Topics on this page
Generate Custom Reports For Your Cloud Infrastructure For Management Meetings
Relevant users
| User Role | Can Access |
|---|---|
| Technical Team member |  |
| DevOps Team member | |
| Security Analyst | |
| Security Engineer | |
| Compliance Manager |  |
| Project Manager | |
| Security Team Management | |
| Consultant | |
Examples
- I am subject to PCI DSS, I want to keep it compliant and identify any issues as quickly as possible so I can remediate before I have to report non-compliance.
- I want to show management how compliant with the NIST standard all of my organisation's production environments are.
- I have previously created a benchmark report for my compliance score on CIS AWS Foundations, I want to now create a reoccurring report to track our compliance improvement within first the area we are focused on remediating.
- I want to generate a security best practices compliance report for all of my organisation's accounts, filtered by a business unit owner.
Conformity Solution
Step 1. Decide which account, or group of accounts you want to report on
Step 2. Create a new configured report
Optional: For recurring stakeholder updates or meetings, set scheduling to generate at regular time intervals
Step 3. Apply filters to your report to focus on the best practices and controls that you want to report on
Baseline reports can be filtered by_ AWS tags (eg to identify environments such as production, or to identify resources holding PCI card data), and/or compliance standards (eg PCI DSS compliance report). Remediation efforts typically segment the findings into priority levels. Scheduling a repeating configured report of this segmentation will reflect any improvements made to the compliance score. Segmented reports should reflect the priorities and remediation plan agreed on with management, these could be filtered by category (eg 'Security'), risk level (eg 'Extreme'), individual services (eg 'S3'), or Conformity account tags (eg environment tags, project tags, business unit tags, owner tags etc).
Optional: Save Configuration for later reuse
Step 4. Review Check failures for your configured filter(s).
Step 5. Click "Generate" report to download either as CSV or PDF for sharing with management.