AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Analyse data obtained from continuous monitoring

Name Analyse data obtained from continuous monitoring
Azure Portal
Id 6a379d74-903b-244a-4c44-838728bea6b0
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1169 - Analyse data obtained from continuous monitoring
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Resources/subscriptions
Compliance The following 4 compliance controls are associated with this Policy definition 'Analyse data obtained from continuous monitoring' (6a379d74-903b-244a-4c44-838728bea6b0)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 CA-7(3) FedRAMP_High_R4_CA-7(3) FedRAMP High CA-7 (3) Security Assessment And Authorization Trend Analyses Shared n/a The organization employs trend analyses to determine if security control implementations, the frequency of continuous monitoring activities, and/or the types of activities used in the continuous monitoring process need to be modified based on empirical data. Supplemental Guidance: Trend analyses can include, for example, examining recent threat information regarding the types of threat events that have occurred within the organization or across the federal government, success rates of certain types of cyber attacks, emerging vulnerabilities in information technologies, evolving social engineering techniques, results from multiple security control assessments, the effectiveness of configuration settings, and findings from Inspectors General or auditors. link 1
hipaa 0604.06g2Organizational.2-06.g hipaa-0604.06g2Organizational.2-06.g 0604.06g2Organizational.2-06.g 06 Configuration Management 0604.06g2Organizational.2-06.g 06.02 Compliance with Security Policies and Standards, and Technical Compliance Shared n/a The organization has developed a continuous monitoring strategy and implemented a continuous monitoring program. 7
NIST_SP_800-53_R4 CA-7(3) NIST_SP_800-53_R4_CA-7(3) NIST SP 800-53 Rev. 4 CA-7 (3) Security Assessment And Authorization Trend Analyses Shared n/a The organization employs trend analyses to determine if security control implementations, the frequency of continuous monitoring activities, and/or the types of activities used in the continuous monitoring process need to be modified based on empirical data. Supplemental Guidance: Trend analyses can include, for example, examining recent threat information regarding the types of threat events that have occurred within the organization or across the federal government, success rates of certain types of cyber attacks, emerging vulnerabilities in information technologies, evolving social engineering techniques, results from multiple security control assessments, the effectiveness of configuration settings, and findings from Inspectors General or auditors. link 1
NIST_SP_800-53_R5 CA-7(3) NIST_SP_800-53_R5_CA-7(3) NIST SP 800-53 Rev. 5 CA-7 (3) Assessment, Authorization, and Monitoring Trend Analyses Shared n/a Employ trend analyses to determine if control implementations, the frequency of continuous monitoring activities, and the types of activities used in the continuous monitoring process need to be modified based on empirical data. link 1
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 6a379d74-903b-244a-4c44-838728bea6b0
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
JSON