last sync: 2024-Jul-16 18:17:33 UTC

Microsoft Managed Control 1740 - Information Security Measures Of Performance | Regulatory Compliance - Program Management

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1740 - Information Security Measures Of Performance
Id e4df5fb7-58e9-41de-9399-f043c7a931f8
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Program Management control
Additional metadata Name/Id: ACF1740 / Microsoft Managed Control 1740
Category: Program Management
Title: Information Security Measures Of Performance
Ownership: Customer, Microsoft
Description: The organization develops, monitors, and reports on the results of information security measures of performance.
Requirements: Azure defines the safeguards as "standardized purchase orders, routine business reviews, performance metrics, and threat/risk/vulnerability analysis." Azure Security correlates vulnerability scanning information with penetration test data and audit records to gain a more complete picture of potential exploits and to enhance the ability to detect inappropriate activity, should it occur. Additionally, Azure Security uses vulnerability scanning reports in conjunction with performance and system monitoring data to identify unusual activity. The compliance and accreditation Joint Test Team validates the effectiveness and efficiency of the information security program and security controls; This is then re-validated during self-testing and assessment events. The Azure Security team combines the use of various sources of intelligence to aid incident investigation on as needed basis including the use of audit logging data, incident monitoring reports, vulnerability scan data, and penetration testing results. The correlation of this information is part of the identification phase of the incident management process and aids in discovering the presence of inappropriate activity in the Azure environment.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-04-01 20:29:14 add e4df5fb7-58e9-41de-9399-f043c7a931f8
JSON compare n/a
JSON
api-version=2021-06-01
EPAC