last sync: 2025-Jul-25 17:39:48 UTC

Microsoft Managed Control 1600 - Developer Security Testing And Evaluation | Regulatory Compliance - System and Services Acquisition

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1600 - Developer Security Testing And Evaluation
Id c53f3123-d233-44a7-930b-f40d3bfeb7d6
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this System and Services Acquisition control
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.0.0'
Repository: Azure-Policy c53f3123-d233-44a7-930b-f40d3bfeb7d6
Additional metadata Name/Id: ACF1600 / Microsoft Managed Control 1600
Category: System and Services Acquisition
Title: Developer Security Testing And Evaluation - Create And Implement Security Assessment Plan
Ownership: Customer, Microsoft
Description: The organization requires the developer of the information system, system component, or information system service to: Create and implement a security assessment plan;
Requirements: Azure develops security assessment plans in accordance with Microsoft's Security Development Lifecycle (SDL) process. Security testing occurs during the following phases of the process: * Phase 3 – Implementation * Phase 4 – Verification * Phase 5 – Release
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC
{6 items
  • displayName: "Microsoft Managed Control 1600 - Developer Security Testing And Evaluation",
  • policyType: "Static",
  • mode: "Indexed",
  • description: "Microsoft implements this System and Services Acquisition control",
  • metadata: {3 items
    • version: "1.0.0",
    • category: "Regulatory Compliance",
    • additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/ACF1600"
    },
  • policyRule: {2 items}
}