2025 Regulatory Summit

First page Table of contents Previous page 127 Next page Last page

CLOUD FOUNDATIONS FOR FINANCIAL SERVICES FINANCIAL SERVICES |

Data privacy and confidentiality are our top priorities at AWS

Storage : Customers choose the AWS Region(s) in which their content is stored and the type of storage they use.

Security : Customers choose how their content is secured.

Access : AWS does not access or use customer content except as necessary to provide the service offerings, or to comply with the law or a binding order of a government body.

Disclosure of Customer Content : We will not disclose customer content unless we’re required to do so to comply with the law or a binding order of a government body.

Security Assurance : AWS security protections and control processes are independently validated by multiple third-party independent assessments.

For more information, visit our Data Privacy Center on our website: https://aws.amazon.com/compliance/data-privacy/

© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.

CLOUD FOUNDATIONS FOR FINANCIAL SERVICES FINANCIAL SERVICES |

Customers rely on our compliance with global standards

Certifications & Attestations

Laws, Regulations, & Privacy

Alignments & Frameworks

Cloud Computing Compliance Controls Catalogue (C5)

DE

CLOUD Act

US EU EU US US US

CIS (Center for Internet Security)

CJIS (US FBI)

US GB

CSA - STAR Level 2

CISPE GDPR FERPA GLBA HIPAA HITECH

CCCS Medium (formerly PBMM)

CA GB US ES US

Cloud Security Principles CSA (Cloud Security Alliance)

Cyber Essentials Plus

JP

DoD SRG ENS High

FISC

FISMA

US GB US US US DE US US US

G-Cloud

FedRamp (Med & High)

FINMA ISAE 3000

CH IRS 1075

US US

GxP (US FDA CFR 21 Part 11) HIPAA Quick Start Guide

FIPS HDS

US FR

ITAR

My Number Act

JP

HITRUST

ISMAP

JP

Data Protection Act - 2018

GB US ZA AU NZ MY SG CA AR

IT Grundschutz

IRAP

AU VPAT / Section 508

MITA 3.0 (US Medicaid)

PoPIA - South Africa Privacy Act - Australia Privacy Act - New Zealand PDPA: 2010 - Malaysia

NIST 800-53 (Via FedRAMP ATO) NIST Cybersecurity Framework (CSF)

ISO 22301

ISO 27001, 27017, 27018, 27701

ISO 9001

PCI-DSS Quick Start Guide

K-ISMS

KR

SWIFT Client Connectivity Guide

MTCS – Tier 3

SG PDPA: 2012 - Singapore

OSPAR

SG PIPEDA - Canada

PCI-DSS Level 1

PDPL - Argentina LGPD - Brazil PDPA - Taiwan AAPI - Japan

BR

PCI-3DS

PiTukri ISAE-3000 Type II Report for Cloud Security

FI

TW

DE = Country of origin of compliance regime = industry or global standard = Financial Services Industry

SEC Rule 17-a-4(f) SOC 1, SOC 2, SOC 3

US

JP

© 2024, Amazon Web Services, Inc. or its affiliates. All rights reserved. Amazon Confidential and Trademark.

Made with FlippingBook - professional solution for displaying marketing and sales documents online