Security documentation

When mobilizing security and compliance during a migration, it is essential to define and document how you implement security and compliance in the cloud. The documentation should include the following:

Security and compliance implementation documentation – Create one or more documents that detail your security and compliance definition, process, policies, controls, configurations, and tools. Make sure these documents address these aspects from an AWS Cloud perspective. Include the following in this documentation:
- Identity access and management
- Incident detection controls and response
- Infrastructure and network security
- Data protection
- Compliance
- Business continuity and recovery
Security and compliance runbooks – Create a security and compliance operational runbooks that guide the cloud operations team. They should detail how to complete security and compliance tasks, activities, and changes in the cloud as part of operational requirements. This includes security and compliance monitoring, incident management, validation, and continuous improvement. Make sure that your runbooks address the requirements that you identified during the security discovery and alignment domain.
Cloud security RACI matrix – Create a responsible, accountable, consulted, informed (RACI) matrix that defines security and compliance responsibilities and stakeholders for the following areas:
- Design and development
- Deployment and implementation
- Operations

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Implementation, integration, and validation

Cloud operations