AWS Security Blog
C5 Type 2 attestation report now available with one new Region and 123 services in scope
Amazon Web Services (AWS) is pleased to announce the issuance of the 2020 Cloud Computing Compliance Controls Catalogue (C5) Type 2 attestation report. We added one new AWS Region (Europe-Milan) and 21 additional services and service features to the scope of the 2020 report.
Germany’s national cybersecurity authority, Bundesamt für Sicherheit in der Informationstechnik (BSI), established C5 to define a reference standard for German cloud security requirements. Customers in Germany and other European countries can use AWS’s attestation report to help them meet local security requirements of the C5 framework.
The C5 Type 2 report covers the time period October 1, 2019, through September 30, 2020. It was issued by an independent third-party attestation organization and assesses the design and the operational effectiveness of AWS’s controls against C5’s basic and additional criteria. This attestation demonstrates our commitment to meet the security expectations for cloud service providers set by the BSI in Germany.
We continue to add new Regions and services to the C5 compliance scope so that you have more services to choose from that meet regulatory and compliance requirements. AWS has added the Europe (Milan) Region and the following 21 services and service features to this year’s C5 scope:
- Amazon AppStream 2.0
- Amazon Chime
- Amazon CloudWatch SDK Metrics for Enterprise Support
- AWS CodePipeline
- Amazon Comprehend Medical
- AWS Control Tower
- AWS Data Exchange
- AWS Elemental MediaConvert
- AWS Elemental MediaLive
- Amazon Forecast
- AWS IoT Events
- Amazon Lex
- AWS License Manager
- Amazon Macie
- Amazon Managed Streaming for Apache Kafka
- AWS Outposts
- AWS Personal Health Dashboard
- Amazon Personalize
- Amazon Quantum Ledger Database (Amazon QLDB)
- Amazon Textract
- Amazon Transcribe
You can see a current list of the services in scope for C5 on the AWS Services in Scope by Compliance Program page. The C5 report and Continuing Operations Letter is available to AWS customers through AWS Artifact. For more information, see Cloud Computing Compliance Controls Catalogue (C5).
If you have feedback about this post, submit comments in the Comments section below.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.