. Also, consider visiting this link for a valuable resource on training and development opportunities.
Leave a Reply