FISMA Moderate for AWS

Our compliance team has been working non-stop to make sure that AWS qualifies for and receives a number of important certifications and accreditations. In the last year or so I have blogged about SAS 70 Type II, FISMA Low, and ISO 27001.

After receiving our FISMA Low level certification and accreditation, we took the next step and started to pursue the far more stringent FISMA Moderate level. This work has been completed and the door is now open for a much wider range of US Government agencies to use AWS as their cloud provider. Based on detailed security baselines established by the National Institute of Standards and Technology (NIST), FISMA Moderate certification and accreditation required us to address an extensive set of security configuration and controls.

We receive requests for many different types of reports and certifications and we are doing our best to prioritize and to respond to as many of them as possible. Please let me know (comments are fine) which certifications would let you make even better use of AWS.

You can read about our security certifications and practices at the AWS Security Center. To learn more about how our team works with agencies of the federal government, visit our Federal Government page.

— Jeff;

Modified 11/03/2020 – In an effort to ensure a great experience, expired links in this post have been updated or removed from the original post.