Question #1330
A company's compliance team needs to obtain the latest AWS Service Organization Control (SOC) compliance documentation for audit purposes. Which AWS service or feature should be used to directly access these reports?
AWS Compliance Center
AWS Artifact
AWS Config
AWS Inspector
Explanation
The correct answer is A. AWS Artifact because it is specifically designed to provide on-demand access to AWS compliance reports, such as SOC (Service Organization Control) reports, ISO certifications, and PCI DSS attestations. Compliance teams use AWS Artifact to download the latest audit reports directly for their audits.
Why other options are incorrect:
- B. AWS Config: Focuses on auditing and managing resource configurations, not compliance documentation.
- C. AWS Compliance Center: A resource hub for compliance information but does not host downloadable reports.
- D. AWS Inspector: A security assessment tool for vulnerabilities, unrelated to compliance documentation.
Key Points to Remember:
- AWS Artifact is the centralized service for compliance reports.
- SOC reports are critical for audits and are accessible via AWS Artifact.
- Other services like AWS Config or Inspector serve different security/compliance purposes.
Answer
The correct answer is: A