last sync: 2024-May-24 18:03:04 UTC

Microsoft Managed Control 1116 - Audit Review, Analysis, And Reporting | Regulatory Compliance - Audit and Accountability

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1116 - Audit Review, Analysis, And Reporting
Id 5e47bc51-35d1-44b8-92af-e2f2d8b67635
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Audit and Accountability control
Additional metadata Name/Id: ACF1116 / Microsoft Managed Control 1116
Category: Audit and Accountability
Title: Audit Review, Analysis, And Reporting - Reporting
Ownership: Customer, Microsoft
Description: The organization: Reports findings to Microsoft Azure Live Site team, ISSO and ISSM as applicable.
Requirements: Azure configures the detections and resulting alerts to be sent to the appropriate parties for resolution. Depending on the alert, this can include the service team or the Security Response Team. For example, use of an emergency access account generates an alert to the service team owning the subscription in which the emergency access was utilized. Alternatively, malicious PowerShell scripts are routed to the Security Response Team. Regardless of which team the alert is routed to, all service teams, Azure personnel, and external customers can escalate an incident or report a new one.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC