Generating an assessment report - AWS Audit Manager

Generating an assessment report

After you've collected and reviewed the evidence for your assessment, you can generate an assessment report. An assessment report summarizes your assessment and provides links to an organized set of folders that contain the related evidence.

Newly-collected evidence doesn't automatically appear in an assessment report. This means that you can control which evidence you want to include in the report. After you select the evidence that you want to include, you can generate the final assessment report to share with your auditors. When you generate an assessment report, it's placed into the S3 bucket that you chose as your assessment report destination.

Adding evidence to an assessment report

Before you can generate an assessment report, you must add at least one piece of evidence to your assessment report. You can either add an entire evidence folder, or you can add individual evidence items from within a folder.

To add evidence to an assessment report
  1. Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home.

  2. In the navigation pane, choose Assessments and then choose an assessment.

  3. On the Controls tab, scroll down to the Control sets table and choose a control with evidence that you want to include in the assessment report.

  4. Choose how you want to add evidence to your assessment report.

    1. To add an entire evidence folder, scroll down to Evidence folders, select the folder that you want to add, and then choose Add to assessment report.

      • If you can't see the folder that you're looking for, change the dropdown filter to All time. Otherwise, you'll see the last seven days of folders by default.

      • If Add to assessment report is greyed out, the evidence folder was already added to the assessment report.

    2. To add specific evidence, choose an evidence folder to open its contents. Select one or more items from the list, and then choose Add to assessment report.

      • If Add to assessment report is greyed out, make sure that you selected the check box next to the evidence, and then try again.

  5. After you add the evidence to the assessment report, a green success banner appears. Choose View evidence in assessment report to see the evidence that will be included in your assessment report.

    • Alternatively, you can see the evidence that will be included in your assessment report by navigating back to your assessment and choosing the Assessment report selection tab.

Removing evidence from an assessment report

If you need to remove evidence from an assessment report, follow these steps. You can either remove an entire evidence folder, or you can remove specific evidence items from within a folder.

To remove evidence from an assessment report
  1. Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home.

  2. In the navigation pane, choose Assessments and then choose the name of the assessment to open it.

  3. On the Controls tab, scroll down to the Control sets table and choose the name of a control to open it.

  4. Choose how you want to remove evidence from your assessment report.

    1. To remove an entire evidence folder, scroll down to Evidence folders, select the folder that you want to remove, and then choose Remove from assessment report.

      • If you can't see the folder that you're looking for, change the dropdown filter to All time. Otherwise, you'll see the last seven days of folders by default.

      • If Remove from assessment report is greyed out, the evidence folder was already removed from the assessment report.

    2. To remove specific evidence, choose an evidence folder to open its contents. Select one or more items from the list, and then choose Remove from assessment report.

      • If Remove from assessment report is greyed out, make sure that you selected the check box next to the evidence, and then try again.

  5. After you add the evidence to the assessment report, a green success banner appears. Choose View evidence in assessment report to see the evidence that will be included in your assessment report.

    • Alternatively, you can see the evidence that will be included in your assessment report by navigating back to your assessment and choosing the Assessment report selection tab.

Generating an assessment report

When you're ready to generate your assessment report, follow these steps.

To generate an assessment report
  1. Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home.

  2. In the left navigation pane, choose Assessments.

  3. Choose the name of the assessment that you want to generate an assessment report for.

  4. Choose the Assessment report selection tab, and then choose Generate assessment report.

    • If Generate assessment report is greyed out, this means that no evidence was added to the assessment report yet.

  5. In the pop-up window, provide a name and description for the assessment report, and review the assessment report details.

  6. Choose Generate assessment report and wait a few minutes while your assessment report is generated.

  7. Find and download your assessment report from the Download center page of the Audit Manager console.

    • Alternatively, you can go to your assessment report destination S3 bucket and download the assessment report from there.

The assessment report has a file checksum to ensure the integrity of the assessment report. You can validate this with the ValidateAssessmentReportIntegrity API operation that's provided by Audit Manager.

Tips and troubleshooting

To ensure that your assessment report is generated successfully, review our Configuration tips for your assessment report destination.

To find answers to common questions and issues, see Troubleshooting assessment report issues in the Troubleshooting section of this guide.

What can I do next?

After you generate an assessment report, you can learn more about the following: