Reports, Certifications, and Independent Attestations

AWS publishes several independent audit reports, including SOC 1 Type 2 and SOC 2 reports based on the SSAE 16 and ISAE 3402 standards. AWS also maintains ISO 27001 certification and is validated as a Level 1 service provider under the PCI Data Security Standard.

For public sector compliance, AWS is authorized by the U.S. General Services Administration to operate at the FISMA Moderate level. AWS also holds Authorities to Operate under the Defense Information Assurance Certification and Accreditation Program.