AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Manage contacts for authorities and special interest groups

Name Manage contacts for authorities and special interest groups
Azure Portal
Id 5269d7e4-3768-501d-7e46-66c56c15622c
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_0359 - Manage contacts for authorities and special interest groups
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Resources/subscriptions
Compliance The following 4 compliance controls are associated with this Policy definition 'Manage contacts for authorities and special interest groups' (5269d7e4-3768-501d-7e46-66c56c15622c)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
hipaa 0123.05a2Organizational.4-05.a hipaa-0123.05a2Organizational.4-05.a 0123.05a2Organizational.4-05.a 01 Information Protection Program 0123.05a2Organizational.4-05.a 05.01 Internal Organization Shared n/a Security contacts are formally appointed in writing for each major organizational area or business unit. 2
hipaa 1506.11a1Organizational.2-11.a hipaa-1506.11a1Organizational.2-11.a 1506.11a1Organizational.2-11.a 15 Incident Management 1506.11a1Organizational.2-11.a 11.01 Reporting Information Security Incidents and Weaknesses Shared n/a There is a point of contact for reporting information security events who is made known throughout the organization, always available, and able to provide adequate and timely response. The organization also maintains a list of third-party contact information (e.g., the email addresses of their information security officers), which can be used to report a security incident. 10
ISO27001-2013 A.6.1.3 ISO27001-2013_A.6.1.3 ISO 27001:2013 A.6.1.3 Organization of Information Security Contact with authorities Shared n/a Appropriate contacts with relevant authorities shall be maintained. link 2
ISO27001-2013 A.6.1.4 ISO27001-2013_A.6.1.4 ISO 27001:2013 A.6.1.4 Organization of Information Security Contact with special interest groups Shared n/a Appropriate contacts with special interest groups or other specialist security forums and professional associations shall be maintained. link 6
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 5269d7e4-3768-501d-7e46-66c56c15622c
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
JSON