Stay organized with collections
Save and categorize content based on your preferences.
You can create a custom compliance framework in Audit Manager in the following two ways:
Create a new custom compliance framework.
Create a custom compliance framework from an existing compliance framework.
Before you begin
Ensure that you have the Audit Manager Custom Compliance Framework Admin
(roles/auditmanager.ccfAdmin) IAM role.
Review and identify the cloud controls for your custom compliance framework.
To view the list of available cloud controls, navigate to the
Audit Manager home page and click Controls.
Create a new custom compliance framework
In the Google Cloud console, go to the Audit Manager page.
A list of built-in compliance frameworks is displayed on the Frameworks page.
On the Frameworks page, click addCreate framework.
In the Basic information section, do the following:
In the Name field, enter the name of the compliance framework that meets the following requirements:
Be unique.
Be 1-63 characters in length.
Match the regular expression ^[a-z]([-a-z0-9]*[a-z0-9])?. This means that
the first character must be a lowercase letter, and all the following
characters must be hyphens, lowercase letters, or digits, except the last
character, which cannot be a hyphen.
In the Description field, enter the description of the compliance framework.
Click Continue.
In the Control selection section, select the regulatory and Google Cloud
defined cloud controls to your compliance framework. You can copy cloud controls from an
existing compliance framework, add individual cloud controls, or both.
To copy cloud controls from an existing compliance framework,
click Select framework to copy. In the Select framework to copy pane,
select the built-in or custom compliance frameworks that you want, and then click Add.
To add the individual cloud controls, click addAdd controls.
Select one or more cloud controls that you want, and then click Select.
All the selected controls are displayed in the Selected controls table.
Click Continue.
In the Specify parameter section, some of the selected controls might
require one or more of the following parameter inputs. If prompted, enter
the required value types and values according to the displayed parameters.
Allowed Services: Specify hierarchical restrictions on Google Cloud resource services within
a resource container, such as an organization, a folder, or a project. For more information, see
Restricting resource usage.
Services Requiring CMEK: Specify restrictions on the creation of certain Google Cloud
services without the presence of a customer-managed encryption key (CMEK).
For more information, see CMEK organization policies.
Click Continue.
In the Review section, verify the compliance framework configuration, and then click Create.
The custom compliance framework is created.
Create a custom compliance framework from an existing compliance framework
In the Google Cloud console, go to the Audit Manager page.
The following two tabs are displayed on the Frameworks page. You can
create a compliance framework from a built-in or an existing custom compliance framework.
Built-in
Custom
Select the required tab.
Locate the compliance framework you want to copy, click more_vertMore options,
and then click Copy to create new framework.
Alternatively, you can click the compliance framework name in the Name column, and then click Copy to create new framework.
The Create new framework page is displayed.
The name and description of the compliance framework are displayed in the Basic information section.
Modify the fields as needed, and then click Continue.
The selected cloud controls are displayed in the Control selection section. Add or remove the cloud controls as needed, and then click Continue.
The parameter values and value types are displayed in the Specify parameter section. Modify the fields as needed, and then click Continue.
Verify the compliance framework configuration in the Review section, and then click Create.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eAudit Manager allows users to create custom compliance frameworks, subject to Pre-GA Offerings Terms, for specific needs.\u003c/p\u003e\n"],["\u003cp\u003eCustom frameworks can be created either from scratch or by copying and modifying an existing compliance framework, built-in or custom.\u003c/p\u003e\n"],["\u003cp\u003eCreating a new framework involves defining its name, description, selecting relevant cloud controls, and specifying necessary parameter inputs like location or allowed services.\u003c/p\u003e\n"],["\u003cp\u003eUsers must have the Audit Manager Custom Compliance Framework Admin IAM role to manage custom compliance frameworks.\u003c/p\u003e\n"],["\u003cp\u003eThe framework creation process is completed in four steps, with a creation wizard: basic information, control selection, specify parameter, and review.\u003c/p\u003e\n"]]],[],null,["# Create a custom compliance framework\n\n| **Preview\n| --- Audit Manager compliance framework management**\n|\n|\n| This feature is subject to the \"Pre-GA Offerings Terms\" in the General Service Terms section\n| of the [Service Specific Terms](/terms/service-terms#1).\n|\n| Pre-GA features are available \"as is\" and might have limited support.