| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1528 - Access Agreements | ||
| Id | deb9797c-22f8-40e8-b342-a84003c924e6 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Personnel Security control | ||
| Cloud environments | AzureCloud = true AzureUSGovernment = true AzureChinaCloud = unknown |
||
| Available in AzUSGov | The Policy is available in AzureUSGovernment cloud. Version: '1.0.0' Repository: Azure-Policy deb9797c-22f8-40e8-b342-a84003c924e6 |
||
| Additional metadata |
Name/Id: ACF1528 / Microsoft Managed Control 1528 Category: Personnel Security Title: Access Agreements - Authorized Access: Sign Appropriate Agreements Ownership: Customer, Microsoft Description: The organization: Ensures that individuals requiring access to organizational information and information systems: Sign appropriate access agreements prior to being granted access; and Re-sign access agreements to maintain access to organizational information systems when access agreements have been updated or at least annually and any time there is a change to the user's geographic location. Requirements: Prior to granting access to organizational information and information systems: * All Microsoft employees must sign the Employee Agreement (EA) as a condition of employment. Employees resign the EA if they move to some geographic locations.Submission of training completion constitutes agreement that the user understands the EA. * FTEs must also sign the Employee Agreement (EA). Third parties, such as subcontractors and vendors, must complete and sign the Resource Access Agreement (RAA), the Email/Network & Cardkey Access Agreement (ECA), and the Contract Worker Agreement (CWA) including the non-disclosure provisions for Agency Temporary Workers (ATW). Because of the nature of JIT access, a user’s level of access can change multiple times per day. As such, Azure does not require resigning of the EA or retraining any time there is a change to the user's level of access. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|