View a markdown version of this page

Glossary - AWS Artifact

Glossary

Term Definition

DDQ

Due Diligence Questionnaire – a structured set of questions used in vendor assessments and security reviews to evaluate an organization's security and compliance posture.

CAIQ

Consensus Assessments Initiative Questionnaire – a standardized due diligence questionnaire published by the Cloud Security Alliance (CSA).

SIG

Standardized Information Gathering questionnaire – a widely used due diligence questionnaire format for assessing third-party vendors.

SOC

System and Organization Controls – a set of audit report types (SOC 1, SOC 2, SOC 3) that evaluate service organizations' controls.

ISO

International Organization for Standardization – a globally recognized body that publishes standards, including ISO 27001 for information security management.

Citation

A reference to a specific statement in a verified AWS compliance document that supports an AI-generated response, allowing independent verification.

IAM

AWS Identity and Access Management – the service used to manage permissions and access to AWS resources, including AWS Artifact features.

Compliance inquiry

A record in Assurance Assistant that contains a submitted question or questionnaire and the AI-generated responses.