Introducing AWS Audit Manager:
An Automation Service for Auditing and Compliance Reporting
One of the advantages of the AWS cloud is that it has built-in compliance controls for almost
every industry. But until recently, compliance-driven organizations that leveraged the AWS
cloud had to manually crawl their networks, comparing current state to last approved state
and their compliance requirements during auditing season to ensure their programs were up to
standard. This time-consuming process could take weeks of staff time and involve intensive
ongoing record-keeping, which distracted from the organizational mission.
The solution? AWS Audit Manager.
AWS Audit Manager is a new automation service in the AWS cloud toolkit that helps you meet –
and now automate – the security controls you need to remain compliant. With AWS Audit
Manager, tracking and reporting compliance controls is faster, more efficient, and more
accurate. It is also ongoing – so your organization knows they are up to standard all year,
not just during an audit.
As one of only a handful of organizations chosen as a beta partner for AWS Audit Manager,
Smartronix is here to support your adoption of this new offering. What can AWS Audit Manager
do for your company? Let’s find out.
AWS Audit Manager Automates Compliance
AWS Audit Manager is a cloud service that automates the collection of evidence to help your
organization more easily meet compliance audits.
How does it work? AWS Audit Manager automatically collects evidence from your cloud service
usage, including configurations, event logs, and findings. Rather than spending weeks of
time manually sorting through controls, the AWS Audit Manager service maps your resources
onto custom and pre-existing compliance frameworks. The built-in frameworks make it easy to
translate evidence from your system into audit-ready assessment reports.
Any organization with compliance needs can rely on AWS Audit Manager, including Government
agencies, financial and security companies, and healthcare organizations. AWS Audit
Manager's current out-of-the-box frameworks include:
- The Payment Card Industry Data Security Standard (PCI
DSS) v3.2.1
- The Health Information Trust Alliance Common Security
Framework (HITRUST CSF) v9.4 - Level 1
- The General Data Protection Regulation (GDPR)
- The Health Insurance Portability and Accountability Act
(HIPAA)
- The Service Organization Control 2 (SOC2)
- Federal Risk and Authorization Management Program
(FedRAMP) Moderate Baseline
- Center for Internet Security (CIS) Benchmark for
CIS
Amazon Web Services Foundations Benchmark, v1.2.0, Level 1 and 2
- The Good Practice Quality Guideline (GxP) 21 CFR
Part
11
Saving Time with Built-In and Customizable Solutions
Using AWS Audit Manager is easy. Users simply define the scope and goals of their project
and select a prebuilt compliance framework from AWS or its partners. From there, the service
takes over the hard work of gathering evidence, compiling data, and generating reports that
you can use to conduct a review of your cloud workloads. AWS Audit Manager's process is
customizable and includes a dashboard so you can track your compliance all year.
Alongside out-of-the-box compliance frameworks for common auditing and compliance needs, AWS
Audit Manager provides options for customizable frameworks and controls defined by
individual users to meet their unique business requirements. It also allows you to document
exceptions quickly and easily. For example, if you have a third-party audit requirement, the
AWS Audit Manager service will help prepare you by identifying any non-compliant cloud
service provider settings before they are found in an audit; a great way to support
continuous monitoring activities.
Smartronix and AWS Audit Manager: Partners in Efficiency
As the only tool of its kind on the market, AWS Audit Manager is changing the way
organizations think about compliance in the era of cloud computing – and achieving up to 40%
savings in labor costs for auditing and assessment tasks in the process. Smartronix delivers
full life-cycle cloud solutions through the Cloud Assured framework and supports adoption of
this exciting new automation tool. We intend to use the AWS Audit Manager service to provide
inputs into our FedRAMP authorized Cloud Assured Managed ServicesTM (CAMS)
platform to reduce
laborious tasks and supplement our processes.
Smartronix is a trusted partner in cloud services, with experience in both public and
commercial sector cloud initiatives and management. Our Cloud Center of Excellence and Cloud
Assured framework can help you manage the AWS Cloud life-cycle—from design and migration to
compliance and cyber security. AWS Audit Manager is a unique and pivotal new tool in our
compliance offerings, including the Accreditation Acceleration
Program – a framework that
accelerates time to market for FedRAMP-compliant SaaS offerings.
Smartronix has been recognized again and again for our work in this market. In 2020, we were
named a Leader in Gartner's Magic Quadrant for Public Cloud Infrastructure Professional and
Managed Services for the third year in a
row. With AWS Audit Manager’s automation features
on our side, we will be able to more quickly and efficiently support your FedRAMP
certification process, alongside the numerous other certifications AWS Audit Manager offers.
Gartner Disclaimer:
Gartner does not endorse any vendor, product, or service depicted in its research
publications, and does not advise technology users to select only those vendors with the
highest ratings or other designation. Gartner research publications consist of the
opinions of Gartner's research organization and should not be construed as statements of
fact. Gartner disclaims all warranties, expressed or implied, with respect to this
research, including any warranties of merchantability or fitness for a particular
purpose.
Want to learn more about adding AWS Audit Manager to your suite of cloud compliance
solutions?
For more information, please contact a Smartronix Cloud Assured Account Manager.
cloudassured@smartronix.com | 703-435-3322