AzPolicyAdvertizer

last sync: 2023-Sep-29 17:58:48 UTC

Azure Policy definition

Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals | Regulatory Compliance - System and Services Acquisition

Source

Azure Portal

Display name

Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals

bf296b8c-f391-4ea4-9198-be3c9d39dd1f

Version

1.0.0
details on versioning

Category

Regulatory Compliance
Microsoft docs

Description

Microsoft implements this System and Services Acquisition control

Additional metadata

Name/Id: ACF1590 / Microsoft Managed Control 1590
Category: System and Services Acquisition
Title: External Information System Services | Risk Assessments / Organizational Approvals - Approved Acquisition or Outsourcing
Ownership: Customer, Microsoft
Description: The organization: Ensures that the acquisition or outsourcing of dedicated information security services is approved by JAB, specific for the FedRAMP certification.
Requirements: Azure ensures the acquisition or outsourcing of dedicated information security services is approved by the FedRAMP JAB, DISA/DoD authorizing officials, and other regulators.

Mode

Indexed

Type

Static

Preview

False

Deprecated

False

Effect

Fixed
audit

RBAC role(s)

none

Rule aliases

none

Rule resource types

IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups

Compliance

Not a Compliance control

Initiatives usage

none

History

none

JSON compare

n/a

JSON

api-version=2021-06-01