When does AWS release new SOC reports, and how can I download the latest report using AWS Artifact?

Last updated: 2020-05-06

I want access to the latest AWS System and Organization Controls (SOC) reports. The SOC reporting period isn't current. When are new SOC reports going to be available?

Short Description

SOC reports are audits performed over a time period and don't expire. AWS auditors perform SOC audits twice a year over a period of 6 months: Oct 1–Mar 31 and Apr 1–Sept 30. When the audit period is over, AWS auditors prepare the audit report and release the report in May and November. You can also download the SOC Continued Operations Letter, which states that AWS continues to maintain the security controls and system environment audited and described in the latest SOC reports.

Note: AWS publishes a Continued Operations Letter SOC report instead of a bridge or gap letter. For more information, see Compliance Reports.

Resolution

To access SOC 1 and 2 reports and the Continued Operations Letter, see Downloading Reports in AWS Artifact. If you can't download the SOC reports or Continued Operations Letter, see Tips to troubleshoot common issues.

Note: The SOC 3 report is publicly available as a whitepaper. For more information and to download, see the AWS SOC 3 section in AWS System and Organization Controls (SOC) Reports FAQs.

Important: Share AWS Artifact documents only with those you trust. AWS Artifact reports have a unique, traceable watermark that's specific to you. Don't email reports or share them online. Instead, use a secure authenticated sharing service with auditing capabilities, such as Amazon WorkDocs.