SOC for AWS

With the growing migration to cloud hosting, many companies are operating their systems on Amazon Web Services (AWS). AWS provides a comprehensive set of cloud services for information technology professionals to build, deploy, and manage their applications. AWS has a vast network of secure and redundant data centers that help ensure the safety of their data. Additionally, AWS has undergone SOC audits that demonstrate to their clients and investors that their infrastructure is completely secure. While this makes AWS SOC compliant, the audit does not extend to their cloud customers. This is where an experienced independent third-party, like TrustNet, becomes of value.

DOES AWS' SOC REPORT MAKE YOU SOC COMPLIANT?
No. Even though your services are built with AWS, your organization has not gone through a SOC audit. When undertaking a SOC audit, the majority of the audit must be passed by the cloud customer. The cloud customer is responsible for implementing administrative policies and internal security controls. TrustNet, a leading provider of SOC 2 audits, has extensive knowledge and experience in assisting companies operating in the AWS cloud environment.
WHAT PARTS OF YOUR SOC AUDIT ARE COVERED BY AWS?
Parts of your audit are covered through what is commonly known as “a carve-out.” AWS is responsible for some of the controls that will meet SOC 2 criteria, such as physical compliance safeguards. Your business however will need to go through the rest of the audit for you to be SOC compliant.
WHAT WILL A SOC AUDIT COST ME?

Since you have used AWS for part of your controls, you will have fewer controls to comply with. Additionally, you may be able to “carve-out” additional controls based on your service providers, thereby reducing your total number of controls that need to be audited.

TrustNet offers premium pricing for companies utilizing AWS. Please refer to the SOC pricing page for additional pricing information.

TrustNet provides the expertise and services to speed up the time it takes to gather the appropriate controls and to provide a SOC audit report. TrustNet’s multi-pronged approach allows companies to pass through the SOC audit with ease. By providing both the Readiness Assessment and SOC Audit, TrustNet can help a company from start to finish with their SOC Compliance needs.

Our Clients