There are many different types of audits that a third-party external auditor can assess your organization on, for example, network security, data management, remediation management, and change management, which are just a few. The auditors may conduct the assessment by collecting evidence in a variety of ways, such as analyzing logs, physical inspection, reviewing procedures, and general inquiries. Before we begin this chapter, let's highlight some common audit compliance programs that you might see.
AWS complies with global compliance programs to meet the needs of its customers. A full breakdown of the compliance programs that they are subjected to and have certification for can be found at https://aws.amazon.com/compliance/programs/.
The following are the global compliance programs that AWS adheres to:
ISO 9001 | ISO 27001 | ISO 27017 | ISO 27018 | |
CSA Controls | Global Quality Standard | Security Management Controls | Cloud-Specific Controls | Personal Data Protection... |