\n|\n| For more information, see the\n| [launch stage descriptions](/products#product-launch-stages).\n\nYou can create a custom compliance framework in Audit Manager in the following two ways:\n\n- Create a new custom compliance framework.\n- Create a custom compliance framework from an existing compliance framework.\n\nBefore you begin\n----------------\n\n- Ensure that you have the Audit Manager Custom Compliance Framework Admin (`roles/auditmanager.ccfAdmin`) IAM role.\n- Review and identify the cloud controls for your custom compliance framework. To view the list of available cloud controls, navigate to the Audit Manager home page and click **Controls**.\n\nCreate a new custom compliance framework\n----------------------------------------\n\n1. In the Google Cloud console, go to the **Audit Manager** page.\n\n [Go to Audit Manager](https://console.cloud.google.com/compliance/auditmanager)\n2. Click **Frameworks**.\n\n A list of built-in compliance frameworks is displayed on the **Frameworks** page.\n3. On the **Frameworks** page, click add**Create framework**.\n\n4. In the **Basic information** section, do the following:\n\n 1. In the **Name** field, enter the name of the compliance framework that meets the following requirements:\n\n - Be unique.\n - Be 1-63 characters in length.\n - Match the regular expression `^[a-z]([-a-z0-9]*[a-z0-9])?`. This means that the first character must be a lowercase letter, and all the following characters must be hyphens, lowercase letters, or digits, except the last character, which cannot be a hyphen.\n 2. In the **Description** field, enter the description of the compliance framework.\n\n5. Click **Continue**.\n\n6. In the **Control selection** section, select the regulatory and Google Cloud\n defined cloud controls to your compliance framework. You can copy cloud controls from an\n existing compliance framework, add individual cloud controls, or both.\n\n 1. To copy cloud controls from an existing compliance framework,\n click **Select framework to copy** . In the **Select framework to copy** pane,\n select the built-in or custom compliance frameworks that you want, and then click **Add**.\n\n 2. To add the individual cloud controls, click add**Add controls** .\n Select one or more cloud controls that you want, and then click **Select** .\n All the selected controls are displayed in the **Selected controls** table.\n\n7. Click **Continue**.\n\n8. In the **Specify parameter** section, some of the selected controls might\n require one or more of the following parameter inputs. If prompted, enter\n the required value types and values according to the displayed parameters.\n\n - **Location** : Specify location boundaries for your resources. For more information, see [Restricting resource locations](/resource-manager/docs/organization-policy/defining-locations).\n - **Allowed Services** : Specify hierarchical restrictions on Google Cloud resource services within a resource container, such as an organization, a folder, or a project. For more information, see [Restricting resource usage](/resource-manager/docs/organization-policy/restricting-resources).\n - **Services Requiring CMEK** : Specify restrictions on the creation of certain Google Cloud services without the presence of a customer-managed encryption key (CMEK). For more information, see [CMEK organization policies](/kms/docs/cmek-org-policy).\n9. Click **Continue**.\n\n10. In the **Review** section, verify the compliance framework configuration, and then click **Create**.\n\n The custom compliance framework is created.\n\nCreate a custom compliance framework from an existing compliance framework\n--------------------------------------------------------------------------\n\n1. In the Google Cloud console, go to the **Audit Manager** page.\n\n [Go to Audit Manager](https://console.cloud.google.com/compliance/auditmanager)\n2. Click **Frameworks**.\n\n The following two tabs are displayed on the **Frameworks** page. You can\n create a compliance framework from a built-in or an existing custom compliance framework.\n - **Built-in**\n - **Custom**\n3. Select the required tab.\n\n4. Locate the compliance framework you want to copy, click more_vert**More options** ,\n and then click **Copy to create new framework** .\n Alternatively, you can click the compliance framework name in the **Name** column, and then click **Copy to create new framework** .\n The **Create new framework** page is displayed.\n\n5. The name and description of the compliance framework are displayed in the **Basic information** section.\n Modify the fields as needed, and then click **Continue**.\n\n6. The selected cloud controls are displayed in the **Control selection** section. Add or remove the cloud controls as needed, and then click **Continue**.\n\n7. The parameter values and value types are displayed in the **Specify parameter** section. Modify the fields as needed, and then click **Continue**.\n\n8. Verify the compliance framework configuration in the **Review** section, and then click **Create**.\n\n The custom compliance framework is created.\n\nWhat's next\n-----------\n\n- [Run an audit](/audit-manager/docs/run-audit).\n- [Edit or delete a custom compliance framework](/audit-manager/docs/edit-framework)."]]
