last sync: 2024-Mar-28 18:44:05 UTC

Microsoft Managed Control 1121 - Audit Review, Analysis, And Reporting | Correlation With Physical Monitoring | Regulatory Compliance - Audit and Accountability

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1121 - Audit Review, Analysis, And Reporting | Correlation With Physical Monitoring
Id c72b0eb9-1fc2-44e5-a866-e7cb0532f7c1
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Audit and Accountability control
Additional metadata Name/Id: ACF1121 / Microsoft Managed Control 1121
Category: Audit and Accountability
Title: Audit Review, Analysis, And Reporting | Correlation With Physical Monitoring
Ownership: Microsoft
Description: The organization correlates information from audit records with information obtained from monitoring physical access to further enhance the ability to identify suspicious, inappropriate, unusual, or malevolent activity.
Requirements: The Azure Security Response Team combine the analysis of audit records with physical security monitoring data as needed to aid in incident investigations. Any breaches or physical security incidents are reported through the incident reporting process by the physical security team if the physical security incident could potentially impact logical security. The Security Response Team then compares information from such physical security incidents to audit logging records to further identify and investigate suspicious behavior. Furthermore, when a physical incident is reported, the Security Response Team uses the related physical monitoring data and correlates it with audit records to determine if there was any associated logical breach or suspicious behavior in the Azure environment.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC