AzPolicyAdvertizer

last sync: 2024-Jul-26 18:17:39 UTC

Provide timely maintenance support | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Provide timely maintenance support
Id eb598832-4bcc-658d-4381-3ecbe17b9866
Version 1.1.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1425 - Provide timely maintenance support
Additional metadata Name/Id: CMA_C1425 / CMA_C1425
Category: Operational
Title: Provide timely maintenance support
Ownership: Customer
Description: The customer is responsible for timely maintenance support of customer-deployed operating systems.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 7 compliance controls are associated with this Policy definition 'Provide timely maintenance support' (eb598832-4bcc-658d-4381-3ecbe17b9866)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 MA-6 FedRAMP_High_R4_MA-6 FedRAMP High MA-6 Maintenance Timely Maintenance Shared n/a The organization obtains maintenance support and/or spare parts for [Assignment: organization-defined information system components] within [Assignment: organization-defined time period] of failure. Supplemental Guidance: Organizations specify the information system components that result in increased risk to organizational operations and assets, individuals, other organizations, or the Nation when the functionality provided by those components is not operational. Organizational actions to obtain maintenance support typically include having appropriate contracts in place. Related controls: CM-8, CP-2, CP-7, SA-14, SA-15. References: None. link 1
FedRAMP_Moderate_R4 MA-6 FedRAMP_Moderate_R4_MA-6 FedRAMP Moderate MA-6 Maintenance Timely Maintenance Shared n/a The organization obtains maintenance support and/or spare parts for [Assignment: organization-defined information system components] within [Assignment: organization-defined time period] of failure. Supplemental Guidance: Organizations specify the information system components that result in increased risk to organizational operations and assets, individuals, other organizations, or the Nation when the functionality provided by those components is not operational. Organizational actions to obtain maintenance support typically include having appropriate contracts in place. Related controls: CM-8, CP-2, CP-7, SA-14, SA-15. References: None. link 1
hipaa 18111.08j1Organizational.6-08.j hipaa-18111.08j1Organizational.6-08.j 18111.08j1Organizational.6-08.j 18 Physical & Environmental Security 18111.08j1Organizational.6-08.j 08.02 Equipment Security Shared n/a The organization obtains maintenance support and/or spare parts for defined key information system components (defined in the applicable security plan) within the applicable Recovery Time Objective (RTO) specified in the contingency plan. 1
ISO27001-2013 A.11.2.4 ISO27001-2013_A.11.2.4 ISO 27001:2013 A.11.2.4 Physical And Environmental Security Equipment maintenance Shared n/a Equipment shall be correctly maintained to ensure its continued availability and integrity. link 9
NIST_SP_800-53_R4 MA-6 NIST_SP_800-53_R4_MA-6 NIST SP 800-53 Rev. 4 MA-6 Maintenance Timely Maintenance Shared n/a The organization obtains maintenance support and/or spare parts for [Assignment: organization-defined information system components] within [Assignment: organization-defined time period] of failure. Supplemental Guidance: Organizations specify the information system components that result in increased risk to organizational operations and assets, individuals, other organizations, or the Nation when the functionality provided by those components is not operational. Organizational actions to obtain maintenance support typically include having appropriate contracts in place. Related controls: CM-8, CP-2, CP-7, SA-14, SA-15. References: None. link 1
NIST_SP_800-53_R5 MA-6 NIST_SP_800-53_R5_MA-6 NIST SP 800-53 Rev. 5 MA-6 Maintenance Timely Maintenance Shared n/a Obtain maintenance support and/or spare parts for [Assignment: organization-defined system components] within [Assignment: organization-defined time period] of failure. link 1
op.exp.4 Security maintenance and updates op.exp.4 Security maintenance and updates 404 not found n/a n/a 78
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add eb598832-4bcc-658d-4381-3ecbe17b9866
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC