Best practices for effective questions
Well-formed questions produce the most relevant and complete responses. The guidance below helps you get the most value from Assurance Assistant.
Frame questions with the shared responsibility model in mind
AWS operates under a Shared Responsibility Model: AWS is responsible for security of the cloud; customers are responsible for security in the cloud.
Frame your questions to clearly distinguish what you are asking about AWS's responsibilities versus your own responsibilities as a customer. Assurance Assistant addresses what AWS does – its security controls, compliance posture, and operational practices. Questions about customer-side implementation are outside its scope.
Interpret responses with the same lens: a response describes what AWS does and is responsible for. Your organization remains responsible for the controls you implement on top of AWS services.
Make each question self-contained
Assurance Assistant treats each question independently. To ensure you receive the most complete and accurate response:
-
Make each question atomic and complete – include all context needed for a full, standalone answer within the question itself.
-
Do not rely on context from previous or subsequent questions. There is no carry-over of information between questions.
-
Include the relevant AWS service name, compliance framework, or specific control area directly in the question.
Tips for high-quality responses
-
Be specific and include relevant context – Name the AWS service, security control, or compliance standard. For example: "How does Amazon S3 encrypt data at rest?" rather than "How is data encrypted?"
-
Ask one clear question at a time – Avoid compound or multi-part questions within a single submission.
-
Use industry-standard terminology – Where possible, align your phrasing with common compliance vocabulary to improve matching.
-
For bulk uploads – Ensure each row in your XLSX file contains a complete, clearly articulated question.
Additional resources
The following resources provide additional context and support for using AWS Artifact and related compliance tools:
-
AWS Artifact console
– Access Assurance Assistant and all AWS Artifact features. -
What is AWS Artifact? – Overview of the AWS Artifact service.
-
AWS Shared Responsibility Model
– Understand the division of responsibilities between AWS and customers. -
AWS Compliance Programs
– Browse the full list of AWS compliance certifications and attestations. -
AWS Services in Scope by Compliance Program – Check which AWS services are in scope for specific compliance programs.
-
AWS Support
– Contact AWS for additional support through your existing support plan.