last sync: 2024-Apr-19 17:43:58 UTC

Review and update the events defined in AU-02 | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Review and update the events defined in AU-02
Id a930f477-9dcb-2113-8aa7-45bb6fc90861
Version 1.1.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1106 - Review and update the events defined in AU-02
Additional metadata Name/Id: CMA_C1106 / CMA_C1106
Category: Operational
Title: Review and update the events defined in AU-02
Ownership: Customer
Description: The customer is responsible for reviewing and updating the events defined in AU-02.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 8 compliance controls are associated with this Policy definition 'Review and update the events defined in AU-02' (a930f477-9dcb-2113-8aa7-45bb6fc90861)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 AU-2(3) FedRAMP_High_R4_AU-2(3) FedRAMP High AU-2 (3) Audit And Accountability Reviews And Updates Shared n/a The organization reviews and updates the audited events [Assignment: organization-defined frequency]. Supplemental Guidance: Over time, the events that organizations believe should be audited may change. Reviewing and updating the set of audited events periodically is necessary to ensure that the current set is still necessary and sufficient. link 1
FedRAMP_Moderate_R4 AU-2(3) FedRAMP_Moderate_R4_AU-2(3) FedRAMP Moderate AU-2 (3) Audit And Accountability Reviews And Updates Shared n/a The organization reviews and updates the audited events [Assignment: organization-defined frequency]. Supplemental Guidance: Over time, the events that organizations believe should be audited may change. Reviewing and updating the set of audited events periodically is necessary to ensure that the current set is still necessary and sufficient. link 1
hipaa 1202.09aa1System.1-09.aa hipaa-1202.09aa1System.1-09.aa 1202.09aa1System.1-09.aa 12 Audit Logging & Monitoring 1202.09aa1System.1-09.aa 09.10 Monitoring Shared n/a A secure audit record is created for all activities on the system (create, read, update, delete) involving covered information. 5
hipaa 1210.09aa3System.3-09.aa hipaa-1210.09aa3System.3-09.aa 1210.09aa3System.3-09.aa 12 Audit Logging & Monitoring 1210.09aa3System.3-09.aa 09.10 Monitoring Shared n/a All disclosures of covered information within or outside of the organization are logged including type of disclosure, date/time of the event, recipient, and sender. 11
hipaa 1216.09ab3System.12-09.ab hipaa-1216.09ab3System.12-09.ab 1216.09ab3System.12-09.ab 12 Audit Logging & Monitoring 1216.09ab3System.12-09.ab 09.10 Monitoring Shared n/a Automated systems are used to review monitoring activities of security systems (e.g., IPS/IDS) and system records on a daily basis, and identify and document anomalies. 20
ISO27001-2013 A.12.4.1 ISO27001-2013_A.12.4.1 ISO 27001:2013 A.12.4.1 Operations Security Event Logging Shared n/a Event logs recording user activities, exceptions, faults and information security events shall be produced, kept and regularly reviewed. link 53
NIST_SP_800-171_R2_3 .3.3 NIST_SP_800-171_R2_3.3.3 NIST SP 800-171 R2 3.3.3 Audit and Accountability Review and update logged events. Shared Microsoft and the customer share responsibilities for implementing this requirement. The intent of this requirement is to periodically re-evaluate which logged events will continue to be included in the list of events to be logged. The event types that are logged by organizations may change over time. Reviewing and updating the set of logged event types periodically is necessary to ensure that the current set remains necessary and sufficient. link 1
NIST_SP_800-53_R4 AU-2(3) NIST_SP_800-53_R4_AU-2(3) NIST SP 800-53 Rev. 4 AU-2 (3) Audit And Accountability Reviews And Updates Shared n/a The organization reviews and updates the audited events [Assignment: organization-defined frequency]. Supplemental Guidance: Over time, the events that organizations believe should be audited may change. Reviewing and updating the set of audited events periodically is necessary to ensure that the current set is still necessary and sufficient. link 1
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
NIST SP 800-171 Rev. 2 03055927-78bd-4236-86c0-f36125a10dc9 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-13 16:35:29 add a930f477-9dcb-2113-8aa7-45bb6fc90861
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC