Step 8. Audit backup configuration
To ensure that the backup program is performing as it should and to identify and correct any anomalies from backup processes, audit the compliance of AWS Backup policies against defined controls such as defined backup frequency. To find and investigate backup operations or resources that are not compliant with your business requirements, continuously and automatically track your backup activity and generate automatic reports.
AWS Backup Audit Manager provides built-in, customizable compliance controls that align with your business compliance and regulatory requirements. You can use prebuilt and customizable controls as audit frameworks to evaluate your AWS Backup practices. The controls include:
-
Backup resources protected by backup plans
-
Backup plan minimum frequency and minimum retention
-
Backup recovery point encrypted
-
Backup recovery point manual deletion
-
Backup recovery point minimum retention
-
Cross-Region copy
-
Cross-account copy
-
Backup Vault Lock
For infrastructure as-code (IaC) automation, you can use AWS Backup Audit Manager with AWS CloudFormation.
AWS Security Hub