AWS Audit Manager Service

The AWS Audit Manager service is designed to help you assess risk and compliance for your AWS workloads. It works by continuously auditing your service usage to help you prepare for audits.

When your company is getting an audit because you are preparing for a framework—such as

• GDPR,
• the Health Insurance Portability and Accountability Act (HIPAA),
• PCI compliance, or
• SOC 2

you need to gather a lot of evidence and compliance reports. Audit Manager is designed to help with this process.

Key Features & Benefits

• Continuous Auditing: As your organization grows and your activity continues, Audit Manager helps you know whether or not you are still auditable and compliant with your selected frameworks.
• Automated Evidence & Reports: It looks at the framework you want to include in your assessment and generates compliance reports for all your resources, alongside evidence folders.
• Issue Identification: If something is not compliant, the service will tell you and provide action items to resolve the issues.
• Simplifies Compliance: The service helps you continuously audit your usage to simplify how you assess risk and compliance and make sure you can get past framework certifications.

How Audit Manager Works (Look at the diagram below)

The process for using Audit Manager follows these steps:

1. Select the frameworks you want to use for the audit.
2. Define the scope, which includes the accounts, regions, and services you want to cover.
3. The service begins Automated Evidence Collection, continuously gathering evidence across all your resources.
4. You can then look at control reviews or delegate to your resource owners to validate the audits that were performed.
5. In case of any issues, you can identify the root causes.
6. Finally, you can generate reports that are ready for your audits.