# Compliance validation for VM Import/Export Third-party auditors assess the security and compliance of VM Import/Export as part of multiple Amazon compliance programs. These include SOC, PCI, FedRAMP, HIPAA, and others. For a list of Amazon services in scope of specific compliance programs, see [Amazon Services in Scope by Compliance Program](https://aws.amazon.com/compliance/services-in-scope/). For general information, see [Amazon Compliance Programs](https://aws.amazon.com/compliance/programs/). You can download third-party audit reports using Amazon Artifact. For more information, see [Downloading Reports in Amazon Artifact](https://docs.aws.amazon.com/artifact/latest/ug/downloading-documents.html). Your compliance responsibility when using VM Import/Export is determined by the sensitivity of your data, your company's compliance objectives, and applicable laws and regulations. Amazon provides the following resources to help with compliance: + [Security and Compliance Quick Start Guides](https://www.amazonaws.cn/quickstart/?awsf.quickstart-homepage-filter=categories%23security-identity-compliance)[Security and Compliance Quick Start Guides](https://aws.amazon.com/quickstart/?awsf.quickstart-homepage-filter=categories%23security-identity-compliance) – These deployment guides discuss architectural considerations and provide steps for deploying security- and compliance-focused baseline environments on Amazon. + [Architecting for HIPAA Security and Compliance on Amazon Web Services](https://docs.amazonaws.cn/whitepapers/latest/architecting-hipaa-security-and-compliance-on-aws/architecting-hipaa-security-and-compliance-on-aws.html) – This whitepaper describes how companies can use Amazon to run HIPAA-compliant workloads. + [Amazon Compliance Resources](https://aws.amazon.com/compliance/resources/) – This collection of workbooks and guides might apply to your industry and location. + [Evaluating Resources with Rules](https://docs.amazonaws.cn/config/latest/developerguide/evaluate-config.html) in the *Amazon Config Developer Guide* – Amazon Config; assesses how well your resource configurations comply with internal practices, industry guidelines, and regulations. + [Amazon Security Hub CSPM](https://docs.amazonaws.cn/securityhub/latest/userguide/what-is-securityhub.html) – This Amazon service provides a comprehensive view of your security state within Amazon that helps you check your compliance with security industry standards and best practices.