cioctocdo
16 October 2022
我们根据预期用例、反馈和需求,将普遍可用的服务纳入我们的合规工作范围。如果某项服务当前未列入最新评估范围,并不意味着您无法使用该服务。确定数据的性质是组织共同责任的一部分。根据您在AWS上构建的内容的性质,您应该确定该服务是否将处理或存储客户数据,以及它将如何影响或不会影响您的客户数据环境的合规性。
本网页提供了AWS保证计划范围内的AWS服务列表。除非特别排除,否则每个服务的一般可用特征都被视为保证计划的范围,并在下次评估时进行审查和测试。有关AWS服务的功能,请参阅AWS文档。
✓ = 这项服务目前在范围内,并反映在当前报告中。有关状态的更多详细信息,请参阅下面的每个合规计划选项卡。
| SOC | System and Organization Controls |
| PCI | Payment Card Industry Data Security Standard |
| ISO and CSA STAR certificates | International Organization for Standardization (ISO) and Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) |
| ISMAP | Information System Security Management and Assessment Program |
| FedRAMP | Federal Risk and Authorization Management Program |
| DoD CC SRG | Department of Defense Cloud Computing Security Requirements Guide |
| HIPAA BAA | Health Insurance Portability and Accountability Act |
| IRAP | Information Security Registered Assessors Program |
| MTCS | Multi-Tier Cloud Security |
| C5 | Cloud Computing Compliance Controls Catalog |
| K-ISMS | Korea-Information Security Management System |
| ENS High | Esquema Nacional de Seguridad |
| OSPAR | Outsourced Service Provider’s Audit Report |
| HITRUST CSF | Health Information Trust Alliance Common Security Framework |
| FINMA | Swiss Financial Market Supervisory Authority |
| GSMA | Global System for Mobile Communications Association |
| PiTuKri | Criteria for Assessing the Information Security of Cloud Services |
| CCCS | Canadian Centre for Cyber Security |
本文:https://cioctocdo.com/aws-services-scope-compliance-program
- 登录 发表评论