last sync: 2024-Mar-01 17:50:27 UTC

Incorporate simulated events into incident response training | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Incorporate simulated events into incident response training
Id 1fdeb7c4-4c93-8271-a135-17ebe85f1cc7
Version 1.1.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1356 - Incorporate simulated events into incident response training
Additional metadata Name/Id: CMA_C1356 / CMA_C1356
Category: Operational
Title: Incorporate simulated events into incident response training
Ownership: Customer
Description: The customer is responsible for providing incident response training, which incorporates simulated events, to users of customer-deployed resources in accordance with assigned roles and responsibilities.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 9 compliance controls are associated with this Policy definition 'Incorporate simulated events into incident response training' (1fdeb7c4-4c93-8271-a135-17ebe85f1cc7)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 IR-2(1) FedRAMP_High_R4_IR-2(1) FedRAMP High IR-2 (1) Incident Response Simulated Events Shared n/a The organization incorporates simulated events into incident response training to facilitate effective response by personnel in crisis situations. link 1
hipaa 1331.02e3Organizational.4-02.e hipaa-1331.02e3Organizational.4-02.e 1331.02e3Organizational.4-02.e 13 Education, Training and Awareness 1331.02e3Organizational.4-02.e 02.03 During Employment Shared n/a The organization trains workforce members on how to properly respond to perimeter security alarms. 6
hipaa 1511.11a2Organizational.5-11.a hipaa-1511.11a2Organizational.5-11.a 1511.11a2Organizational.5-11.a 15 Incident Management 1511.11a2Organizational.5-11.a 11.01 Reporting Information Security Incidents and Weaknesses Shared n/a All employees, contractors and third-party users receive mandatory incident response training to ensure they are aware of their responsibilities to report information security events as quickly as possible, the procedure for reporting information security events, and the point(s) of contact, including the incident response team, and the contact information is published and made readily available. 13
hipaa 1521.11c2Organizational.56-11.c hipaa-1521.11c2Organizational.56-11.c 1521.11c2Organizational.56-11.c 15 Incident Management 1521.11c2Organizational.56-11.c 11.02 Management of Information Security Incidents and Improvements Shared n/a Testing exercises are planned, coordinated, executed, and documented periodically, at least annually, using reviews, analyses, and simulations to determine incident response effectiveness. Testing includes personnel associated with the incident handling team to ensure that they understand current threats and risks, as well as their responsibilities in supporting the incident handling team. 16
hipaa 1589.11c1Organizational.5-11.c hipaa-1589.11c1Organizational.5-11.c 1589.11c1Organizational.5-11.c 15 Incident Management 1589.11c1Organizational.5-11.c 11.02 Management of Information Security Incidents and Improvements Shared n/a The organization tests and/or exercises its incident response capability regularly. 4
NIST_SP_800-53_R4 IR-2(1) NIST_SP_800-53_R4_IR-2(1) NIST SP 800-53 Rev. 4 IR-2 (1) Incident Response Simulated Events Shared n/a The organization incorporates simulated events into incident response training to facilitate effective response by personnel in crisis situations. link 1
NIST_SP_800-53_R5 IR-2(1) NIST_SP_800-53_R5_IR-2(1) NIST SP 800-53 Rev. 5 IR-2 (1) Incident Response Simulated Events Shared n/a Incorporate simulated events into incident response training to facilitate the required response by personnel in crisis situations. link 1
SWIFT_CSCF_v2022 11.2 SWIFT_CSCF_v2022_11.2 SWIFT CSCF v2022 11.2 11. Monitor in case of Major Disaster Ensure a consistent and effective approach for the management of incidents (Problem Management). Shared n/a Ensure a consistent and effective approach for the management of incidents (Problem Management). link 20
SWIFT_CSCF_v2022 7.1 SWIFT_CSCF_v2022_7.1 SWIFT CSCF v2022 7.1 7. Plan for Incident Response and Information Sharing Ensure a consistent and effective approach for the management of cyber incidents. Shared n/a The user has a defined and tested cyber-incident response plan. link 8
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
SWIFT CSP-CSCF v2022 7bc7cd6c-4114-ff31-3cac-59be3157596d Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 1fdeb7c4-4c93-8271-a135-17ebe85f1cc7
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC