AWS Security Blog
EU Compliance Update: AWS’s 2017 C5 Assessment
May 22, 2019 update: We’ve removed a reference to the IT-Grundschutz Certification Workbook. AWS now recommends that customers refer to the Cloud Computing Compliance Controls Catalog (C5) instead. Learn more about C5 here: https://aws.amazon.com/compliance/bsi-c5/
AWS has completed its 2017 assessment against the Cloud Computing Compliance Controls Catalog (C5) information security and compliance program. Bundesamt für Sicherheit in der Informationstechnik (BSI)—Germany’s national cybersecurity authority—established C5 to define a reference standard for German cloud security requirements. With C5, customers in German member states can use the work performed under this BSI compliance catalogue to comply with stringent local requirements.
Continuing our commitment to Germany and the AWS European Regions, AWS has added 16 services to this year’s scope:
- Amazon API Gateway
- Amazon CloudFront
- Amazon Cognito
- Amazon Connect
- Amazon Elastic Container Registry
- Amazon Elastic Container Service
- Amazon Elastic File System
- Amazon Kinesis Data Streams
- Amazon S3 Transfer Acceleration
- AWS Directory Service for Microsoft Active Directory
- AWS IoT
- AWS Lambda
- AWS Lambda@Edge
- AWS Shield
- AWS Step Functions
- AWS Systems Manager
The English version of the C5 report is available through AWS Artifact. The German version of the report will be available through AWS Artifact in the coming weeks.
– Oliver