MASEC 4: How can a company (buyer) gain confidence in compliance and regulatory needs? - Mergers and Acquisitions Lens
MASEC04-BP01 The seller is using AWS services (marketplace) for data governanceMASEC04-BP02 Document consistent mechanisms for data classificationMASEC04-BP03 Document processes to maintain data integrity within AWS servicesMASEC04-BP04 Understand both the buyer's and seller's compliance needs

MASEC 4: How can a company (buyer) gain confidence in compliance and regulatory needs?

Data governance establishes the processes and responsibilities that ensure the quality, consistency, and security of the data used across organizations. In case of compliance requirements due to personal identifiable information (PII) data, the buyer needs to verify that the integrated workloads meet these requirements.

MASEC04-BP01 The seller is using AWS services (marketplace) for data governance

Data governance is a framework to build data quality checks, identify lineage (relation) between target and source datasets, and build a data catalog over existing data in data lakes and enterprise data warehouses.

MASEC04-BP02 Document consistent mechanisms for data classification

Ensure organizations are using AWS-supported partner solutions.

MASEC04-BP03 Document processes to maintain data integrity within AWS services

Regulatory requirements to maintain the integrity of data are typically implemented as part of a validated application. However, by implementing controls at the AWS service-level, you can facilitate data integrity even for actions performed outside the validated application.

MASEC04-BP04 Understand both the buyer's and seller's compliance needs

AWS supports inheritance of many security standards and compliance certifications, including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, which helps you satisfy necessary compliance requirements.