last sync: 2024-Mar-27 18:49:11 UTC

Microsoft Managed Control 1613 - Developer Security Architecture And Design | Regulatory Compliance - System and Services Acquisition

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1613 - Developer Security Architecture And Design
Id fe2ad78b-8748-4bff-a924-f74dfca93f30
Version 1.0.0
Details on versioning
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this System and Services Acquisition control
Additional metadata Name/Id: ACF1613 / Microsoft Managed Control 1613
Category: System and Services Acquisition
Title: Developer Security Architecture And Design - Accurate Security Funtionality
Ownership: Customer, Microsoft
Description: The organization requires the developer of the information system, system component, or information system service to produce a design specification and security architecture that: Accurately and completely describes the required security functionality, and the allocation of security controls among physical and logical components; and
Requirements: The security architecture produced during the Design phase of the SDL process defines all attack surfaces, their associated risks, and security functionality necessary to address those risks.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC