Security Hub controls marked as RESOLVED do not go away.

Security Hub uses the Compliance.Status value from each control's findings to determine the overall control status. The Overall control status is Passed when all findings have a Compliance.Status of PASSED.

Security Hub > Controls > Search for the control ID eg. EC2.19 > Check the Compliance Status of all the Checks

For administrator accounts, the control status reflects the aggregated status across both the administrator account and all of the member accounts.

If you have set an aggregation Region, control statuses in the aggregation Region reflect control statuses across all of your linked Regions. Specifically, the overall status of a control appears as Failed if the control has one or more failed findings in at least one account and one linked Region.

Also Security Hub updates the control status every 24 hours based on the findings from the previous 24 hours.

[+] Determining the overall status of a control from its findings - https://docs.aws.amazon.com/securityhub/latest/userguide/controls-overall-status.html