Help Center
Go back to application
Help Center
Go back to application
Platform Terms Glossary
Task Management
Task Management explained Creating Tasks Setting up Task NotificationsGiving permissions to team members
Organization
Working together in KertosInviting UsersCreating rolesAssigning System AccessCreating Departments and Assigning Users
Integrations
Discovery
Tasks
Device Management
Human Resource Information Systems
Inventory
Inventorization of vendorsInventorization of systemsInventorization of assetsEU AI Act: Inventorization of AI use cases
Risks
Managing risksApplying controls to risks
Trust Center
Setting up your trust center
Incidents
Reporting incidents
KAIA
KAIA explainedPrinciples of AI at Kertos
Interacting with KAIA
Compliance
Frameworks explainedManaging & implementing controlsCreating & managing policiesCompleting & assigning trainings
Privacy Management
Creating a RoPACreating TOMsCreating DPIAs
Data Subject Requests
API Reference
Ingress API Docs for DSRs Webhook API Docs for DSRs
Auto Checks
Auto Checks explainedAuto Checks: AWS Auto Checks: GCPAuto Checks: AzureAuto Checks Integration Guide for AzureAuto Checks Integration Guide for GCP
AWS Auto Checks Detailed Explanations

Auto Checks explained

Auto Checks is a feature that verifies technical configurations in your cloud environment against ISO 27001 requirements. These checks are run automatically and linked to your implementation steps within Kertos.

The Auto Checks feature automatically verifies your cloud configurations against compliance requirements (e.g. ISO 27001:2022). It helps you:

  • Continuously monitor cloud environments for compliance-relevant misconfigurations
  • Link technical evidence (Auto Checks) directly to controls and implementation steps
  • Identify and resolve misconfigurations using detailed remediation guidance

What Do Auto Checks Cover?

Auto Checks currently support the following integrations:

  • AWS 
  • GCP 
  • Azure 
  • GitHub (coming soon)
  • Intune (coming soon)

Important: Auto Checks only run for services that are in use within your connected environment. If a service is not in use, the corresponding Auto Checks will not run and be marked as "Manual." 

How do I enable Auto Checks for my Environment?

If your AWS integration is already connected, no additional setup is required — Auto Checks will automatically run in the background.
In case you don´t have your AWS Integration please navigate to the Integration Page and configure your AWS Integration. 

If you're setting up Auto Checks for the first time:

  • Ensure your AWS integration is set up.
  • Trigger a discovery run to link Auto Checks to relevant controls. This may take a few minutes.

To disable Auto Checks:

  • Navigate to the Integrations page in Kertos.
  • Select the AWS integration and click Setup.
  • Click Reconfigure.
  • At the top of the setup page, toggle Auto Checks off.

How do I see the results of the Auto Checks Feature?

Navigate to a Controls Page that supports Auto Checks, such as: 

  • A.8.2
  • A.8.15
  • A.8.16
  • A.8.5
  • ....

 

On the control overview Page you will see that the Auto Checks are listed twice. First on the respective Implementation Step, which it also checks off once it state is passing. Secondly on the Evidence Section, where you see all the linked Auto Checks for a given Control. 

The Auto Check cards show: 

  • A clear title 
  • Current status (Passed / Failed / Not Applicable)
  • The associated Integration (e.g. AWS, GCP, Azure) 
  • Time Stamp of last time run 

 

If you click on the Auto Check Card (either in the section "Implementation progress" or "Evidence") you will see that a Modal will open up. 

 

Each Auto Check includes: 

  • A clear title
  • Current status (Passed / Failed / Not Applicable) 
  • A detailed description of the finding
  • Remediation guidance
  • Potentially a Command Line Input 

How do I manage Auto Checks?

You can manually unlink or relink Auto Checks from the Evidence section or Implementation Steps:

  • To unlink: Click the “-” icon left of the Auto Check card.
  • To relink: Click the "+Suggestions" button. If all suggestions are already linked, the button will be grayed out with the tooltip: “No suggestions available for this control.”

How does the Auto Check Status Impacts Controls Status?

  • When a check passes, the corresponding implementation step is marked complete.
  • When all implementation steps are complete, the control status is updated to Implemented.
  • If a previously passing check later fails:
  • The linked implementation step will be unchecked
  • The control remains in Implemented status (it will not auto-revert)

 

 

 

FAQs

How often are Auto Checks run?
Auto Checks run during every discovery run. You can manually trigger one at any time.

What happens if a check fails?
The check will appear in the Evidence and Step section with “Failed” status. You’ll also get remediation steps.

Was this article helpful?

Powered by Product Fruits