3 PRs merged without 2 approvers in privileged repo last week. Can you provide justification?
SOC 2 · CM-3.4Resolved
Greg Chen Apr 25
SIEM monitoring evidence — Splunk dashboard screenshot for Q1.
ISO 27001 · SI-4.1Resolved
MFA enforcement for AWS root accounts (Q1)
SOC 2 · CC-6.1ISO 27001 · A.9.4.2· Started by Greg Chen, 10:24 AM
Greg Chen · External auditor
Hi! For Q1 evidence I need to see how MFA was enforced on AWS root accounts. Either a screenshot of the IAM dashboard or a config export should work. Anything dated within the last 90 days.
Auditborb AI · Linked this thread to SOC 2 · CC-6.1 and ISO 27001 · A.9.4.2 based on the question.
You
Sure, here's the IAM root MFA status report. Pulled today.
PDF
aws-iam-root-mfa-2026-q1.pdf
Uploaded May 2 · 124 KB
Auditborb AI · Reviewed the attachment. ✓ MFA enforced on all 3 root accounts. Also satisfies NIST CSF · PR.AC-7 — pre-mapped.
Greg Chen · External auditor
Perfect — that covers it. Can you also confirm the date the policy was last reviewed by your security team?
AI
Suggested reply · "The MFA policy was last reviewed on Mar 18, 2026 by Anton Lee (CISO). Attaching the signed review record." Use this →
Cmd+Enter to send
Step 2 of 3 — Owner replies inline. Familiar chat UX, but the AI auto-tags responses to controls so every conversation produces audit-ready linked evidence.