last sync: 2024-Jun-24 18:15:26 UTC

Microsoft Managed Control 1093 - Role-Based Security Training | Regulatory Compliance - Awareness and Training

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1093 - Role-Based Security Training
Id 7a0bdeeb-15f4-47e8-a1da-9f769f845fdf
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Awareness and Training control
Additional metadata Name/Id: ACF1093 / Microsoft Managed Control 1093
Category: Awareness and Training
Title: Role-Based Security Training - Before Access is Authorized
Ownership: Customer, Microsoft
Description: The organization provides role-based security training to personnel with assigned security roles and responsibilities: Before authorizing access to the information system or performing assigned duties;
Requirements: Microsoft C+AI training and awareness components are classified into one of two types: Role-Based and Required. Role-Based Training Role-Based training is mandatory security and awareness education that is deemed helpful in the facilitation of understanding security processes and procedures for a particular role an individual is placed in and is directly related to the job responsibilities of the individual. Role-Based training is offered to full-time personnel through the STRIKE program for engineering disciplines providing 200-400 level security training and best practices. Required Training Required training is mandatory security and awareness education that the Information Risk Management Council (IRMC) has specifically identified and defined as appropriate for Azure personnel based upon their organization. Required annual training includes Security Foundations for new hires and non-engineering FTEs and the STRIKE program for engineering FTEs.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC