AzPolicyAdvertizer

last sync: 2023-Jun-02 17:44:47 UTC

Azure Policy definition

Provide the capability to extend or limit auditing on customer-deployed resources

Name Provide the capability to extend or limit auditing on customer-deployed resources
Azure Portal
Id d200f199-69f4-95a6-90b0-37ff0cf1040c
Version 1.1.0
details on versioning
Category Regulatory Compliance
Microsoft docs
Description CMA_C1141 - Provide the capability to extend or limit auditing on customer-deployed resources
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Default
Manual
Allowed
Manual, Disabled
RBAC
Role(s)		 none
Rule
Aliases
Rule
ResourceTypes		 IF (1)
Microsoft.Resources/subscriptions
Compliance The following 3 compliance controls are associated with this Policy definition 'Provide the capability to extend or limit auditing on customer-deployed resources' (d200f199-69f4-95a6-90b0-37ff0cf1040c)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 AU-12(3) FedRAMP_High_R4_AU-12(3) FedRAMP High AU-12 (3) Audit And Accountability Changes By Authorized Individuals Shared n/a The information system provides the capability for [Assignment: organization-defined individuals or roles] to change the auditing to be performed on [Assignment: organization-defined information system components] based on [Assignment: organization-defined selectable event criteria] within [Assignment: organization-defined time thresholds]. Supplemental Guidance: This control enhancement enables organizations to extend or limit auditing as necessary to meet organizational requirements. Auditing that is limited to conserve information system resources may be extended to address certain threat situations. In addition, auditing may be limited to a specific set of events to facilitate audit reduction, analysis, and reporting. Organizations can establish time thresholds in which audit actions are changed, for example, near real-time, within minutes, or within hours. Related control: AU-7. link 1
NIST_SP_800-53_R4 AU-12(3) NIST_SP_800-53_R4_AU-12(3) NIST SP 800-53 Rev. 4 AU-12 (3) Audit And Accountability Changes By Authorized Individuals Shared n/a The information system provides the capability for [Assignment: organization-defined individuals or roles] to change the auditing to be performed on [Assignment: organization-defined information system components] based on [Assignment: organization-defined selectable event criteria] within [Assignment: organization-defined time thresholds]. Supplemental Guidance: This control enhancement enables organizations to extend or limit auditing as necessary to meet organizational requirements. Auditing that is limited to conserve information system resources may be extended to address certain threat situations. In addition, auditing may be limited to a specific set of events to facilitate audit reduction, analysis, and reporting. Organizations can establish time thresholds in which audit actions are changed, for example, near real-time, within minutes, or within hours. Related control: AU-7. link 1
NIST_SP_800-53_R5 AU-12(3) NIST_SP_800-53_R5_AU-12(3) NIST SP 800-53 Rev. 5 AU-12 (3) Audit and Accountability Changes by Authorized Individuals Shared n/a Provide and implement the capability for [Assignment: organization-defined individuals or roles] to change the logging to be performed on [Assignment: organization-defined system components] based on [Assignment: organization-defined selectable event criteria] within [Assignment: organization-defined time thresholds]. link 1
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add d200f199-69f4-95a6-90b0-37ff0cf1040c
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
JSON