AWS Operational Best Practices (OBP) - AWS Audit Manager

AWS Operational Best Practices (OBP)

AWS Audit Manager provides a prebuilt AWS Operational Best Practices framework to assist you with your audit preparation. This framework offers a subset of controls from the AWS Foundational Security Best Practices standard. These controls serve as baseline checks to detect when your deployed accounts and resources deviate from security best practices.

What is the AWS Foundational Security Best Practices standard?

You can use the AWS Foundational Security Best Practices to evaluate your AWS accounts and workloads and quickly identify areas of deviation from best practices. The standard provides actionable and prescriptive guidance on how to improve and maintain your organization’s security posture.

The controls include best practices from across multiple AWS services. Each control is assigned a category that reflects the security function that it applies to. For more information, see Control categories in the AWS Security Hub User Guide.

Use AWS Audit Manager to support your AWS Operational Best Practices audit preparation

You can use the AWS Operational Best Practices framework in AWS Audit Manager to prepare for audits associated with this framework. All of its 52 controls are automated. The controls in this framework aren't intended to verify whether your systems are compliant with AWS Operational Best Practices, and they can't guarantee that you will pass an AWS Operational Best Practices assessment.

You can find the AWS Operational Best Practices framework under the Standard frameworks tab of the Framework library in Audit Manager.

For instructions on how to create an assessment using this framework, see Creating an assessment. For instructions on how to customize this framework to support your specific requirements, see Customizing an existing framework and Customizing an existing control.