AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Disable user accounts posing a significant risk | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Disable user accounts posing a significant risk
Id 22c16ae4-19d0-29cb-422f-cb44061180ee
Version 1.1.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1026 - Disable user accounts posing a significant risk
Additional metadata Name/Id: CMA_C1026 / CMA_C1026
Category: Operational
Title: Disable user accounts posing a significant risk
Ownership: Customer
Description: The customer is responsible for disabling customer-controlled accounts of users posing a significant risk.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 4 compliance controls are associated with this Policy definition 'Disable user accounts posing a significant risk' (22c16ae4-19d0-29cb-422f-cb44061180ee)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 AC-2(13) FedRAMP_High_R4_AC-2(13) FedRAMP High AC-2 (13) Access Control Disable Accounts For High-Risk Individuals Shared n/a The organization disables accounts of users posing a significant risk within [Assignment: organization-defined time period] of discovery of the risk. Supplemental Guidance: Users posing a significant risk to organizations include individuals for whom reliable evidence or intelligence indicates either the intention to use authorized access to information systems to cause harm or through whom adversaries will cause harm. Harm includes potential adverse impacts to organizational operations and assets, individuals, other organizations, or the Nation. Close coordination between authorizing officials, information system administrators, and human resource managers is essential in order for timely execution of this control enhancement. Related control: PS-4. link 1
hipaa 1136.02i2Organizational.1-02.i hipaa-1136.02i2Organizational.1-02.i 1136.02i2Organizational.1-02.i 11 Access Control 1136.02i2Organizational.1-02.i 02.04 Termination or Change of Employment Shared n/a For instances of increased risk, physical, and logical access rights are immediately removed or modified following employee, contractor or third-party user termination, and allow for immediate escorting from the site, if necessary. 6
NIST_SP_800-53_R4 AC-2(13) NIST_SP_800-53_R4_AC-2(13) NIST SP 800-53 Rev. 4 AC-2 (13) Access Control Disable Accounts For High-Risk Individuals Shared n/a The organization disables accounts of users posing a significant risk within [Assignment: organization-defined time period] of discovery of the risk. Supplemental Guidance: Users posing a significant risk to organizations include individuals for whom reliable evidence or intelligence indicates either the intention to use authorized access to information systems to cause harm or through whom adversaries will cause harm. Harm includes potential adverse impacts to organizational operations and assets, individuals, other organizations, or the Nation. Close coordination between authorizing officials, information system administrators, and human resource managers is essential in order for timely execution of this control enhancement. Related control: PS-4. link 1
NIST_SP_800-53_R5 AC-2(13) NIST_SP_800-53_R5_AC-2(13) NIST SP 800-53 Rev. 5 AC-2 (13) Access Control Disable Accounts for High-risk Individuals Shared n/a Disable accounts of individuals within [Assignment: organization-defined time period] of discovery of [Assignment: organization-defined significant risks]. link 1
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 22c16ae4-19d0-29cb-422f-cb44061180ee
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC