Generating an assessment report
An assessment report summarizes your assessment and provides links to an organized set of folders that contain related evidence. For more information, see Assessment reports.
You can choose which evidence you want to include in your assessment report before you generate the assessment report. Newly collected evidence isn't automatically included in an assessment report.
Tasks
Adding evidence to an assessment report
Before you can generate an assessment report, you must add at least one piece of evidence to your assessment report. You can either add an entire evidence folder, or you can add individual evidence items from within a folder.
To add evidence to an assessment report
Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home
. -
In the navigation pane, choose Assessments and then choose the name of the assessment to open it.
-
On the Controls tab, scroll down to the Control sets table and choose the name of a control to open it.
Choose how you want to add evidence to your assessment report.
-
To add an entire evidence folder, scroll down to Evidence folders, select the folder that you want to add, and then choose Add to assessment report.
-
If you can't see the folder that you're looking for, change the dropdown filter to All time. Otherwise, you'll see the last seven days of folders by default.
-
If Add to assessment report is greyed out, the evidence folder was already added to the assessment report.
-
-
To add specific evidence, choose an evidence folder to open its contents. Select one or more items from the list, and then choose Add to assessment report.
-
If Add to assessment report is greyed out, make sure that you selected the check box next to the evidence, and then try again.
-
-
After you add the evidence to the assessment report, a green success banner appears. Choose View evidence in assessment report to see the evidence that will be included in your assessment report.
Alternatively, you can see the evidence that will be included in your assessment report by navigating back to your assessment and choosing the Assessment report selection tab.
Removing evidence from an assessment report
If you need to remove evidence from an assessment report, follow these steps. You can either remove an entire evidence folder, or you can remove specific evidence items from within a folder.
To remove evidence from an assessment report
Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home
. -
In the navigation pane, choose Assessments and then choose the name of the assessment to open it.
-
On the Controls tab, scroll down to the Control sets table and choose the name of a control to open it.
Choose how you want to remove evidence from your assessment report.
-
To remove an entire evidence folder, scroll down to Evidence folders, select the folder that you want to remove, and then choose Remove from assessment report.
-
If you can't see the folder that you're looking for, change the dropdown filter to All time. Otherwise, you'll see the last seven days of folders by default.
-
If Remove from assessment report is greyed out, the evidence folder was already removed from the assessment report.
-
-
To remove specific evidence, choose an evidence folder to open its contents. Select one or more items from the list, and then choose Remove from assessment report.
-
If Remove from assessment report is greyed out, make sure that you selected the check box next to the evidence, and then try again.
-
-
After you add the evidence to the assessment report, a green success banner appears. Choose View evidence in assessment report to see the evidence that will be included in your assessment report.
Alternatively, you can see the evidence that will be included in your assessment report by navigating back to your assessment and choosing the Assessment report selection tab.
Generating an assessment report
After you add evidence to your assessment report, you can generate the final assessment report to share with your auditors. When you generate an assessment report, it's placed into the S3 bucket that you chose as your assessment report destination.
Tip
To ensure that your assessment report is generated successfully, review our Configuration tips for your assessment report destination.
To generate an assessment report
Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home
. -
In the left navigation pane, choose Assessments.
-
Choose the name of the assessment that you want to generate an assessment report for.
-
Choose the Assessment report selection tab, and then choose Generate assessment report.
-
If Generate assessment report is greyed out, this means that no evidence was added to the assessment report yet.
-
-
In the pop-up window, provide a name and description for the assessment report, and review the assessment report details.
-
Choose Generate assessment report and wait a few minutes while your assessment report is generated.
-
Find and download your assessment report from the Download center page of the Audit Manager console.
Alternatively, you can go to your assessment report destination S3 bucket and download the assessment report from there.
The assessment report has a file checksum to ensure the integrity of the assessment report. You can validate this with the ValidateAssessmentReportIntegrity API operation that's provided by Audit Manager.
What can I do next?
After you generate an assessment report, you can learn more about the following:
-
Find and download your assessment report – Learn how to download your assessment report from the download center or from Amazon S3.
-
Explore your assessment report – Learn how to navigate an assessment report and explore its contents.
-
Validate your assessment report – Learn how to use the ValidateAssessmentReportIntegrity API operation to validate your assessment report.
-
Delete an unwanted assessment report – Learn how to delete an unwanted report from the download center or from Amazon S3.