CCN STIC Products and Services Catalog (CPSTIC)
Amazon Web Services (AWS) has certified seven security services in the Spanish National Cryptologic Center (CCN) STIC Products and Services Catalogue (CPSTIC). Achieving this accreditation demonstrates that AWS can securely serve the Public Administration, as well as companies and organizations of strategic interest in Spain. AWS worked with an independent third-party auditor to achieve the qualification.
What is the CCN STIC Products and Services Catalogue (CPSTIC)?
The CPSTIC is a list of products verified by the CCN. This catalogue includes products approved for handling classified national information and qualified ICT security products for use in the High category of the Spanish National Security Framework (ENS).
What is the benefit of this qualification?
CPSTIC provides the necessary cybersecurity assurance for the Public Administration, as well as companies and organizations of strategic interest in Spain who wish to host their workloads in the cloud.
Which AWS Services are in scope of the qualification?
The covered AWS services that are within the scope of the CPSTIC can be found within AWS Services in Scope by Compliance Program. If you would like to learn more about using these services and/or have interest in other services please contact us.
What regions are in scope of the CPSTIC?
The CPSTIC applies to all regions where certified services are available.
How often does the CPSTIC certification audit take place?
The verification audit takes place every five years, with a delta assessment if the qualified product undergoes significant modifications in the meantime.