Document history for AWS Audit Manager User Guide - AWS Audit Manager

Document history for AWS Audit Manager User Guide

The following table describes the important changes in each release of the AWS Audit Manager User Guide from December 8, 2020, onward.

ChangeDescriptionDate

New supported framework: AWS generative AI best practices v2

A new prebuilt framework is now available in AWS Audit Manager. For more information, see AWS generative AI best practices framework v2.

June 11, 2024

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerServiceRolePolicy. For more information, see AWS managed policies for AWS Audit Manager.

June 10, 2024

Use common controls to simplify how you run assessments against your enterprise controls

When you create a custom control, you can now use common controls as an evidence source. Each common control maps to a managed grouping of relevant AWS data sources. These predefined groupings streamline evidence collection by eliminating the need to identify which AWS resources need to be assessed for a given control. For information about how to find common controls and use them as evidence sources, see Control library.

June 6, 2024

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerServiceRolePolicy. For more information, see AWS managed policies for AWS Audit Manager.

May 17, 2024

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerAdministratorAccess policy. For more information, see AWS managed policies for AWS Audit Manager.

May 15, 2024

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerServiceRolePolicy. For more information, see AWS managed policies for AWS Audit Manager.

May 15, 2024

Support for additional AWS API calls

You can now use additional AWS API calls as data sources for your custom controls in Audit Manager. For more information, see Supported API calls for custom control data sources.

May 15, 2024

New supported framework: PCI DSS V4.0

A new prebuilt framework is now available in AWS Audit Manager. For more information, see PCI DSS V4.0.

December 19, 2023

Support for additional AWS API calls

You can now use additional AWS API calls as data sources for your custom controls in Audit Manager. For more information, see Supported API calls for custom control data sources.

December 7, 2023

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerServiceRolePolicy. For more information, see AWS managed policies for AWS Audit Manager.

December 6, 2023

Support for AWS Security Hub consolidated control findings

Audit Manager now supports consolidated controls in AWS Security Hub. For more information, see AWS Security Hub controls supported by AWS Audit Manager.

November 16, 2023

Integration with MetricStream

You can now ingest evidence from Audit Manager into MetricStream. For more information, see Integrations with third-party GRC products.

November 14, 2023

New supported framework: AWS generative AI best practices

A new prebuilt framework is now available in AWS Audit Manager. For more information, see AWS generative AI best practices framework v1.

November 8, 2023

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerServiceRolePolicy. For more information, see AWS managed policies for AWS Audit Manager.

November 6, 2023

Integration with Amazon EventBridge

You can now monitor events that happen in AWS Audit Manager and use these events as part of your event-driven architecture. For more information, see Monitoring AWS Audit Manager with Amazon EventBridge.

August 18, 2023

Support for risk assessments and new manual evidence options

You can now use the custom control creation workflow to support risk assessments. A control can now represent a risk assessment question, and you can provide an answer by uploading a file or entering text as manual evidence. For more information, see Create a custom control and Add manual evidence.

June 12, 2023

Support for CSV exports

You can now export your evidence finder search results in CSV format. For more information, see Export your search results.

June 9, 2023

New supported framework: Australian Cyber Security Centre (ACSC) Information Security Manual

A new prebuilt framework is now available in AWS Audit Manager. For more information, see Australian Cyber Security Centre (ACSC) Information Security Manual.

March 24, 2023

Improved assessment reports

We made improvements to the format and contents of Audit Manager assessment reports. For more information about how to navigate and understand assessment reports, see Assessment reports.

March 23, 2023

Support for paginated API calls

AWS Audit Manager now supports paginated API calls as a data source for evidence collection. For more information, see Paginated API calls.

March 8, 2023

New supported framework: HIPAA Final Omnibus Security Rule 2013

A new prebuilt framework is now available in AWS Audit Manager. For more information, see HIPAA Final Omnibus Security Rule 2013. For differentiation purposes, the previously existing HIPAA framework (formerly named HIPAA in the framework library) is now named HIPAA Security Rule 2003.

March 8, 2023

Support for additional AWS API calls

You can now use an additional nine AWS API calls as a data source for your custom controls in Audit Manager. For more information, see Supported API calls for custom control data sources.

March 3, 2023

Updated guide to align with the IAM best practices

Updated guide to align with the IAM best practices. For more information, see Security best practices in IAM.

January 6, 2023

New data retention setting

You can now specify if you want to delete all of your data when you disable Audit Manager. For more information, see Disable AWS Audit Manager and Deletion of Audit Manager data.

January 6, 2023

Support for evidence finder

You can now use evidence finder to perform search queries on your evidence data. For more information, see Evidence finder.

November 18, 2022

New supported framework: Australian Cyber Security Centre (ACSC) Essential Eight

A new prebuilt framework is now available in AWS Audit Manager. For more information, see Australian Cyber Security Centre (ACSC) Essential Eight.

August 24, 2022

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerServiceRolePolicy. For more information, see AWS managed policies for AWS Audit Manager.

July 7, 2022

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerServiceRolePolicy. For more information, see AWS managed policies for AWS Audit Manager.

