Principle 4: Governance framework

The service provider should have a security governance framework which coordinates and directs its management of the service and information within it. Any technical controls deployed outside of this framework will be fundamentally undermined.

The responsibility for fulfilling this requirement falls solely on AWS; the customer need do no more than satisfy themselves that AWS does so.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Principle 3: Separation between users

Principle 5: Operational security