| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1093 - Role-Based Security Training | ||
| Id | 7a0bdeeb-15f4-47e8-a1da-9f769f845fdf | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Awareness and Training control | ||
| Additional metadata |
Name/Id: ACF1093 / Microsoft Managed Control 1093 Category: Awareness and Training Title: Role-Based Security Training - Before Access is Authorized Ownership: Customer, Microsoft Description: The organization provides role-based security training to personnel with assigned security roles and responsibilities: Before authorizing access to the information system or performing assigned duties; Requirements: Microsoft C+AI training and awareness components are classified into one of two types: Role-Based and Required. Role-Based Training Role-Based training is mandatory security and awareness education that is deemed helpful in the facilitation of understanding security processes and procedures for a particular role an individual is placed in and is directly related to the job responsibilities of the individual. Role-Based training is offered to full-time personnel through the STRIKE program for engineering disciplines providing 200-400 level security training and best practices. Required Training Required training is mandatory security and awareness education that the Information Risk Management Council (IRMC) has specifically identified and defined as appropriate for Azure personnel based upon their organization. Required annual training includes Security Foundations for new hires and non-engineering FTEs and the STRIKE program for engineering FTEs. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|