AWS Security Assurance Services LLC, a PCI-QSAC (Payment Card Industry-Qualified Security Assessor company) and HITRUST External Assessor Firm, is a team of industry certified assessors, helping you to achieve, maintain, and automate compliance in the cloud by tying together applicable audit standards to AWS service specific features and functionality. We help you build on frameworks such as PCI DSS, HITRUST CSF, NIST, SOC 2, HIPAA, ISO 27001, GDPR, and CCPA.
PCI DSS on AWS - Discovery Workshop
For new application development or migrations requiring PCI DSS compliance, this one-day engagement provides you with key concepts, best practices, and available AWS and partners solutions.
PCI DSS on AWS - Implementing Compliant Architectures
For existing system deployments requiring PCI DSS compliance, this engagement provides you with subject matter expertise in pre-assement activities and requirements including administrative, technical, and physical control activities.
PCI DSS on AWS - Advisory
For sensitive workload migrations, requiring infrastructure security assisstance, this engagement provides an ad-hoc assisstance, on or offsite, to provide proper proof and evidentiary artifacts to your external auditor.
For existing system deployments requiring HITRUST compliance, this engagement assists you with requirements including adminstrative, technical, and physical control activities.
Cloud Audit Academy
To reduce time-to-market for compliance workloads in the cloud, this hands-on one-day workshop provides you with learnings on foundational audit concepts.
AWS Privacy by Design
Learn the AWS Shared Responsibility Model for Data Privacy and how to leverage AWS services to help manage data privacy compliance in this immersive workshop.
“Air Canada worked with AWS Professional Services and AWS Security Assurance services team on three strategic projects. The teams demonstrated self-sufficiency in being able to understand the high-level goals while taking ownership and driving the project forward with spectacular results in a short time. We are impressed with the team’s intellect, ability to solution, prototype, and execute.”
Suresh Subasinghe, Director of Digital Platform Architecture, Air Canada
How to use tokenization to improve data security and reduce audit scope