last sync: 2024-Jun-13 18:14:14 UTC

Microsoft Managed Control 1522 - Personnel Transfer | Regulatory Compliance - Personnel Security

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1522 - Personnel Transfer
Id 38b470cc-f939-4a15-80e0-9f0c74f2e2c9
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Personnel Security control
Additional metadata Name/Id: ACF1522 / Microsoft Managed Control 1522
Category: Personnel Security
Title: Personnel Transfer - Review Access When Personnel Transferred
Ownership: Customer, Microsoft
Description: The organization: Reviews and confirms ongoing operational need for current logical and physical access authorizations to information systems/facilities when individuals are reassigned or transferred to other positions within the organization;
Requirements: Microsoft HR ensures personnel transfer is handled appropriately. Microsoft implements personnel transfer using the Manager Self Service Tool, which is managed by Microsoft Headcount Operations. When personnel transfer to new positions with new reporting structures, a Manager Self Service Tool transfer transaction is keyed into the HR system by the individual’s manager, group administrator, or equivalent personnel with work-on-behalf privileges. Once the transfer has populated in the downstream tools and applications, access to data is reassigned based on the new role and scope within twenty-four (24) hours of transfer. Access to buildings, rooms, and websites can be requested by the transferred individual’s manager.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC