last sync: 2024-Oct-11 17:51:27 UTC

Respond to complaints, concerns, or questions timely | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Respond to complaints, concerns, or questions timely
Id 6ab47bbf-867e-9113-7998-89b58f77326a
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1853 - Respond to complaints, concerns, or questions timely
Additional metadata Name/Id: CMA_C1853 / CMA_C1853
Category: Operational
Title: Respond to complaints, concerns, or questions timely
Ownership: Customer
Description: The customer is responsible for responding to complaints, concerns, or questions within the defined time period.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 1 compliance controls are associated with this Policy definition 'Respond to complaints, concerns, or questions timely' (6ab47bbf-867e-9113-7998-89b58f77326a)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
SOC_2 P8.1 SOC_2_P8.1 SOC 2 Type 2 P8.1 Additional Criteria For Privacy Privacy complaint management and compliance management Shared The customer is responsible for implementing this recommendation. • Communicates to Data Subjects — Data subjects are informed about how to contact the entity with inquiries, complaints, and disputes. • Addresses Inquiries, Complaints, and Disputes — A process is in place to address inquiries, complaints, and disputes. • Documents and Communicates Dispute Resolution and Recourse — Each complaint is addressed and the resolution is documented and communicated to the individual. • Documents and Reports Compliance Review Results — Compliance with objectives related to privacy are reviewed and documented and the results of such reviews are reported to management. If problems are identified, remediation plans are developed and implemented. • Documents and Reports Instances of Noncompliance — Instances of noncompliance with objectives related to privacy are documented and reported and, if needed, corrective and disciplinary measures are taken on a timely basis. • Performs Ongoing Monitoring — Ongoing procedures are performed for monitoring the effectiveness of controls over personal information and for taking timely corrective actions when necessary. 5
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
SOC 2 Type 2 4054785f-702b-4a98-9215-009cbd58b141 Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-13 16:35:29 add 6ab47bbf-867e-9113-7998-89b58f77326a
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC