IRS Publication 1075

Overview

Internal Revenue Service Publication 1075 (IRS Pub 1075) provides guidance for US government agencies and their agents to protect Federal Tax Information (FTI).

While the IRS does not publish an official designation or certification for compliance with Pub 1075, AWS supports organizations to protect FTI managed in AWS by aligning our implementations of NIST 800-53 and FedRAMP security controls with the respective IRS Pub 1075 security requirements. AWS has worked closely with the IRS to ensure that the AWS GovCloud (US) and AWS US East-West regions meet Pub 1075 requirements for storing and processing FTI. Customers can use the whitepaper Internal Revenue Service (IRS) Publication 1075 Compliance in AWS for guidance on their compliance responsibilities as part of the Shared Responsibility Model as well as how to protect the confidentiality of Federal Tax Information.

AWS offers the following FedRAMP compliant systems that have been granted authorizations, have addressed the FedRAMP security controls (based on NIST SP 800-53), have used the required FedRAMP templates for the security packages posted in the secure FedRAMP Repository, have been assessed by an accredited independent third party assessor (3PAO) and maintain continuous monitoring requirements of FedRAMP:

  • AWS GovCloud (US) has been granted a Joint Authorization Board Provisional Authority-To- Operate (JAB P-ATO) and multiple Agency Authorizations (A-ATO) for high impact level. The services in scope of the AWS GovCloud (US) JAB P-ATO boundary at high baseline security categorization can be found within AWS Services in Scope by Compliance Program.
  • AWS US East-West (Northern Virginia, Ohio, Oregon, Northern California) has been granted a Joint Authorization Board Provisional Authority-To- Operate (JAB P-ATO) and multiple Agency Authorizations (A-ATO) for moderate impact level. The services in scope of the AWS US East-West JAB P-ATO boundary at Moderate baseline security categorization can be found within AWS Services in Scope by Compliance Program.

For more information on FedRAMP and AWS, please visit the AWS FedRAMP page.

  • While the IRS does not publish an official designation or certification for compliance with Pub 1075, AWS supports organizations to protect FTI managed in AWS by aligning our implementations of NIST 800-53 and FedRAMP security controls with the respective IRS Pub 1075 security requirements. AWS has worked closely with the IRS to ensure that the AWS GovCloud (US) and AWS US East-West regions meet Pub 1075 requirements for storing and processing FTI.

IRS 1075 Resources

Internal Revenue Service Publication 1075 (IRS Pub 1075)
Encryption Requirements of Publication 1075
Internal Revenue Service (IRS) Publication 1075 Compliance in AWS
AWS Shared Responsibility Model
AWS FedRAMP Page
Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »