last sync: 2024-May-24 18:03:04 UTC

Microsoft Managed Control 1671 - Flaw Remediation | Regulatory Compliance - System and Information Integrity

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1671 - Flaw Remediation
Id 5c5bbef7-a316-415b-9b38-29753ce8e698
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this System and Information Integrity control
Additional metadata Name/Id: ACF1671 / Microsoft Managed Control 1671
Category: System and Information Integrity
Title: Flaw Remediation - Remediation Incorporated into Configuration Management
Ownership: Customer, Microsoft
Description: The organization: Incorporates flaw remediation into the organizational configuration management process.
Requirements: Flaw remediation follows the standard change management process as outlined in the Microsoft Change Management Standard. The Policy Directives section describes the information required for submission of a request for change (RFC). As part of every RFC submission, an RFC must contain a detailed test outlining steps of the change, success metrics of the test, and a rollback plan as a risk mitigation procedure. The change review committee evaluates the RFC to grant approval prior to implementation in a production environment.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC