Introducing AWS Audit Manager: An Automation Service for Auditing and Compliance Reporting

One of the advantages of the AWS cloud is that it has built-in compliance controls for almost every industry. But until recently, compliance-driven organizations that leveraged the AWS cloud had to manually crawl their networks, comparing current state to last approved state and their compliance requirements during auditing season to ensure their programs were up to standard. This time-consuming process could take weeks of staff time and involve intensive ongoing record-keeping, which distracted from the organizational mission.

The solution? AWS Audit Manager.

AWS Audit Manager is a new automation service in the AWS cloud toolkit that helps you meet – and now automate – the security controls you need to remain compliant. With AWS Audit Manager, tracking and reporting compliance controls is faster, more efficient, and more accurate. It is also ongoing – so your organization knows they are up to standard all year, not just during an audit.

As one of only a handful of organizations chosen as a beta partner for AWS Audit Manager, Smartronix is here to support your adoption of this new offering. What can AWS Audit Manager do for your company? Let’s find out.

AWS Audit Manager Automates Compliance

AWS Audit Manager is a cloud service that automates the collection of evidence to help your organization more easily meet compliance audits.

How does it work? AWS Audit Manager automatically collects evidence from your cloud service usage, including configurations, event logs, and findings. Rather than spending weeks of time manually sorting through controls, the AWS Audit Manager service maps your resources onto custom and pre-existing compliance frameworks. The built-in frameworks make it easy to translate evidence from your system into audit-ready assessment reports.

Any organization with compliance needs can rely on AWS Audit Manager, including Government agencies, financial and security companies, and healthcare organizations. AWS Audit Manager's current out-of-the-box frameworks include:

  • The Payment Card Industry Data Security Standard (PCI DSS) v3.2.1
  • The Health Information Trust Alliance Common Security Framework (HITRUST CSF) v9.4 - Level 1
  • The General Data Protection Regulation (GDPR)
  • The Health Insurance Portability and Accountability Act (HIPAA)
  • The Service Organization Control 2 (SOC2)
  • Federal Risk and Authorization Management Program (FedRAMP) Moderate Baseline
  • Center for Internet Security (CIS) Benchmark for CIS Amazon Web Services Foundations Benchmark, v1.2.0, Level 1 and 2
  • The Good Practice Quality Guideline (GxP) 21 CFR Part 11

Saving Time with Built-In and Customizable Solutions

Using AWS Audit Manager is easy. Users simply define the scope and goals of their project and select a prebuilt compliance framework from AWS or its partners. From there, the service takes over the hard work of gathering evidence, compiling data, and generating reports that you can use to conduct a review of your cloud workloads. AWS Audit Manager's process is customizable and includes a dashboard so you can track your compliance all year.

Alongside out-of-the-box compliance frameworks for common auditing and compliance needs, AWS Audit Manager provides options for customizable frameworks and controls defined by individual users to meet their unique business requirements. It also allows you to document exceptions quickly and easily. For example, if you have a third-party audit requirement, the AWS Audit Manager service will help prepare you by identifying any non-compliant cloud service provider settings before they are found in an audit; a great way to support continuous monitoring activities.

Smartronix and AWS Audit Manager: Partners in Efficiency

As the only tool of its kind on the market, AWS Audit Manager is changing the way organizations think about compliance in the era of cloud computing – and achieving up to 40% savings in labor costs for auditing and assessment tasks in the process. Smartronix delivers full life-cycle cloud solutions through the Cloud Assured framework and supports adoption of this exciting new automation tool. We intend to use the AWS Audit Manager service to provide inputs into our FedRAMP authorized Cloud Assured Managed ServicesTM (CAMS) platform to reduce laborious tasks and supplement our processes.

Smartronix is a trusted partner in cloud services, with experience in both public and commercial sector cloud initiatives and management. Our Cloud Center of Excellence and Cloud Assured framework can help you manage the AWS Cloud life-cycle—from design and migration to compliance and cyber security. AWS Audit Manager is a unique and pivotal new tool in our compliance offerings, including the Accreditation Acceleration Program – a framework that accelerates time to market for FedRAMP-compliant SaaS offerings.

Smartronix has been recognized again and again for our work in this market. In 2020, we were named a Leader in Gartner's Magic Quadrant for Public Cloud Infrastructure Professional and Managed Services for the third year in a row. With AWS Audit Manager’s automation features on our side, we will be able to more quickly and efficiently support your FedRAMP certification process, alongside the numerous other certifications AWS Audit Manager offers.

Gartner Disclaimer: Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Want to learn more about adding AWS Audit Manager to your suite of cloud compliance solutions?

For more information, please contact a Smartronix Cloud Assured Account Manager. | 703-435-3322