| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1156 - Plan Of Action And Milestones | ||
| Id | 4d52e864-9a3b-41ee-8f03-520815fe5378 | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Security Assessment and Authorization control | ||
| Additional metadata |
Name/Id: ACF1156 / Microsoft Managed Control 1156 Category: Security Assessment and Authorization Title: Plan of Action And Milestones - Development Ownership: Customer, Microsoft Description: The organization: Develops a plan of action and milestones for the information system to document the organization's planned remedial actions to correct weaknesses or deficiencies noted during the assessment of the security controls and to reduce or eliminate known vulnerabilities in the system; and Requirements: Azure develops plans of action and milestones (POA&Ms) in accordance with Office of Management and Budget guidance and certification requirements. POA&Ms are developed and maintained by Azure. The POA&M report is also updated monthly when vulnerability scans are run and any new vulnerabilities are identified, annually during security assessments, and as needed as a part of continuous monitoring activities. The POA&M is submitted as part of the Azure Security Authorization Package provided to the authorizing officials. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|