PiTuKri ISAE 3000 Type II Report


Finland Flag

Amazon Web Services (AWS) has completed the PiTuKri ISAE 3000 Type 2 Report. The International Standard on Assurance Engagements (ISAE) 3000 is a standard which is applied for audits of internal controls, sustainability, and compliance with laws and regulations, and completion of the ISAE 3000 Type 2 Report verifies that AWS’s control environment is appropriately designed and implemented to align with Criteria for Assessing the Information Security of Cloud Services (PiTuKri) requirements. AWS’s alignment with PiTuKri requirements demonstrates our continuous commitment to meeting the heightened expectations for cloud service providers set by Finnish Transport and Communications Agency, Traficom.

The PiTuKri ISAE 3000 Type 2 Report, conducted by an independent third party audit firm, provides Finnish customers with the assurance that AWS’s control environment is appropriately designed and implemented to address security requirements expected from cloud service providers. Additionally, the report provides customers with important guidance on complementary user entity controls (CUECs), which they should consider implementing as part of AWS’s Shared Responsibility Model to help them comply with PiTuKri requirements. Customers can use the AWS’ PiTuKri ISAE 3000 report as a tool to conduct their due diligence on AWS, which may minimize the effort and costs required for compliance. 

Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »