Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Amgen has a multi-layered and iterative approach towards assessing, identifying, managing and mitigating risks from cybersecurity threats. The Amgen Technology & Medical Organizations (ATMOS) function is designed to support our productivity, innovation and outreach globally through the quality delivery of information systems, solutions and services for our business and operations. The ATMOS function has a Cybersecurity & Digital Trust (CDT) team that assesses and reduces cybersecurity exposure, including by providing employees with training and resources to identify potential cybersecurity threats and implementing information technology security practices. The CDT team also monitors for cybersecurity threat activity and seeks to mitigate the impact from cybersecurity incidents by deploying information security engineers, system architects, analysts and cybersecurity specialists to provide monitoring, reporting and management of cybersecurity incidents. To evaluate the progress of its activities, our ATMOS function uses various industry and regulatory frameworks as guides to assess the state of the Company’s cybersecurity program maturity and controls, including our organizational, people, physical and technological controls. The CDT team also conducts reviews and evaluations of our cybersecurity resilience program with Amgen’s Cybersecurity & Digital Trust Governance Council (which includes leaders from CDT, Worldwide Compliance and Business Ethics, Regulatory Affairs, Operations, R&D, Global Commercial Operations, Corporate Audit, Law and Business Development functions). Our cybersecurity risk management program is considered by and integrated into our Company-wide Enterprise Risk Management program and shares common methodologies, reporting channels and governance processes that apply across the Enterprise Risk Management program to that of other enterprise level risks (such as product development, safety and surveillance, financial and intellectual property risks). Regular evaluations are conducted of the greatest risks to our business and their underlying risk drivers as well as the associated mitigation activities, maturity and controls. This program is overseen by our Executive Vice President and Chief Financial Officer and guided by the Enterprise Risk Council, a cross-functional group of the Company’s business leaders representing key business functions that is co-chaired by our Chief Audit Executive. The results of the enterprise risk evaluations and the status and operation of the Enterprise Risk Management program are presented to our Board of Directors, which oversees the Company’s enterprise-level risks. Further, our corporate audit function is responsible for assessing risk and testing whether, and the extent to which, our information security policies and practices are being implemented effectively within our business and by third party providers. Findings from such reports and related corrective action plans are shared with our CDT team, Company leadership, and the Audit Committee and Corporate Responsibility and Compliance Committee (CRCC) of our Board of Directors. In addition to leveraging the Company’s own information technology resources, our Incident Response and Cyber Threat Intelligence teams engage, as needed, third-party cybersecurity risk assessors and consultants to assist in recognizing threats, identifying security vulnerabilities and evaluating the impact of cybersecurity attacks and incidents when they occur. On a biennial basis, our ATMOS also engages external third-party experts to assess the Company’s cybersecurity control maturity across the organization and develops plans to address such experts’ recommendations. Our CDT function has processes to oversee and identify the risks of cybersecurity threats associated with third-party service providers and monitors and works to mitigate the impact of cybersecurity incidents encountered by our third-party service providers. Upon becoming aware of cybersecurity incidents encountered by our third-party service providers, the CDT function’s Incident Response and Cyber Threat Intelligence teams are deployed to evaluate and mitigate the impact of such incidents on our business. In connection with our adoption of artificial intelligence (AI) tools in our business, including AI tools customized for our business and a variety of Amgen-built tools for use across applications, the Company established an AI Governance Council composed of cross-functional leadership that oversees the safe adoption of third-party AI services, including by establishing guardrails to reduce risks and allocating resources to provide staff training on the proper use of AI and responsible AI practices. The AI Governance Council is co-sponsored by our Chief Compliance Officer and Senior Vice President, Artificial Intelligence & Data. Despite our layered controls and cybersecurity efforts, the Company and its third-party vendors have experienced cyberattacks and information security vulnerabilities, and while such incidents have not had a material adverse effect on the Company, there can be no assurance that future cybersecurity attacks or incidents would not result in a material adverse effect on our business strategy, results of operations or financial condition. For examples of such matters and a discussion of the risks that we face, see Item 1A. Risk Factors—A breakdown of our information technology systems, cyberattack or information security breach could significantly compromise the confidentiality, integrity and availability of our information technology systems, network-connected control systems and/or our data, interrupt the operation of our business and/or affect our reputation. However, we have not identified risk from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our operations, business strategy, results of operations or financial condition.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	Our cybersecurity risk management program is considered by and integrated into our Company-wide Enterprise Risk Management program and shares common methodologies, reporting channels and governance processes that apply across the Enterprise Risk Management program to that of other enterprise level risks (such as product development, safety and surveillance, financial and intellectual property risks). Regular evaluations are conducted of the greatest risks to our business and their underlying risk drivers as well as the associated mitigation activities, maturity and controls. This program is overseen by our Executive Vice President and Chief Financial Officer and guided by the Enterprise Risk Council, a cross-functional group of the Company’s business leaders representing key business functions that is co-chaired by our Chief Audit Executive. The results of the enterprise risk evaluations and the status and operation of the Enterprise Risk Management program are presented to our Board of Directors, which oversees the Company’s enterprise-level risks.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our Board of Directors oversees an enterprise-wide approach to risk management, including risks related to information systems and cybersecurity, and each Board committee has primary risk oversight responsibilities aligned with its areas of focus. At each regular meeting of the Board, the Board receives and considers reports from each of its committees, and such reports provide additional detail on significant risk management issues as appropriate, including cybersecurity. The CRCC is the committee that has primary oversight responsibility for the Company’s information systems and management of cybersecurity and receives reports from our Senior Vice President and Chief Information Officer (CIO) and Chief Information Security Officer (CISO) that includes reviews of our information systems strategy, technology investments, cybersecurity risks and incidents, and third-party risk management, as well as an annual evaluation of the Company’s cybersecurity status. The Board’s Audit Committee has oversight responsibility of our internal controls, assurances and financial risks. The Audit Committee is provided with copies of materials presented to our CRCC by our CIO and CISO and receives reports from our CIO regarding topics including integration or implementation of new financial systems and key controls and governance designed to address cybersecurity risks associated with the use of such new financial systems.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our management team, including our CIO and CISO, supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents through various means, which may include briefings from internal information security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the information systems environment.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The Audit Committee is provided with copies of materials presented to our CRCC by our CIO and CISO and receives reports from our CIO regarding topics including integration or implementation of new financial systems and key controls and governance designed to address cybersecurity risks associated with the use of such new financial systems. Our management team, including our CIO and CISO, supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents through various means, which may include briefings from internal information security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the information systems environment. Our CISO, who heads our CDT team and is accountable for the Company’s cybersecurity risk management program, joined the Company’s information systems organization in 2016, is a Certified Information Systems Security Professional and is certified in risk and information systems control.
Cybersecurity Risk Role of Management [Text Block]	Our management team, including our CIO and CISO, supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents through various means, which may include briefings from internal information security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the information systems environment. Our CISO, who heads our CDT team and is accountable for the Company’s cybersecurity risk management program, joined the Company’s information systems organization in 2016, is a Certified Information Systems Security Professional and is certified in risk and information systems control. Previously, our CISO served in both leadership and operational positions as a cybersecurity professional in the U.S. government and was a cybersecurity consultant, providing a wide range of cybersecurity services to various U.S. government agencies and departments. Our CISO is overseen by our CIO, who has 27 years of experience in information systems (including over 14 years at the Company and more than 6 years as a senior technology executive outside of Amgen), and holds a Computer Information Systems B.S. and an Information Technology Management MBA. Our Executive Vice President and Chief Technology Officer (CTO) leads our ATMOS function and oversees our CIO. As leaders of the Technology and CDT functions within ATMOS, respectively, the Company’s CIO and CISO are informed about and monitor significant cybersecurity threats and incidents through the Company’s internal cybersecurity reporting structure. Our CDT team is responsible for monitoring and detecting cybersecurity threats and incidents. Our CDT team, overseen by our CISO, is also responsible for the mitigation and remediation of cybersecurity incidents. When members of the CDT team detect a cybersecurity threat or incident or are made aware of a cybersecurity incident encountered by a third-party service provider, the discovery is communicated to the Incident Response team, which includes our CISO and other senior members of the CDT function. The Incident Response team evaluates the severity of the cybersecurity threat or incident and shares its findings with our CISO. Our CISO and/or his senior team leaders, in addition to our CIO and CTO, also provide regular reports to executives leading our Finance, Compliance, Law and Human Resources functions on potentially significant cybersecurity incidents and the progress made towards mitigation and remediation of those incidents. These leaders oversee reporting to our CRCC and Audit Committee, and reporting of such cybersecurity incidents is included in the course of regular meetings of such committees. Additionally, in appropriate circumstances, reporting of potentially significant cybersecurity incidents is made directly to the leaders of our CRCC and Audit Committee or directly to the Board of Directors outside of their regular meeting schedule. Further, in support of our internal controls, our CISO also reviews cybersecurity matters and trends with our Accounting and Law functions at least on a quarterly basis.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Our CISO, who heads our CDT team and is accountable for the Company’s cybersecurity risk management program, joined the Company’s information systems organization in 2016, is a Certified Information Systems Security Professional and is certified in risk and information systems control. Previously, our CISO served in both leadership and operational positions as a cybersecurity professional in the U.S. government and was a cybersecurity consultant, providing a wide range of cybersecurity services to various U.S. government agencies and departments.
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our CISO is overseen by our CIO, who has 27 years of experience in information systems (including over 14 years at the Company and more than 6 years as a senior technology executive outside of Amgen), and holds a Computer Information Systems B.S. and an Information Technology Management MBA.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	Additionally, in appropriate circumstances, reporting of potentially significant cybersecurity incidents is made directly to the leaders of our CRCC and Audit Committee or directly to the Board of Directors outside of their regular meeting schedule. Further, in support of our internal controls, our CISO also reviews cybersecurity matters and trends with our Accounting and Law functions at least on a quarterly basis.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Dec. 31, 2024

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Amgen has a multi-layered and iterative approach towards assessing, identifying, managing and mitigating risks from cybersecurity threats. The Amgen Technology & Medical Organizations (ATMOS) function is designed to support our productivity, innovation and outreach globally through the quality delivery of information systems, solutions and services for our business and operations. The ATMOS function has a Cybersecurity & Digital Trust (CDT) team that assesses and reduces cybersecurity exposure, including by providing employees with training and resources to identify potential cybersecurity threats and implementing information technology security practices. The CDT team also monitors for cybersecurity threat activity and seeks to mitigate the impact from cybersecurity incidents by deploying information security engineers, system architects, analysts and cybersecurity specialists to provide monitoring, reporting and management of cybersecurity incidents.

To evaluate the progress of its activities, our ATMOS function uses various industry and regulatory frameworks as guides to assess the state of the Company’s cybersecurity program maturity and controls, including our organizational, people, physical and technological controls. The CDT team also conducts reviews and evaluations of our cybersecurity resilience program with Amgen’s Cybersecurity & Digital Trust Governance Council (which includes leaders from CDT, Worldwide Compliance and Business Ethics, Regulatory Affairs, Operations, R&D, Global Commercial Operations, Corporate Audit, Law and Business Development functions).

Our cybersecurity risk management program is considered by and integrated into our Company-wide Enterprise Risk Management program and shares common methodologies, reporting channels and governance processes that apply across the Enterprise Risk Management program to that of other enterprise level risks (such as product development, safety and surveillance, financial and intellectual property risks). Regular evaluations are conducted of the greatest risks to our business and their underlying risk drivers as well as the associated mitigation activities, maturity and controls. This program is overseen by our Executive Vice President and Chief Financial Officer and guided by the Enterprise Risk Council, a cross-functional group of the Company’s business leaders representing key business functions that is co-chaired by our Chief Audit Executive. The results of the enterprise risk evaluations and the status and operation of the Enterprise Risk Management program are presented to our Board of Directors, which oversees the Company’s enterprise-level risks.

Further, our corporate audit function is responsible for assessing risk and testing whether, and the extent to which, our information security policies and practices are being implemented effectively within our business and by third party providers. Findings from such reports and related corrective action plans are shared with our CDT team, Company leadership, and the Audit Committee and Corporate Responsibility and Compliance Committee (CRCC) of our Board of Directors.

In addition to leveraging the Company’s own information technology resources, our Incident Response and Cyber Threat Intelligence teams engage, as needed, third-party cybersecurity risk assessors and consultants to assist in recognizing threats, identifying security vulnerabilities and evaluating the impact of cybersecurity attacks and incidents when they occur. On a biennial basis, our ATMOS also engages external third-party experts to assess the Company’s cybersecurity control maturity across the organization and develops plans to address such experts’ recommendations.

Our CDT function has processes to oversee and identify the risks of cybersecurity threats associated with third-party service providers and monitors and works to mitigate the impact of cybersecurity incidents encountered by our third-party service providers. Upon becoming aware of cybersecurity incidents encountered by our third-party service providers, the CDT function’s Incident Response and Cyber Threat Intelligence teams are deployed to evaluate and mitigate the impact of such incidents on our business.

In connection with our adoption of artificial intelligence (AI) tools in our business, including AI tools customized for our business and a variety of Amgen-built tools for use across applications, the Company established an AI Governance Council composed of cross-functional leadership that oversees the safe adoption of third-party AI services, including by establishing guardrails to reduce risks and allocating resources to provide staff training on the proper use of AI and responsible AI practices. The AI Governance Council is co-sponsored by our Chief Compliance Officer and Senior Vice President, Artificial Intelligence & Data.

Despite our layered controls and cybersecurity efforts, the Company and its third-party vendors have experienced cyberattacks and information security vulnerabilities, and while such incidents have not had a material adverse effect on the Company, there can be no assurance that future cybersecurity attacks or incidents would not result in a material adverse effect on our business strategy, results of operations or financial condition. For examples of such matters and a discussion of the risks that we face, see Item 1A. Risk Factors—A breakdown of our information technology systems, cyberattack or information security breach could significantly compromise the confidentiality, integrity and availability of our information technology systems, network-connected control systems and/or our data, interrupt the operation of our business and/or affect our reputation. However, we have not identified risk from known cybersecurity threats, including as a result of any prior cybersecurity incidents, that have materially affected or are reasonably likely to materially affect us, including our operations, business strategy, results of operations or financial condition.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Our Board of Directors oversees an enterprise-wide approach to risk management, including risks related to information systems and cybersecurity, and each Board committee has primary risk oversight responsibilities aligned with its areas of focus. At each regular meeting of the Board, the Board receives and considers reports from each of its committees, and such reports provide additional detail on significant risk management issues as appropriate, including cybersecurity. The CRCC is the committee that has primary oversight responsibility for the Company’s information systems and management of cybersecurity and receives reports from our Senior Vice President and Chief Information Officer (CIO) and Chief Information Security Officer (CISO) that includes reviews of our information systems strategy, technology investments, cybersecurity risks and incidents, and third-party risk management, as well as an annual evaluation of the Company’s cybersecurity status. The Board’s Audit Committee has oversight responsibility of our internal controls, assurances and financial risks. The Audit Committee is provided with copies of materials presented to our CRCC by our CIO and CISO and receives reports from our CIO regarding topics including integration or implementation of new financial systems and key controls and governance designed to address cybersecurity risks associated with the use of such new financial systems.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Our management team, including our CIO and CISO, supervises efforts to prevent, detect, mitigate and remediate cybersecurity risks and incidents through various means, which may include briefings from internal information security personnel; threat intelligence and other information obtained from governmental, public or private sources, including external consultants engaged by us; and alerts and reports produced by security tools deployed in the information systems environment.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The Audit Committee is provided with copies of materials presented to our CRCC by our CIO and CISO and receives reports from our CIO regarding topics including integration or implementation of new financial systems and key controls and governance designed to address cybersecurity risks associated with the use of such new financial systems.

Cybersecurity Risk Role of Management [Text Block]

Our CISO, who heads our CDT team and is accountable for the Company’s cybersecurity risk management program, joined the Company’s information systems organization in 2016, is a Certified Information Systems Security Professional and is certified in risk and information systems control. Previously, our CISO served in both leadership and operational positions as a cybersecurity professional in the U.S. government and was a cybersecurity consultant, providing a wide range of cybersecurity services to various U.S. government agencies and departments. Our CISO is overseen by our CIO, who has 27 years of experience in information systems (including over 14 years at the Company and more than 6 years as a senior technology executive outside of Amgen), and holds a Computer Information Systems B.S. and an Information Technology Management MBA. Our Executive Vice President and Chief Technology Officer (CTO) leads our ATMOS function and oversees our CIO.

As leaders of the Technology and CDT functions within ATMOS, respectively, the Company’s CIO and CISO are informed about and monitor significant cybersecurity threats and incidents through the Company’s internal cybersecurity reporting structure. Our CDT team is responsible for monitoring and detecting cybersecurity threats and incidents. Our CDT team, overseen by our CISO, is also responsible for the mitigation and remediation of cybersecurity incidents. When members of the CDT team detect a cybersecurity threat or incident or are made aware of a cybersecurity incident encountered by a third-party service provider, the discovery is communicated to the Incident Response team, which includes our CISO and other senior members of the CDT function. The Incident Response team evaluates the severity of the cybersecurity threat or incident and shares its findings with our CISO.

Our CISO and/or his senior team leaders, in addition to our CIO and CTO, also provide regular reports to executives leading our Finance, Compliance, Law and Human Resources functions on potentially significant cybersecurity incidents and the progress made towards mitigation and remediation of those incidents. These leaders oversee reporting to our CRCC and Audit Committee, and reporting of such cybersecurity incidents is included in the course of regular meetings of such committees. Additionally, in appropriate circumstances, reporting of potentially significant cybersecurity incidents is made directly to the leaders of our CRCC and Audit Committee or directly to the Board of Directors outside of their regular meeting schedule. Further, in support of our internal controls, our CISO also reviews cybersecurity matters and trends with our Accounting and Law functions at least on a quarterly basis.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Our CISO is overseen by our CIO, who has 27 years of experience in information systems (including over 14 years at the Company and more than 6 years as a senior technology executive outside of Amgen), and holds a Computer Information Systems B.S. and an Information Technology Management MBA.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

Additionally, in appropriate circumstances, reporting of potentially significant cybersecurity incidents is made directly to the leaders of our CRCC and Audit Committee or directly to the Board of Directors outside of their regular meeting schedule. Further, in support of our internal controls, our CISO also reviews cybersecurity matters and trends with our Accounting and Law functions at least on a quarterly basis.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true