AWS Partner Network (APN) Blog

Announcing the Authority to Operate on AWS Program’s Global Security and Compliance Acceleration Initiative

By Greg Herrmann, Sr. Security Partner Strategist – AWS

Authority to Operate on AWS-1

Complying with industry security and compliance requirements in the cloud can prove time-consuming and laborious for any organization without expert guidance and resources. It can prove even more difficult when those requirements are immature or lack technical specificity.

In 2019, Amazon Web Services (AWS) launched the Authority to Operate (ATO) on AWS partner program to support customers’ abilities to efficiently and effectively meet regulatory, security, and compliance framework requirements for their AWS workloads.

The ATO program has been an overwhelming success, as we have supported more than 300 customer certifications and authorizations, along with over 1,200 customer workshops and engagements since the program’s inception.

Recognizing that AWS maintains customers across the world, we have launched the Global Security and Compliance Acceleration (GSCA) initiative under the ATO on AWS Program banner.

The purpose of this new initiative is to add a global focus to our existing ATO on AWS support mechanisms, with an emphasis on recruiting qualified international AWS Partners to operate and support customers in differing regions.

Delivering Value for Customers Outside the U.S.

For AWS Partners outside of the United States, the new GSCA initiative offers similar support to that of the ATO on AWS Program.

Benefits include, but are not limited to, informal guidance from AWS Security Strategists and Solutions Architects, and free compliance and architecture workshops to identify potential security and compliance gaps in a given workload.

Most importantly, the GSCA initiative will cultivate and make available a community of vetted AWS Partners that have a demonstrated core competency in supporting customers’ attainment of differing security, regulatory, and compliance certifications and authorizations.

Supporting Regulatory and Compliance Frameworks

AWS maintains many international, regional, national, and local security and compliance certifications and authorizations, a list of which can be found on our AWS Compliance page.

The GSCA initiative will support those frameworks as well as others, with the goal of aligning AWS Partners to support virtually any customer with any framework or regulation in a given region or country.

Engaging the AWS Team and GSCA Partners for Support

Customers seeking support can engage our team in multiple ways. You may complete and submit a short online questionnaire which will allow us to review specific information regarding your situation before setting up the initial call.

Alternatively, you may email the AWS team for any GSCA-related questions at

For customers interested in engaging with AWS Partners directly, you may find our complete list and contact information for our partners on our primary ATO on AWS partner page.

Joining the GSCA Initiative

Global partners that are experts in national or regional regulatory and compliance requirements, and meeting them on AWS, are encouraged to join the program by sending an email to, or by reaching out to your AWS account or partner manager.