AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

Microsoft Managed Control 1224 - Information System Component Inventory | Updates During Installations / Removals | Regulatory Compliance - Configuration Management

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1224 - Information System Component Inventory | Updates During Installations / Removals
Id 28cfa30b-7f72-47ce-ba3b-eed26c8d2c82
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Configuration Management control
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.0.0'
Repository: Azure-Policy 28cfa30b-7f72-47ce-ba3b-eed26c8d2c82
Additional metadata Name/Id: ACF1224 / Microsoft Managed Control 1224
Category: Configuration Management
Title: Information System Component Inventory | Updates During Installations / Removals
Ownership: Customer, Microsoft
Description: The organization updates the inventory of information system components as an integral part of component installations, removals, and information system updates.
Requirements: Azure service teams are responsible for updating the inventory of information system components using Service Tree, Property Groups, and Property Dimensions as an integral part of component installations, removals, and information system updates. The inventory tracks specific inventory information for all Azure assets. Additionally, Azure generates a complete inventory each month, and analyzes and reconciles all changes from the previous month’s inventory. As an additional protection, Azure employs strict physical access controls in the datacenters to mitigate the unauthorized addition of new devices into the environment. Physical access to the devices to add additional ports is also disabled within the environment.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Compliance
The following 2 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1224 - Information System Component Inventory | Updates During Installations / Removals' (28cfa30b-7f72-47ce-ba3b-eed26c8d2c82)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
NIS2 AM._Asset_Management_9 NIS2_AM._Asset_Management_9 NIS2_AM._Asset_Management_9 AM. Asset Management Human resources security, access control policies and asset management n/a The cybersecurity risk-management measures should therefore also address the physical and environmental security of network and information systems by including measures to protect such systems from system failures, human error, malicious acts or natural phenomena, in line with European and international standards, such as those included in the ISO/IEC 27000 series. In that regard, essential and important entities should, as part of their cybersecurity risk-management measures, also address human resources security and have in place appropriate access control policies. Those measures should be consistent with Directive (EU) 2022/2557. 28
op.exp.1 Asset inventory op.exp.1 Asset inventory 404 not found n/a n/a 40
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Preview]: NIS2 32ff9e30-4725-4ca7-ba3a-904a7721ee87 Regulatory Compliance Preview BuiltIn unknown
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn unknown
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC