For regulated data types, such as personally identifiable information, customers often ask the same questions. This session addresses questions on topics that range from deletion of data to third-party assurance reports, and it connects you with the corresponding risk discussions and the applicable AWS technology or supporting language from AWS documentation. Learn how to speed up your risk assessment by equipping yourself with facts and knowledge that will help you make informed decisions about your AWS journey.

1. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Technology as a means for compliance
Bertram Dorn
Principal Solution Architect Security and Compliance
Amazon Web Services EMEA SARL
G R C 2 0 6

2. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Agenda
Overview of the assessment flow
Generic controls
Specific controls
Summary

3. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Overview

4. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Overview (cont.)

5. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Working with AWS reports/certifications

6. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Working with AWS reports/certifications (cont.)
AWS Artifact

7. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Working with AWS reports/certifications (cont.)
AWS Artifact
Criteria ID AWS-provided control ID
CC1.1 AWSCA-1.1; AWSCA-1.2; AWSCA-9.3; AWSCA-9.7; AWSCA-
11.1; AWSCA-11.2
CC1.2 AWSCA-1.7; AWSCA-1.8; AWSCA-9.8
CC1.3 AWSCA-1.1; AWSCA-1.2
CC1.4 AWSCA-1.2; AWSCA-1.4; AWSCA-1.7; AWSCA-1.8; AWSCA-9.2;
AWSCA-9.3; AWSCA-11.1; AWSCA-11.2
CC1.5 AWSCA-1.1; AWSCA-1.2; AWSCA-1.3; AWSCA-9.3; AWSCA-9.7
CC2.1 AWSCA-1.5; AWSCA-1.9; AWSCA-3.6; AWSCA-8.1; AWSCA-8.2;
AWSCA-9.8
CC2.2 AWSCA-1.2; AWSCA-1.4; AWSCA-1.6; AWSCA-1.9; AWSCA-9.1;
AWSCA-10.3; AWSCA-11.1; AWSCA-11.3
CC2.3 AWSCA-1.4, AWSCA-1.6, AWSCA-9.1, AWSCA-9.5, AWSCA-
11.1, AWSCA-11.2, AWSCA-11.3
CC3.1 AWSCA-1.5; AWSCA-1.9; AWSCA-9.8

8. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Controls for the organization
AWSCA-1.1
AWSCA-1.2
AWSCA-1.3
AWSCA-1.4
AWSCA-1.5
AWSCA-1.6
AWSCA-1.7
AWSCA-1.8
AWSCA-1.9

9. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Physical controls
AWSCA-5.1
AWSCA-5.2
AWSCA-5.3
AWSCA-5.4
AWSCA-5.5
AWSCA-5.6
AWSCA-5.7
AWSCA-5.8
AWSCA-5.9
AWSCA-5.10
AWSCA-5.11

10. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Logical controls
AWSCA-21
AWSCA-2.2
AWSCA-2.3
AWSCA-2.4
AWSCA-2.5
AWSCA-3.16
AWSCA-6.2
AWSCA-6.3
AWSCA-6.3
AWSCA-10.3
AWSCA-10.4

11. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Data delete
AWSCA-5.13
AWSCA-7.7

12. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Multi-tenancy
AWSCA-21
AWSCA-2.2
AWSCA-2.3
AWSCA-2.4
AWSCA-2.5
AWSCA-3.16
AWSCA-6.2
AWSCA-6.3
AWSCA-6.3
AWSCA-10.3
AWSCA-10.4

13. © 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS KMS specific
AWSCA-4.5
AWSCA-4,6
AWSCA-4,7
AWSCA-4,8
AWSCA-4.9
AWSCA-4.10
AWSCA-4.11
AWSCA-4.12
AWSCA-4.13
AWSCA-4.14

14. Thank you!
© 2019,Amazon Web Services, Inc. or its affiliates. All rights reserved.
Bertram Dorn