Editing a custom control - AWS Audit Manager

Editing a custom control

You can edit a custom control in Audit Manager by following these steps.

Step 1: Edit control details

Start by reviewing and editing the control details as needed.

To edit control details
  1. Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home.

  2. In the navigation pane, choose Control library and then choose the Custom controls tab.

  3. Select the control that you want to edit and then choose Edit.

  4. Under Control details, edit the control details as needed.

  5. Under Testing information, edit the recommended testing information as needed.

  6. Choose Next.

Tip

To edit the tags for a control, open the control and choose the tags tab. There you can view and edit the tags that are associated with the control.

Step 2: Edit data sources

Next, you can edit, remove, or add data sources for the control.

Important

To successfully use AWS Config and Security Hub as automated data sources, make sure that you do the following:

  • Follow the instructions to set up AWS Config and set up Security Hub for use with Audit Manager.

  • Include both AWS Config and Security Hub as services in scope in your assessment.

Audit Manager can then collect evidence each time an evaluation occurs for the AWS Config rules or the Security Hub controls that you specify in this step.

To edit data sources
  1. Under Data source name, review the current name and edit it as needed.

  2. Under Evidence collection method, review the current selection and edit as needed.

    1. If you want Audit Manager to collect evidence, choose Automated and follow these steps:

      • Under Data source type, review where Audit Manager collects automated evidence from, and edit as needed.

        • For AWS CloudTrail, choose an event name keyword from the dropdown list.

        • For AWS Config, select a rule type and then choose a rule identifier keyword from the dropdown list.

        • For AWS Security Hub, choose a Security Hub control from the dropdown list.

        • For AWS API calls, choose an API call and then select an evidence collection frequency.

        Tip

        For an overview of each data source type and related troubleshooting tips, see Overview of automated data sources.

    2. If you want to provide your own evidence, choose Manual and select a Manual evidence option.

      • File upload – Select this option if the control requires documentation as evidence.

      • Text response – Select this option if the control requires an answer to a risk assessment question.

  3. (Optional) Under Additional details, make any necessary changes to the data source description or the troubleshooting description.

  4. (Optional) To add another data source, choose Add data source.

  5. (Optional) To remove a data source, choose Remove.

  6. Choose Next.

Step 3: (Optional) Edit an action plan

Next, review and edit the optional action plan.

To edit an action plan
  1. Under Title, edit the title as needed.

  2. Under Action plan instructions, edit the instructions as needed.

  3. Choose Next.

Step 4: Review and update the control

Review the information for the control. To change the information for a step, choose Edit.

When you're finished, choose Save changes.

Note

After you edit a control, the changes take effect as follows in all active assessments that include the control:

  • For controls with AWS API calls as the data source type, changes take effect at 00:00 UTC the following day.

  • For all other controls, changes take effect immediately.