AWS Audit Manager will no longer be open to new customers starting April 30, 2026. If you would like to use Audit Manager, sign up prior to that date. Existing customers can continue to use the service as normal. For more information, see AWS Audit Manager availability change.
Managing assessments in AWS Audit Manager
An Audit Manager assessment is based on a framework, which is a grouping of controls. Using a framework as a starting point, you can create an assessment that collects evidence for the controls in that framework. In your assessment, you can also define the scope of your audit. This includes specifying the AWS accounts that you want to collect evidence for.
Key points
You can create an assessment from any framework. Either, you can use a standard framework that's provided by Audit Manager. Or, you can create an assessment from a custom framework that you build yourself. Standard frameworks contain prebuilt control sets that support a specific compliance standard or regulation. In contrast, custom frameworks contain controls that you can customize and group according to your own requirements.
When you create an assessment, this starts the ongoing collection of evidence. When it's time for an audit, you or a delegate can review this evidence and then add it to an assessment report.
Note
AWS Audit Manager assists in collecting evidence that's relevant for verifying compliance with specific compliance standards and regulations. However, it doesn't assess your compliance itself. The evidence that's collected through AWS Audit Manager therefore might not include all the information about your AWS usage that's needed for audits. AWS Audit Manager isn't a substitute for legal counsel or compliance experts.
Additional resources
To create and manage assessments in Audit Manager, follow the procedures that are outlined here.
