AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Employ business case to record the resources required

Name Employ business case to record the resources required
Azure Portal
Id 2d14ff7e-6ff9-838c-0cde-4962ccdb1689
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1735 - Employ business case to record the resources required
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Resources/subscriptions
Compliance The following 5 compliance controls are associated with this Policy definition 'Employ business case to record the resources required' (2d14ff7e-6ff9-838c-0cde-4962ccdb1689)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
hipaa 0120.05a1Organizational.4-05.a hipaa-0120.05a1Organizational.4-05.a 0120.05a1Organizational.4-05.a 01 Information Protection Program 0120.05a1Organizational.4-05.a 05.01 Internal Organization Shared n/a Capital planning and investment requests include the resources needed to implement the security program, employ a business case (or Exhibit 300 and/or 53 for federal government); and the organization ensures the resources are available for expenditure as planned. 8
ISO27001-2013 C.4.3.c ISO27001-2013_C.4.3.c ISO 27001:2013 C.4.3.c Context of the organization Determining the scope of the information security management system Shared n/a The organization shall determine the boundaries and applicability of the information security management system to establish its scope. When determining this scope, the organization shall consider: c) interfaces and dependencies between activities performed by the organization, and those that are performed by other organizations. The scope shall be available as documented information. link 18
ISO27001-2013 C.5.1.c ISO27001-2013_C.5.1.c ISO 27001:2013 C.5.1.c Leadership Leadership and commitment Shared n/a Top management shall demonstrate leadership and commitment with respect to the information security management system by: c) ensuring that the resources needed for the information security management system are available. link 10
ISO27001-2013 C.5.1.f ISO27001-2013_C.5.1.f ISO 27001:2013 C.5.1.f Leadership Leadership and commitment Shared n/a Top management shall demonstrate leadership and commitment with respect to the information security management system by: f) directing and supporting persons to contribute to the effectiveness of the information security management system. link 9
ISO27001-2013 C.7.1 ISO27001-2013_C.7.1 ISO 27001:2013 C.7.1 Support Resources Shared n/a The organization shall determine and provide the resources needed for the establishment, implementation, maintenance and continual improvement of the information security management system. link 7
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 2d14ff7e-6ff9-838c-0cde-4962ccdb1689
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
JSON