cioctocdo
16 October 2022
我们根据预期用例、反馈和需求,将普遍可用的服务纳入我们的合规工作范围。如果某项服务当前未列入最新评估范围,并不意味着您无法使用该服务。确定数据的性质是组织共同责任的一部分。根据您在AWS上构建的内容的性质,您应该确定该服务是否将处理或存储客户数据,以及它将如何影响或不会影响您的客户数据环境的合规性。
本网页提供了AWS保证计划范围内的AWS服务列表。除非特别排除,否则每个服务的一般可用特征都被视为保证计划的范围,并在下次评估时进行审查和测试。有关AWS服务的功能,请参阅AWS文档。
✓ = 这项服务目前在范围内,并反映在当前报告中。有关状态的更多详细信息,请参阅下面的每个合规计划选项卡。
SOC | System and Organization Controls |
PCI | Payment Card Industry Data Security Standard |
ISO and CSA STAR certificates | International Organization for Standardization (ISO) and Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) |
ISMAP | Information System Security Management and Assessment Program |
FedRAMP | Federal Risk and Authorization Management Program |
DoD CC SRG | Department of Defense Cloud Computing Security Requirements Guide |
HIPAA BAA | Health Insurance Portability and Accountability Act |
IRAP | Information Security Registered Assessors Program |
MTCS | Multi-Tier Cloud Security |
C5 | Cloud Computing Compliance Controls Catalog |
K-ISMS | Korea-Information Security Management System |
ENS High | Esquema Nacional de Seguridad |
OSPAR | Outsourced Service Provider’s Audit Report |
HITRUST CSF | Health Information Trust Alliance Common Security Framework |
FINMA | Swiss Financial Market Supervisory Authority |
GSMA | Global System for Mobile Communications Association |
PiTuKri | Criteria for Assessing the Information Security of Cloud Services |
CCCS | Canadian Centre for Cyber Security |
本文:https://cioctocdo.com/aws-services-scope-compliance-program
- 登录 发表评论