last sync: 2024-Apr-24 17:46:58 UTC

Microsoft Managed Control 1124 - Audit Reduction And Report Generation | Regulatory Compliance - Audit and Accountability

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1124 - Audit Reduction And Report Generation
Id c10152dd-78f8-4335-ae2d-ad92cc028da4
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Audit and Accountability control
Additional metadata Name/Id: ACF1124 / Microsoft Managed Control 1124
Category: Audit and Accountability
Title: Audit Reduction And Report Generation - Review Capabilities
Ownership: Customer, Microsoft
Description: The information system provides an audit reduction and report generation capability that: Supports on-demand audit review, analysis, and reporting requirements and after-the-fact investigations of security incidents; and
Requirements: Azure service teams deploy Geneva Monitoring and SCUBA as part of environment-wide monitoring solutions. Geneva Monitoring and SCUBA digest large amounts of log data into human-readable alerting and reports. All events are logged and available for human review as needed, but all events are reviewed automatically and known good activity is filtered out from alerting on an ongoing basis. Events that meet detection criteria, such as those that could indicate attacks or misuse, are automatically flagged and escalated as alerts in S360 or work items in IcM or DevOps. These are sent directly to Azure service teams for clarification and feedback or escalated within the Security Response Team for incident management.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC