AWS Announces PiTuKri Type II Attestation Report for Cloud Services

PiTuKri Type II Attestation Explained Clearly

Introduction

Amazon Web Services (AWS) has received the PiTuKri Type II attestation report, covering 179 AWS services. This certification, issued by an independent third-party audit firm, verifies that AWS meets the Criteria to Assess the Information Security of Cloud Services (PiTuKri) standards.

Developed by the Finnish Transport and Communications Agency (Traficom) Cyber Security Centre, PiTuKri provides 52 security criteria across 11 domains to evaluate cloud service providers. By obtaining this attestation, AWS demonstrates its commitment to cloud security and regulatory compliance.

The latest PiTuKri report covers October 1, 2023, to September 30, 2024, and includes 10 new AWS services in scope.

The latest report covers a 12-month period from October 1, 2023, to September 30, 2024. AWS has added the following 10 services to the current PiTuKri scope:

New Services in PiTuKri Scope

AWS has expanded its PiTuKri Type II compliance to include the following services:

1. Amazon DataZone
2. AWS Entity Resolution
3. AWS Mainframe Modernization
4. AWS Payment Cryptography
5. Amazon Q Business
6. Amazon Q Developer
7. Amazon Application Recovery Controller
8. Amazon Security Lake
9. AWS Verified Access
10. Amazon WorkSpaces Thin Client

By continuously adding new services to its compliance programs, AWS ensures that businesses can securely operate in regulated industries while meeting their architectural and security needs.

Understanding PiTuKri Type II Compliance

PiTuKri Type II attestation is a critical benchmark for cloud security assurance. It evaluates whether a cloud provider’s security controls are effectively designed and operating as intended over a specified period. This certification gives businesses confidence in AWS’s ability to protect sensitive data and adhere to industry security standards.

For organizations operating in sectors that require strict regulatory compliance, such as finance, healthcare, and government, PiTuKri Type II attestation provides essential risk mitigation and data security assurances.

Where to Access the PiTuKri Report

Customers looking to review the PiTuKri Type II attestation report can find it on AWS Artifact, a service that provides access to AWS compliance reports. For a complete list of services covered under this attestation, visit:

– AWS Compliance Programs

– AWS Services in Scope for PiTuKri

For further inquiries, AWS customers can contact their AWS account team to better understand how this attestation aligns with their security and compliance needs.

Conclusion

Cloud compliance is essential for businesses relying on cloud services to store, process, and protect sensitive data. AWS’s PiTuKri Type II attestation ensures that organizations can confidently build and operate within a secure cloud environment.

At Cloudastra, we help businesses navigate cloud security complexities and achieve regulatory compliance efficiently. Our expertise ensures that organizations can leverage AWS’s compliance capabilities while meeting their unique security and operational requirements.

Moreover, AWS continues to expand its compliance certifications, recently achieving the FINMA Type II attestation report for 179 services in scope. These efforts reinforce AWS’s commitment to enhancing cloud security standards globally.

For more details, visit AWS Compliance Programs or reach out to the AWS Compliance team for further support.

Do you like to read more educational content? Read our blogs at Cloudastra Technologies or contact us for business enquiry at Cloudastra Contact Us.