May 20, 2022

New supported framework: Canadian Centre for Cyber Security Medium Cloud Control Profile

A new prebuilt framework is now available in AWS Audit Manager. For more information, see Canadian Centre for Cyber Security Medium Cloud Control Profile.

May 6, 2022

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerAdministratorAccess policy. For more information, see AWS managed policies for AWS Audit Manager.

April 29, 2022

Support for additional AWS Config managed rules

You can now use an additional 91 AWS Config managed rules as a data source for your custom controls in Audit Manager. For more information, see Using AWS Config managed rules with AWS Audit Manager.

April 27, 2022

Support for AWS Config custom rules

You can now use AWS Config custom rules as a data source for your custom controls in Audit Manager. For more information, see Using AWS Config custom rules with AWS Audit Manager.

April 27, 2022

New supported framework: ISO/IEC 27001:2013 Annex A

A new prebuilt framework is now available in AWS Audit Manager. For more information, see ISO/IEC 27001:2013 Annex A.

April 7, 2022

Updated AWS managed policy

AWS Audit Manager has updated the AWSAuditManagerServiceRolePolicy. For more information, see AWS managed policies for AWS Audit Manager.

March 16, 2022

New supported frameworks: CIS Benchmark for CIS Amazon Web Services Foundations Benchmark v1.4

Two new prebuilt frameworks are now available in AWS Audit Manager: CIS Benchmark for CIS Amazon Web Services Foundations Benchmark v1.4, Level 1, and CIS Benchmark for CIS Amazon Web Services Foundations Benchmark v1.4, Level 1 and 2. For more information, see CIS Benchmark for CIS AWS Audit Manager Foundations Benchmark v1.4.0.

March 2, 2022

New supported framework: CIS Controls v8 IG1

A new prebuilt framework is now available in AWS Audit Manager. For more information, see CIS Controls v8 IG1.

March 2, 2022

AWS Audit Manager dashboard

You can now use the Audit Manager dashboard to monitor your active assessments and quickly identify non-compliant evidence. For more information, see Using the Audit Manager dashboard.

November 18, 2021

Custom framework sharing

You can now share your custom Audit Manager frameworks with another AWS account, or replicate them into another AWS Region under your own account. For more information, see Sharing a custom framework.

October 22, 2021

New examples of AWS Audit Manager controls

You can now review examples of controls and learn how Audit Manager helps bring your AWS environment in line with their requirements. For more information, see Examples of AWS Audit Manager controls.

September 21, 2021

New supported framework: Gramm-Leach-Bliley Act (GLBA)

A new prebuilt framework is now available in AWS Audit Manager. For more information, see Gramm-Leach-Bliley Act (GLBA).

September 2, 2021

New troubleshooting chapter

A new troubleshooting chapter is now available. For more information, see Troubleshooting in AWS Audit Manager.

August 23, 2021

New delegation chapter and tutorial

We expanded our delegation documentation into a new chapter. For more information, see Delegations in AWS Audit Manager. We also added a new tutorial aimed at delegates who are reviewing a control set for the first time in AWS Audit Manager. For more information, see Tutorial for Delegates: Reviewing a control set.

June 25, 2021

New supported framework: NIST SP 800-171 Rev. 2

A new prebuilt framework is now available in AWS Audit Manager. For more information, see NIST SP 800-171 Rev. 2.

June 17, 2021

Improved assessment reports

We made improvements to the format and contents of AWS Audit Manager assessment reports. For more information about how to navigate and understand the new assessment reports, see Assessment reports.

June 8, 2021

New AWS managed policies page

AWS Audit Manager has started tracking changes for its managed policies. For more information, see AWS managed policies for AWS Audit Manager.

May 6, 2021

New supported framework: NIST Cybersecurity Framework version 1.1

A new prebuilt framework is now available in AWS Audit Manager. For more information, see NIST Cybersecurity Framework version 1.1.

May 5, 2021

New supported framework: AWS Well-Architected

A new prebuilt framework is now available in AWS Audit Manager. For more information, see AWS Well-Architected.

May 5, 2021

New supported framework: AWS Foundational Security Best Practices

A new prebuilt framework is now available in AWS Audit Manager. For more information, see AWS Foundational Security Best Practices.

May 5, 2021

New supported framework: GxP EU Annex 11

A new prebuilt framework is now available in AWS Audit Manager. For more information, see GxP EU Annex 11.

April 28, 2021

New supported framework: NIST 800-53 (Rev. 5) Low-Moderate-High

A new prebuilt framework is now available in AWS Audit Manager. For more information, see NIST 800-53 (Rev. 5) Low-Moderate-High.

March 25, 2021

New supported frameworks: CIS Benchmark for CIS AWS Audit Manager Foundations Benchmark v1.3

Two new prebuilt frameworks are now available in AWS Audit Manager: CIS Benchmark for CIS AWS Audit Manager Foundations Benchmark v1.3.0, Level 1, and CIS Benchmark for CIS AWS Audit Manager Foundations Benchmark v1.3.0, Level 1 and 2. For more information, see CIS Benchmark for CIS AWS Audit Manager Foundations Benchmark v1.3.0.

March 22, 2021

Initial release

Initial release of the AWS Audit Manager User Guide and API Reference.

December 8, 2020