Common use of Security and Compliance Clause in Contracts

Security and Compliance. AWS Managed Services offers a step-by-step process for extending your security, identity, and compliance perimeter to the cloud, including the critical tasks of Active Directory integration and compliance certification mapping to SOC, PCI, HIPAA, NIST, CIS, ISO and GDPR. Our rigour and controls help to enforce your corporate and security infrastructure policies, and enable you to develop solutions and applications using your preferred development approach. • Accelerate Migration to the Cloud. AWS Managed Services provides an enterprise-ready, proven operating environment, enabling you to migrate production workloads in days versus months. Working with Partners and AWS Professional Services, AMS leverages the minimum viable refactoring approach of making only necessary modifications to your applications to meet security and compliance requirements. AMS then takes responsibility for operating your cloud environment post migration, such as analyzing alerts and responding to incidents, enabling your internal resources to focus on the more strategic areas of your business. • Remove Innovation Barriers. Enterprise DevOps is the convergence of modern development best practices (i.e. DevOps) and existing IT process frameworks (i.e. ITIL ®) to give you speed and agility while maintaining governance, security, and compliance control. AMS enables Enterprise DevOps by packaging AWS IaaS services into a secure, compliant development platform that works with most enterprise workloads – not just cloud-native or heavily refactored workloads. AMS-powered Enterprise DevOps helps your development teams focus on their applications and innovate faster. The key operational benefits include: • Provisioning Management (Automated and Self-Service). AWS Managed Services enables you to deploy your cloud infrastructure quickly and easily, and simplifies the on-demand provisioning of commonly used pre-defined cloud stacks. With an infrastructure framework designed to meet your application needs, comprising of AMS’ automation and integration with your existing ITSM service catalog, it allows you to stand up applications quickly in either test or production environments through a self-service portal. Customers can provision AWS resources on AMS in several ways: 1) submit provisioning and configuration Change Types, 2) deploy AMS-provided security hardened AMIs inclusive of the customer application, 3) deploy full Stacks using CloudFormation templates, 4) deploy via their integrated ITSM, and 5) configure AWS services directly using Self-service Provisioning for select AWS services.

Security and Compliance. AWS Managed Services offers a step-by-step process for extending your security, identity, and compliance perimeter to the cloud, including the critical tasks of Active Directory integration and compliance certification mapping to SOC, PCI, HIPAA, NIST, CIS, ISO and GDPR. Our rigour and controls help to enforce your corporate and security infrastructure policies, and enable you to develop solutions and applications using your preferred development approach. • Accelerate Migration to the Cloud. AWS Managed Services provides an enterprise-ready, proven operating environment, enabling you to migrate production workloads in days versus months. Working with Partners and AWS Professional Services, AMS leverages the minimum viable refactoring approach of making only necessary modifications to your applications to meet security and compliance requirements. AMS then takes responsibility for operating your cloud environment post migration, such as analyzing alerts and responding to incidents, enabling your internal resources to focus on the more strategic areas of your business. • Remove Innovation Barriers. Enterprise DevOps is the convergence of modern development best practices (i.e. DevOps) and existing IT process frameworks (i.e. ITIL ®) to give you speed and agility while maintaining governance, security, and compliance control. AMS enables Enterprise DevOps by packaging AWS IaaS services into a secure, compliant development platform that works with most enterprise workloads – not just cloud-native or heavily refactored workloads. AMS-powered Enterprise DevOps helps your development teams focus on their applications and innovate faster. The key operational benefits include: • Provisioning Management (Automated Monitoring and SelfEvent Management. With AWS Managed Services, your Managed Environment is configured for logging and alerts based on a variety of health checks. AMS monitors, correlates and investigates alerts to detect and resolve incidents proactively. AMS aggregates and stores all operational logs, and customers have full access to CloudWatch, CloudTrail and system logs for full transparency. In addition to AMS’ Preventative Controls, AMS deploys configuration guardrails and Detective Controls to provide ongoing protection for customers from misconfigurations that could reduce the operational and security integrity of the managed accounts, and to enforce customer controls such as tagging and compliance. When a monitored control is detected, an alarm is generated that results in notification, modification, or termination of resources based on pre-Service)defined AMS defaults that can be modified by the customer. • Patch and Continuity Management. AWS Managed Services enables you takes care of all of your infrastructure patching and backup activities to deploy help keep your cloud infrastructure quickly resources current and easilysecure. When updates or patches are released by OS vendors, AMS applies and simplifies the on-demand provisioning of commonly used installs updates to EC2 instances for Supported Operating Systems and software pre-defined cloud stacksinstalled with Supported Operating Systems in a timely and consistent manner to minimize the impact on your business. With an infrastructure framework designed Critical security patches are applied immediately, while others are applied based on the patch schedule you request. AMS offers two models to meet your application needs, comprising of AMS’ automation and integration with your existing ITSM service catalog, it allows you to stand up applications quickly in either test or production environments through a self-service portal. Customers can provision AWS resources on AMS in several waysexecute patching: 1) submit provisioning AMS Standard Patch for traditional account-based patching, and configuration Change Types, 2) deploy AMS Patch Orchestrator, for tag-based patching. AMS will apply all available Updates, but customers can filter or reject updates by creating a custom patch baseline. Backups of stacks are automated using Amazon Elastic Block Store (EBS) and RDS snapshots, and can be restored in the event of a failure or outage, ensuring business continuity. • Availability. AWS Managed Services is hosted in multiple regions worldwide. Each region is a separate geographic area. All components of the AMS service are deployed, validated and operationalized within a region, supporting customers who require full support solely out of one region and supporting their region redundancy plan requirements. AMS offers service commitments for the key aspects of the service, ensuring that you receive a high level of operational service for your AWS infrastructure. • Security and Access Management. AWS Managed Services protects your information assets and helps keep your AWS infrastructure secure. AMS also configures default AWS security capabilities that will be approved by the customer during onboarding, such as Identity Access Management (IAM) roles and EC2 security groups, and uses standard AWS tools (e.g. ▇▇▇▇▇ and GuardDuty) to monitor and respond to security issues removing complexity. Customers manage their users via an approved directory service provided by the customer. • Compliance. AWS Managed Services offers a secure and compliant Landing Zone, and a step-by-step process for extending your security, identity, and compliance perimeter to the cloud. AMS offers compliance certification mapping for SOC, PCI, HIPAA, NIST, CIS, ISO and GDPR. Our rigour and controls help to enforce your corporate and security infrastructure policies, and enable you to develop solutions and applications using your preferred development approach. • Incident Management. AWS Managed Services monitors the overall health of your infrastructure resources, and handles the daily activities of investigating and resolving incidents. AMS proactively notifies customers of Incidents detected by AMS. AMS responds to both customer-submitted and AMS-provided generated Incidents and resolves Incidents based on the Incident priority. Unless otherwise instructed by the customer, Incidents that are determined by AMS to be a risk to the security hardened AMIs inclusive of the customer application, 3) deploy full Stacks using CloudFormation templates, 4) deploy via their integrated ITSM, customer’s Managed Environment and 5) configure Incidents relating to the availability of AMS and other AWS services directly using Self-will be proactively actioned. AMS takes action on all other Incidents once customer authorization is received. Recurring Incidents are addressed by the Problem Management Process. ▇▇▇ performs trend analysis to identify and investigate Problems and to identify the root cause. Problems are remediated either with a workaround or a permanent solution that prevents recurrence of similar future service Provisioning for select AWS servicesimpact.