What are the 'affiliates' referred to in the ISO/IEC 27001:2013 certificate?


Dear all:

In our process of getting ISO 27001 certified, our auditor asked the following: 'Whilst we can see Amazon inc is ISO 27001 and 27017 certified we get invoiced by AWS EMEA Sarl. This requires clarification.'

I found the ISO 27001:2013 certificate at https://d1.awsstatic.com/certifications/iso_27001_global_certification.pdf. It states that 'Amazon Web Services, Inc. and its affiliates (collectively referred to as Amazon Web Services (AWS)) are compliant with the requirements as stated in the standard: ISO/IEC 27001:2013'

I have not been able to find what affiliates refers to. How does AWS EMEA Sarl fit within this certificate?

Edit: Based on the suggestion of Feng_C, I have asked the affiliate program, but received no reply unfortunately. Anybody else suggestions?

Thanking you in advance!

已提問 10 個月前檢視次數 200 次
1 個回答

Hi, I would suggest to contact the compliance team with this form https://aws.amazon.com/contact-us/compliance-support/.

profile pictureAWS
已回答 10 個月前
  • Weird... I thought I answered your reply just about directly after you posted it. It read something along the lines of 'thank you, I'll try directly'. Which I did.

    Unfortunately, I have had no reply from the compliance support. Are there any other avenues?

  • Sorry for the late reply. In that case, please also raise a support case through your AWS console.

  • Thank you for replying again! Will try it immediately!

    Sincerely, H.

您尚未登入。 登入 去張貼答案。