| Source | Azure Portal | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Display name | Microsoft Managed Control 1297 - Information System Recovery And Reconstitution | Restore Within Time Period | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Id | 93fd8af1-c161-4bae-9ba9-f62731f76439 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Version | 1.0.0 Details on versioning |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Category | Regulatory Compliance Microsoft Learn |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description | Microsoft implements this Contingency Planning control | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Additional metadata |
Name/Id: ACF1297 / Microsoft Managed Control 1297 Category: Contingency Planning Title: Information System Recovery And Reconstitution | Restore Within Time Period Ownership: Customer, Microsoft Description: The organization provides the capability to restore information system components within time period consistent with the restoration time-periods defined in the service provider and organization SLA from configuration-controlled and integrity-protected information representing a known, operational state for the components. Requirements: If all datacenters for an Azure service experience failure, or if Microsoft were to resume processing at a disrupted site, Microsoft uses the following to recover Azure services in other Azure datacenters to the last known state: * Defined images and current OS, network device, and application baselines * Defined security processes around access control, change management, mandatory configuration settings, and encryption mechanisms Redeployment as part of system restoration follows the same process with the same authentication requirements as initial deployment as part of configuration management. Azure does not establish separate recovery times for individual datacenter components due to the design and function of datacenters. Azure datacenters are designed to be redundant by hosting services in datacenters that are geographically separated from each other. Services are mirrored in geographically redundant datacenters; all sites are active. Therefore, the risk to the security of the Azure environment due to failure of individual components is mitigated through availability of the information system. If necessary to support the resumption of a service according to established disaster recovery plans, individual system components are replaced in support of the service Recovery Time Objective (RTO). The Azure spares policy ensures that spare components are available if replacement is needed. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Mode | Indexed | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Type | Static | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Preview | False | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Deprecated | False | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Effect | Fixed audit |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
| RBAC role(s) | none | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Rule aliases | none | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Compliance |
The following 4 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1297 - Information System Recovery And Reconstitution | Restore Within Time Period' (93fd8af1-c161-4bae-9ba9-f62731f76439)
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Initiatives usage |
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
| History | none | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| JSON compare | n/a | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
| JSON |
|