Customizing an existing control - AWS Audit Manager
Step 1: Specify control detailsStep 2: Set up data sourcesStep 3: Define action planStep 4: Review and createWhat can I do next?

Customizing an existing control

Instead of creating a custom control from scratch, you can use an existing control as a starting point and customize it according to your needs. When you do this, the existing control remains in the control library, and a new custom control is created with your customized settings.

You can select any existing control to customize. It can be either a standard control or a custom control.

Important

We strongly recommend that you never put sensitive identifying information into free-form fields such as Control details, Testing information, or Action plan. If you create custom controls that contain sensitive information, you can’t share any of your custom frameworks that contain these controls.

Step 1: Specify control details

The control details are inherited from the original control. Review and modify these details as needed.

To specify control details

  1. Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home.

  2. In the navigation pane, choose Control library.

  3. Select the control that you want to customize and then choose Customize existing control.

  4. Specify the new name of the control, and choose Customize.

  5. Under Control details, customize the control details as needed.

  6. Under Testing information, customize the testing information as needed.

  7. Under Tags, customize the tags as needed.

  8. Choose Next.

Step 2: Set up data sources

Data sources are inherited from the original control. You can change, add, or remove data sources as needed.

Important

To successfully use AWS Config and Security Hub as automated data sources, make sure that you do the following:

  • Follow the instructions to set up AWS Config and set up Security Hub for use with Audit Manager.

  • Include both AWS Config and Security Hub as services in scope in your assessment.

Audit Manager can then collect evidence each time an evaluation occurs for the AWS Config rules or the Security Hub controls that you specify in this step.

To set up data sources

  1. Under Data source name, customize the data source name as needed.

  2. Under Evidence collection method, customize the selection as needed.

    1. If you want Audit Manager to collect evidence, choose Automated and follow these steps:

      • Under Data source type, review where Audit Manager collects automated evidence from, and modify as needed.

        • For AWS CloudTrail, choose an event name keyword from the dropdown list.

        • For AWS Config, select a rule type and then choose a rule identifier keyword from the dropdown list.

        • For AWS Security Hub, choose a Security Hub control from the dropdown list.

        • For AWS API calls, choose an API call and then select an evidence collection frequency.

        Tip

        For an overview of each data source type and related troubleshooting tips, see Overview of automated data sources.

        If you need to validate your data source configuration with a domain expert, set the evidence collection method as Manual for now. That way, you can create the control and add it to a framework now, and then edit the control as needed later.

    2. If you want to provide your own evidence, choose Manual and select a Manual evidence option.

      • File upload – Select this option if the control requires documentation as evidence.

      • Text response – Select this option if the control requires an answer to a risk assessment question.

  3. (Optional) Under Additional details, make any necessary changes to the data source description or the troubleshooting description.

  4. (Optional) To add another data source, choose Add data source.

  5. (Optional) To remove a data source, choose Remove.

  6. Choose Next.

Step 3: (Optional): Define an action plan

The action plan is inherited from the original control. You can edit this action plan as needed.

To define an action plan

  1. Under Title, review the title for the action plan, and customize it as needed.

  2. Under Action plan instructions, review and customize the instructions as needed.

  3. Choose Next.

Step 4: Review and create the control

Review the information for the control. To change the information for a step, choose Edit. When you're finished, choose Create custom control.

What can I do next?

After you create a new custom control, you can add it to a custom framework. To learn more, see Creating a custom framework or Editing a custom framework.

After you add a custom control to a custom framework, you can create an assessment from that custom framework and start collecting evidence. To learn more, see Creating an assessment.

If you need to edit a custom control, see Editing a custom control.

For troubleshooting tips, see Troubleshooting control and control set issues.