We’re excited to announce the addition of 12 new services in scope under our latest System and Organizational Controls (SOC) audit cycle, for a total of 116 total services in scope. In addition to the new services, AWS has also expanded the list of controls covered within the reports to include more controls over employee screening procedures and new Region risk assessments.
Here are the 12 new services in scope (followed by their SDK names):
- Amazon AppStream 2.0 (appstream)
- AWS Control Tower (controltower)
- AWS CodePipeline (codepipeline)
- Amazon Personalize (personalize)
- Amazon Managed Streaming for Kafka (kafka)
- Amazon Comprehend Medical (comprehendmedical)
- AWS IoT Events (iotevents)
- Amazon Lex (runtime.lex and models.lex)
- AWS License Manager (license-manager)
- Amazon Forecast (amazonforecast)
- Amazon CloudWatch SDK Metrics for Enterprise Support (sdkmetrics)
- Amazon Transcribe (transcribe)
As always, my team strives to bring services into the scope of our compliance programs based on your architectural and regulatory needs. Please reach out to your AWS representatives to let us know what additional services you would like to see in scope across any of our compliance programs.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.
from AWS Security Blog: https://aws.amazon.com/blogs/security/fall-2019-soc-reports-now-available-with-116-services-in-scope/