last sync: 2023-Sep-29 17:58:48 UTC

Azure Policy definition

Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals | Regulatory Compliance - System and Services Acquisition

Source Azure Portal
Display name Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals
Id bf296b8c-f391-4ea4-9198-be3c9d39dd1f
Version 1.0.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description Microsoft implements this System and Services Acquisition control
Additional metadata Name/Id: ACF1590 / Microsoft Managed Control 1590
Category: System and Services Acquisition
Title: External Information System Services | Risk Assessments / Organizational Approvals - Approved Acquisition or Outsourcing
Ownership: Customer, Microsoft
Description: The organization: Ensures that the acquisition or outsourcing of dedicated information security services is approved by JAB, specific for the FedRAMP certification.
Requirements: Azure ensures the acquisition or outsourcing of dedicated information security services is approved by the FedRAMP JAB, DISA/DoD authorizing officials, and other regulators.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01