Table of contents

Generate Custom Reports For Your Cloud Infrastructure For Management Meetings

Relevant users

User Role Can Access
Technical Team member
DevOps Team member
Security Analyst
Security Engineer
Compliance Manager
Project Manager
Security Team Management


  • I am subject to PCI DSS, I want to keep it compliant and identify any issues as quickly as possible so I can remediate before I have to report non-compliance.
  • I want to show management how compliant with the NIST standard all of my organisation's production environments are.
  • I have previously created a benchmark report for my compliance score on CIS AWS Foundations, I want to now create a reoccurring report to track our compliance improvement within first the area we are focused on remediating.
  • I want to generate a security best practices compliance report for all of my organisation's accounts, filtered by a business unit owner.

Conformity Solution

Step 1. Decide which account, or group of accounts you want to report on

Step 2. Create a new configured report
Optional: For recurring stakeholder updates or meetings, set scheduling to generate at regular time intervals

Step 3. Apply filters to your report to focus on the best practices and controls that you want to report on

Baseline reports can be filtered by_ AWS tags (eg to identify environments such as production, or to identify resources holding PCI card data), and/or compliance standards (eg PCI DSS compliance report). Remediation efforts typically segment the findings into priority levels. Scheduling a repeating configured report of this segmentation will reflect any improvements made to the compliance score. Segmented reports should reflect the priorities and remediation plan agreed on with management, these could be filtered by category (eg 'Security'), risk level (eg 'Extreme'), individual services (eg 'S3'), or Conformity account tags (eg environment tags, project tags, business unit tags, owner tags etc).

Optional: Save Configuration for later reuse

Step 4. Review Check failures for your configured filter(s).

Step 5. Click "Generate" report to download either as CSV or PDF for sharing with management.