Amazon Cloud Directory Compliance
Amazon Cloud Directory has undergone auditing for the following standards and can be part of your solution when you need to obtain compliance certification.
|
Amazon Cloud Directory meets Federal Risk and Authorization Management Program (FedRAMP) security
requirements and has received a FedRAMP Joint Authorization Board (JAB) Provisional
Authority to Operate (P-ATO) at the FedRAMP Moderate Baseline. For more information
about FedRAMP, see FedRAMP
Compliance |
|
Amazon Cloud Directory has an Attestation of Compliance for Payment Card Industry (PCI) Data
Security Standard (DSS) version 3.2 at Service Provider Level 1. Customers who use
AWS products and services to store, process, or transmit cardholder data can use
Cloud Directory as they manage their own PCI DSS compliance certification.
For more information about PCI DSS, including how to request a copy of the AWS PCI
Compliance Package, see PCI DSS Level
1 |
|
AWS has expanded its Health Insurance
Portability and Accountability Act (HIPAA) compliance program to include
Amazon Cloud Directory as a HIPAA
Eligible Service |
|
Amazon Cloud Directory has successfully completed compliance certification for ISO/IEC 27001, ISO/IEC
27017, ISO/IEC 27018, and ISO 9001. For more information, see ISO 27001 |
|
System and Organization Control (SOC) reports are independent third-party examination reports
that demonstrate how Amazon Cloud Directory achieves key compliance controls and objectives. The
purpose of these reports is to help you and your auditors understand the AWS
controls that are established to support operations and compliance. For more
information, see SOC
Compliance |
Shared Responsibility
Security, including HIPAA and PCI compliance, is a shared
responsibility
