| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1189 - Configuration Change Control | ||
| Id | ee45e02a-4140-416c-82c4-fecfea660b9d | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Configuration Management control | ||
| Additional metadata |
Name/Id: ACF1189 / Microsoft Managed Control 1189 Category: Configuration Management Title: Configuration Change Control - Audit Ownership: Customer, Microsoft Description: The organization: Audits and reviews activities associated with configuration-controlled changes to the information system; and Requirements: The tools outlined in Part c of this control provide an auditing capability to any changes to the configuration baselines or configuration settings within the tools. Azure uses Azure DevOps as the versioning system for software code, which tracks the identity of the person who checks code out, the time of the change, and what changes are made to what files. Software and hardware changes are tracked through Azure DevOps or IcM, which also provide detailed audit records of action taken. Deployment systems including OneBranch also audit and centrally report actions taken. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|