ISO/IEC 27018:2019 Compliance

Alignment demonstrates to customers that AWS has a system of controls in place that specifically address the privacy protection of their content. AWS' alignment with and independent third-party assessment of this internationally recognized code of practice demonstrates AWS' commitment to the privacy and protection of customers' content.

The covered AWS Regions that are in scope can be found on the AWS ISO/IEC 27018:2019 certification.

Yes, AWS maintains the high bar of data protection and privacy controls outlined in ISO/IEC 27018:2019 for all customer content, regardless of whether or not any particular data is PII.

ISO/IEC 27018:2019 along with many other economic, environmental and social standards are available on the ISO website. ISO has made the decision to copyright these standards in an effort to help fund the processes leading to development.

EY CertifyPoint, an ISO certifying agent accredited by the Dutch Accreditation Council, a member of the International Accreditation Forum (IAF). Certificates issued by EY CertifyPoint are recognized as valid certificates in all countries with an IAF member.

The covered AWS services that are already in scope for ISO/IEC 27018:2019 can be found on ISO Certified. If you would like to learn more about using these services and/or have interest in other services please contact us.