last sync: 2023-Jun-07 17:44:43 UTC

Azure Policy definition

Publish rules and regulations accessing Privacy Act records

Name Publish rules and regulations accessing Privacy Act records
Azure Portal
Id ad1d562b-a04b-15d3-6770-ed310b601cb5
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1847 - Publish rules and regulations accessing Privacy Act records
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual, Disabled
IF (1)
Compliance The following 2 compliance controls are associated with this Policy definition 'Publish rules and regulations accessing Privacy Act records' (ad1d562b-a04b-15d3-6770-ed310b601cb5)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
ISO27001-2013 A.12.4.1 ISO27001-2013_A.12.4.1 ISO 27001:2013 A.12.4.1 Operations Security Event Logging Shared n/a Event logs recording user activities, exceptions, faults and information security events shall be produced, kept and regularly reviewed. link 53
SOC_2 P5.1 SOC_2_P5.1 SOC 2 Type 2 P5.1 Additional Criteria For Privacy Personal information access Shared The customer is responsible for implementing this recommendation. • Authenticates Data Subjects’ Identity — The identity of data subjects who request access to their personal information is authenticated before they are given access to that information. • Permits Data Subjects Access to Their Personal Information — Data subjects are able to determine whether the entity maintains personal information about them and, upon request, may obtain access to their personal information. • Provides Understandable Personal Information Within Reasonable Time — Personal information is provided to data subjects in an understandable form, in a reasonable time frame, and at a reasonable cost, if any. • Informs Data Subjects If Access Is Denied — When data subjects are denied access to their personal information, the entity informs them of the denial and the reason for the denial in a timely manner, unless prohibited by law or regulation. 2
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-13 16:35:29 add ad1d562b-a04b-15d3-6770-ed310b601cb5
Initiative DisplayName Initiative Id Initiative Category State Type
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
SOC 2 Type 2 4054785f-702b-4a98-9215-009cbd58b141 Regulatory Compliance GA BuiltIn