AWS Security Assurance Services LLC, a PCI-QSAC (Payment Card Industry-Qualified Security Assessor company) and HITRUST External Assessor Firm, is a team of industry certified assessors, helping you to achieve, maintain, and automate compliance in the cloud by tying together applicable audit standards to AWS service specific features and functionality. We help you build on frameworks such as PCI DSS, HITRUST CSF, NIST, SOC 2, HIPAA, ISO 27001, GDPR, and CCPA.
Compliance Accelerator on AWS
This service offers customers a reduced time to compliance across a variety of frameworks including ISO 27001, NIST, SOC2, SOX, and more.
Cloud Audit Academy
Learn security and auditing concepts when operating in the cloud and specifically on AWS with our instructor-led courses.
PCI on AWS
For existing or migrating workloads requiring PCI DSS, our services provide you with subject matter expertise in pre-assessment activities, advisory, and best practices to accelerate your path to compliance.
HITRUST on AWS
This service offering provides subject matter expertise on HITRUST compliance with AWS services to customers who are planning to deploy production systems requiring HITRUST compliance.
Privacy on AWS
Our senior privacy architects provide you with services to build a privacy enhanced environment to tackle regulations such as GDPR, CCPA, PIPEDA, and more.
HITRUST Validated Assessment with Coalfire
This accelerator program allows customers to achieve Health Information Trust Alliance Certifiable Information Security Framework (HITRUST CSF) Validation up to 50% faster when compared with conventional methods. The program combines deep technical knowledge of AWS Security Assurance Services, LLC (AWS SAS) with Coalfire, a HITRUST External Assessor Organization, to streamline the entirety of the HITRUST Validation lifecycle.
“Air Canada worked with AWS Professional Services and AWS Security Assurance services team on three strategic projects. The teams demonstrated self-sufficiency in being able to understand the high-level goals while taking ownership and driving the project forward with spectacular results in a short time. We are impressed with the team’s intellect, ability to solution, prototype, and execute.”
Suresh Subasinghe, Director of Digital Platform Architecture, Air Canada
“AWS’ approach to helping us understand compliance requirements and prepare for our SOC2 assessment is the best I experienced in terms of deliverables' quality, support provided, and expertise.”
Oussama Benzaouia, Chief Information Security Officer, Teads Technology
"Securing FedRAMP authorization is no small effort. We needed a partner that had deep expertise in FedRAMP compliance and could educate our team on AWS architecture and best practices. AWS Professional Services delivered on this ask and exceeded our expectations."
Matt Lowe, Chief Strategy Officer
PCI DSS v4.0 on AWS Compliance Guide now available
A phased approach towards a complex HITRUST r2 validated assessment
Align Business and IT to achieve and sustain PCI DSS compliance
How to use tokenization to improve data security and reduce audit scope
PCI DSS and AWS Foundational Security Best Practices on AWS
How to Hire and Develop Security Assurance Talent
How to Pass Your Compliance Audit with AWS