What is AWS Artifact?
AWS Artifact is a free repository for compliance-related information. It includes third party reports from the following regulators and and security standards organisations:
- ISO 27001
- Payment Card Industry Security Standards Council
- C5 (Cloud Computing Compliance Controls Catalog)
- IRAP (Information Security Registered Assessors Program)
- AICPA SOC (American Institute of Certified Public Accountants System and Organization Controls)
- FedRAMP (The Federal Risk and Authorization Management Program)
In AWS Artifact you can review, accept, and track the status of AWS agreements such as the Business Associate Addendum (BAA).
Why is AWS Artifact Useful?
- hold artifacts which demonstrate to auditors or regulators the compliance of your cloud architectures during system design, development and audit life cycles
- hold audit artifacts to validate that your AWS implemented controls are operating effectively.
- continuously monitoring your suppliers.
- act as a repository for compliance requirements