last sync: 2024-Feb-21 20:03:25 UTC

Microsoft Managed Control 1104 - Audit Events | Regulatory Compliance - Audit and Accountability

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1104 - Audit Events
Id cdd8d244-18b2-4306-a1d1-df175ae0935f
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Audit and Accountability control
Additional metadata Name/Id: ACF1104 / Microsoft Managed Control 1104
Category: Audit and Accountability
Title: Audit Events - Rational for Adequacy
Ownership: Customer, Microsoft
Description: The organization: Provides a rationale for why the auditable events are deemed to be adequate to support after-the-fact investigations of security incidents; and
Requirements: Designated Azure personnel select which auditable events are to be audited, and Azure assets generate such audit records which enable Azure Security to support after-the-fact investigations of security incidents. The Security Response Team is involved in determining which events should be audited to support the incident management process and it has been determined that the selected events are sufficient to support the after-the-fact investigations of security incidents. Azure performs a review of the events to be audited within Azure at least annually, using several sources of input including security architects, incident management personnel, security analysts, and system operators, to determine that the list of auditable events is adequate to support after-the-fact investigations of security incidents.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC