Migration specialists, Amazon Web Services (AWS)
August 2019 (document history)
The security, risk, and compliance workstream defines a structured approach to help you operationalize your organization’s security obligations in the Amazon Web Services (AWS) shared responsibility model. This workstream enables foundational security, risk, and compliance capabilities that will accelerate your readiness and planning for a migration project. The delivery approach is built on the AWS Cloud Adoption Framework (AWS CAF) security perspective. This guide provides more detailed guidance for security teams that are preparing for a migration of business workloads to AWS.
For more information about the security, risk, and compliance workstream as it relates to cloud migrations, see Mobilize your organization to accelerate large-scale migrations. For more information about AWS CAF, see the AWS whitepaper An Overview of the AWS Cloud Adoption Framework.
The following business outcomes are associated with the security, risk, and compliance workstream:
A control environment that meets or exceeds the control capabilities of your legacy environment
Continuous compliance, continuous assurance, and continuous monitoring of infrastructure and application changes within your AWS environment
Guardrails to allow innovation and to assure a security baseline without requiring manual security reviews
Automated incident response for anomalies or deviations from your security baseline
https://docs.aws.amazon.com/prescriptive-guidance/latest/migration-security/welcome.html
