Skip to main content

Understanding Your Audit Results

Learn how to interpret your CloudArq audit score, severity levels, and the six pillars of infrastructure excellence.

The Audit Score

What is Your Score?

Your Audit Score is a number between 0 and 100 that represents the overall security and operational health of your AWS infrastructure. Higher scores indicate better practices.

How is it Calculated?

Your score is calculated by:

  • 1.Running 169 checks across your infrastructure
  • 2.Weighting each finding by severity (Critical = -25 pts, High = -10 pts, Medium = -5 pts, Low = -1 pt)
  • 3.Normalizing the total to a 0-100 scale

Score Ranges

90-100:Excellent
70-89:Good
50-69:Fair
Below 50:Action Required

Severity Levels

Critical

Immediate security risk or data exposure. Examples: publicly accessible S3 buckets, open security groups, disabled encryption, overly permissive IAM policies. Fix these first.

High

Significant risk or non-compliance issue. Examples: multi-factor authentication not enabled, outdated runtime versions, missing backup configurations. Should be addressed soon.

Medium

Best practice violation or minor optimization opportunity. Examples: missing tags, lack of detailed logging, suboptimal instance sizing. Good to address in the coming weeks.

Low

Minor optimization opportunity or informational item. Examples: unused resources, cost optimization suggestions, deprecation notices. Nice-to-have improvements.

The 6 Pillars

CloudArq audits your infrastructure across six fundamental areas. Each pillar contains multiple checks that assess different aspects of your AWS setup.

Security

Encryption, access control, authentication, network security, and compliance with security best practices.

Cost Optimization

Resource rightsizing, reserved instance utilization, unused resources, and cost-saving opportunities.

Reliability

Backup and recovery, multi-AZ deployments, failover mechanisms, and disaster recovery readiness.

Performance Efficiency

Compute, storage, and networking optimization to ensure your applications run efficiently.

Operational Excellence

Monitoring, logging, automation, change management, and operational readiness.

Sustainability

Energy efficiency, resource optimization, and environmental impact of your infrastructure.

Compliance Mapping

7 Compliance Frameworks

CloudArq maps findings to the following compliance frameworks:

  • CIS AWS Foundations Benchmark
  • SOC 2 Type II
  • HIPAA (Health Insurance Portability and Accountability Act)
  • PCI-DSS (Payment Card Industry Data Security Standard)
  • NIST 800-53 (National Institute of Standards and Technology)
  • ISO 27001 (Information Security Management)
  • AWS Well-Architected Framework

Auto-Mapping (Not a Replacement)

CloudArq automatically maps findings to relevant compliance requirements. However, this mapping is informational and should not be relied upon as your sole compliance audit. For formal compliance certification, engage a professional auditor or compliance firm.

Reading a Finding

Title & Description

The title summarizes the issue. The description explains what the finding is, why it matters, and the impact if left unaddressed.

Affected Resource

Shows which AWS resource (S3 bucket, EC2 instance, IAM role, etc.) is affected by the finding. Click to view resource details.

Remediation Steps

Step-by-step instructions on how to fix the issue. Most findings include AWS CLI commands or AWS Console steps.

AI-Powered Remediation

On Pro and Max plans, click "Get AI Remediation" to generate detailed, resource-specific fix instructions powered by Claude. These instructions are tailored to your exact resource configuration.