AWS Security ChangesHomeSearch

AWS audit-manager documentation change

Service: audit-manager · 2025-06-07 · Documentation low

File: audit-manager/latest/userguide/how-evidence-is-collected.md

Summary

Added section explaining inconclusive evidence classification

Security assessment

Documents evidence evaluation processes but does not indicate security vulnerability fixes. Enhances transparency about security control limitations.

Diff

diff --git a/audit-manager/latest/userguide/how-evidence-is-collected.md b/audit-manager/latest/userguide/how-evidence-is-collected.md
index f5f325b04..e899b2d5a 100644
--- a//audit-manager/latest/userguide/how-evidence-is-collected.md
+++ b//audit-manager/latest/userguide/how-evidence-is-collected.md
@@ -38,0 +39,2 @@ Evidence collection is an ongoing process that starts when you create your asses
+    * AWS Audit Manager marks evidence as inconclusive when automated compliance evaluation isn't possible. This occurs when you haven't enabled AWS Config or AWS Security Hub, which are key data sources. It also happens when evidence is collected directly from AWS services via API calls, AWS CloudTrail logs, or manual uploads. When there's no mechanism for automatic evaluation of this evidence, AWS Audit Manager can't provide evaluation details. As a result, it marks the evidence as inconclusive. Inconclusive evidence doesn't indicate failure. Instead, it signals that you need to manually evaluate the evidence for compliance.
+