Reports, Certifications, and Independent Attestations
AWS successfully completed multiple SAS70 Type II audits and publishes a Service Organization Controls 1 (SOC 1), Type 2 report using SSAE 16 and the ISAE 3402 professional standards. AWS also publishes a SOC2 report.
AWS has ISO 27001 certification and is validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS).
In the area of public sector certifications, AWS has authorization from the U.S. General Services Administration to operate at the FISMA Moderate level. AWS is also the applications platform with Authorities to Operate (ATOs) under the Defense Information Assurance Certification and Accreditation Program (DIACAP).