AzPolicyAdvertizer

last sync: 2025-Oct-24 17:23:08 UTC

Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals | Regulatory Compliance - System and Services Acquisition

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals

bf296b8c-f391-4ea4-9198-be3c9d39dd1f

Version

1.0.0
Details on versioning

Versioning

Versions supported for Versioning: 0
Built-in Versioning [Preview]

Category

Regulatory Compliance
Microsoft Learn

Description

Microsoft implements this System and Services Acquisition control

Cloud environments

AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown

Available in AzUSGov

The Policy is available in AzureUSGovernment cloud. Version: '1.0.0'
Repository: Azure-Policy bf296b8c-f391-4ea4-9198-be3c9d39dd1f

Additional metadata

Name/Id: ACF1590 / Microsoft Managed Control 1590
Category: System and Services Acquisition
Title: External Information System Services | Risk Assessments / Organizational Approvals - Approved Acquisition or Outsourcing
Ownership: Customer, Microsoft
Description: The organization: Ensures that the acquisition or outsourcing of dedicated information security services is approved by JAB, specific for the FedRAMP certification.
Requirements: Azure ensures the acquisition or outsourcing of dedicated information security services is approved by the FedRAMP JAB, DISA/DoD authorizing officials, and other regulators.

Mode

Indexed

Type

Static

Preview

False

Deprecated

False

Effect

Fixed
audit

RBAC role(s)

none

Rule aliases

none

Rule resource types

IF (2)

Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups

Compliance

The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals' (bf296b8c-f391-4ea4-9198-be3c9d39dd1f)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
	op.pl.1 Risk analysis	op.pl.1 Risk analysis	404 not found				n/a	n/a		70

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
Spain ENS	175daf90-21e1-4fec-b745-7b4c909aa94c	Regulatory Compliance	GA	BuiltIn	unknown

History

none

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC