Posted On: Dec 11, 2018

AWS Certificate Manager is now PCI DSS compliantISO 9001, 27001, 27017, 27018 certified; SOC 1,2 and 3 compliant; and has been added to the AWS Services In Scope listings.

AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources.

PCI DSS (Payment Card Industry Data Security Standard) is a proprietary information security standard administered by the PCI Security Standards Council. As a customer who uses AWS Certificate Manager as part of your infrastructure for the storage, processing and transmission of cardholder data, you can rely on AWS technology infrastructure as you manage your own PCI DSS compliance certification.

ISO (International Standards Organization) compliance ensure that products and services are safe, reliable and of good quality. AWS Certificate manager complies with the following ISO standards. ISO 9001 - a process of documenting and reviewing the structure, responsibilities, and procedures for quality management within an organization. ISO 27001 - a security management standard that specifies best practices and comprehensive security controls. ISO 27017 - a standard that provides guidance on the information security aspects of cloud computing. ISO 27018 - a code of practice that focuses on protection of personal data in the cloud.

AWS SOC (System and Organization Controls) reports are independent third-party examination reports that demonstrate how AWS achieves key compliance controls and objectives. SOC reporting provides customers and users with an independent assessment of AWS' control environment relevant to system security, availability, and confidentiality.

These compliance certifications apply to all AWS Regions where AWS Certificate Manager is available. See the PCI DSS compliance, ISO 9001, 27001, 27017, 27018 certified and SOC 1,2 and 3 compliance websites for more information about each certification and how to include it in your compliance programs.

Visit the ACM website to learn more about ACM.