Compliance expectations remain the same and are agnostic of deployment model types (for example, on-premises or in the cloud), like key concepts such as risk management, change, configuration management, and incident management.
AWS provides a foundation for customers’ assurance programs by establishing the necessary control through regular audit certifications (such as, ISO/IEC 27001, SOC 1, 2, and 3 reports). Additionally, AWS is architected to be one of the most secure cloud computing environment available today, and we continue to invest in first-rate resources and tools for security and compliance.