Compliance Resources

Learn skills and best practices to audit for security in the cloud using a risk-based approach.

View our repository of resources and processes needed to perform compliance responsibilities on AWS.

Essentials and Best Practices

Guides and Workbooks

AISPL User Guide for Government Departments & Agencies in India
Architecting Amazon EKS for PCI DSS Compliance 
Architecting for HIPAA Security and Compliance on Amazon Web Services
Architecting on Amazon ECS for PCI DSS Compliance 
Argentina Personal Data Protection Law Disposition No.11/2006 Workbook
AWS CIS Amazon Web Services Three-tier Web
AWS CIS Foundations Benchmarks
AWS Executive Overview for Banks in India
AWS HKMA Virtual Banking User Guide
AWS PCI 3DS Whitepaper
AWS Private Certificate Authority - Matter PKI Compliance Guide
AWS Response to CACP Information and Communication Technology Sub-Committee
AWS Secure Network Connections
AWS Services and Customer Responsibility Matrix for Alignment to the CSF
AWS User Guide to Banking Regulations & Guidelines in India
AWS User Guide to Canada's Controlled Goods Program (CGP) 
AWS User Guide to the Central Bank of Bahrain Rulebook
AWS User Guide to Financial Services Regulations in Argentina
AWS User Guide to Financial Services Regulations & Guidelines in Australia
AWS User Guide to Financial Services Regulations in Brazil
AWS User Guide to Financial Services Regulations and Guidelines in New Zealand 
AWS User Guide to Financial Services Regulations & Guidelines in Singapore
AWS User Guide to Financial Services Regulations and Guidelines in Switzerland
AWS User Guide to the Hong Kong Insurance Authority on Outsourcing and Use of Internet for Insurance Activities Guidelines
AWS User Guide to the Hong Kong Monetary Authority on Outsourcing and General Principles for Technology Risk Management Supervisory Policy Manuals
AWS User Guide to Support Compliance with North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Standards 
Data Localisation Controls for India
DoD-Compliant Implementations in the AWS Cloud
FERPA Compliance on AWS
Guidance for Trusted Internet Connection (TIC) Readiness on AWS
GxP Systems on AWS
Implications of the Code of Conduct for CISPE
Internal Revenue Service (IRS) Publication 1075 Compliance in AWS
Open Data on AWS 
Navigating Compliance with EU Data Transfer Requirements
Navigating HCLS Regulatory and Compliance Requirements on AWS 
Navigating Hong Kong SFC Compliance on AWS 
Navigating Indonesia Government Regulation No. 71 Considerations on AWS 
Navigating the Israeli Ministry of Health Cloud Computing Circular on AWS 
NERC CIP Standards for BES Cyber System Information on AWS 
NIST Cybersecurity Framework (CSF)
Payment Card Industry Data Security Standard (PCI DSS) 3.2.1on AWS Compliance Guide
Regulation Systems Compliance and Integrity Considerations for the AWS Cloud
Swiss Financial Market Supervisory Authority (FINMA) Circular 2018/3
UK Healthcare and Life Sciences Compliance on AWS 
U.S. Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) Cybersecurity Initiative Workbook
Understanding the ASD’s Cloud Computing Security for Tenants in the Context of AWS
Using AWS in the Context of NCSC UK’s Cloud Security Principles
Using AWS in the Context of UK Healthcare IG SoC Process



Have Questions? Connect with an AWS Business Representative
Exploring compliance roles?
Apply today »
Want AWS Compliance updates?
Follow us on Twitter »