last sync: 2024-Mar-01 17:50:27 UTC

Microsoft Managed Control 1544 - Risk Assessment | Regulatory Compliance - Risk Assessment

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1544 - Risk Assessment
Id 43ced7c9-cd53-456b-b0da-2522649a4271
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Risk Assessment control
Additional metadata Name/Id: ACF1544 / Microsoft Managed Control 1544
Category: Risk Assessment
Title: Risk Assessment - Disseminate Results to Defined Personnel
Ownership: Customer, Microsoft
Description: The organization: Disseminates risk assessment results to personnel or roles with risk assessment responsibilities, as well as AOs and FedRAMP ISSOs; and
Requirements: Azure submits risk assessment results to Azure management, including the Azure Program Managers. The annual SAR is submitted to the FedRAMP JAB, DISA/DoD authorizing officials, and other regulators as required who review the package for sufficiency. Internally, the SAR is used to update the POA&M submissions.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC