Posted On: Nov 15, 2023
AWS Audit Manager has integrated with MetricStream, an AWS Partner and Governance, Risk and Compliance (GRC) solution provider. This integration allows you to import evidence of your AWS usage and configurations directly from Audit Manager into your MetricStream CyberGRC. Instead of jumping between multiple tools to manage compliance, you can use MetricStream CyberGRC as a single location to centralize evidence and address issues for controls that assess your AWS, on-premises, and multicloud environments.
The integration setup is simple - as a MetricStream CyberGRC customer, you can use your delegated administrator account for AWS Audit Manager to establish the connection between AWS and MetricStream. The AWS Audit Manager integration with MetricStream CyberGRC allows you to map your AWS controls to your existing enterprise-wide GRC controls configured in MetricStream.
Inside MetricStream CyberGRC, begin by choosing the suitable Audit Manager framework to define the relationships between your existing enterprise controls and AWS controls. After creating this control mapping, you can define the accounts in scope to create an assessment that CyberGRC will manage in AWS Audit Manager on your behalf. This triggers AWS Audit Manager to collect evidence in context of the mapped controls. As a result, you get a unified view of compliance evidence inside your GRC application.
This new integration is available in all AWS Regions where AWS Audit Manager and MetricStream services are available. There are no additional Audit Manager charges for using this integration with Audit Manager. To use this integration, please reach out to MetricStream for information about access and purchase of MetricStream GRC software.
To learn more, visit the Audit Manager documentation, MetricStream CyberGRC, and the AWS News blog.