last sync: 2024-Jun-13 18:14:14 UTC

Manage availability and capacity | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Manage availability and capacity
Id edcc36f1-511b-81e0-7125-abee29752fe7
Version 1.1.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description CMA_0356 - Manage availability and capacity
Additional metadata Name/Id: CMA_0356 / CMA_0356
Category: Operational
Title: Manage availability and capacity
Ownership: Customer
Description: Microsoft recommends that your organization define and maintain descriptions and relationships among key resources and capabilities required to deliver services, such as establishing baselines, verifying and auditing configuration information, and updating the configuration repository. It is also recommended that your organization balance current and future needs for availability, performance and capacity with cost-effective service provision. Microsoft recommends that your organization assess current availability capabilities, forecast future needs based on business requirements, analyze business impacts, and assess risk to plan and implement actions to meet the identified requirements.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 6 compliance controls are associated with this Policy definition 'Manage availability and capacity' (edcc36f1-511b-81e0-7125-abee29752fe7)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 SC-6 FedRAMP_High_R4_SC-6 FedRAMP High SC-6 System And Communications Protection Resource Availability Shared n/a The information system protects the availability of resources by allocating [Assignment: organization-defined resources] by [Selection (one or more); priority; quota; [Assignment: organization-defined security safeguards]]. Supplemental Guidance: Priority protection helps prevent lower-priority processes from delaying or interfering with the information system servicing any higher-priority processes. Quotas prevent users or processes from obtaining more than predetermined amounts of resources. This control does not apply to information system components for which there are only single users/roles. Control Enhancements: None. References: None. link 3
FedRAMP_Moderate_R4 SC-6 FedRAMP_Moderate_R4_SC-6 FedRAMP Moderate SC-6 System And Communications Protection Resource Availability Shared n/a The information system protects the availability of resources by allocating [Assignment: organization-defined resources] by [Selection (one or more); priority; quota; [Assignment: organization-defined security safeguards]]. Supplemental Guidance: Priority protection helps prevent lower-priority processes from delaying or interfering with the information system servicing any higher-priority processes. Quotas prevent users or processes from obtaining more than predetermined amounts of resources. This control does not apply to information system components for which there are only single users/roles. Control Enhancements: None. References: None. link 3
hipaa 0818.01w3System.12-01.w hipaa-0818.01w3System.12-01.w 0818.01w3System.12-01.w 08 Network Protection 0818.01w3System.12-01.w 01.06 Application and Information Access Control Shared n/a Shared system resources (e.g., registers, main memory, secondary storage) are released back to the system, protected from disclosure to other systems/applications/users, and users cannot intentionally or unintentionally access information remnants. 4
NIST_SP_800-53_R4 SC-6 NIST_SP_800-53_R4_SC-6 NIST SP 800-53 Rev. 4 SC-6 System And Communications Protection Resource Availability Shared n/a The information system protects the availability of resources by allocating [Assignment: organization-defined resources] by [Selection (one or more); priority; quota; [Assignment: organization-defined security safeguards]]. Supplemental Guidance: Priority protection helps prevent lower-priority processes from delaying or interfering with the information system servicing any higher-priority processes. Quotas prevent users or processes from obtaining more than predetermined amounts of resources. This control does not apply to information system components for which there are only single users/roles. Control Enhancements: None. References: None. link 3
NIST_SP_800-53_R5 SC-6 NIST_SP_800-53_R5_SC-6 NIST SP 800-53 Rev. 5 SC-6 System and Communications Protection Resource Availability Shared n/a Protect the availability of resources by allocating [Assignment: organization-defined resources] by [Selection (OneOrMore): priority;quota; [Assignment: organization-defined controls] ] . link 3
op.pl.4 Sizing and capacity management op.pl.4 Sizing and capacity management 404 not found n/a n/a 12
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add edcc36f1-511b-81e0-7125-abee29752fe7
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC