| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1167 - Continuous Monitoring | ||
| Id | cbb2be76-4891-430b-95a7-ca0b0a3d1300 | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Security Assessment and Authorization control | ||
| Additional metadata |
Name/Id: ACF1167 / Microsoft Managed Control 1167 Category: Security Assessment and Authorization Title: Continuous Monitoring - Security Status Reporting Ownership: Customer, Microsoft Description: The organization develops a continuous monitoring strategy and implements a continuous monitoring program that includes: Reporting the security status of organization and the information system to Customers and specific to the FedRAMP certification, the FedRAMP JAB; Monthly. Requirements: Any new deficiencies that are identified from the security control assessments are documented in the POA&M. The POA&M is continuously updated and used to report on the security state of the information system as part of monthly reviews. POA&M updates are reviewed and validated by the Third Party Assessment Organization (3PAO), and are provided to customers and the FedRAMP JAB, DISA/DoD authorizing officials, and other regulators monthly, consistent with requirements. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|