JSON
api-version=2023-04-01
Copy definition Copy definition 4 EPAC EPAC
{ 9 items displayName: "NIST SP 800-53 Rev. 5" , policyType: "BuiltIn" , description: "National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative" , metadata: { 2 items version: "14.17.0" , category: "Regulatory Compliance" } , version: "14.17.0" , parameters: { 122 items IncludeArcMachines: { 4 items type: "String" , metadata: { 2 items displayName: "Include Arc-connected servers when evaluating guest configuration policies" , description: "By selecting 'true,' you agree to be charged monthly per Arc connected machine; for more information, visit https://aka.ms/policy-pricing" } , allowedValues: [ 2 items ] , defaultValue: "false" } , NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40: { 4 items type: "String" , metadata: { 2 items displayName: "Status if Windows Defender is not available on machine" , description: "Windows Defender Exploit Guard is only available starting with Windows 10/Windows Server with update 1709. Setting this value to 'Non-Compliant' shows machines with older versions on which Windows Defender Exploit Guard is not available (such as Windows Server 2012 R2) as non-compliant. Setting this value to 'Compliant' shows these machines as compliant." } , allowedValues: [ 2 items "Compliant" , "Non-Compliant" ] , defaultValue: "Compliant" } , MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112: { 4 items type: "String" , metadata: { 2 items displayName: "Minimum TLS version for Windows web servers" , description: "Windows web servers with lower TLS versions will be assessed as non-compliant" } , allowedValues: [ 2 items ] , defaultValue: "1.2" } , requiredRetentionDays: { 3 items type: "String" , metadata: { 1 item displayName: "Required retention period (days) for resource logs" } , defaultValue: "365" } , effect-febd0533-8e55-448f-b837-bd0e06f16469: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster containers should only use allowed images" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , excludedNamespaces: { 3 items type: "Array" , metadata: { 2 items displayName: "Kubernetes namespaces excluded from evaluation of Kubernetes cluster policies in this initiative" , description: "List of Kubernetes namespaces to exclude from policy evaluation" } , defaultValue: [ 3 items "kube-system" , "gatekeeper-system" , "azure-arc" ] } , namespaces: { 3 items type: "Array" , metadata: { 2 items displayName: "Kubernetes namespaces included for evaluation of Kubernetes cluster policies in this initiative" , description: "List of Kubernetes namespaces to (only) include for policy evaluation; an empty list will result in policies evaluated on all resources in all namespaces" } , defaultValue: [] } , labelSelector: { 3 items type: "Object" , metadata: { 2 items displayName: "Kubernetes label selector for resources included for evaluation of Kubernetes cluster policies in this initiative" , description: "Label query to select Kubernetes resources to include for policy evaluation; an empty label selector will result in policies evaluated on all Kubernetes resources" } , defaultValue: {} } , allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469: { 3 items type: "String" , metadata: { 2 items displayName: "Allowed container images for Kubernetes clusters" , description: "Regular expression used to match allowed container images in a Kubernetes cluster; Ex: allow any Azure Container Registry image by matching partial path: ^.+azurecr.io/.+$" } , defaultValue: "^(.+){0}$" } , effect-95edb821-ddaf-4404-9732-666045e056b4: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster should not allow privileged containers" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , excludedContainers-95edb821-ddaf-4404-9732-666045e056b4: { 3 items type: "Array" , metadata: { 2 items displayName: "Kubernetes containers excluded from evaluation of policy: Kubernetes cluster should not allow privileged containers" , description: "The list of InitContainers and Containers to exclude from policy evaluation. The list should use the container name. Use an empty list to apply this policy to all containers in all namespaces." } , defaultValue: [] } , effect-440b515e-a580-421e-abeb-b159a61ddcbc: { 4 items type: "String" , metadata: { 3 items displayName: "[Deprecated]: Effect for policy: Kubernetes cluster containers should only listen on allowed ports" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" , deprecated: true } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "disabled" } , allowedContainerPortsList-440b515e-a580-421e-abeb-b159a61ddcbc: { 3 items type: "Array" , metadata: { 3 items displayName: "[Deprecated]: Allowed listener ports for Kubernetes cluster containers" , description: "List of container ports on which Kubernetes cluster containers are allowed to listen" , deprecated: true } , defaultValue: [] } , effect-233a2a17-77ca-4fb1-9b6b-69223d272a44: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster services should listen only on allowed ports" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , allowedServicePortsList-233a2a17-77ca-4fb1-9b6b-69223d272a44: { 3 items type: "Array" , metadata: { 2 items displayName: "Allowed listener ports for Kubernetes cluster services" , description: "The list of ports on which Kubernetes cluster services are allowed to listen" } , defaultValue: [] } , effect-e345eecc-fa47-480f-9e88-67dcc122b164: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164: { 3 items type: "String" , metadata: { 2 items displayName: "Maximum allowed CPU units for containers in Kubernetes clusters" , description: "Ex: 200m; for more information, visit https://aka.ms/k8s-policy-pod-limits" } , defaultValue: "0" } , memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164: { 3 items type: "String" , metadata: { 2 items displayName: "Maximum allowed memory (bytes) for a container in Kubernetes clusters" , description: "Ex: 1Gi; for more information, visit https://aka.ms/k8s-policy-pod-limits" } , defaultValue: "0" } , effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster pods and containers should only run with approved user and group IDs" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 4 items type: "String" , metadata: { 2 items displayName: "Run as user rule for Kubernetes containers" , description: "The 'RunAsUser' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc" } , allowedValues: [ 3 items "MustRunAs" , "MustRunAsNonRoot" , "RunAsAny" ] , defaultValue: "MustRunAsNonRoot" } , runAsUserRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 3 items type: "Object" , metadata: { 2 items displayName: "Allowed user ID ranges for Kubernetes containers" , description: "User ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: { 1 item } } , runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 4 items type: "String" , metadata: { 2 items displayName: "Run as group rule for Kubernetes containers" , description: "The 'RunAsGroup' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc" } , allowedValues: [ 3 items "MustRunAs" , "MayRunAs" , "RunAsAny" ] , defaultValue: "RunAsAny" } , runAsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 3 items type: "Object" , metadata: { 2 items displayName: "Allowed group ID ranges for Kubernetes containers" , description: "Group ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: { 1 item } } , supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 4 items type: "String" , metadata: { 2 items displayName: "Supplemental group rule for Kubernetes containers" , description: "The 'SupplementalGroups' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc" } , allowedValues: [ 3 items "MustRunAs" , "MayRunAs" , "RunAsAny" ] , defaultValue: "RunAsAny" } , supplementalGroupsRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 3 items type: "Object" , metadata: { 2 items displayName: "Allowed supplemental group ID ranges for Kubernetes containers" , description: "Supplemental group ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: { 1 item } } , fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 4 items type: "String" , metadata: { 2 items displayName: "File system group rule for Kubernetes containers" , description: "The 'FSGroup' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc" } , allowedValues: [ 3 items "MustRunAs" , "MayRunAs" , "RunAsAny" ] , defaultValue: "RunAsAny" } , fsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042: { 3 items type: "Object" , metadata: { 2 items displayName: "Allowed file system group ID ranges for Kubernetes cluster pods" , description: "File system group ranges that are allowed for pods to use; for more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: { 1 item } } , effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes clusters should not allow container privilege escalation" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster containers should not share host process ID or host IPC namespace" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-df49d893-a74c-421d-bc95-c663042e5b80: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster containers should run with a read only root file system" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes clusters should be accessible only over HTTPS" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster containers should only use allowed capabilities" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , allowedCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c: { 3 items type: "Array" , metadata: { 2 items displayName: "List of capabilities that are allowed to be added to a Kubernetes cluster container" , description: "Use an empty list as input to block everything" } , defaultValue: [] } , requiredDropCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c: { 3 items type: "Array" , metadata: { 2 items displayName: "The list of capabilities that must be dropped by a Kubernetes cluster container" , description: "For more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: [] } , effect-511f5417-5d12-434d-ab2e-816901e72a5e: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster containers should only use allowed AppArmor profiles" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , allowedProfiles-511f5417-5d12-434d-ab2e-816901e72a5e: { 3 items type: "Array" , metadata: { 2 items displayName: "The list of AppArmor profiles that containers are allowed to use" , description: "Ex: 'runtime/default;docker/default'; use an empty list as input to block everything; for more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: [] } , effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster pods should only use approved host network and port range" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , allowHostNetwork-82985f06-dc18-4a48-bc1c-b9f4f0098cfe: { 3 items type: "Boolean" , metadata: { 2 items displayName: "Allow host network usage for Kubernetes cluster pods" , description: "Set this value to true if pod is allowed to use host network, otherwise set to false; for more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: false } , minPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe: { 3 items type: "Integer" , metadata: { 2 items displayName: "Minimum value in the allowable host port range that Kubernetes cluster pods can use in the host network namespace" , description: "For more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: 0 } , maxPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe: { 3 items type: "Integer" , metadata: { 2 items displayName: "Maximum value in the allowable host port range that Kubernetes cluster pods can use in the host network namespace" , description: "For more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: 0 } , effect-098fc59e-46c7-4d99-9b16-64990e543d75: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Kubernetes cluster pod hostPath volumes should only use allowed host paths" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , allowedHostPaths-098fc59e-46c7-4d99-9b16-64990e543d75: { 3 items type: "Object" , metadata: { 2 items displayName: "Allowed host paths for pod hostPath volumes to use" , description: "Use an empty paths list to block all host paths; for more information, visit https://aka.ms/kubepolicydoc" } , defaultValue: { 1 item } } , resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6: { 3 items type: "String" , metadata: { 2 items displayName: "Name of the resource group for Network Watcher" , description: "Name of the resource group where Network Watchers are located, Ex: NetworkWatcherRG" } , defaultValue: "NetworkWatcherRG" } , includeAKSClusters-7c1b1214-f927-48bf-8882-84f0af6588b1: { 3 items type: "Boolean" , metadata: { 3 items displayName: "[Deprecated]: Include AKS clusters when auditing if virtual machine scale set diagnostic logs are enabled" , description: "For more information, visit https://aka.ms/kubepolicydoc" , deprecated: true } , defaultValue: false } , setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9: { 4 items } , evaluatedSkuNames-ef619a2c-cc4d-4d03-b2ba-8c94a834d85b: { 4 items } , effect-b54ed75b-3e1a-44ac-a333-05ba39b99ff0: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Service Fabric clusters should only use Azure Active Directory for client authentication" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-71ef260a-8f18-47b7-abcb-62d0673d94dc: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Cognitive Services accounts should have local authentication methods disabled" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Web Application Firewall should be enabled for Azure Front Door entry-points" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Web Application Firewall (WAF) should be enabled for Application Gateway" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Cosmos DB accounts should have firewall rules" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-d9da03a1-f3c3-412a-9709-947156872263: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-617c02be-7f02-4efd-8836-3180d47b6c68: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Key vaults should have purge protection enabled" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Key vaults should have soft delete enabled" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , maximumValidityInMonths-0a075868-4c26-42ef-914c-5bc007359560: { 3 items type: "Integer" , metadata: { 2 items displayName: "Maximum validity (months) for Key Vault certificates" , description: "The limit for how long a Key Vault certificate may be valid; Azure best practices recommend against certificates with lengthy validity periods" } , defaultValue: 12 } , effect-0a075868-4c26-42ef-914c-5bc007359560: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Certificates should have the specified maximum validity period" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-98728c90-32c7-4049-8429-847dc0f4fe37: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Key Vault secrets should have an expiration date" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Key Vault keys should have an expiration date" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Double encryption should be enabled on Azure Data Explorer" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-c349d81b-9985-44ae-a8da-ff98d108ede8: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Data Box jobs should enable double encryption for data at rest on the device" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , supportedSKUs-c349d81b-9985-44ae-a8da-ff98d108ede8: { 4 items } , effect-3657f5a0-770e-44a3-b44e-9431ba1e9735: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Automation account variables should be encrypted" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Stack Edge devices should use double-encryption" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-ea0dfaed-95fb-448c-934e-d6e713ce393d: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption)" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-3a58212a-c829-4f13-9872-6371df2fd0b4: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Infrastructure encryption should be enabled for Azure Database for MySQL servers" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-24fba194-95d6-48c0-aea7-f65bf859c598: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Storage accounts should have infrastructure encryption" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-f4b53539-8df9-40e4-86c6-6b607703bd4e: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Disk encryption should be enabled on Azure Data Explorer" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-41425d9f-d1a5-499a-9932-f8ed8453932c: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-fc4d8e41-e223-45ea-9bf5-eada37891d87: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Virtual machines and virtual machine scale sets should have encryption at host enabled" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-86efb160-8de7-451d-bc08-5d475b0aadae: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , supportedSKUs-86efb160-8de7-451d-bc08-5d475b0aadae: { 4 items } , effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure data factories should be encrypted with a customer-managed key" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-64d314f6-6062-4780-a861-c23e8951bee5: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure HDInsight clusters should use customer-managed keys to encrypt data at rest" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure HDInsight clusters should use encryption at host to encrypt data at rest" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-fa298e57-9444-42ba-bf04-86e8470e32c7: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Cognitive Services accounts should enable data encryption with a customer-managed key" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Container registries should be encrypted with a customer-managed key" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Machine Learning workspaces should be encrypted with a customer-managed key" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-81e74cea-30fd-40d5-802f-d72103c2aaaa: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Data Explorer encryption at rest should use a customer-managed key" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Container Instance container group should use customer-managed key for encryption" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Disabled" , "Deny" ] , defaultValue: "Audit" } , effect-47031206-ce96-41f8-861b-6a915f3de284: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK)" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Stream Analytics jobs should use customer-managed keys to encrypt data" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-51522a96-0869-4791-82f3-981000c2c67f: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Bot Service should be encrypted with a customer-managed key" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-b5ec538c-daa0-4006-8596-35468b9148e8: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Storage account encryption scopes should use customer-managed keys to encrypt data at rest" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-970f84d8-71b6-4091-9979-ace7e3fb6dbb: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: HPC Cache accounts should use customer-managed key for encryption" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Disabled" , "Deny" ] , defaultValue: "Audit" } , effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Automation accounts should use customer-managed keys to encrypt data at rest" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-2e94d99a-8a36-4563-bc77-810d8893b671: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , enableDoubleEncryption-2e94d99a-8a36-4563-bc77-810d8893b671: { 4 items type: "Boolean" , metadata: { 2 items displayName: "Require that double encryption is enabled on Recovery Services vaults for Backup" , description: "Check if double encryption is enabled on Recovery Services vaults for Backup; for more information, visit https://aka.ms/ab-infraencryption" } , allowedValues: [ 2 items ] , defaultValue: true } , effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Logic Apps Integration Service Environment should be encrypted with customer-managed keys" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Batch account should use customer-managed keys to encrypt data" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-1f68a601-6e6d-4e42-babf-3f643a047ea2: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Monitor Logs clusters should be encrypted with customer-managed key" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-f7d52b2d-e161-4dfa-a82b-55e564167385: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Synapse workspaces should use customer-managed keys to encrypt data at rest" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-ca91455f-eace-4f96-be59-e6e2c35b4816: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Managed disks should be double encrypted with both platform-managed and customer-managed keys" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-702dd420-7fcc-42c5-afe8-4026edd20fe0: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: OS and data disks should be encrypted with a customer-managed key" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Only secure connections to your Azure Cache for Redis should be enabled" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-404c3081-a854-4457-ae30-26a93ef643f9: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Secure transfer to storage accounts should be enabled" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-d0793b48-0edc-4296-a390-4c75d1bdfd71: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Container registries should not allow unrestricted network access" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-7d092e0a-7acd-40d2-a975-dca21cae48c4: { 4 items type: "String" , metadata: { 3 items displayName: "[Deprecated]: Effect for policy: Azure Cache for Redis should reside within a virtual network" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" , deprecated: true } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Storage accounts should restrict network access using virtual network rules" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-34c877ad-507e-4c82-993e-3452a6e0ad3c: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Storage accounts should restrict network access" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-55615ac9-af46-4a59-874e-391cc3dfb490: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Key Vault should disable public network access" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-1b8ca024-1d5c-4dec-8995-b1a932b41780: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Public network access on Azure SQL Database should be disabled" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-037eea7a-bd0a-46c5-9a66-03aea78705d3: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Cognitive Services accounts should restrict network access" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-53503636-bcc9-4748-9663-5348217f160f: { 4 items type: "String" , metadata: { 3 items displayName: "[Deprecated]: Effect for policy: Azure SignalR Service should use private link" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" , deprecated: true } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-40cec1dd-a100-4920-b15b-3024fe8901ab: { 4 items type: "String" , metadata: { 3 items displayName: "[Deprecated]: (Deprecated) Effect for policy: Azure Machine Learning workspaces should use private link" , description: "This policy has been deprecated to remove a parameter's allowed value, replacement policy is 45e05259-1eb5-4f70-9574-baf73e9d219b." , deprecated: true } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Disabled" } , effect-45e05259-1eb5-4f70-9574-baf73e9d219b: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Machine Learning workspaces should use private link" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 2 items ] , defaultValue: "Audit" } , effect-2154edb9-244f-4741-9970-660785bccdaa: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: VM Image Builder templates should use private link" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Disabled" , "Deny" ] , defaultValue: "Audit" } , effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca: { 4 items type: "String" , metadata: { 3 items displayName: "[Deprecated]: Effect for policy: Cognitive Services accounts should disable public network access" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" , deprecated: true } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Disabled" } , effect-5f0bc445-3935-4915-9981-011aa2b46147: { 4 items type: "String" , metadata: { 3 items displayName: "[Deprecated]: Deprecated effect for policy: Private endpoint should be configured for Key Vault" , description: "The Deny effect has been deprecated for this policy given that the simultaneous creation of a Key Vault and its associated private endpoint is not possible. Therefore, Deny prevents the creation of any new Key Vault." , deprecated: true } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-a6abeaec-4d90-4a02-805f-6b26c4d3fbe9: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Key Vaults should use private link" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 2 items ] , defaultValue: "Audit" } , effect-af35e2a4-ef96-44e7-a9ae-853dd97032c4: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Spring Cloud should use network injection" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Disabled" , "Deny" ] , defaultValue: "Audit" } , evaluatedSkuNames-af35e2a4-ef96-44e7-a9ae-853dd97032c4: { 4 items } , effect-a049bf77-880b-470f-ba6d-9f21c530cf83: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Cognitive Search service should use a SKU that supports private link" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-52630df9-ca7e-442b-853b-c6ce548b31a2: { 4 items type: "String" , metadata: { 3 items displayName: "[Deprecated]: Effect for policy: Azure Web PubSub Service should use private link" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" , deprecated: true } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-4fa4b6c0-31ca-4c0d-b10d-24b96f62a751: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Storage account public access should be disallowed" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "audit" , "deny" , "disabled" ] , defaultValue: "audit" } , effect-ee980b6d-0eca-4501-8d54-f6290fd512c3: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Azure Cognitive Search services should disable public network access" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Virtual machines should be migrated to new Azure Resource Manager resources" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } , effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606: { 4 items type: "String" , metadata: { 2 items displayName: "Effect for policy: Storage accounts should be migrated to new Azure Resource Manager resources" , description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects" } , allowedValues: [ 3 items "Audit" , "Deny" , "Disabled" ] , defaultValue: "Audit" } } , policyDefinitions: [ 701 items { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "f06ddb64-5fa3-4b77-b166-acb36f7f6042" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f06ddb64-5fa3-4b77-b166-acb36f7f6042 Kubernetes cluster pods and containers should only run with approved user and group IDs , definitionVersion: 6.*.*6.2.0 , parameters: { 12 items effect: { 1 item value: "[parameters('effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } , excludedNamespaces: { 1 item value: "[parameters('excludedNamespaces')]" } , namespaces: { 1 item value: "[parameters('namespaces')]" } , labelSelector: { 1 item value: "[parameters('labelSelector')]" } , runAsUserRule: { 1 item value: "[parameters('runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } , runAsUserRanges: { 1 item value: "[parameters('runAsUserRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } , runAsGroupRule: { 1 item value: "[parameters('runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } , runAsGroupRanges: { 1 item value: "[parameters('runAsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } , supplementalGroupsRule: { 1 item value: "[parameters('supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } , supplementalGroupsRanges: { 1 item value: "[parameters('supplementalGroupsRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } , fsGroupRule: { 1 item value: "[parameters('fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } , fsGroupRanges: { 1 item value: "[parameters('fsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]" } } , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "b6e2945c-0b7b-40f5-9233-7a5323b5cdc6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b6e2945c-0b7b-40f5-9233-7a5323b5cdc6 Network Watcher should be enabled , definitionVersion: 3.*.*3.0.0 , parameters: { 1 item } , groupNames: [ 6 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items policyDefinitionReferenceId: "a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9 Auditing on SQL server should be enabled , definitionVersion: 2.*.*2.0.0 , parameters: { 1 item setting: { 1 item value: "[parameters('setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9')]" } } , groupNames: [ 4 items "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "34c877ad-507e-4c82-993e-3452a6e0ad3c" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/34c877ad-507e-4c82-993e-3452a6e0ad3c Storage accounts should restrict network access , definitionVersion: 1.*.*1.1.1 , parameters: { 1 item effect: { 1 item value: "[parameters('effect-34c877ad-507e-4c82-993e-3452a6e0ad3c')]" } } , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "2393d2cf-a342-44cd-a2e2-fe0188fd1234" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2393d2cf-a342-44cd-a2e2-fe0188fd1234 Azure SignalR Service should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "a6abeaec-4d90-4a02-805f-6b26c4d3fbe9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a6abeaec-4d90-4a02-805f-6b26c4d3fbe9 Azure Key Vaults should use private link , definitionVersion: 1.*.*-preview1.2.1 , parameters: { 1 item } , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "eb907f70-7514-460d-92b3-a5ae93b4f917" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eb907f70-7514-460d-92b3-a5ae93b4f917 Azure Web PubSub Service should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9 Azure Defender for SQL should be enabled for unprotected SQL Managed Instances , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AC-16" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items policyDefinitionReferenceId: "0e60b895-3786-45da-8377-9c6b4b6ac5f9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0e60b895-3786-45da-8377-9c6b4b6ac5f9 Function apps should have remote debugging turned off , definitionVersion: 2.*.*2.0.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_CM-6" ] } , { 5 items policyDefinitionReferenceId: "abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9 Azure Defender for SQL should be enabled for unprotected Azure SQL servers , definitionVersion: 2.*.*2.0.1 , parameters: {} , groupNames: [ 10 items "NIST_SP_800-53_R5_AC-16" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "4da35fc9-c9e7-4960-aec9-797fe7d9051d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4da35fc9-c9e7-4960-aec9-797fe7d9051d Azure Defender for servers should be enabled , definitionVersion: 1.*.*1.0.3 , parameters: {} , groupNames: [ 15 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_CM-7" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SC-3" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-3" , "NIST_SP_800-53_R5_SI-4" , "NIST_SP_800-53_R5_SI-16" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "a451c1ef-c6ca-483d-87ed-f49761e3ffb5" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a451c1ef-c6ca-483d-87ed-f49761e3ffb5 Audit usage of custom RBAC roles , definitionVersion: 1.*.*1.0.1 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-2" , "NIST_SP_800-53_R5_AC-2(7)" , "NIST_SP_800-53_R5_AC-6" , "NIST_SP_800-53_R5_AC-6(7)" ] } , { 5 items policyDefinitionReferenceId: "cb510bfd-1cba-4d9f-a230-cb0976f4bb71" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cb510bfd-1cba-4d9f-a230-cb0976f4bb71 App Service apps should have remote debugging turned off , definitionVersion: 2.*.*2.0.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_CM-6" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "0da106f2-4ca3-48e8-bc85-c638fe6aea8f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0da106f2-4ca3-48e8-bc85-c638fe6aea8f Function apps should use managed identity , definitionVersion: 3.*.*3.0.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-2" , "NIST_SP_800-53_R5_AC-3" , "NIST_SP_800-53_R5_IA-2" , "NIST_SP_800-53_R5_IA-4" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "6e2593d9-add6-4083-9c9b-4b7d2188c899" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6e2593d9-add6-4083-9c9b-4b7d2188c899 Email notification for high severity alerts should be enabled , definitionVersion: 1.*.*1.2.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_IR-6(2)" , "NIST_SP_800-53_R5_SI-4(12)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "0e6763cc-5078-4e64-889d-ff4d9a839047" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0e6763cc-5078-4e64-889d-ff4d9a839047 Azure Defender for Key Vault should be enabled , definitionVersion: 1.*.*1.0.3 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "2b9ad585-36bc-4615-b300-fd4435808332" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2b9ad585-36bc-4615-b300-fd4435808332 App Service apps should use managed identity , definitionVersion: 3.*.*3.0.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-2" , "NIST_SP_800-53_R5_AC-3" , "NIST_SP_800-53_R5_IA-2" , "NIST_SP_800-53_R5_IA-4" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "7fe3b40f-802b-4cdd-8bd4-fd799c948cc2" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7fe3b40f-802b-4cdd-8bd4-fd799c948cc2 Azure Defender for Azure SQL Database servers should be enabled , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "bd352bd5-2853-4985-bf0d-73806b4a5744" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bd352bd5-2853-4985-bf0d-73806b4a5744 IP Forwarding on your virtual machine should be disabled , definitionVersion: 3.*.*3.0.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_SC-5" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "6581d072-105e-4418-827f-bd446d56421b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6581d072-105e-4418-827f-bd446d56421b Azure Defender for SQL servers on machines should be enabled , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "640d2586-54d2-465f-877f-9ffc1d2109f4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/640d2586-54d2-465f-877f-9ffc1d2109f4 Microsoft Defender for Storage should be enabled , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "2913021d-f2fd-4f3d-b958-22354e2bdbcb" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2913021d-f2fd-4f3d-b958-22354e2bdbcb Azure Defender for App Service should be enabled , definitionVersion: 1.*.*1.0.3 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items policyDefinitionReferenceId: "ae89ebca-1c92-4898-ac2c-9f63decb045c" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ae89ebca-1c92-4898-ac2c-9f63decb045c Guest Configuration extension should be installed on your machines , definitionVersion: 1.*.*1.0.3 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "1c988dd6-ade4-430f-a608-2a3e5b0a6d38" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1c988dd6-ade4-430f-a608-2a3e5b0a6d38 Microsoft Defender for Containers should be enabled , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "0564d078-92f5-4f97-8398-b9f58a51f70b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0564d078-92f5-4f97-8398-b9f58a51f70b Private endpoint should be enabled for PostgreSQL servers , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "0a1302fb-a631-4106-9753-f3d494733990" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0a1302fb-a631-4106-9753-f3d494733990 Private endpoint should be enabled for MariaDB servers , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "8dfab9c4-fe7b-49ad-85e4-1e9be085358f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8dfab9c4-fe7b-49ad-85e4-1e9be085358f [Preview]: Azure Arc enabled Kubernetes clusters should have Microsoft Defender for Cloud extension installed , definitionVersion: 6.*.*-preview6.0.0-preview , parameters: {} , groupNames: [ 7 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "f9d614c5-c173-4d56-95a7-b4437057d193" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f9d614c5-c173-4d56-95a7-b4437057d193 Function apps should use the latest TLS version , definitionVersion: 2.*.*2.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SC-8" , "NIST_SP_800-53_R5_SC-8(1)" ] } , { 5 items policyDefinitionReferenceId: "7595c971-233d-4bcf-bd18-596129188c49" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7595c971-233d-4bcf-bd18-596129188c49 Private endpoint should be enabled for MySQL servers , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "c3d20c29-b36d-48fe-808b-99a87530ad99" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c3d20c29-b36d-48fe-808b-99a87530ad99 Azure Defender for Resource Manager should be enabled , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_AC-2(12)" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(4)" , "NIST_SP_800-53_R5_AU-6(5)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_AU-12(1)" , "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-5" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "399b2637-a50f-4f95-96f8-3a145476eb15" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/399b2637-a50f-4f95-96f8-3a145476eb15 Function apps should require FTPS only , definitionVersion: 3.*.*3.0.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SC-8" , "NIST_SP_800-53_R5_SC-8(1)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b App Service apps should require FTPS only , definitionVersion: 3.*.*3.0.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SC-8" , "NIST_SP_800-53_R5_SC-8(1)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "e8eef0a8-67cf-4eb4-9386-14b0e78733d4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e8eef0a8-67cf-4eb4-9386-14b0e78733d4 Container registries should use private link , definitionVersion: 1.*.*1.0.1 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "ca610c1d-041c-4332-9d88-7ed3094967c7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ca610c1d-041c-4332-9d88-7ed3094967c7 App Configuration should use private link , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "9830b652-8523-49cc-b1b3-e17dce1127ca" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9830b652-8523-49cc-b1b3-e17dce1127ca Azure Event Grid domains should use private link , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "4b90e17e-8448-49db-875e-bd83fb6f804f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4b90e17e-8448-49db-875e-bd83fb6f804f Azure Event Grid topics should use private link , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "6edd7eda-6dd8-40f7-810d-67160c639cd9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6edd7eda-6dd8-40f7-810d-67160c639cd9 Storage accounts should use private link , definitionVersion: 2.*.*2.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "7698e800-9299-47a6-b3b6-5a0fee576eed" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7698e800-9299-47a6-b3b6-5a0fee576eed Private endpoint connections on Azure SQL Database should be enabled , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "0fda3595-9f2b-4592-8675-4231d6fa82fe" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0fda3595-9f2b-4592-8675-4231d6fa82fe [Deprecated]: Azure AI Search services should use private link , definitionVersion: 1.*.*1.0.2 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "cddd188c-4b82-4c48-a19d-ddf74ee66a01" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cddd188c-4b82-4c48-a19d-ddf74ee66a01 [Deprecated]: Cognitive Services should use private link , definitionVersion: 3.*.*3.0.1 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "8b0323be-cc25-4b61-935d-002c3798c6ea" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8b0323be-cc25-4b61-935d-002c3798c6ea Azure Data Factory should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "f39f5f49-4abf-44de-8c70-0756997bfb51" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f39f5f49-4abf-44de-8c70-0756997bfb51 Disk access resources should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "58440f8a-10c5-4151-bdce-dfbaad4a20b7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/58440f8a-10c5-4151-bdce-dfbaad4a20b7 CosmosDB accounts should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "7803067c-7d34-46e3-8c79-0ca68fc4036d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7803067c-7d34-46e3-8c79-0ca68fc4036d Azure Cache for Redis should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "b8564268-eb4a-4337-89be-a19db070c59d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8564268-eb4a-4337-89be-a19db070c59d Event Hub namespaces should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "df39c015-56a4-45de-b4a3-efe77bed320d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/df39c015-56a4-45de-b4a3-efe77bed320d IoT Hub device provisioning service instances should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "1c06e275-d63d-4540-b761-71f364c2111d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1c06e275-d63d-4540-b761-71f364c2111d Azure Service Bus namespaces should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "1d320205-c6a1-4ac6-873d-46224024e8e2" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1d320205-c6a1-4ac6-873d-46224024e8e2 Azure File Sync should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "1ee56206-5dd1-42ab-b02d-8aae8b1634ce" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1ee56206-5dd1-42ab-b02d-8aae8b1634ce Azure API for FHIR should use private link , definitionVersion: 1.*.*1.0.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items policyDefinitionReferenceId: "72d11df1-dd8a-41f7-8925-b05b960ebafc" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/72d11df1-dd8a-41f7-8925-b05b960ebafc Azure Synapse workspaces should use private link , definitionVersion: 1.*.*1.0.1 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(1)" , "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(3)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "e2c1c086-2d84-4019-bff3-c44ccd95113c" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e2c1c086-2d84-4019-bff3-c44ccd95113c Function apps should use latest 'HTTP Version' , definitionVersion: 4.*.*4.0.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-2(6)" ] } , { 5 items policyDefinitionReferenceId: "8c122334-9d20-4eb8-89ea-ac9a705b74ae" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8c122334-9d20-4eb8-89ea-ac9a705b74ae App Service apps should use latest 'HTTP Version' , definitionVersion: 4.*.*4.0.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-2(6)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "1a2a03a4-9992-5788-5953-d8f6615306de" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1a2a03a4-9992-5788-5953-d8f6615306de Govern policies and procedures , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-1" , "NIST_SP_800-53_R5_AU-1" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "4c6df5ff-4ef2-4f17-a516-0da9189c603b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4c6df5ff-4ef2-4f17-a516-0da9189c603b Assign account managers , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "a08b18c7-9e0a-89f1-3696-d80902196719" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a08b18c7-9e0a-89f1-3696-d80902196719 Document access privileges , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "873895e8-0e3a-6492-42e9-22cd030e9fcd" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/873895e8-0e3a-6492-42e9-22cd030e9fcd Restrict access to privileged accounts , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-2" , "NIST_SP_800-53_R5_AC-2(7)" , "NIST_SP_800-53_R5_AC-6(5)" , "NIST_SP_800-53_R5_AC-6(9)" ] } , { 5 items policyDefinitionReferenceId: "de770ba6-50dd-a316-2932-e0d972eaa734" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/de770ba6-50dd-a316-2932-e0d972eaa734 Require approval for account creation , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-2" , "NIST_SP_800-53_R5_AC-3" ] } , { 5 items policyDefinitionReferenceId: "7b28ba4f-0a87-46ac-62e1-46b7c09202a8" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7b28ba4f-0a87-46ac-62e1-46b7c09202a8 Monitor account activity , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AC-2" , "NIST_SP_800-53_R5_AC-2(7)" , "NIST_SP_800-53_R5_AC-2(12)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "49c23d9b-02b0-0e42-4f94-e8cef1b8381b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/49c23d9b-02b0-0e42-4f94-e8cef1b8381b Audit user account status , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-2" , "NIST_SP_800-53_R5_AC-2(4)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "a830fe9e-08c9-a4fb-420c-6f6bf1702395" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a830fe9e-08c9-a4fb-420c-6f6bf1702395 Review account provisioning logs , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-2" , "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "79f081c7-1634-01a1-708e-376197999289" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/79f081c7-1634-01a1-708e-376197999289 Review user accounts , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "2cc9c165-46bd-9762-5739-d2aae5ba90a1" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2cc9c165-46bd-9762-5739-d2aae5ba90a1 Automate account management , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-2(1)" , "NIST_SP_800-53_R5_AC-2(4)" ] } , { 5 items policyDefinitionReferenceId: "34d38ea7-6754-1838-7031-d7fd07099821" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/34d38ea7-6754-1838-7031-d7fd07099821 Manage system and admin accounts , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-2(1)" , "NIST_SP_800-53_R5_AC-2(4)" ] } , { 5 items policyDefinitionReferenceId: "48c816c5-2190-61fc-8806-25d6f3df162f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/48c816c5-2190-61fc-8806-25d6f3df162f Monitor access across the organization , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AC-2(1)" , "NIST_SP_800-53_R5_AC-2(4)" , "NIST_SP_800-53_R5_AC-17(1)" ] } , { 5 items policyDefinitionReferenceId: "8489ff90-8d29-61df-2d84-f9ab0f4c5e84" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8489ff90-8d29-61df-2d84-f9ab0f4c5e84 Notify when account is not needed , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-2(1)" , "NIST_SP_800-53_R5_AC-2(4)" ] } , { 5 items policyDefinitionReferenceId: "d9d48ffb-0d8c-0bd5-5f31-5a5826d19f10" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d9d48ffb-0d8c-0bd5-5f31-5a5826d19f10 Disable authenticators upon termination , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-2(3)" , "NIST_SP_800-53_R5_PS-4" ] } , { 5 items policyDefinitionReferenceId: "32f22cfa-770b-057c-965b-450898425519" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/32f22cfa-770b-057c-965b-450898425519 Revoke privileged roles as appropriate , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AC-2(3)" , "NIST_SP_800-53_R5_AC-2(7)" , "NIST_SP_800-53_R5_AC-6(9)" ] } , { 5 items policyDefinitionReferenceId: "2af4640d-11a6-a64b-5ceb-a468f4341c0c" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2af4640d-11a6-a64b-5ceb-a468f4341c0c Define and enforce inactivity log policy , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-2(5)" ] } , { 5 items policyDefinitionReferenceId: "f26af0b1-65b6-689a-a03f-352ad2d00f98" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f26af0b1-65b6-689a-a03f-352ad2d00f98 Audit privileged functions , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-2(7)" , "NIST_SP_800-53_R5_AC-6(9)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "ed87d27a-9abf-7c71-714c-61d881889da4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ed87d27a-9abf-7c71-714c-61d881889da4 Monitor privileged role assignment , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-2(7)" , "NIST_SP_800-53_R5_AC-6(9)" ] } , { 5 items policyDefinitionReferenceId: "e714b481-8fac-64a2-14a9-6f079b2501a4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e714b481-8fac-64a2-14a9-6f079b2501a4 Use privileged identity management , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-2(7)" , "NIST_SP_800-53_R5_AC-6(9)" ] } , { 5 items policyDefinitionReferenceId: "fd81a1b3-2d7a-107c-507e-29b87d040c19" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fd81a1b3-2d7a-107c-507e-29b87d040c19 Enforce appropriate usage of all accounts , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-2(11)" ] } , { 5 items policyDefinitionReferenceId: "e4054c0e-1184-09e6-4c5e-701e0bc90f81" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e4054c0e-1184-09e6-4c5e-701e0bc90f81 Report atypical behavior of user accounts , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-2(12)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "50e9324a-7410-0539-0662-2c1e775538b7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/50e9324a-7410-0539-0662-2c1e775538b7 Authorize and manage access , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-3" , "NIST_SP_800-53_R5_AC-6(1)" ] } , { 5 items policyDefinitionReferenceId: "10c4210b-3ec9-9603-050d-77e4d26c7ebb" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/10c4210b-3ec9-9603-050d-77e4d26c7ebb Enforce logical access , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "59bedbdc-0ba9-39b9-66bb-1d1c192384e6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/59bedbdc-0ba9-39b9-66bb-1d1c192384e6 Control information flow , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-4" , "NIST_SP_800-53_R5_AC-4(21)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "60ee1260-97f0-61bb-8155-5d8b75743655" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/60ee1260-97f0-61bb-8155-5d8b75743655 Separate duties of individuals , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "e6f7b584-877a-0d69-77d4-ab8b923a9650" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e6f7b584-877a-0d69-77d4-ab8b923a9650 Document separation of duties , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "03b6427e-6072-4226-4bd9-a410ab65317e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/03b6427e-6072-4226-4bd9-a410ab65317e Design an access control model , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "1bc7fd64-291f-028e-4ed6-6e07886e163f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1bc7fd64-291f-028e-4ed6-6e07886e163f Employ least privilege access , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "f96d2186-79df-262d-3f76-f371e3b71798" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f96d2186-79df-262d-3f76-f371e3b71798 Review user privileges , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-6(7)" ] } , { 5 items policyDefinitionReferenceId: "7805a343-275c-41be-9d62-7215b96212d8" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7805a343-275c-41be-9d62-7215b96212d8 Reassign or remove user privileges as needed , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-6(7)" ] } , { 5 items policyDefinitionReferenceId: "68d2e478-3b19-23eb-1357-31b296547457" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/68d2e478-3b19-23eb-1357-31b296547457 Enforce software execution privileges , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-6(8)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "4502e506-5f35-0df4-684f-b326e3cc7093" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4502e506-5f35-0df4-684f-b326e3cc7093 Terminate user session automatically , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-12" ] } , { 5 items policyDefinitionReferenceId: "db580551-0b3c-4ea1-8a4c-4cdb5feb340f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/db580551-0b3c-4ea1-8a4c-4cdb5feb340f Provide the logout capability , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-12(1)" ] } , { 5 items policyDefinitionReferenceId: "0471c6b7-1588-701c-2713-1fade73b75f6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0471c6b7-1588-701c-2713-1fade73b75f6 Display an explicit logout message , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-12(1)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "dad8a2e9-6f27-4fc2-8933-7e99fe700c9c" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/dad8a2e9-6f27-4fc2-8933-7e99fe700c9c Authorize remote access , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(4)" , "NIST_SP_800-53_R5_SC-2" ] } , { 5 items policyDefinitionReferenceId: "83dfb2b8-678b-20a0-4c44-5c75ada023e6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/83dfb2b8-678b-20a0-4c44-5c75ada023e6 Document mobility training , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-17" ] } , { 5 items policyDefinitionReferenceId: "3d492600-27ba-62cc-a1c3-66eb919f6a0d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3d492600-27ba-62cc-a1c3-66eb919f6a0d Document remote access guidelines , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(4)" ] } , { 5 items policyDefinitionReferenceId: "cd36eeec-67e7-205a-4b64-dbfe3b4e3e4e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cd36eeec-67e7-205a-4b64-dbfe3b4e3e4e Implement controls to secure alternate work sites , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(4)" , "NIST_SP_800-53_R5_PE-17" ] } , { 5 items policyDefinitionReferenceId: "518eafdd-08e5-37a9-795b-15a8d798056d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/518eafdd-08e5-37a9-795b-15a8d798056d Provide privacy training , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-17" , "NIST_SP_800-53_R5_AC-17(4)" ] } , { 5 items policyDefinitionReferenceId: "fe2dff43-0a8c-95df-0432-cb1c794b17d0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fe2dff43-0a8c-95df-0432-cb1c794b17d0 Notify users of system logon or access , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-17(2)" ] } , { 5 items policyDefinitionReferenceId: "b11697e8-9515-16f1-7a35-477d5c8a1344" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b11697e8-9515-16f1-7a35-477d5c8a1344 Protect data in transit using encryption , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AC-17(2)" , "NIST_SP_800-53_R5_AC-19(5)" , "NIST_SP_800-53_R5_SC-8" , "NIST_SP_800-53_R5_SC-28(1)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "04b3e7f6-4841-888d-4799-cda19a0084f6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/04b3e7f6-4841-888d-4799-cda19a0084f6 Document and implement wireless access guidelines , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-18" , "NIST_SP_800-53_R5_AC-18(1)" ] } , { 5 items policyDefinitionReferenceId: "d42a8f69-a193-6cbc-48b9-04a9e29961f1" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d42a8f69-a193-6cbc-48b9-04a9e29961f1 Protect wireless access , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-18" , "NIST_SP_800-53_R5_AC-18(1)" ] } , { 5 items policyDefinitionReferenceId: "ae5345d5-8dab-086a-7290-db43a3272198" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ae5345d5-8dab-086a-7290-db43a3272198 Identify and authenticate network devices , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-18(1)" ] } , { 5 items policyDefinitionReferenceId: "9ca3a3ea-3a1f-8ba0-31a8-6aed0fe1a7a4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9ca3a3ea-3a1f-8ba0-31a8-6aed0fe1a7a4 Define mobile device requirements , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-19" , "NIST_SP_800-53_R5_AC-19(5)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "3d399cf3-8fc6-0efc-6ab0-1412f1198517" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3d399cf3-8fc6-0efc-6ab0-1412f1198517 Block untrusted and unsigned processes that run from USB , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AC-20(2)" , "NIST_SP_800-53_R5_MP-7" , "NIST_SP_800-53_R5_SI-3" ] } , { 5 items policyDefinitionReferenceId: "36b74844-4a99-4c80-1800-b18a516d1585" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/36b74844-4a99-4c80-1800-b18a516d1585 Control use of portable storage devices , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AC-20(2)" , "NIST_SP_800-53_R5_MP-7" ] } , { 5 items policyDefinitionReferenceId: "e435f7e3-0dd9-58c9-451f-9b44b96c0232" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e435f7e3-0dd9-58c9-451f-9b44b96c0232 Implement controls to secure all media , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 14 items "NIST_SP_800-53_R5_AC-20(2)" , "NIST_SP_800-53_R5_CP-9" , "NIST_SP_800-53_R5_MA-2" , "NIST_SP_800-53_R5_MA-3(3)" , "NIST_SP_800-53_R5_MA-5(1)" , "NIST_SP_800-53_R5_MP-2" , "NIST_SP_800-53_R5_MP-3" , "NIST_SP_800-53_R5_MP-4" , "NIST_SP_800-53_R5_MP-5" , "NIST_SP_800-53_R5_MP-6" , "NIST_SP_800-53_R5_MP-6(1)" , "NIST_SP_800-53_R5_MP-6(2)" , "NIST_SP_800-53_R5_MP-7" , "NIST_SP_800-53_R5_SC-28(1)" ] } , { 5 items policyDefinitionReferenceId: "a44c9fba-43f8-4b7b-7ee6-db52c96b4366" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a44c9fba-43f8-4b7b-7ee6-db52c96b4366 Facilitate information sharing , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-21" ] } , { 5 items policyDefinitionReferenceId: "e54901fe-42c2-7f3b-3c5f-327aa5320a69" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e54901fe-42c2-7f3b-3c5f-327aa5320a69 Automate information sharing decisions , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AC-21" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "5226dee6-3420-711b-4709-8e675ebd828f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5226dee6-3420-711b-4709-8e675ebd828f Update information security policies , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AT-1" , "NIST_SP_800-53_R5_AU-1" , "NIST_SP_800-53_R5_PL-4" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "4c385143-09fd-3a34-790c-a5fd9ec77ddc" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4c385143-09fd-3a34-790c-a5fd9ec77ddc Provide role-based security training , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "d041726f-00e0-41ca-368c-b1a122066482" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d041726f-00e0-41ca-368c-b1a122066482 Provide role-based practical exercises , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AT-3(3)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "3153d9c0-2584-14d3-362d-578b01358aeb" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3153d9c0-2584-14d3-362d-578b01358aeb Retain training records , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "2f67e567-03db-9d1f-67dc-b6ffb91312f4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2f67e567-03db-9d1f-67dc-b6ffb91312f4 Determine auditable events , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AU-2" , "NIST_SP_800-53_R5_AU-3" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "a3e98638-51d4-4e28-910a-60e98c1a756f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a3e98638-51d4-4e28-910a-60e98c1a756f Configure Azure Audit capabilities , definitionVersion: 1.*.*1.1.1 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AU-3(1)" ] } , { 5 items policyDefinitionReferenceId: "333b4ada-4a02-0648-3d4d-d812974f1bb2" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/333b4ada-4a02-0648-3d4d-d812974f1bb2 Govern and monitor audit processing activities , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AU-4" , "NIST_SP_800-53_R5_AU-5" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "10874318-0bf7-a41f-8463-03e395482080" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/10874318-0bf7-a41f-8463-03e395482080 Correlate audit records , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_AU-6(3)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "b3c8cc83-20d3-3890-8bc8-5568777670f4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b3c8cc83-20d3-3890-8bc8-5568777670f4 Establish requirements for audit review and reporting , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "f741c4e6-41eb-15a4-25a2-61ac7ca232f0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f741c4e6-41eb-15a4-25a2-61ac7ca232f0 Integrate audit review, analysis, and reporting , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "9fdde4a9-85fa-7850-6df4-ae9c4a2e56f9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9fdde4a9-85fa-7850-6df4-ae9c4a2e56f9 Integrate cloud app security with a siem , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_AU-6(3)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "f27a298f-9443-014a-0d40-fef12adf0259" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f27a298f-9443-014a-0d40-fef12adf0259 Review administrator assignments weekly , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "6625638f-3ba1-7404-5983-0ea33d719d34" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6625638f-3ba1-7404-5983-0ea33d719d34 Review audit data , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_AU-12" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "8aec4343-9153-9641-172c-defb201f56b3" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8aec4343-9153-9641-172c-defb201f56b3 Review cloud identity report overview , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "f48b60c6-4b37-332f-7288-b6ea50d300eb" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f48b60c6-4b37-332f-7288-b6ea50d300eb Review controlled folder access events , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "ef718fe4-7ceb-9ddf-3198-0ee8f6fe9cba" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ef718fe4-7ceb-9ddf-3198-0ee8f6fe9cba Review file and folder activity , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "70fe686f-1f91-7dab-11bf-bca4201e183b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/70fe686f-1f91-7dab-11bf-bca4201e183b Review role group changes weekly , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_AU-6" , "NIST_SP_800-53_R5_AU-6(1)" , "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "85335602-93f5-7730-830b-d43426fd51fa" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/85335602-93f5-7730-830b-d43426fd51fa Integrate Audit record analysis , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AU-6(5)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "27ce30dd-3d56-8b54-6144-e26d9a37a541" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/27ce30dd-3d56-8b54-6144-e26d9a37a541 Ensure audit records are not altered , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "1ee4c7eb-480a-0007-77ff-4ba370776266" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1ee4c7eb-480a-0007-77ff-4ba370776266 Use system clocks for audit records , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "2c843d78-8f64-92b5-6a9b-e8186c0e7eb6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2c843d78-8f64-92b5-6a9b-e8186c0e7eb6 Enable dual or joint authorization , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "0e696f5a-451f-5c15-5532-044136538491" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0e696f5a-451f-5c15-5532-044136538491 Protect audit information , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AU-9" , "NIST_SP_800-53_R5_AU-9(4)" ] } , { 5 items policyDefinitionReferenceId: "4f23967c-a74b-9a09-9dc2-f566f61a87b9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4f23967c-a74b-9a09-9dc2-f566f61a87b9 Establish backup policies and procedures , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AU-9(2)" , "NIST_SP_800-53_R5_CP-9" ] } , { 5 items policyDefinitionReferenceId: "c0559109-6a27-a217-6821-5a6d44f92897" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c0559109-6a27-a217-6821-5a6d44f92897 Maintain integrity of audit system , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AU-9(3)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "1ecb79d7-1a06-9a3b-3be8-f434d04d1ec1" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1ecb79d7-1a06-9a3b-3be8-f434d04d1ec1 Adhere to retention periods defined , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AU-11" ] } , { 5 items policyDefinitionReferenceId: "efef28d0-3226-966a-a1e8-70e89c1b30bc" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/efef28d0-3226-966a-a1e8-70e89c1b30bc Retain security policies and procedures , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AU-11" ] } , { 5 items policyDefinitionReferenceId: "7c7032fe-9ce6-9092-5890-87a1a3755db1" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7c7032fe-9ce6-9092-5890-87a1a3755db1 Retain terminated user data , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_AU-11" , "NIST_SP_800-53_R5_PS-4" ] } , { 5 items policyDefinitionReferenceId: "214ea241-010d-8926-44cc-b90a96d52adc" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/214ea241-010d-8926-44cc-b90a96d52adc Compile Audit records into system wide audit , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_AU-12(1)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "1c258345-5cd4-30c8-9ef3-5ee4dd5231d6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1c258345-5cd4-30c8-9ef3-5ee4dd5231d6 Develop security assessment plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "c423e64d-995c-9f67-0403-b540f65ba42a" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c423e64d-995c-9f67-0403-b540f65ba42a Assess Security Controls , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "70a7a065-a060-85f8-7863-eb7850ed2af9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/70a7a065-a060-85f8-7863-eb7850ed2af9 Produce Security Assessment report , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "8e49107c-3338-40d1-02aa-d524178a2afe" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8e49107c-3338-40d1-02aa-d524178a2afe Deliver security assessment results , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "3054c74b-9b45-2581-56cf-053a1a716c39" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3054c74b-9b45-2581-56cf-053a1a716c39 Accept assessment results , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CA-2(3)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "477bd136-7dd9-55f8-48ac-bae096b86a07" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/477bd136-7dd9-55f8-48ac-bae096b86a07 Develop POA&M , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "cc057769-01d9-95ad-a36f-1e62a7f9540b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cc057769-01d9-95ad-a36f-1e62a7f9540b Update POA&M items , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "e29a8f1b-149b-2fa3-969d-ebee1baa9472" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e29a8f1b-149b-2fa3-969d-ebee1baa9472 Assign an authorizing official (AO) , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "0716f0f5-4955-2ccb-8d5e-c6be14d57c0f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0716f0f5-4955-2ccb-8d5e-c6be14d57c0f Ensure resources are authorized , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "449ebb52-945b-36e5-3446-af6f33770f8f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/449ebb52-945b-36e5-3446-af6f33770f8f Update the security authorization , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "2927e340-60e4-43ad-6b5f-7a1468232cc2" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2927e340-60e4-43ad-6b5f-7a1468232cc2 Configure detection whitelist , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "5fc24b95-53f7-0ed1-2330-701b539b97fe" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5fc24b95-53f7-0ed1-2330-701b539b97fe Turn on sensors for endpoint security solution , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_CA-7" , "NIST_SP_800-53_R5_SI-4(2)" ] } , { 5 items policyDefinitionReferenceId: "9b55929b-0101-47c0-a16e-d6ac5c7d21f8" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9b55929b-0101-47c0-a16e-d6ac5c7d21f8 Undergo independent security review , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_CA-7" , "NIST_SP_800-53_R5_SA-9" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "b53aa659-513e-032c-52e6-1ce0ba46582f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b53aa659-513e-032c-52e6-1ce0ba46582f Configure actions for noncompliant devices , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_CM-2" , "NIST_SP_800-53_R5_CM-2(2)" ] } , { 5 items policyDefinitionReferenceId: "2f20840e-7925-221c-725d-757442753e7c" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2f20840e-7925-221c-725d-757442753e7c Develop and maintain baseline configurations , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_CM-2" , "NIST_SP_800-53_R5_CM-2(2)" , "NIST_SP_800-53_R5_CM-9" ] } , { 5 items policyDefinitionReferenceId: "058e9719-1ff9-3653-4230-23f76b6492e0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/058e9719-1ff9-3653-4230-23f76b6492e0 Enforce security configuration settings , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_CM-2" , "NIST_SP_800-53_R5_CM-2(2)" , "NIST_SP_800-53_R5_CM-6" , "NIST_SP_800-53_R5_CM-6(1)" ] } , { 5 items policyDefinitionReferenceId: "7380631c-5bf5-0e3a-4509-0873becd8a63" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7380631c-5bf5-0e3a-4509-0873becd8a63 Establish a configuration control board , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_CM-2" , "NIST_SP_800-53_R5_CM-2(2)" ] } , { 5 items policyDefinitionReferenceId: "526ed90e-890f-69e7-0386-ba5c0f1f784f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/526ed90e-890f-69e7-0386-ba5c0f1f784f Establish and document a configuration management plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_CM-2" , "NIST_SP_800-53_R5_CM-2(2)" , "NIST_SP_800-53_R5_CM-9" ] } , { 5 items policyDefinitionReferenceId: "33832848-42ab-63f3-1a55-c0ad309d44cd" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/33832848-42ab-63f3-1a55-c0ad309d44cd Implement an automated configuration management tool , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_CM-2" , "NIST_SP_800-53_R5_CM-2(2)" , "NIST_SP_800-53_R5_CM-9" ] } , { 5 items policyDefinitionReferenceId: "5e4e9685-3818-5934-0071-2620c4fa2ca5" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5e4e9685-3818-5934-0071-2620c4fa2ca5 Retain previous versions of baseline configs , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CM-2(3)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "bd4dc286-2f30-5b95-777c-681f3a7913d3" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bd4dc286-2f30-5b95-777c-681f3a7913d3 Establish and document change control processes , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_CM-3" , "NIST_SP_800-53_R5_CM-3(2)" , "NIST_SP_800-53_R5_CM-4" , "NIST_SP_800-53_R5_CM-4(1)" , "NIST_SP_800-53_R5_CM-5" ] } , { 5 items policyDefinitionReferenceId: "8747b573-8294-86a0-8914-49e9b06a5ace" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8747b573-8294-86a0-8914-49e9b06a5ace Establish configuration management requirements for developers , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_CM-3" , "NIST_SP_800-53_R5_CM-3(2)" , "NIST_SP_800-53_R5_CM-4" , "NIST_SP_800-53_R5_CM-4(1)" ] } , { 5 items policyDefinitionReferenceId: "1282809c-9001-176b-4a81-260a085f4872" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1282809c-9001-176b-4a81-260a085f4872 Perform audit for configuration change control , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_CM-3" , "NIST_SP_800-53_R5_CM-3(2)" , "NIST_SP_800-53_R5_CM-4" , "NIST_SP_800-53_R5_CM-4(1)" ] } , { 5 items policyDefinitionReferenceId: "203101f5-99a3-1491-1b56-acccd9b66a9e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/203101f5-99a3-1491-1b56-acccd9b66a9e Conduct a security impact analysis , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_CM-3" , "NIST_SP_800-53_R5_CM-4" , "NIST_SP_800-53_R5_CM-4(1)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "d36700f2-2f0d-7c2a-059c-bdadd1d79f70" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d36700f2-2f0d-7c2a-059c-bdadd1d79f70 Establish a risk management strategy , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_CM-3" , "NIST_SP_800-53_R5_CM-4" ] } , { 5 items policyDefinitionReferenceId: "d18af1ac-0086-4762-6dc8-87cdded90e39" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d18af1ac-0086-4762-6dc8-87cdded90e39 Perform a privacy impact assessment , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_CM-3" , "NIST_SP_800-53_R5_CM-4" , "NIST_SP_800-53_R5_CM-4(1)" ] } , { 5 items policyDefinitionReferenceId: "8c5d3d8d-5cba-0def-257c-5ab9ea9644dc" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8c5d3d8d-5cba-0def-257c-5ab9ea9644dc Perform a risk assessment , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_CM-3" , "NIST_SP_800-53_R5_CM-4" , "NIST_SP_800-53_R5_RA-3" ] } , { 5 items policyDefinitionReferenceId: "5c40f27b-6791-18c5-3f85-7b863bd99c11" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5c40f27b-6791-18c5-3f85-7b863bd99c11 Automate proposed documented changes , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CM-3(1)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "8cd815bf-97e1-5144-0735-11f6ddb50a59" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8cd815bf-97e1-5144-0735-11f6ddb50a59 Enforce and audit access restrictions , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CM-5(1)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "585af6e9-90c0-4575-67a7-2f9548972e32" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/585af6e9-90c0-4575-67a7-2f9548972e32 Review and reevaluate privileges , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CM-5(5)" ] } , { 5 items policyDefinitionReferenceId: "be38a620-000b-21cf-3cb3-ea151b704c3b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/be38a620-000b-21cf-3cb3-ea151b704c3b Remediate information system flaws , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 9 items "NIST_SP_800-53_R5_CM-6" , "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_RA-5(2)" , "NIST_SP_800-53_R5_RA-5(3)" , "NIST_SP_800-53_R5_RA-5(6)" , "NIST_SP_800-53_R5_SA-10" , "NIST_SP_800-53_R5_SA-11" , "NIST_SP_800-53_R5_SI-2" , "NIST_SP_800-53_R5_SI-2(2)" ] } , { 5 items policyDefinitionReferenceId: "5c33538e-02f8-0a7f-998b-a4c1e22076d3" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5c33538e-02f8-0a7f-998b-a4c1e22076d3 Govern compliance of cloud service providers , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CM-6(1)" ] } , { 5 items policyDefinitionReferenceId: "0123edae-3567-a05a-9b05-b53ebe9d3e7e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0123edae-3567-a05a-9b05-b53ebe9d3e7e View and configure system diagnostic data , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_CM-6(1)" , "NIST_SP_800-53_R5_SI-7(1)" ] } , { 5 items policyDefinitionReferenceId: "043c1e56-5a16-52f8-6af8-583098ff3e60" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/043c1e56-5a16-52f8-6af8-583098ff3e60 Create a data inventory , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_CM-8" , "NIST_SP_800-53_R5_CM-8(1)" , "NIST_SP_800-53_R5_CM-8(4)" ] } , { 5 items policyDefinitionReferenceId: "92ede480-154e-0e22-4dca-8b46a74a3a51" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/92ede480-154e-0e22-4dca-8b46a74a3a51 Maintain records of processing of personal data , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_CM-8" , "NIST_SP_800-53_R5_CM-8(1)" ] } , { 5 items policyDefinitionReferenceId: "426c172c-9914-10d1-25dd-669641fc1af4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/426c172c-9914-10d1-25dd-669641fc1af4 Enable detection of network devices , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CM-8(3)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "27965e62-141f-8cca-426f-d09514ee5216" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/27965e62-141f-8cca-426f-d09514ee5216 Establish and maintain an asset inventory , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_CM-8(4)" , "NIST_SP_800-53_R5_PE-3" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "04837a26-2601-1982-3da7-bf463e6408f4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/04837a26-2601-1982-3da7-bf463e6408f4 Develop configuration management plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "874a6f2e-2098-53bc-3a16-20dcdc425a7e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/874a6f2e-2098-53bc-3a16-20dcdc425a7e Create configuration plan protection , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "77cc89bb-774f-48d7-8a84-fb8c322c3000" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/77cc89bb-774f-48d7-8a84-fb8c322c3000 Track software license usage , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CM-10" ] } , { 5 items policyDefinitionReferenceId: "08c11b48-8745-034d-1c1b-a144feec73b9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/08c11b48-8745-034d-1c1b-a144feec73b9 Restrict use of open source software , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CM-10(1)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "aa305b4d-8c84-1754-0c74-dec004e66be0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/aa305b4d-8c84-1754-0c74-dec004e66be0 Develop contingency plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "eff6e4a5-3efe-94dd-2ed1-25d56a019a82" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eff6e4a5-3efe-94dd-2ed1-25d56a019a82 Distribute policies and procedures , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "c5784049-959f-6067-420c-f4cefae93076" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c5784049-959f-6067-420c-f4cefae93076 Coordinate contingency plans with related plans , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_CP-2" , "NIST_SP_800-53_R5_CP-2(1)" , "NIST_SP_800-53_R5_CP-4(1)" , "NIST_SP_800-53_R5_IR-4" ] } , { 5 items policyDefinitionReferenceId: "53fc1282-0ee3-2764-1319-e20143bb0ea5" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/53fc1282-0ee3-2764-1319-e20143bb0ea5 Review contingency plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "14a4fd0a-9100-1e12-1362-792014a28155" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/14a4fd0a-9100-1e12-1362-792014a28155 Update contingency plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "a1334a65-2622-28ee-5067-9d7f5b915cc5" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a1334a65-2622-28ee-5067-9d7f5b915cc5 Communicate contingency plan changes , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "33602e78-35e3-4f06-17fb-13dd887448e4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/33602e78-35e3-4f06-17fb-13dd887448e4 Conduct capacity planning , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CP-2(2)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "de936662-13dc-204c-75ec-1af80f994088" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/de936662-13dc-204c-75ec-1af80f994088 Provide contingency training , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "9c954fcf-6dd8-81f1-41b5-832ae5c62caf" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9c954fcf-6dd8-81f1-41b5-832ae5c62caf Incorporate simulated contingency training , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CP-3(1)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "af5ff768-a34b-720e-1224-e6b3214f3ba6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/af5ff768-a34b-720e-1224-e6b3214f3ba6 Establish an alternate processing site , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_CP-7" , "NIST_SP_800-53_R5_CP-7(1)" , "NIST_SP_800-53_R5_CP-7(2)" , "NIST_SP_800-53_R5_CP-7(3)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "fc26e2fd-3149-74b4-5988-d64bb90f8ef7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fc26e2fd-3149-74b4-5988-d64bb90f8ef7 Separately store backup information , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CP-9(3)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "ba02d0a0-566a-25dc-73f1-101c726a19c5" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ba02d0a0-566a-25dc-73f1-101c726a19c5 Implement transaction based recovery , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CP-10(2)" ] } , { 5 items policyDefinitionReferenceId: "f801d58e-5659-9a4a-6e8d-02c9334732e5" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f801d58e-5659-9a4a-6e8d-02c9334732e5 Restore resources to operational state , definitionVersion: 1.*.*1.1.1 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_CP-10(4)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "e336d5f4-4d8f-0059-759c-ae10f63d1747" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e336d5f4-4d8f-0059-759c-ae10f63d1747 Enforce user uniqueness , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "7d7a8356-5c34-9a95-3118-1424cfaf192a" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7d7a8356-5c34-9a95-3118-1424cfaf192a Adopt biometric authentication mechanisms , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IA-2(1)" , "NIST_SP_800-53_R5_IA-2(2)" ] } , { 5 items policyDefinitionReferenceId: "08ad71d0-52be-6503-4908-e015460a16ae" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/08ad71d0-52be-6503-4908-e015460a16ae Require use of individual authenticators , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IA-2(5)" ] } , { 5 items policyDefinitionReferenceId: "f29b17a4-0df2-8a50-058a-8570f9979d28" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f29b17a4-0df2-8a50-058a-8570f9979d28 Assign system identifiers , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "ca748dfe-3e28-1d18-4221-89aea30aa0a5" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ca748dfe-3e28-1d18-4221-89aea30aa0a5 Identify status of individual users , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IA-4(4)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "921ae4c1-507f-5ddb-8a58-cfa9b5fd96f0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/921ae4c1-507f-5ddb-8a58-cfa9b5fd96f0 Establish authenticator types and processes , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IA-5" , "NIST_SP_800-53_R5_IA-5(2)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "4aacaec9-0628-272c-3e83-0d68446694e0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4aacaec9-0628-272c-3e83-0d68446694e0 Manage Authenticators , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "3ae68d9a-5696-8c32-62d3-c6f9c52e437c" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3ae68d9a-5696-8c32-62d3-c6f9c52e437c Refresh authenticators , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "d8bbd80e-3bb1-5983-06c2-428526ec6a63" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d8bbd80e-3bb1-5983-06c2-428526ec6a63 Establish a password policy , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IA-5(1)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "b2d3e5a2-97ab-5497-565a-71172a729d93" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b2d3e5a2-97ab-5497-565a-71172a729d93 Protect passwords with encryption , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IA-5(1)" , "NIST_SP_800-53_R5_SC-8" ] } , { 5 items policyDefinitionReferenceId: "8d140e8b-76c7-77de-1d46-ed1b2e112444" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8d140e8b-76c7-77de-1d46-ed1b2e112444 Restrict access to private keys , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IA-5(2)" , "NIST_SP_800-53_R5_SC-12" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "4012c2b7-4e0e-a7ab-1688-4aab43f14420" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4012c2b7-4e0e-a7ab-1688-4aab43f14420 Map authenticated identities to individuals , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IA-5(2)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "c7e8ddc1-14aa-1814-7fe1-aad1742b27da" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c7e8ddc1-14aa-1814-7fe1-aad1742b27da Enforce expiration of cached authenticators , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IA-5(13)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "6f1de470-79f3-1572-866e-db0771352fc8" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6f1de470-79f3-1572-866e-db0771352fc8 Authenticate to cryptographic module , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "55be3260-a7a2-3c06-7fe6-072d07525ab7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/55be3260-a7a2-3c06-7fe6-072d07525ab7 Accept PIV credentials , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IA-8(1)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "a8df9c78-4044-98be-2c05-31a315ac8957" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a8df9c78-4044-98be-2c05-31a315ac8957 Conform to FICAM-issued profiles , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IA-8(4)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "2d4d0e90-32d9-4deb-2166-a00d51ed57c0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2d4d0e90-32d9-4deb-2166-a00d51ed57c0 Provide information spillage training , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IR-2" , "NIST_SP_800-53_R5_IR-9(2)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "c8aa992d-76b7-7ca0-07b3-31a58d773fa9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c8aa992d-76b7-7ca0-07b3-31a58d773fa9 Employ automated training environment , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IR-2(2)" ] } , { 5 items policyDefinitionReferenceId: "3545c827-26ee-282d-4629-23952a12008b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3545c827-26ee-282d-4629-23952a12008b Conduct incident response testing , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IR-3" , "NIST_SP_800-53_R5_IR-3(2)" ] } , { 5 items policyDefinitionReferenceId: "84245967-7882-54f6-2d34-85059f725b47" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/84245967-7882-54f6-2d34-85059f725b47 Establish an information security program , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IR-3" , "NIST_SP_800-53_R5_IR-3(2)" ] } , { 5 items policyDefinitionReferenceId: "a8f9c283-9a66-3eb3-9e10-bdba95b85884" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a8f9c283-9a66-3eb3-9e10-bdba95b85884 Run simulation attacks , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_IR-3" , "NIST_SP_800-53_R5_IR-3(2)" , "NIST_SP_800-53_R5_PE-13(1)" ] } , { 5 items policyDefinitionReferenceId: "2b4e134f-1e4c-2bff-573e-082d85479b6e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2b4e134f-1e4c-2bff-573e-082d85479b6e Develop an incident response plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 6 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-4(1)" , "NIST_SP_800-53_R5_IR-7(1)" , "NIST_SP_800-53_R5_IR-8" , "NIST_SP_800-53_R5_IR-9" , "NIST_SP_800-53_R5_SI-4(5)" ] } , { 5 items policyDefinitionReferenceId: "423f6d9c-0c73-9cc6-64f4-b52242490368" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/423f6d9c-0c73-9cc6-64f4-b52242490368 Develop security safeguards , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-9(4)" ] } , { 5 items policyDefinitionReferenceId: "8c255136-994b-9616-79f5-ae87810e0dcf" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8c255136-994b-9616-79f5-ae87810e0dcf Enable network protection , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-4(1)" , "NIST_SP_800-53_R5_IR-7(1)" ] } , { 5 items policyDefinitionReferenceId: "54a9c072-4a93-2a03-6a43-a060d30383d7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/54a9c072-4a93-2a03-6a43-a060d30383d7 Eradicate contaminated information , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-7(1)" , "NIST_SP_800-53_R5_IR-9" ] } , { 5 items policyDefinitionReferenceId: "ba78efc6-795c-64f4-7a02-91effbd34af9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ba78efc6-795c-64f4-7a02-91effbd34af9 Execute actions in response to information spills , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-7(1)" , "NIST_SP_800-53_R5_IR-9" ] } , { 5 items policyDefinitionReferenceId: "433de59e-7a53-a766-02c2-f80f8421469a" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/433de59e-7a53-a766-02c2-f80f8421469a Implement incident handling , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-4(1)" , "NIST_SP_800-53_R5_IR-4(4)" , "NIST_SP_800-53_R5_IR-7(1)" , "NIST_SP_800-53_R5_IR-8" ] } , { 5 items policyDefinitionReferenceId: "50e81644-923d-33fc-6ebb-9733bc8d1a06" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/50e81644-923d-33fc-6ebb-9733bc8d1a06 Perform a trend analysis on threats , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-7(1)" , "NIST_SP_800-53_R5_RA-5(6)" , "NIST_SP_800-53_R5_SI-3" , "NIST_SP_800-53_R5_SI-4" ] } , { 5 items policyDefinitionReferenceId: "98145a9b-428a-7e81-9d14-ebb154a24f93" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/98145a9b-428a-7e81-9d14-ebb154a24f93 View and investigate restricted users , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-7(1)" ] } , { 5 items policyDefinitionReferenceId: "37b0045b-3887-367b-8b4d-b9a6fa911bb9" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/37b0045b-3887-367b-8b4d-b9a6fa911bb9 Assess information security events , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-8" ] } , { 5 items policyDefinitionReferenceId: "37546841-8ea1-5be0-214d-8ac599588332" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/37546841-8ea1-5be0-214d-8ac599588332 Maintain incident response plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IR-4" , "NIST_SP_800-53_R5_IR-8" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "98e33927-8d7f-6d5f-44f5-2469b40b7215" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/98e33927-8d7f-6d5f-44f5-2469b40b7215 Implement Incident handling capability , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IR-4(6)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "2c6bee3a-2180-2430-440d-db3c7a849870" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2c6bee3a-2180-2430-440d-db3c7a849870 Document security operations , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_IR-6(1)" , "NIST_SP_800-53_R5_IR-7" , "NIST_SP_800-53_R5_SI-4(2)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "037c0089-6606-2dab-49ad-437005b5035f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/037c0089-6606-2dab-49ad-437005b5035f Identify incident response personnel , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IR-7(2)" ] } , { 5 items policyDefinitionReferenceId: "0fd1ca29-677b-2f12-1879-639716459160" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0fd1ca29-677b-2f12-1879-639716459160 Maintain data breach records , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "2401b496-7f23-79b2-9f80-89bb5abf3d4a" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2401b496-7f23-79b2-9f80-89bb5abf3d4a Protect incident response plan , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "69d90ee6-9f9f-262a-2038-d909fb4e5723" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/69d90ee6-9f9f-262a-2038-d909fb4e5723 Identify spilled information , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "9622aaa9-5c49-40e2-5bf8-660b7cd23deb" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9622aaa9-5c49-40e2-5bf8-660b7cd23deb Alert personnel of information spillage , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_IR-9" , "NIST_SP_800-53_R5_SI-4(5)" ] } , { 5 items policyDefinitionReferenceId: "22457e81-3ec6-5271-a786-c3ca284601dd" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/22457e81-3ec6-5271-a786-c3ca284601dd Isolate information spills , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "bb048641-6017-7272-7772-a008f285a520" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bb048641-6017-7272-7772-a008f285a520 Develop spillage response procedures , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_IR-9(3)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "b6ad009f-5c24-1dc0-a25e-74b60e4da45f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b6ad009f-5c24-1dc0-a25e-74b60e4da45f Control maintenance and repair activities , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_MA-2" , "NIST_SP_800-53_R5_MA-3" , "NIST_SP_800-53_R5_MA-3(1)" , "NIST_SP_800-53_R5_MA-3(2)" , "NIST_SP_800-53_R5_MA-3(3)" ] } , { 5 items policyDefinitionReferenceId: "eaaae23f-92c9-4460-51cf-913feaea4d52" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eaaae23f-92c9-4460-51cf-913feaea4d52 Employ a media sanitization mechanism , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 7 items "NIST_SP_800-53_R5_MA-2" , "NIST_SP_800-53_R5_MA-3(3)" , "NIST_SP_800-53_R5_MA-5(1)" , "NIST_SP_800-53_R5_MP-4" , "NIST_SP_800-53_R5_MP-6" , "NIST_SP_800-53_R5_MP-6(1)" , "NIST_SP_800-53_R5_MP-6(2)" ] } , { 5 items policyDefinitionReferenceId: "1fb1cb0e-1936-6f32-42fd-89970b535855" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1fb1cb0e-1936-6f32-42fd-89970b535855 Manage nonlocal maintenance and diagnostic activities , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 6 items "NIST_SP_800-53_R5_MA-2" , "NIST_SP_800-53_R5_MA-3" , "NIST_SP_800-53_R5_MA-3(1)" , "NIST_SP_800-53_R5_MA-3(2)" , "NIST_SP_800-53_R5_MA-3(3)" , "NIST_SP_800-53_R5_MA-4" ] } , { 5 items policyDefinitionReferenceId: "b8587fce-138f-86e8-33a3-c60768bf1da6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8587fce-138f-86e8-33a3-c60768bf1da6 Automate remote maintenance activities , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_MA-2(2)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "5bac5fb7-7735-357b-767d-02264bfe5c3b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5bac5fb7-7735-357b-767d-02264bfe5c3b Perform all non-local maintenance , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_MA-4(3)" ] } , { 5 items policyDefinitionReferenceId: "10c3a1b1-29b0-a2d5-8f4c-a284b0f07830" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/10c3a1b1-29b0-a2d5-8f4c-a284b0f07830 Implement cryptographic mechanisms , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_MA-4(6)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "b273f1e3-79e7-13ee-5b5d-dca6c66c3d5d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b273f1e3-79e7-13ee-5b5d-dca6c66c3d5d Manage maintenance personnel , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "eb598832-4bcc-658d-4381-3ecbe17b9866" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eb598832-4bcc-658d-4381-3ecbe17b9866 Provide timely maintenance support , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "4ac81669-00e2-9790-8648-71bc11bc91eb" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4ac81669-00e2-9790-8648-71bc11bc91eb Manage the transportation of assets , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_MP-5" , "NIST_SP_800-53_R5_PE-16" ] } , { 5 items policyDefinitionReferenceId: "6122970b-8d4a-7811-0278-4c6c68f61e4f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6122970b-8d4a-7811-0278-4c6c68f61e4f Restrict media use , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "55a7f9a0-6397-7589-05ef-5ed59a8149e7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/55a7f9a0-6397-7589-05ef-5ed59a8149e7 Control physical access , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 6 items "NIST_SP_800-53_R5_PE-2" , "NIST_SP_800-53_R5_PE-3" , "NIST_SP_800-53_R5_PE-4" , "NIST_SP_800-53_R5_PE-5" , "NIST_SP_800-53_R5_PE-8" , "NIST_SP_800-53_R5_SI-12" ] } , { 5 items policyDefinitionReferenceId: "05ec66a2-137c-14b8-8e75-3d7a2bef07f8" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/05ec66a2-137c-14b8-8e75-3d7a2bef07f8 Implement physical security for offices, working areas, and secure areas , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 11 items "NIST_SP_800-53_R5_PE-3" , "NIST_SP_800-53_R5_PE-4" , "NIST_SP_800-53_R5_PE-5" , "NIST_SP_800-53_R5_PE-8" , "NIST_SP_800-53_R5_PE-13" , "NIST_SP_800-53_R5_PE-13(1)" , "NIST_SP_800-53_R5_PE-13(2)" , "NIST_SP_800-53_R5_PE-14" , "NIST_SP_800-53_R5_PE-14(2)" , "NIST_SP_800-53_R5_PE-15" , "NIST_SP_800-53_R5_PE-18" ] } , { 5 items policyDefinitionReferenceId: "51e4b233-8ee3-8bdc-8f5f-f33bd0d229b7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/51e4b233-8ee3-8bdc-8f5f-f33bd0d229b7 Define a physical key management process , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_PE-3" , "NIST_SP_800-53_R5_SC-12" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "aa0ddd99-43eb-302d-3f8f-42b499182960" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/aa0ddd99-43eb-302d-3f8f-42b499182960 Install an alarm system , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_PE-6(1)" , "NIST_SP_800-53_R5_PE-14(2)" ] } , { 5 items policyDefinitionReferenceId: "f2222056-062d-1060-6dc2-0107a68c34b2" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f2222056-062d-1060-6dc2-0107a68c34b2 Manage a secure surveillance camera system , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_PE-6(1)" ] } , { 5 items policyDefinitionReferenceId: "aa892c0d-2c40-200c-0dd8-eac8c4748ede" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/aa892c0d-2c40-200c-0dd8-eac8c4748ede Employ automatic emergency lighting , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_PE-12" ] } , { 5 items policyDefinitionReferenceId: "c2eabc28-1e5c-78a2-a712-7cc176c44c07" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c2eabc28-1e5c-78a2-a712-7cc176c44c07 Implement a penetration testing methodology , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_PE-13(1)" ] } , { 5 items policyDefinitionReferenceId: "25a1f840-65d0-900a-43e4-bee253de04de" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/25a1f840-65d0-900a-43e4-bee253de04de Define requirements for managing assets , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_PE-16" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "6b957f60-54cd-5752-44d5-ff5a64366c93" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6b957f60-54cd-5752-44d5-ff5a64366c93 Develop SSP that meets criteria , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "39eb03c1-97cc-11ab-0960-6209ed2869f7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/39eb03c1-97cc-11ab-0960-6209ed2869f7 Establish a privacy program , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_PL-2" , "NIST_SP_800-53_R5_SA-2" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "42116f15-5665-a52a-87bb-b40e64c74b6c" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/42116f15-5665-a52a-87bb-b40e64c74b6c Develop acceptable use policies and procedures , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_PL-4" , "NIST_SP_800-53_R5_PL-4(1)" ] } , { 5 items policyDefinitionReferenceId: "509552f5-6528-3540-7959-fbeae4832533" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/509552f5-6528-3540-7959-fbeae4832533 Enforce rules of behavior and access agreements , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_PL-4" , "NIST_SP_800-53_R5_PS-6" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "5fe84a4c-1b0c-a738-2aba-ed49c9069d3b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5fe84a4c-1b0c-a738-2aba-ed49c9069d3b Prohibit unfair practices , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "b7897ddc-9716-2460-96f7-7757ad038cc4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b7897ddc-9716-2460-96f7-7757ad038cc4 Assign risk designations , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "e0c480bf-0d68-a42d-4cbb-b60f851f8716" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e0c480bf-0d68-a42d-4cbb-b60f851f8716 Implement personnel screening , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "a315c657-4a00-8eba-15ac-44692ad24423" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a315c657-4a00-8eba-15ac-44692ad24423 Protect special information , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_PS-3(3)" , "NIST_SP_800-53_R5_SC-28" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "c79d378a-2521-822a-0407-57454f8d2c74" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c79d378a-2521-822a-0407-57454f8d2c74 Notify upon termination or transfer , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_PS-4" , "NIST_SP_800-53_R5_PS-5" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "5decc032-95bd-2163-9549-a41aba83228e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5decc032-95bd-2163-9549-a41aba83228e Implement formal sanctions process , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "6228396e-2ace-7ca5-3247-45767dbf52f4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6228396e-2ace-7ca5-3247-45767dbf52f4 Notify personnel upon sanctions , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "93fa357f-2e38-22a9-5138-8cc5124e1923" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/93fa357f-2e38-22a9-5138-8cc5124e1923 Categorize information , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "e23444b9-9662-40f3-289e-6d25c02b48fa" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e23444b9-9662-40f3-289e-6d25c02b48fa Review label activity and analytics , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_RA-2" , "NIST_SP_800-53_R5_SI-12" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "677e1da4-00c3-287a-563d-f4a1cf9b99a0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/677e1da4-00c3-287a-563d-f4a1cf9b99a0 Conduct Risk Assessment , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "3c5e0e1a-216f-8f49-0a15-76ed0d8b8e1f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3c5e0e1a-216f-8f49-0a15-76ed0d8b8e1f Perform vulnerability scans , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 7 items "NIST_SP_800-53_R5_RA-5" , "NIST_SP_800-53_R5_RA-5(2)" , "NIST_SP_800-53_R5_RA-5(3)" , "NIST_SP_800-53_R5_RA-5(6)" , "NIST_SP_800-53_R5_SA-10" , "NIST_SP_800-53_R5_SA-11" , "NIST_SP_800-53_R5_SI-3" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "ff136354-1c92-76dc-2dab-80fb7c6a9f1a" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ff136354-1c92-76dc-2dab-80fb7c6a9f1a Observe and report security weaknesses , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_RA-5(6)" ] } , { 5 items policyDefinitionReferenceId: "bf883b14-9c19-0f37-8825-5e39a8b66d5b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bf883b14-9c19-0f37-8825-5e39a8b66d5b Perform threat modeling , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_RA-5(6)" ] } , { 5 items policyDefinitionReferenceId: "a30bd8e9-7064-312a-0e1f-e1b485d59f6e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a30bd8e9-7064-312a-0e1f-e1b485d59f6e Review exploit protection events , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_RA-5(8)" ] } , { 5 items policyDefinitionReferenceId: "e3905a3c-97e7-0b4f-15fb-465c0927536f" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e3905a3c-97e7-0b4f-15fb-465c0927536f Correlate Vulnerability scan information , definitionVersion: 1.*.*1.1.1 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_RA-5(10)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "33d34fac-56a8-1c0f-0636-3ed94892a709" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/33d34fac-56a8-1c0f-0636-3ed94892a709 Govern the allocation of resources , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SA-2" , "NIST_SP_800-53_R5_SC-6" ] } , { 5 items policyDefinitionReferenceId: "70057208-70cc-7b31-3c3a-121af6bc1966" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/70057208-70cc-7b31-3c3a-121af6bc1966 Secure commitment from leadership , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SA-2" , "NIST_SP_800-53_R5_SC-6" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "8b333332-6efd-7c0d-5a9f-d1eb95105214" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8b333332-6efd-7c0d-5a9f-d1eb95105214 Employ FIPS 201-approved technology for PIV , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SA-4(10)" ] } , { 5 items policyDefinitionReferenceId: "3f1216b0-30ee-1ac9-3899-63eb744e85f5" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3f1216b0-30ee-1ac9-3899-63eb744e85f5 Obtain Admin documentation , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "8c44a0ea-9b09-4d9c-0e91-f9bee3d05bfb" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8c44a0ea-9b09-4d9c-0e91-f9bee3d05bfb Document customer-defined actions , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "0d04cb93-a0f1-2f4b-4b1b-a72a1b510d08" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0d04cb93-a0f1-2f4b-4b1b-a72a1b510d08 Assess risk in third party relationships , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SA-9(1)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "46ab2c5e-6654-1f58-8c83-e97a44f39308" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/46ab2c5e-6654-1f58-8c83-e97a44f39308 Identify external service providers , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SA-9(2)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "318b2bd9-9c39-9f8b-46a7-048401f33476" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/318b2bd9-9c39-9f8b-46a7-048401f33476 Address coding vulnerabilities , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SA-10" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "db28735f-518f-870e-15b4-49623cbe3aa0" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/db28735f-518f-870e-15b4-49623cbe3aa0 Verify software, firmware and information integrity , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 4 items "NIST_SP_800-53_R5_SA-10(1)" , "NIST_SP_800-53_R5_SC-21" , "NIST_SP_800-53_R5_SI-7" , "NIST_SP_800-53_R5_SI-7(1)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "676c3c35-3c36-612c-9523-36d266a65000" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/676c3c35-3c36-612c-9523-36d266a65000 Require developers to provide training , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SA-16" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "edcc36f1-511b-81e0-7125-abee29752fe7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/edcc36f1-511b-81e0-7125-abee29752fe7 Manage availability and capacity , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "01ae60e2-38bb-0a32-7b20-d3a091423409" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/01ae60e2-38bb-0a32-7b20-d3a091423409 Implement system boundary protection , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 5 items "NIST_SP_800-53_R5_SC-7" , "NIST_SP_800-53_R5_SC-7(4)" , "NIST_SP_800-53_R5_SC-7(12)" , "NIST_SP_800-53_R5_SC-7(18)" , "NIST_SP_800-53_R5_SI-4(4)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "ff1efad2-6b09-54cc-01bf-d386c4d558a8" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ff1efad2-6b09-54cc-01bf-d386c4d558a8 Secure the interface to external systems , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SC-7(4)" ] } , { 5 items policyDefinitionReferenceId: "66e5cb69-9f1c-8b8d-8fbd-b832466d5aa8" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/66e5cb69-9f1c-8b8d-8fbd-b832466d5aa8 Prevent split tunneling for remote devices , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SC-7(7)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "d6653f89-7cb5-24a4-9d71-51581038231b" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d6653f89-7cb5-24a4-9d71-51581038231b Reauthenticate or terminate a user session , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SC-10" ] } , { 5 items policyDefinitionReferenceId: "c4ccd607-702b-8ae6-8eeb-fc3339cd4b42" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c4ccd607-702b-8ae6-8eeb-fc3339cd4b42 Define cryptographic use , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SC-12" , "NIST_SP_800-53_R5_SC-13" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "7a0ecd94-3699-5273-76a5-edb8499f655a" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7a0ecd94-3699-5273-76a5-edb8499f655a Determine assertion requirements , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SC-12" ] } , { 5 items policyDefinitionReferenceId: "97d91b33-7050-237b-3e23-a77d57d84e13" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/97d91b33-7050-237b-3e23-a77d57d84e13 Issue public key certificates , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SC-12" , "NIST_SP_800-53_R5_SC-17" ] } , { 5 items policyDefinitionReferenceId: "9c276cf3-596f-581a-7fbd-f5e46edaa0f4" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9c276cf3-596f-581a-7fbd-f5e46edaa0f4 Manage symmetric cryptographic keys , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SC-12" ] } , { 5 items policyDefinitionReferenceId: "3ad7f0bc-3d03-0585-4d24-529779bb02c2" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3ad7f0bc-3d03-0585-4d24-529779bb02c2 Maintain availability of information , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SC-12(1)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "ced727b3-005e-3c5b-5cd5-230b79d56ee8" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ced727b3-005e-3c5b-5cd5-230b79d56ee8 Implement a fault tolerant name/address service , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 3 items "NIST_SP_800-53_R5_SC-20" , "NIST_SP_800-53_R5_SC-21" , "NIST_SP_800-53_R5_SC-22" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "c7d57a6a-7cc2-66c0-299f-83bf90558f5d" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c7d57a6a-7cc2-66c0-299f-83bf90558f5d Enforce random unique session identifiers , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SC-23" ] } , { 5 items policyDefinitionReferenceId: "396f465d-375e-57de-58ba-021adb008191" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/396f465d-375e-57de-58ba-021adb008191 Invalidate session identifiers at logout , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SC-23(1)" ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "a90c4d44-7fac-8e02-6d5b-0d92046b20e6" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a90c4d44-7fac-8e02-6d5b-0d92046b20e6 Automate flaw remediation , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-2(2)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "dd2523d5-2db3-642b-a1cf-83ac973b32c2" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/dd2523d5-2db3-642b-a1cf-83ac973b32c2 Establish benchmarks for flaw remediation , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-2(3)" ] } , { 5 items policyDefinitionReferenceId: "63f63e71-6c3f-9add-4c43-64de23e554a7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/63f63e71-6c3f-9add-4c43-64de23e554a7 Manage gateways , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 2 items "NIST_SP_800-53_R5_SI-3" , "NIST_SP_800-53_R5_SI-4(4)" ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "ea9d7c95-2f10-8a4d-61d8-7469bd2e8d65" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ea9d7c95-2f10-8a4d-61d8-7469bd2e8d65 Update antivirus definitions , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "e4e1f896-8a93-1151-43c7-0ad23b081ee2" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e4e1f896-8a93-1151-43c7-0ad23b081ee2 Authorize, monitor, and control voip , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-4(4)" ] } , { 5 items policyDefinitionReferenceId: "8f835d6a-4d13-9a9c-37dc-176cebd37fda" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8f835d6a-4d13-9a9c-37dc-176cebd37fda Document wireless access security controls , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-4(14)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "07b42fb5-027e-5a3c-4915-9d9ef3020ec7" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/07b42fb5-027e-5a3c-4915-9d9ef3020ec7 Discover any indicators of compromise , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-4(24)" ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "171e377b-5224-4a97-1eaa-62a3b5231dac" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/171e377b-5224-4a97-1eaa-62a3b5231dac Generate internal security alerts , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items policyDefinitionReferenceId: "26d178a4-9261-6f04-a100-47ed85314c6e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/26d178a4-9261-6f04-a100-47ed85314c6e Implement security directives , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items policyDefinitionReferenceId: "b8689b2e-4308-a58b-a0b4-6f3343a000df" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8689b2e-4308-a58b-a0b4-6f3343a000df Use automated mechanisms for security alerts , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-5(1)" ] } , { 5 items policyDefinitionReferenceId: "ece8bb17-4080-5127-915f-dc7267ee8549" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ece8bb17-4080-5127-915f-dc7267ee8549 Verify security functions , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item ] } , { 5 items } , { 5 items } , { 5 items } , { 5 items } , { 5 items policyDefinitionReferenceId: "8b1f29eb-1b22-4217-5337-9207cb55231e" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8b1f29eb-1b22-4217-5337-9207cb55231e Perform information input validation , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-10" ] } , { 5 items policyDefinitionReferenceId: "c2cb4658-44dc-9d11-3dad-7c6802dd5ba3" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c2cb4658-44dc-9d11-3dad-7c6802dd5ba3 Generate error messages , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-11" ] } , { 5 items policyDefinitionReferenceId: "20762f1e-85fb-31b0-a600-e833633f10fe" , policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/20762f1e-85fb-31b0-a600-e833633f10fe Reveal error messages , definitionVersion: 1.*.*1.1.0 , parameters: {} , groupNames: [ 1 item "NIST_SP_800-53_R5_SI-11" ] } ] , policyDefinitionGroups: [ 970 items { 2 items name: "NIST_SP_800-53_R5_AC-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-1" } , { 2 items name: "NIST_SP_800-53_R5_AC-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(5)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(6)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(7)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(8)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(9)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(11)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(12)" } , { 2 items name: "NIST_SP_800-53_R5_AC-2(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(13)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(5)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(7)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(8)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(9)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(10)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(11)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(12)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(13)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(14)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(14)" } , { 2 items name: "NIST_SP_800-53_R5_AC-3(15)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(15)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(5)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(6)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(7)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(8)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(9)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(10)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(11)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(12)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(13)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(14)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(14)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(15)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(15)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(17)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(17)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(19)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(19)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(20)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(20)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(21)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(21)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(22)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(22)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(23)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(23)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(24)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(24)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(25)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(25)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(26)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(26)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(27)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(27)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(28)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(28)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(29)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(29)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(30)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(30)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(31)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(31)" } , { 2 items name: "NIST_SP_800-53_R5_AC-4(32)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(32)" } , { 2 items name: "NIST_SP_800-53_R5_AC-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-5" } , { 2 items name: "NIST_SP_800-53_R5_AC-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(5)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(6)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(7)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(8)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(9)" } , { 2 items name: "NIST_SP_800-53_R5_AC-6(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(10)" } , { 2 items name: "NIST_SP_800-53_R5_AC-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-7" } , { 2 items name: "NIST_SP_800-53_R5_AC-7(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-7(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-7(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-7(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-7(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-7(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-8" } , { 2 items name: "NIST_SP_800-53_R5_AC-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9" } , { 2 items name: "NIST_SP_800-53_R5_AC-9(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-9(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-9(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-9(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-10" } , { 2 items name: "NIST_SP_800-53_R5_AC-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-11" } , { 2 items name: "NIST_SP_800-53_R5_AC-11(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-11(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-12" } , { 2 items name: "NIST_SP_800-53_R5_AC-12(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-12(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-12(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-12(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-12(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-12(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-14" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-14" } , { 2 items name: "NIST_SP_800-53_R5_AC-16" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(5)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(6)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(7)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(8)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(9)" } , { 2 items name: "NIST_SP_800-53_R5_AC-16(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(10)" } , { 2 items name: "NIST_SP_800-53_R5_AC-17" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17" } , { 2 items name: "NIST_SP_800-53_R5_AC-17(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-17(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-17(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-17(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-17(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(6)" } , { 2 items name: "NIST_SP_800-53_R5_AC-17(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(9)" } , { 2 items name: "NIST_SP_800-53_R5_AC-17(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(10)" } , { 2 items name: "NIST_SP_800-53_R5_AC-18" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18" } , { 2 items name: "NIST_SP_800-53_R5_AC-18(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-18(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-18(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-18(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18(5)" } , { 2 items name: "NIST_SP_800-53_R5_AC-19" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-19" } , { 2 items name: "NIST_SP_800-53_R5_AC-19(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-19(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-19(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-19(5)" } , { 2 items name: "NIST_SP_800-53_R5_AC-20" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20" } , { 2 items name: "NIST_SP_800-53_R5_AC-20(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-20(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-20(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(3)" } , { 2 items name: "NIST_SP_800-53_R5_AC-20(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(4)" } , { 2 items name: "NIST_SP_800-53_R5_AC-20(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(5)" } , { 2 items name: "NIST_SP_800-53_R5_AC-21" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-21" } , { 2 items name: "NIST_SP_800-53_R5_AC-21(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-21(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-21(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-21(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-22" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-22" } , { 2 items name: "NIST_SP_800-53_R5_AC-23" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-23" } , { 2 items name: "NIST_SP_800-53_R5_AC-24" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-24" } , { 2 items name: "NIST_SP_800-53_R5_AC-24(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-24(1)" } , { 2 items name: "NIST_SP_800-53_R5_AC-24(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-24(2)" } , { 2 items name: "NIST_SP_800-53_R5_AC-25" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-25" } , { 2 items name: "NIST_SP_800-53_R5_AT-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-1" } , { 2 items name: "NIST_SP_800-53_R5_AT-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2" } , { 2 items name: "NIST_SP_800-53_R5_AT-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_AT-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_AT-2(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(3)" } , { 2 items name: "NIST_SP_800-53_R5_AT-2(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(4)" } , { 2 items name: "NIST_SP_800-53_R5_AT-2(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(5)" } , { 2 items name: "NIST_SP_800-53_R5_AT-2(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(6)" } , { 2 items name: "NIST_SP_800-53_R5_AT-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3" } , { 2 items name: "NIST_SP_800-53_R5_AT-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_AT-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_AT-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_AT-3(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3(5)" } , { 2 items name: "NIST_SP_800-53_R5_AT-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-4" } , { 2 items name: "NIST_SP_800-53_R5_AT-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-6" } , { 2 items name: "NIST_SP_800-53_R5_AU-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-1" } , { 2 items name: "NIST_SP_800-53_R5_AU-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-2" } , { 2 items name: "NIST_SP_800-53_R5_AU-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-3" } , { 2 items name: "NIST_SP_800-53_R5_AU-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_AU-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-4" } , { 2 items name: "NIST_SP_800-53_R5_AU-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5" } , { 2 items name: "NIST_SP_800-53_R5_AU-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-5(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(2)" } , { 2 items name: "NIST_SP_800-53_R5_AU-5(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(3)" } , { 2 items name: "NIST_SP_800-53_R5_AU-5(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(4)" } , { 2 items name: "NIST_SP_800-53_R5_AU-5(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(5)" } , { 2 items name: "NIST_SP_800-53_R5_AU-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6" } , { 2 items name: "NIST_SP_800-53_R5_AU-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_AU-6(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(4)" } , { 2 items name: "NIST_SP_800-53_R5_AU-6(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(5)" } , { 2 items name: "NIST_SP_800-53_R5_AU-6(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(6)" } , { 2 items name: "NIST_SP_800-53_R5_AU-6(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(7)" } , { 2 items name: "NIST_SP_800-53_R5_AU-6(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(8)" } , { 2 items name: "NIST_SP_800-53_R5_AU-6(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(9)" } , { 2 items name: "NIST_SP_800-53_R5_AU-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-7" } , { 2 items name: "NIST_SP_800-53_R5_AU-7(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-7(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-8" } , { 2 items name: "NIST_SP_800-53_R5_AU-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9" } , { 2 items name: "NIST_SP_800-53_R5_AU-9(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-9(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(2)" } , { 2 items name: "NIST_SP_800-53_R5_AU-9(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(3)" } , { 2 items name: "NIST_SP_800-53_R5_AU-9(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(4)" } , { 2 items name: "NIST_SP_800-53_R5_AU-9(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(5)" } , { 2 items name: "NIST_SP_800-53_R5_AU-9(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(6)" } , { 2 items name: "NIST_SP_800-53_R5_AU-9(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(7)" } , { 2 items name: "NIST_SP_800-53_R5_AU-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10" } , { 2 items name: "NIST_SP_800-53_R5_AU-10(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-10(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10(2)" } , { 2 items name: "NIST_SP_800-53_R5_AU-10(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10(3)" } , { 2 items name: "NIST_SP_800-53_R5_AU-10(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10(4)" } , { 2 items name: "NIST_SP_800-53_R5_AU-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-11" } , { 2 items name: "NIST_SP_800-53_R5_AU-11(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-11(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12" } , { 2 items name: "NIST_SP_800-53_R5_AU-12(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-12(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12(2)" } , { 2 items name: "NIST_SP_800-53_R5_AU-12(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12(3)" } , { 2 items name: "NIST_SP_800-53_R5_AU-12(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12(4)" } , { 2 items name: "NIST_SP_800-53_R5_AU-13" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-13" } , { 2 items name: "NIST_SP_800-53_R5_AU-13(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-13(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-13(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-13(2)" } , { 2 items name: "NIST_SP_800-53_R5_AU-13(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-13(3)" } , { 2 items name: "NIST_SP_800-53_R5_AU-14" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-14" } , { 2 items name: "NIST_SP_800-53_R5_AU-14(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-14(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-14(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-14(3)" } , { 2 items name: "NIST_SP_800-53_R5_AU-16" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-16" } , { 2 items name: "NIST_SP_800-53_R5_AU-16(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-16(1)" } , { 2 items name: "NIST_SP_800-53_R5_AU-16(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-16(2)" } , { 2 items name: "NIST_SP_800-53_R5_AU-16(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-16(3)" } , { 2 items name: "NIST_SP_800-53_R5_CA-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-1" } , { 2 items name: "NIST_SP_800-53_R5_CA-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-2" } , { 2 items name: "NIST_SP_800-53_R5_CA-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_CA-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_CA-2(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-2(3)" } , { 2 items name: "NIST_SP_800-53_R5_CA-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-3" } , { 2 items name: "NIST_SP_800-53_R5_CA-3(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-3(6)" } , { 2 items name: "NIST_SP_800-53_R5_CA-3(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-3(7)" } , { 2 items name: "NIST_SP_800-53_R5_CA-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-5" } , { 2 items name: "NIST_SP_800-53_R5_CA-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_CA-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-6" } , { 2 items name: "NIST_SP_800-53_R5_CA-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_CA-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_CA-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7" } , { 2 items name: "NIST_SP_800-53_R5_CA-7(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(1)" } , { 2 items name: "NIST_SP_800-53_R5_CA-7(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(3)" } , { 2 items name: "NIST_SP_800-53_R5_CA-7(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(4)" } , { 2 items name: "NIST_SP_800-53_R5_CA-7(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(5)" } , { 2 items name: "NIST_SP_800-53_R5_CA-7(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(6)" } , { 2 items name: "NIST_SP_800-53_R5_CA-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-8" } , { 2 items name: "NIST_SP_800-53_R5_CA-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_CA-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_CA-8(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-8(3)" } , { 2 items name: "NIST_SP_800-53_R5_CA-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-9" } , { 2 items name: "NIST_SP_800-53_R5_CA-9(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-9(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-1" } , { 2 items name: "NIST_SP_800-53_R5_CM-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2" } , { 2 items name: "NIST_SP_800-53_R5_CM-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_CM-2(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2(3)" } , { 2 items name: "NIST_SP_800-53_R5_CM-2(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2(6)" } , { 2 items name: "NIST_SP_800-53_R5_CM-2(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2(7)" } , { 2 items name: "NIST_SP_800-53_R5_CM-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3" } , { 2 items name: "NIST_SP_800-53_R5_CM-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_CM-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_CM-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_CM-3(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(5)" } , { 2 items name: "NIST_SP_800-53_R5_CM-3(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(6)" } , { 2 items name: "NIST_SP_800-53_R5_CM-3(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(7)" } , { 2 items name: "NIST_SP_800-53_R5_CM-3(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(8)" } , { 2 items name: "NIST_SP_800-53_R5_CM-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-4" } , { 2 items name: "NIST_SP_800-53_R5_CM-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_CM-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5" } , { 2 items name: "NIST_SP_800-53_R5_CM-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-5(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5(4)" } , { 2 items name: "NIST_SP_800-53_R5_CM-5(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5(5)" } , { 2 items name: "NIST_SP_800-53_R5_CM-5(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5(6)" } , { 2 items name: "NIST_SP_800-53_R5_CM-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-6" } , { 2 items name: "NIST_SP_800-53_R5_CM-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(2)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(3)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(4)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(5)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(6)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(7)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(8)" } , { 2 items name: "NIST_SP_800-53_R5_CM-7(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(9)" } , { 2 items name: "NIST_SP_800-53_R5_CM-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8" } , { 2 items name: "NIST_SP_800-53_R5_CM-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_CM-8(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(3)" } , { 2 items name: "NIST_SP_800-53_R5_CM-8(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(4)" } , { 2 items name: "NIST_SP_800-53_R5_CM-8(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(6)" } , { 2 items name: "NIST_SP_800-53_R5_CM-8(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(7)" } , { 2 items name: "NIST_SP_800-53_R5_CM-8(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(8)" } , { 2 items name: "NIST_SP_800-53_R5_CM-8(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(9)" } , { 2 items name: "NIST_SP_800-53_R5_CM-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-9" } , { 2 items name: "NIST_SP_800-53_R5_CM-9(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-9(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-10" } , { 2 items name: "NIST_SP_800-53_R5_CM-10(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-10(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-11" } , { 2 items name: "NIST_SP_800-53_R5_CM-11(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-11(2)" } , { 2 items name: "NIST_SP_800-53_R5_CM-11(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-11(3)" } , { 2 items name: "NIST_SP_800-53_R5_CM-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-12" } , { 2 items name: "NIST_SP_800-53_R5_CM-12(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-12(1)" } , { 2 items name: "NIST_SP_800-53_R5_CM-13" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-13" } , { 2 items name: "NIST_SP_800-53_R5_CM-14" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-14" } , { 2 items name: "NIST_SP_800-53_R5_CP-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-1" } , { 2 items name: "NIST_SP_800-53_R5_CP-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2" } , { 2 items name: "NIST_SP_800-53_R5_CP-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_CP-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_CP-2(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(3)" } , { 2 items name: "NIST_SP_800-53_R5_CP-2(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(5)" } , { 2 items name: "NIST_SP_800-53_R5_CP-2(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(6)" } , { 2 items name: "NIST_SP_800-53_R5_CP-2(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(7)" } , { 2 items name: "NIST_SP_800-53_R5_CP-2(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(8)" } , { 2 items name: "NIST_SP_800-53_R5_CP-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-3" } , { 2 items name: "NIST_SP_800-53_R5_CP-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_CP-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_CP-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4" } , { 2 items name: "NIST_SP_800-53_R5_CP-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_CP-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_CP-4(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(3)" } , { 2 items name: "NIST_SP_800-53_R5_CP-4(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(4)" } , { 2 items name: "NIST_SP_800-53_R5_CP-4(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(5)" } , { 2 items name: "NIST_SP_800-53_R5_CP-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-6" } , { 2 items name: "NIST_SP_800-53_R5_CP-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_CP-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_CP-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_CP-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7" } , { 2 items name: "NIST_SP_800-53_R5_CP-7(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(1)" } , { 2 items name: "NIST_SP_800-53_R5_CP-7(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(2)" } , { 2 items name: "NIST_SP_800-53_R5_CP-7(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(3)" } , { 2 items name: "NIST_SP_800-53_R5_CP-7(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(4)" } , { 2 items name: "NIST_SP_800-53_R5_CP-7(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(6)" } , { 2 items name: "NIST_SP_800-53_R5_CP-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8" } , { 2 items name: "NIST_SP_800-53_R5_CP-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_CP-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_CP-8(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(3)" } , { 2 items name: "NIST_SP_800-53_R5_CP-8(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(4)" } , { 2 items name: "NIST_SP_800-53_R5_CP-8(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(5)" } , { 2 items name: "NIST_SP_800-53_R5_CP-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9" } , { 2 items name: "NIST_SP_800-53_R5_CP-9(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(1)" } , { 2 items name: "NIST_SP_800-53_R5_CP-9(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(2)" } , { 2 items name: "NIST_SP_800-53_R5_CP-9(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(3)" } , { 2 items name: "NIST_SP_800-53_R5_CP-9(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(5)" } , { 2 items name: "NIST_SP_800-53_R5_CP-9(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(6)" } , { 2 items name: "NIST_SP_800-53_R5_CP-9(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(7)" } , { 2 items name: "NIST_SP_800-53_R5_CP-9(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(8)" } , { 2 items name: "NIST_SP_800-53_R5_CP-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-10" } , { 2 items name: "NIST_SP_800-53_R5_CP-10(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-10(2)" } , { 2 items name: "NIST_SP_800-53_R5_CP-10(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-10(4)" } , { 2 items name: "NIST_SP_800-53_R5_CP-10(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-10(6)" } , { 2 items name: "NIST_SP_800-53_R5_CP-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-11" } , { 2 items name: "NIST_SP_800-53_R5_CP-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-12" } , { 2 items name: "NIST_SP_800-53_R5_CP-13" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-13" } , { 2 items name: "NIST_SP_800-53_R5_IA-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-1" } , { 2 items name: "NIST_SP_800-53_R5_IA-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2" } , { 2 items name: "NIST_SP_800-53_R5_IA-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_IA-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_IA-2(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(5)" } , { 2 items name: "NIST_SP_800-53_R5_IA-2(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(6)" } , { 2 items name: "NIST_SP_800-53_R5_IA-2(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(8)" } , { 2 items name: "NIST_SP_800-53_R5_IA-2(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(10)" } , { 2 items name: "NIST_SP_800-53_R5_IA-2(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(12)" } , { 2 items name: "NIST_SP_800-53_R5_IA-2(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(13)" } , { 2 items name: "NIST_SP_800-53_R5_IA-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-3" } , { 2 items name: "NIST_SP_800-53_R5_IA-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_IA-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_IA-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_IA-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4" } , { 2 items name: "NIST_SP_800-53_R5_IA-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_IA-4(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(4)" } , { 2 items name: "NIST_SP_800-53_R5_IA-4(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(5)" } , { 2 items name: "NIST_SP_800-53_R5_IA-4(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(6)" } , { 2 items name: "NIST_SP_800-53_R5_IA-4(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(8)" } , { 2 items name: "NIST_SP_800-53_R5_IA-4(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(9)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(2)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(5)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(6)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(7)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(8)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(9)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(10)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(12)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(13)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(14)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(14)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(15)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(15)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(16)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(16)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(17)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(17)" } , { 2 items name: "NIST_SP_800-53_R5_IA-5(18)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(18)" } , { 2 items name: "NIST_SP_800-53_R5_IA-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-6" } , { 2 items name: "NIST_SP_800-53_R5_IA-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-7" } , { 2 items name: "NIST_SP_800-53_R5_IA-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8" } , { 2 items name: "NIST_SP_800-53_R5_IA-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_IA-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_IA-8(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(4)" } , { 2 items name: "NIST_SP_800-53_R5_IA-8(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(5)" } , { 2 items name: "NIST_SP_800-53_R5_IA-8(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(6)" } , { 2 items name: "NIST_SP_800-53_R5_IA-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-9" } , { 2 items name: "NIST_SP_800-53_R5_IA-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-10" } , { 2 items name: "NIST_SP_800-53_R5_IA-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-11" } , { 2 items name: "NIST_SP_800-53_R5_IA-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12" } , { 2 items name: "NIST_SP_800-53_R5_IA-12(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(1)" } , { 2 items name: "NIST_SP_800-53_R5_IA-12(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(2)" } , { 2 items name: "NIST_SP_800-53_R5_IA-12(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(3)" } , { 2 items name: "NIST_SP_800-53_R5_IA-12(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(4)" } , { 2 items name: "NIST_SP_800-53_R5_IA-12(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(5)" } , { 2 items name: "NIST_SP_800-53_R5_IA-12(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(6)" } , { 2 items name: "NIST_SP_800-53_R5_IR-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-1" } , { 2 items name: "NIST_SP_800-53_R5_IR-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-2" } , { 2 items name: "NIST_SP_800-53_R5_IR-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_IR-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_IR-2(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-2(3)" } , { 2 items name: "NIST_SP_800-53_R5_IR-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-3" } , { 2 items name: "NIST_SP_800-53_R5_IR-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_IR-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_IR-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(3)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(4)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(5)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(6)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(7)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(8)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(9)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(10)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(11)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(12)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(13)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(14)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(14)" } , { 2 items name: "NIST_SP_800-53_R5_IR-4(15)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(15)" } , { 2 items name: "NIST_SP_800-53_R5_IR-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-5" } , { 2 items name: "NIST_SP_800-53_R5_IR-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_IR-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-6" } , { 2 items name: "NIST_SP_800-53_R5_IR-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_IR-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_IR-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_IR-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-7" } , { 2 items name: "NIST_SP_800-53_R5_IR-7(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-7(1)" } , { 2 items name: "NIST_SP_800-53_R5_IR-7(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-7(2)" } , { 2 items name: "NIST_SP_800-53_R5_IR-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-8" } , { 2 items name: "NIST_SP_800-53_R5_IR-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_IR-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-9" } , { 2 items name: "NIST_SP_800-53_R5_IR-9(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-9(2)" } , { 2 items name: "NIST_SP_800-53_R5_IR-9(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-9(3)" } , { 2 items name: "NIST_SP_800-53_R5_IR-9(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-9(4)" } , { 2 items name: "NIST_SP_800-53_R5_MA-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-1" } , { 2 items name: "NIST_SP_800-53_R5_MA-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-2" } , { 2 items name: "NIST_SP_800-53_R5_MA-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_MA-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3" } , { 2 items name: "NIST_SP_800-53_R5_MA-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_MA-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_MA-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_MA-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_MA-3(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(5)" } , { 2 items name: "NIST_SP_800-53_R5_MA-3(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(6)" } , { 2 items name: "NIST_SP_800-53_R5_MA-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4" } , { 2 items name: "NIST_SP_800-53_R5_MA-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_MA-4(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(3)" } , { 2 items name: "NIST_SP_800-53_R5_MA-4(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(4)" } , { 2 items name: "NIST_SP_800-53_R5_MA-4(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(5)" } , { 2 items name: "NIST_SP_800-53_R5_MA-4(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(6)" } , { 2 items name: "NIST_SP_800-53_R5_MA-4(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(7)" } , { 2 items name: "NIST_SP_800-53_R5_MA-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5" } , { 2 items name: "NIST_SP_800-53_R5_MA-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_MA-5(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(2)" } , { 2 items name: "NIST_SP_800-53_R5_MA-5(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(3)" } , { 2 items name: "NIST_SP_800-53_R5_MA-5(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(4)" } , { 2 items name: "NIST_SP_800-53_R5_MA-5(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(5)" } , { 2 items name: "NIST_SP_800-53_R5_MA-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-6" } , { 2 items name: "NIST_SP_800-53_R5_MA-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_MA-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_MA-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_MA-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-7" } , { 2 items name: "NIST_SP_800-53_R5_MP-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-1" } , { 2 items name: "NIST_SP_800-53_R5_MP-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-2" } , { 2 items name: "NIST_SP_800-53_R5_MP-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-3" } , { 2 items name: "NIST_SP_800-53_R5_MP-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-4" } , { 2 items name: "NIST_SP_800-53_R5_MP-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_MP-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-5" } , { 2 items name: "NIST_SP_800-53_R5_MP-5(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-5(3)" } , { 2 items name: "NIST_SP_800-53_R5_MP-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6" } , { 2 items name: "NIST_SP_800-53_R5_MP-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_MP-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_MP-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_MP-6(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(7)" } , { 2 items name: "NIST_SP_800-53_R5_MP-6(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(8)" } , { 2 items name: "NIST_SP_800-53_R5_MP-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-7" } , { 2 items name: "NIST_SP_800-53_R5_MP-7(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-7(2)" } , { 2 items name: "NIST_SP_800-53_R5_MP-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8" } , { 2 items name: "NIST_SP_800-53_R5_MP-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_MP-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_MP-8(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8(3)" } , { 2 items name: "NIST_SP_800-53_R5_MP-8(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8(4)" } , { 2 items name: "NIST_SP_800-53_R5_PE-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-1" } , { 2 items name: "NIST_SP_800-53_R5_PE-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-2" } , { 2 items name: "NIST_SP_800-53_R5_PE-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_PE-2(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-2(3)" } , { 2 items name: "NIST_SP_800-53_R5_PE-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3" } , { 2 items name: "NIST_SP_800-53_R5_PE-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_PE-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_PE-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_PE-3(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(5)" } , { 2 items name: "NIST_SP_800-53_R5_PE-3(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(7)" } , { 2 items name: "NIST_SP_800-53_R5_PE-3(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(8)" } , { 2 items name: "NIST_SP_800-53_R5_PE-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-4" } , { 2 items name: "NIST_SP_800-53_R5_PE-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-5" } , { 2 items name: "NIST_SP_800-53_R5_PE-5(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-5(2)" } , { 2 items name: "NIST_SP_800-53_R5_PE-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6" } , { 2 items name: "NIST_SP_800-53_R5_PE-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_PE-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_PE-6(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6(4)" } , { 2 items name: "NIST_SP_800-53_R5_PE-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-8" } , { 2 items name: "NIST_SP_800-53_R5_PE-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-8(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-8(3)" } , { 2 items name: "NIST_SP_800-53_R5_PE-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-9" } , { 2 items name: "NIST_SP_800-53_R5_PE-9(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-9(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-9(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-9(2)" } , { 2 items name: "NIST_SP_800-53_R5_PE-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-10" } , { 2 items name: "NIST_SP_800-53_R5_PE-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-11" } , { 2 items name: "NIST_SP_800-53_R5_PE-11(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-11(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-11(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-11(2)" } , { 2 items name: "NIST_SP_800-53_R5_PE-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-12" } , { 2 items name: "NIST_SP_800-53_R5_PE-12(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-12(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-13" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-13" } , { 2 items name: "NIST_SP_800-53_R5_PE-13(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-13(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-13(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-13(2)" } , { 2 items name: "NIST_SP_800-53_R5_PE-13(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-13(4)" } , { 2 items name: "NIST_SP_800-53_R5_PE-14" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-14" } , { 2 items name: "NIST_SP_800-53_R5_PE-14(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-14(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-14(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-14(2)" } , { 2 items name: "NIST_SP_800-53_R5_PE-15" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-15" } , { 2 items name: "NIST_SP_800-53_R5_PE-15(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-15(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-16" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-16" } , { 2 items name: "NIST_SP_800-53_R5_PE-17" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-17" } , { 2 items name: "NIST_SP_800-53_R5_PE-18" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-18" } , { 2 items name: "NIST_SP_800-53_R5_PE-19" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-19" } , { 2 items name: "NIST_SP_800-53_R5_PE-19(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-19(1)" } , { 2 items name: "NIST_SP_800-53_R5_PE-20" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-20" } , { 2 items name: "NIST_SP_800-53_R5_PE-21" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-21" } , { 2 items name: "NIST_SP_800-53_R5_PE-22" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-22" } , { 2 items name: "NIST_SP_800-53_R5_PE-23" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-23" } , { 2 items name: "NIST_SP_800-53_R5_PL-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-1" } , { 2 items name: "NIST_SP_800-53_R5_PL-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-2" } , { 2 items name: "NIST_SP_800-53_R5_PL-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-4" } , { 2 items name: "NIST_SP_800-53_R5_PL-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_PL-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-7" } , { 2 items name: "NIST_SP_800-53_R5_PL-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-8" } , { 2 items name: "NIST_SP_800-53_R5_PL-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_PL-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_PL-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-9" } , { 2 items name: "NIST_SP_800-53_R5_PL-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-10" } , { 2 items name: "NIST_SP_800-53_R5_PL-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-11" } , { 2 items name: "NIST_SP_800-53_R5_PS-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-1" } , { 2 items name: "NIST_SP_800-53_R5_PS-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-2" } , { 2 items name: "NIST_SP_800-53_R5_PS-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3" } , { 2 items name: "NIST_SP_800-53_R5_PS-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_PS-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_PS-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_PS-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_PS-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-4" } , { 2 items name: "NIST_SP_800-53_R5_PS-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_PS-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_PS-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-5" } , { 2 items name: "NIST_SP_800-53_R5_PS-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-6" } , { 2 items name: "NIST_SP_800-53_R5_PS-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_PS-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_PS-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-7" } , { 2 items name: "NIST_SP_800-53_R5_PS-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-8" } , { 2 items name: "NIST_SP_800-53_R5_PS-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-9" } , { 2 items name: "NIST_SP_800-53_R5_PT-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-1" } , { 2 items name: "NIST_SP_800-53_R5_PT-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-2" } , { 2 items name: "NIST_SP_800-53_R5_PT-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_PT-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_PT-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-3" } , { 2 items name: "NIST_SP_800-53_R5_PT-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_PT-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_PT-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-4" } , { 2 items name: "NIST_SP_800-53_R5_PT-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_PT-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_PT-4(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-4(3)" } , { 2 items name: "NIST_SP_800-53_R5_PT-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-5" } , { 2 items name: "NIST_SP_800-53_R5_PT-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_PT-5(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-5(2)" } , { 2 items name: "NIST_SP_800-53_R5_PT-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-6" } , { 2 items name: "NIST_SP_800-53_R5_PT-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_PT-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_PT-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-7" } , { 2 items name: "NIST_SP_800-53_R5_PT-7(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-7(1)" } , { 2 items name: "NIST_SP_800-53_R5_PT-7(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-7(2)" } , { 2 items name: "NIST_SP_800-53_R5_PT-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-8" } , { 2 items name: "NIST_SP_800-53_R5_RA-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-1" } , { 2 items name: "NIST_SP_800-53_R5_RA-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-2" } , { 2 items name: "NIST_SP_800-53_R5_RA-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_RA-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3" } , { 2 items name: "NIST_SP_800-53_R5_RA-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_RA-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_RA-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_RA-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_RA-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5" } , { 2 items name: "NIST_SP_800-53_R5_RA-5(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(2)" } , { 2 items name: "NIST_SP_800-53_R5_RA-5(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(3)" } , { 2 items name: "NIST_SP_800-53_R5_RA-5(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(4)" } , { 2 items name: "NIST_SP_800-53_R5_RA-5(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(5)" } , { 2 items name: "NIST_SP_800-53_R5_RA-5(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(6)" } , { 2 items name: "NIST_SP_800-53_R5_RA-5(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(8)" } , { 2 items name: "NIST_SP_800-53_R5_RA-5(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(10)" } , { 2 items name: "NIST_SP_800-53_R5_RA-5(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(11)" } , { 2 items name: "NIST_SP_800-53_R5_RA-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-6" } , { 2 items name: "NIST_SP_800-53_R5_RA-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-7" } , { 2 items name: "NIST_SP_800-53_R5_RA-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-8" } , { 2 items name: "NIST_SP_800-53_R5_RA-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-9" } , { 2 items name: "NIST_SP_800-53_R5_RA-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-10" } , { 2 items name: "NIST_SP_800-53_R5_SA-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-1" } , { 2 items name: "NIST_SP_800-53_R5_SA-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-2" } , { 2 items name: "NIST_SP_800-53_R5_SA-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-3" } , { 2 items name: "NIST_SP_800-53_R5_SA-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_SA-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_SA-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(3)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(5)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(6)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(7)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(8)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(9)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(10)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(11)" } , { 2 items name: "NIST_SP_800-53_R5_SA-4(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(12)" } , { 2 items name: "NIST_SP_800-53_R5_SA-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-5" } , { 2 items name: "NIST_SP_800-53_R5_SA-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(3)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(4)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(5)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(6)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(7)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(8)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(9)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(10)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(11)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(12)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(13)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(14)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(14)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(15)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(15)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(16)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(16)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(17)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(17)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(18)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(18)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(19)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(19)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(20)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(20)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(21)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(21)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(22)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(22)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(23)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(23)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(24)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(24)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(25)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(25)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(26)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(26)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(27)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(27)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(28)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(28)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(29)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(29)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(30)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(30)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(31)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(31)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(32)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(32)" } , { 2 items name: "NIST_SP_800-53_R5_SA-8(33)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(33)" } , { 2 items name: "NIST_SP_800-53_R5_SA-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9" } , { 2 items name: "NIST_SP_800-53_R5_SA-9(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(1)" } , { 2 items name: "NIST_SP_800-53_R5_SA-9(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(2)" } , { 2 items name: "NIST_SP_800-53_R5_SA-9(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(3)" } , { 2 items name: "NIST_SP_800-53_R5_SA-9(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(4)" } , { 2 items name: "NIST_SP_800-53_R5_SA-9(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(5)" } , { 2 items name: "NIST_SP_800-53_R5_SA-9(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(6)" } , { 2 items name: "NIST_SP_800-53_R5_SA-9(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(7)" } , { 2 items name: "NIST_SP_800-53_R5_SA-9(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(8)" } , { 2 items name: "NIST_SP_800-53_R5_SA-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10" } , { 2 items name: "NIST_SP_800-53_R5_SA-10(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(1)" } , { 2 items name: "NIST_SP_800-53_R5_SA-10(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(2)" } , { 2 items name: "NIST_SP_800-53_R5_SA-10(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(3)" } , { 2 items name: "NIST_SP_800-53_R5_SA-10(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(4)" } , { 2 items name: "NIST_SP_800-53_R5_SA-10(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(5)" } , { 2 items name: "NIST_SP_800-53_R5_SA-10(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(6)" } , { 2 items name: "NIST_SP_800-53_R5_SA-10(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(7)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(1)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(2)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(3)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(4)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(5)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(6)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(7)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(8)" } , { 2 items name: "NIST_SP_800-53_R5_SA-11(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(9)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(1)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(2)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(3)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(5)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(6)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(7)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(8)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(10)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(11)" } , { 2 items name: "NIST_SP_800-53_R5_SA-15(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(12)" } , { 2 items name: "NIST_SP_800-53_R5_SA-16" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-16" } , { 2 items name: "NIST_SP_800-53_R5_SA-17" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(1)" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(2)" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(3)" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(4)" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(5)" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(6)" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(7)" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(8)" } , { 2 items name: "NIST_SP_800-53_R5_SA-17(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(9)" } , { 2 items name: "NIST_SP_800-53_R5_SA-20" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-20" } , { 2 items name: "NIST_SP_800-53_R5_SA-21" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-21" } , { 2 items name: "NIST_SP_800-53_R5_SA-22" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-22" } , { 2 items name: "NIST_SP_800-53_R5_SA-23" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-23" } , { 2 items name: "NIST_SP_800-53_R5_SC-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-1" } , { 2 items name: "NIST_SP_800-53_R5_SC-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-2" } , { 2 items name: "NIST_SP_800-53_R5_SC-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3" } , { 2 items name: "NIST_SP_800-53_R5_SC-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_SC-3(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(5)" } , { 2 items name: "NIST_SP_800-53_R5_SC-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-4" } , { 2 items name: "NIST_SP_800-53_R5_SC-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-5" } , { 2 items name: "NIST_SP_800-53_R5_SC-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-5(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-5(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-5(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-5(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-6" } , { 2 items name: "NIST_SP_800-53_R5_SC-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(4)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(5)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(7)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(8)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(9)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(10)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(11)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(12)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(13)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(14)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(14)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(15)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(15)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(16)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(16)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(17)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(17)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(18)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(18)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(19)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(19)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(20)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(20)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(21)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(21)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(22)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(22)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(23)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(23)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(24)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(24)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(25)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(25)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(26)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(26)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(27)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(27)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(28)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(28)" } , { 2 items name: "NIST_SP_800-53_R5_SC-7(29)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(29)" } , { 2 items name: "NIST_SP_800-53_R5_SC-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8" } , { 2 items name: "NIST_SP_800-53_R5_SC-8(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-8(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-8(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(4)" } , { 2 items name: "NIST_SP_800-53_R5_SC-8(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(5)" } , { 2 items name: "NIST_SP_800-53_R5_SC-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-10" } , { 2 items name: "NIST_SP_800-53_R5_SC-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-11" } , { 2 items name: "NIST_SP_800-53_R5_SC-11(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-11(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12" } , { 2 items name: "NIST_SP_800-53_R5_SC-12(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-12(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-12(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-12(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12(6)" } , { 2 items name: "NIST_SP_800-53_R5_SC-13" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-13" } , { 2 items name: "NIST_SP_800-53_R5_SC-15" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-15" } , { 2 items name: "NIST_SP_800-53_R5_SC-15(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-15(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-15(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-15(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-15(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-15(4)" } , { 2 items name: "NIST_SP_800-53_R5_SC-16" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-16" } , { 2 items name: "NIST_SP_800-53_R5_SC-16(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-16(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-16(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-16(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-16(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-16(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-17" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-17" } , { 2 items name: "NIST_SP_800-53_R5_SC-18" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18" } , { 2 items name: "NIST_SP_800-53_R5_SC-18(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-18(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-18(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-18(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(4)" } , { 2 items name: "NIST_SP_800-53_R5_SC-18(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(5)" } , { 2 items name: "NIST_SP_800-53_R5_SC-20" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-20" } , { 2 items name: "NIST_SP_800-53_R5_SC-20(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-20(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-21" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-21" } , { 2 items name: "NIST_SP_800-53_R5_SC-22" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-22" } , { 2 items name: "NIST_SP_800-53_R5_SC-23" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-23" } , { 2 items name: "NIST_SP_800-53_R5_SC-23(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-23(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-23(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-23(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-23(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-23(5)" } , { 2 items name: "NIST_SP_800-53_R5_SC-24" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-24" } , { 2 items name: "NIST_SP_800-53_R5_SC-25" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-25" } , { 2 items name: "NIST_SP_800-53_R5_SC-26" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-26" } , { 2 items name: "NIST_SP_800-53_R5_SC-27" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-27" } , { 2 items name: "NIST_SP_800-53_R5_SC-28" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-28" } , { 2 items name: "NIST_SP_800-53_R5_SC-28(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-28(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-28(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-28(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-28(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-28(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-29" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-29" } , { 2 items name: "NIST_SP_800-53_R5_SC-29(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-29(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-30" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30" } , { 2 items name: "NIST_SP_800-53_R5_SC-30(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-30(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-30(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30(4)" } , { 2 items name: "NIST_SP_800-53_R5_SC-30(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30(5)" } , { 2 items name: "NIST_SP_800-53_R5_SC-31" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-31" } , { 2 items name: "NIST_SP_800-53_R5_SC-31(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-31(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-31(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-31(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-31(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-31(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-32" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-32" } , { 2 items name: "NIST_SP_800-53_R5_SC-32(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-32(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-34" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-34" } , { 2 items name: "NIST_SP_800-53_R5_SC-34(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-34(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-34(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-34(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-35" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-35" } , { 2 items name: "NIST_SP_800-53_R5_SC-36" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-36" } , { 2 items name: "NIST_SP_800-53_R5_SC-36(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-36(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-36(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-36(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-37" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-37" } , { 2 items name: "NIST_SP_800-53_R5_SC-37(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-37(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-38" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-38" } , { 2 items name: "NIST_SP_800-53_R5_SC-39" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-39" } , { 2 items name: "NIST_SP_800-53_R5_SC-39(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-39(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-39(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-39(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-40" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40" } , { 2 items name: "NIST_SP_800-53_R5_SC-40(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-40(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-40(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40(3)" } , { 2 items name: "NIST_SP_800-53_R5_SC-40(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40(4)" } , { 2 items name: "NIST_SP_800-53_R5_SC-41" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-41" } , { 2 items name: "NIST_SP_800-53_R5_SC-42" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42" } , { 2 items name: "NIST_SP_800-53_R5_SC-42(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-42(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-42(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42(4)" } , { 2 items name: "NIST_SP_800-53_R5_SC-42(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42(5)" } , { 2 items name: "NIST_SP_800-53_R5_SC-43" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-43" } , { 2 items name: "NIST_SP_800-53_R5_SC-44" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-44" } , { 2 items name: "NIST_SP_800-53_R5_SC-45" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-45" } , { 2 items name: "NIST_SP_800-53_R5_SC-45(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-45(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-45(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-45(2)" } , { 2 items name: "NIST_SP_800-53_R5_SC-46" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-46" } , { 2 items name: "NIST_SP_800-53_R5_SC-47" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-47" } , { 2 items name: "NIST_SP_800-53_R5_SC-48" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-48" } , { 2 items name: "NIST_SP_800-53_R5_SC-48(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-48(1)" } , { 2 items name: "NIST_SP_800-53_R5_SC-49" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-49" } , { 2 items name: "NIST_SP_800-53_R5_SC-50" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-50" } , { 2 items name: "NIST_SP_800-53_R5_SC-51" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-51" } , { 2 items name: "NIST_SP_800-53_R5_SI-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-1" } , { 2 items name: "NIST_SP_800-53_R5_SI-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2" } , { 2 items name: "NIST_SP_800-53_R5_SI-2(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-2(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-2(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(4)" } , { 2 items name: "NIST_SP_800-53_R5_SI-2(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(5)" } , { 2 items name: "NIST_SP_800-53_R5_SI-2(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(6)" } , { 2 items name: "NIST_SP_800-53_R5_SI-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3" } , { 2 items name: "NIST_SP_800-53_R5_SI-3(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3(4)" } , { 2 items name: "NIST_SP_800-53_R5_SI-3(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3(6)" } , { 2 items name: "NIST_SP_800-53_R5_SI-3(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3(8)" } , { 2 items name: "NIST_SP_800-53_R5_SI-3(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3(10)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(4)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(5)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(7)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(9)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(10)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(11)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(11)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(12)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(13)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(13)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(14)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(14)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(15)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(15)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(16)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(16)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(17)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(17)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(18)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(18)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(19)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(19)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(20)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(20)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(21)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(21)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(22)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(22)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(23)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(23)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(24)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(24)" } , { 2 items name: "NIST_SP_800-53_R5_SI-4(25)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(25)" } , { 2 items name: "NIST_SP_800-53_R5_SI-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-5" } , { 2 items name: "NIST_SP_800-53_R5_SI-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-6" } , { 2 items name: "NIST_SP_800-53_R5_SI-6(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-6(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-6(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-6(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(5)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(6)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(7)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(8)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(9)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(9)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(10)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(10)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(12)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(12)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(15)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(15)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(16)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(16)" } , { 2 items name: "NIST_SP_800-53_R5_SI-7(17)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(17)" } , { 2 items name: "NIST_SP_800-53_R5_SI-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-8" } , { 2 items name: "NIST_SP_800-53_R5_SI-8(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-8(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-8(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-8(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10" } , { 2 items name: "NIST_SP_800-53_R5_SI-10(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-10(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-10(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-10(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(4)" } , { 2 items name: "NIST_SP_800-53_R5_SI-10(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(5)" } , { 2 items name: "NIST_SP_800-53_R5_SI-10(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(6)" } , { 2 items name: "NIST_SP_800-53_R5_SI-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-11" } , { 2 items name: "NIST_SP_800-53_R5_SI-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-12" } , { 2 items name: "NIST_SP_800-53_R5_SI-12(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-12(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-12(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-12(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-12(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-12(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-13" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13" } , { 2 items name: "NIST_SP_800-53_R5_SI-13(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-13(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-13(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13(4)" } , { 2 items name: "NIST_SP_800-53_R5_SI-13(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13(5)" } , { 2 items name: "NIST_SP_800-53_R5_SI-14" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-14" } , { 2 items name: "NIST_SP_800-53_R5_SI-14(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-14(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-14(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-14(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-14(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-14(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-15" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-15" } , { 2 items name: "NIST_SP_800-53_R5_SI-16" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-16" } , { 2 items name: "NIST_SP_800-53_R5_SI-17" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-17" } , { 2 items name: "NIST_SP_800-53_R5_SI-18" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18" } , { 2 items name: "NIST_SP_800-53_R5_SI-18(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-18(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-18(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-18(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(4)" } , { 2 items name: "NIST_SP_800-53_R5_SI-18(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(5)" } , { 2 items name: "NIST_SP_800-53_R5_SI-19" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19" } , { 2 items name: "NIST_SP_800-53_R5_SI-19(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(1)" } , { 2 items name: "NIST_SP_800-53_R5_SI-19(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(2)" } , { 2 items name: "NIST_SP_800-53_R5_SI-19(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(3)" } , { 2 items name: "NIST_SP_800-53_R5_SI-19(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(4)" } , { 2 items name: "NIST_SP_800-53_R5_SI-19(5)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(5)" } , { 2 items name: "NIST_SP_800-53_R5_SI-19(6)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(6)" } , { 2 items name: "NIST_SP_800-53_R5_SI-19(7)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(7)" } , { 2 items name: "NIST_SP_800-53_R5_SI-19(8)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(8)" } , { 2 items name: "NIST_SP_800-53_R5_SI-20" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-20" } , { 2 items name: "NIST_SP_800-53_R5_SI-21" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-21" } , { 2 items name: "NIST_SP_800-53_R5_SI-22" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-22" } , { 2 items name: "NIST_SP_800-53_R5_SI-23" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-23" } , { 2 items name: "NIST_SP_800-53_R5_SR-1" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-1" } , { 2 items name: "NIST_SP_800-53_R5_SR-2" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-2" } , { 2 items name: "NIST_SP_800-53_R5_SR-2(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-2(1)" } , { 2 items name: "NIST_SP_800-53_R5_SR-3" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-3" } , { 2 items name: "NIST_SP_800-53_R5_SR-3(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-3(1)" } , { 2 items name: "NIST_SP_800-53_R5_SR-3(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-3(2)" } , { 2 items name: "NIST_SP_800-53_R5_SR-3(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-3(3)" } , { 2 items name: "NIST_SP_800-53_R5_SR-4" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4" } , { 2 items name: "NIST_SP_800-53_R5_SR-4(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4(1)" } , { 2 items name: "NIST_SP_800-53_R5_SR-4(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4(2)" } , { 2 items name: "NIST_SP_800-53_R5_SR-4(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4(3)" } , { 2 items name: "NIST_SP_800-53_R5_SR-4(4)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4(4)" } , { 2 items name: "NIST_SP_800-53_R5_SR-5" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-5" } , { 2 items name: "NIST_SP_800-53_R5_SR-5(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-5(1)" } , { 2 items name: "NIST_SP_800-53_R5_SR-5(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-5(2)" } , { 2 items name: "NIST_SP_800-53_R5_SR-6" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-6" } , { 2 items name: "NIST_SP_800-53_R5_SR-6(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-6(1)" } , { 2 items name: "NIST_SP_800-53_R5_SR-7" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-7" } , { 2 items name: "NIST_SP_800-53_R5_SR-8" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-8" } , { 2 items name: "NIST_SP_800-53_R5_SR-9" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-9" } , { 2 items name: "NIST_SP_800-53_R5_SR-9(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-9(1)" } , { 2 items name: "NIST_SP_800-53_R5_SR-10" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-10" } , { 2 items name: "NIST_SP_800-53_R5_SR-11" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-11" } , { 2 items name: "NIST_SP_800-53_R5_SR-11(1)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-11(1)" } , { 2 items name: "NIST_SP_800-53_R5_SR-11(2)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-11(2)" } , { 2 items name: "NIST_SP_800-53_R5_SR-11(3)" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-11(3)" } , { 2 items name: "NIST_SP_800-53_R5_SR-12" , additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-12" } ] , versions: [ 13 items "14.17.0" , "14.16.0" , "14.15.0" , "14.14.0" , "14.13.0" , "14.12.0" , "14.11.0" , "14.10.0" , "14.9.0" , "14.8.0" , "14.7.0" , "14.6.0" , "14.5.0" ] }