AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Employ FIPS 201-approved technology for PIV

Name Employ FIPS 201-approved technology for PIV
Azure Portal
Id 8b333332-6efd-7c0d-5a9f-d1eb95105214
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1579 - Employ FIPS 201-approved technology for PIV
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Resources/subscriptions
Compliance The following 5 compliance controls are associated with this Policy definition 'Employ FIPS 201-approved technology for PIV' (8b333332-6efd-7c0d-5a9f-d1eb95105214)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 SA-4(10) FedRAMP_High_R4_SA-4(10) FedRAMP High SA-4 (10) System And Services Acquisition Use Of Approved Piv Products Shared n/a The organization employs only information technology products on the FIPS 201-approved products list for Personal Identity Verification (PIV) capability implemented within organizational information systems. Supplemental Guidance: Related controls: IA-2; IA-8. link 1
FedRAMP_Moderate_R4 SA-4(10) FedRAMP_Moderate_R4_SA-4(10) FedRAMP Moderate SA-4 (10) System And Services Acquisition Use Of Approved Piv Products Shared n/a The organization employs only information technology products on the FIPS 201-approved products list for Personal Identity Verification (PIV) capability implemented within organizational information systems. Supplemental Guidance: Related controls: IA-2; IA-8. link 1
hipaa 1784.10a1Organizational.7-10.a hipaa-1784.10a1Organizational.7-10.a 1784.10a1Organizational.7-10.a 17 Risk Management 1784.10a1Organizational.7-10.a 10.01 Security Requirements of Information Systems Shared n/a Where the security functionality in a proposed product does not satisfy the specified requirement, the risk introduced and associated controls are reconsidered prior to purchasing the product. 1
NIST_SP_800-53_R4 SA-4(10) NIST_SP_800-53_R4_SA-4(10) NIST SP 800-53 Rev. 4 SA-4 (10) System And Services Acquisition Use Of Approved Piv Products Shared n/a The organization employs only information technology products on the FIPS 201-approved products list for Personal Identity Verification (PIV) capability implemented within organizational information systems. Supplemental Guidance: Related controls: IA-2; IA-8. link 1
NIST_SP_800-53_R5 SA-4(10) NIST_SP_800-53_R5_SA-4(10) NIST SP 800-53 Rev. 5 SA-4 (10) System and Services Acquisition Use of Approved PIV Products Shared n/a Employ only information technology products on the FIPS 201-approved products list for Personal Identity Verification (PIV) capability implemented within organizational systems. link 1
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add 8b333332-6efd-7c0d-5a9f-d1eb95105214
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
JSON