last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Establish relationship between incident response capability and external providers

Name Establish relationship between incident response capability and external providers
Azure Portal
Id b470a37a-7a47-3792-34dd-7a793140702e
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1376 - Establish relationship between incident response capability and external providers
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)
none
Rule
Aliases
Rule
ResourceTypes
IF (1)
Microsoft.Resources/subscriptions
Compliance The following 9 compliance controls are associated with this Policy definition 'Establish relationship between incident response capability and external providers' (b470a37a-7a47-3792-34dd-7a793140702e)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 IR-7(2) FedRAMP_High_R4_IR-7(2) FedRAMP High IR-7 (2) Incident Response Coordination With External Providers Shared n/a The organization: (a) Establishes a direct, cooperative relationship between its incident response capability and external providers of information system protection capability; and (b) Identifies organizational incident response team members to the external providers. Supplemental Guidance: External providers of information system protection capability include, for example, the Computer Network Defense program within the U.S. Department of Defense. External providers help to protect, monitor, analyze, detect, and respond to unauthorized activity within organizational information systems and networks. link 2
FedRAMP_Moderate_R4 IR-7(2) FedRAMP_Moderate_R4_IR-7(2) FedRAMP Moderate IR-7 (2) Incident Response Coordination With External Providers Shared n/a The organization: (a) Establishes a direct, cooperative relationship between its incident response capability and external providers of information system protection capability; and (b) Identifies organizational incident response team members to the external providers. Supplemental Guidance: External providers of information system protection capability include, for example, the Computer Network Defense program within the U.S. Department of Defense. External providers help to protect, monitor, analyze, detect, and respond to unauthorized activity within organizational information systems and networks. link 2
hipaa 1504.06e1Organizational.34-06.e hipaa-1504.06e1Organizational.34-06.e 1504.06e1Organizational.34-06.e 15 Incident Management 1504.06e1Organizational.34-06.e 06.01 Compliance with Legal Requirements Shared n/a Management approves the use of information assets and takes appropriate action when unauthorized activity occurs. 16
hipaa 1505.11a1Organizational.13-11.a hipaa-1505.11a1Organizational.13-11.a 1505.11a1Organizational.13-11.a 15 Incident Management 1505.11a1Organizational.13-11.a 11.01 Reporting Information Security Incidents and Weaknesses Shared n/a A formal security incident response program has been established to respond, report (without fear of repercussion), escalate and treat breaches and reported security events or incidents. Organization-wide standards are specified for the time required for system administrators and other personnel to report anomalous events to the incident handling team, the mechanisms for such reporting, and the kind of information that should be included in the incident notification. This reporting includes notifying internal and external stakeholders, the appropriate community Computer Emergency Response Team, and law enforcement agencies in accordance with all legal or regulatory requirements for involving such organizations in computer incidents. 19
hipaa 1523.11c3Organizational.24-11.c hipaa-1523.11c3Organizational.24-11.c 1523.11c3Organizational.24-11.c 15 Incident Management 1523.11c3Organizational.24-11.c 11.02 Management of Information Security Incidents and Improvements Shared n/a Incidents are promptly reported to the appropriate authorities and outside parties (e.g., FedCIRC, CERT/CC). 4
NIST_SP_800-53_R4 IR-7(2) NIST_SP_800-53_R4_IR-7(2) NIST SP 800-53 Rev. 4 IR-7 (2) Incident Response Coordination With External Providers Shared n/a The organization: (a) Establishes a direct, cooperative relationship between its incident response capability and external providers of information system protection capability; and (b) Identifies organizational incident response team members to the external providers. Supplemental Guidance: External providers of information system protection capability include, for example, the Computer Network Defense program within the U.S. Department of Defense. External providers help to protect, monitor, analyze, detect, and respond to unauthorized activity within organizational information systems and networks. link 2
NIST_SP_800-53_R5 IR-7(2) NIST_SP_800-53_R5_IR-7(2) NIST SP 800-53 Rev. 5 IR-7 (2) Incident Response Coordination with External Providers Shared n/a (a) Establish a direct, cooperative relationship between its incident response capability and external providers of system protection capability; and (b) Identify organizational incident response team members to the external providers. link 2
SWIFT_CSCF_v2022 11.4 SWIFT_CSCF_v2022_11.4 SWIFT CSCF v2022 11.4 11. Monitor in case of Major Disaster Ensure an adequate escalation of operational malfunctions in case of customer impact. Shared n/a Ensure an adequate escalation of operational malfunctions in case of customer impact. link 14
SWIFT_CSCF_v2022 11.5 SWIFT_CSCF_v2022_11.5 SWIFT CSCF v2022 11.5 11. Monitor in case of Major Disaster Effective support is offered to customers in case they face problems during their business hours. Shared n/a Effective support is offered to customers in case they face problems during their business hours. link 10
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add b470a37a-7a47-3792-34dd-7a793140702e
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
SWIFT CSP-CSCF v2022 7bc7cd6c-4114-ff31-3cac-59be3157596d Regulatory Compliance GA BuiltIn
JSON