OfficeWork Software hosts client applications through the Amazon Web Service (AWS) infrastructure. AWS participates in the voluntary CSA Security, Trust & Assurance Registry (STAR) Self-Assessment to document their compliance with CSA-published best practices. AWS publishes their completed CSA Consensus Assessments Initiative Questionnaire(CAIQ) on the AWS website.

CAIQ Control Domains and Data Center Security Policies

  • DCS-01: Asset Management - Asset Management Policy (Internal Assets), See AWS CSA Compliance section below for data center assets
  • DCS-02: Controlled Access Points - See AWS CSA Compliance section below
  • DCS-03: Equipment Identification - See AWS CSA Compliance section below
  • DCS-04: Offsite Authorization - See AWS CSA Compliance section below
  • DCS-05: Offsite Equipment - See AWS CSA Compliance section below
  • DCS-06: Policy - See AWS CSA Compliance section below
  • DCS-07: Secure Area Authorization - See AWS CSA Compliance section below
  • DCS-08: Unauthorized Persons Entry - See AWS CSA Compliance section below
  • DCS-09: User Access - See AWS CSA Compliance section below

AWS CSA Compliance