Microsoft implements this System and Information Integrity control
Name/Id: ACF1674 / Microsoft Managed Control 1674 Category: System and Information Integrity Title: Flaw Remediation | Time To Remediate Flaws / Benchmarks For Corrective Actions Ownership: Customer, Microsoft Description: The organization: Measures the time between flaw identification and flaw remediation; and Requirements: Azure scans all assets with vulnerability scanners. These scanners produce timestamps of initial flaw detections and flaw remediation and are used to calculate the time elapsed between the two.
Rule resource types
IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups