Unknown, no evidence if Policy definition is/not available in AzureUSGovernment
Additional metadata
Name/Id: CMA_0027 / CMA_0027 Category: Operational Title: Automate flaw remediation Ownership: Customer Description: Microsoft recommends that your organization create System and Information Integrity policies and standard operating procedures that include the implementation of automated mechanisms to periodically determine the state of information system components regarding flaw remediation and system updates. Additionally, it is recommended that your organization document and implement a process to confirm successful deployment of security patches and resolution of update failures. Requirements: The customer is responsible for implementing this recommendation.
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators: <, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx: Learn more
The organization employs automated mechanisms [Assignment: organization-defined frequency] to determine the state of information system components with regard to flaw remediation.
Supplemental Guidance: Related controls: CM-6, SI-4.
The organization employs automated mechanisms [Assignment: organization-defined frequency] to determine the state of information system components with regard to flaw remediation.
Supplemental Guidance: Related controls: CM-6, SI-4.
The organization scans for vulnerabilities in the information system and hosted applications to determine the state of flaw remediation monthly (automatically), and again (manually or automatically) when new vulnerabilities potentially affecting the systems and networked environments are identified and reported.
1791.10a2Organizational.6-10.a 10.01 Security Requirements of Information Systems
Shared
n/a
Specifications for the security control requirements state automated controls will be incorporated in the information system, supplemented by manual controls as needed, as evidenced throughout the SDLC.
The organization employs automated mechanisms [Assignment: organization-defined frequency] to determine the state of information system components with regard to flaw remediation.
Supplemental Guidance: Related controls: CM-6, SI-4.
Determine if system components have applicable security-relevant software and firmware updates installed using [Assignment: organization-defined automated mechanisms] [Assignment: organization-defined frequency].
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators: <, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx: Learn more