NIST SP 800-53 Rev. 5

Azure BuiltIn Policy Initiative (PolicySet)

Policy types

Policy states

Policy categories

Total Policies: 701
Builtin Policies: 701
Static Policies: 0

Deprecated: 3
GA: 690
Preview: 8

45 categories:

API for FHIR: 2
API Management: 1
App Configuration: 1
App Platform: 1
App Service: 18
Automation: 2
Azure Ai Services: 2
Azure Data Explorer: 3
Azure Stack Edge: 1
Backup: 2
Batch: 2
Bot Service: 1
Cache: 2
Cognitive Services: 2
Compute: 6
Container Instance: 1
Container Registry: 3
Cosmos DB: 3
Data Box: 2
Data Factory: 2
Data Lake: 2
Event Grid: 2
Event Hub: 3
General: 1
Guest Configuration: 18
HDInsight: 3
Internet of Things: 3
Key Vault: 8
Kubernetes: 17
Logic Apps: 2
Machine Learning: 2
Monitoring: 7
Network: 4
Regulatory Compliance: 481
Search: 4
Security Center: 34
Service Bus: 3
Service Fabric: 2
SignalR: 1
SQL: 28
Storage: 12
Stream Analytics: 2
Synapse: 3
VM Image Builder: 1
Web PubSub: 1

Rows: 1-10 / 701

Records:

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

TableFilter v0.7.3

https://www.tablefilter.com/
©2015-2025 Max Guglielmi

Page of 71

Policy DisplayName

Policy Id

Category

Version

Versioning

Effect

Roles#

Roles

State

policy in AzUSGov

[Deprecated]: Azure AI Search services should use private link

0fda3595-9f2b-4592-8675-4231d6fa82fe

1.0.2 (1.0.2-deprecated)

2x
1.0.2, 1.0.1

Default
Audit
Allowed
Audit, Disabled

Deprecated

true

[Deprecated]: Cognitive Services should use private link

cddd188c-4b82-4c48-a19d-ddf74ee66a01

Cognitive Services

3.0.1 (3.0.1-deprecated)

2x
3.0.1, 3.0.0

Default
Audit
Allowed
Audit, Disabled

Deprecated

true

[Deprecated]: Function apps should have 'Client Certificates (Incoming client certificates)' enabled

eaebaea7-8013-4ceb-9d14-7eb32271373c

App Service

3.1.0 (3.1.0-deprecated)

1x
3.1.0

Default
Disabled
Allowed
Audit, Disabled

Deprecated

true

[Preview]: All Internet traffic should be routed via your deployed Azure Firewall

fc5e4038-4584-4632-8c85-c0448d374b2c

Network

3.0.0-preview

1x
3.0.0-preview

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

Preview

unknown

[Preview]: Azure Arc enabled Kubernetes clusters should have Microsoft Defender for Cloud extension installed

8dfab9c4-fe7b-49ad-85e4-1e9be085358f

Kubernetes

6.0.0-preview

1x
6.0.0-preview

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

Preview

true

[Preview]: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data

2e94d99a-8a36-4563-bc77-810d8893b671

Backup

1.0.0-preview

1x
1.0.0-preview

Default
Audit
Allowed
Audit, Deny, Disabled

Preview

true

[Preview]: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK)

47031206-ce96-41f8-861b-6a915f3de284

Internet of Things

1.0.0-preview

1x
1.0.0-preview

Default
Audit
Allowed
Audit, Deny, Disabled

Preview

true

[Preview]: Log Analytics extension should be installed on your Linux Azure Arc machines

842c54e8-c2f9-4d79-ae8d-38d8b8019373

Monitoring

1.0.1-preview

1x
1.0.1-preview

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

Preview

unknown

[Preview]: Log Analytics extension should be installed on your Windows Azure Arc machines

d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e

Monitoring

1.0.1-preview

1x
1.0.1-preview

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

Preview

unknown

[Preview]: Network traffic data collection agent should be installed on Linux virtual machines

04c4380f-3fae-46e8-96c9-30193528f602

Monitoring

1.0.2-preview

1x
1.0.2-preview

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

Preview

true

Role

Role Id

#Policies

Policies

Contributor

b24988ac-6180-42a0-ab88-20f7382dd24c

Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities, Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity, Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs, Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs

Date/Time (UTC ymd) (i)

Changes

2025-03-12 18:29:00

Version change: '14.16.0' to '14.17.0'
remove Policy [Deprecated]: Vulnerabilities in security configuration on your machines should be remediated (e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15)

2025-01-28 19:35:17

Version change: '14.15.0' to '14.16.0'
remove Policy [Deprecated]: Accounts with read permissions on Azure resources should be MFA enabled (81b3ccb4-e6e8-4e4a-8d05-5df25cd29fd4)
remove Policy [Deprecated]: Accounts with owner permissions on Azure resources should be MFA enabled (e3e008c3-56b9-4133-8fd7-d3347377402a)
remove Policy [Deprecated]: Accounts with write permissions on Azure resources should be MFA enabled (931e118d-50a1-4457-a5e4-78550e086c52)

2024-10-15 17:53:51

Version change: '14.14.0' to '14.15.0'
remove Policy [Deprecated]: System updates should be installed on your machines (86b3d65f-7626-441e-b690-81a8b71cff60)
remove Policy [Deprecated]: System updates on virtual machine scale sets should be installed (c3f317a7-a95c-4547-b7e7-11017ebdf2fe)

2024-09-05 17:48:45

Version change: '14.13.0' to '14.14.0'
remove Policy [Deprecated]: Adaptive application controls for defining safe applications should be enabled on your machines (47a6b606-51aa-4496-8bb7-64b11cf66adc)
remove Policy [Deprecated]: Adaptive network hardening recommendations should be applied on internet facing virtual machines (08e6af2d-db70-460a-bfe9-d5bd474ba9d6)
remove Policy [Deprecated]: Allowlist rules in your adaptive application control policy should be updated (123a3936-f020-408a-ba0c-47873faf1534)
remove Policy [Deprecated]: Vulnerabilities in container security configurations should be remediated (e8cbc669-f12d-49eb-93e7-9273119e9933)
remove Policy [Deprecated]: Auto provisioning of the Log Analytics agent should be enabled on your subscription (475aae12-b88a-4572-8b36-9b712b2b3a17)
remove Policy [Deprecated]: Vulnerabilities in security configuration on your virtual machine scale sets should be remediated (3c735d8a-a4ba-4a3a-b7cf-db7754cf57f4)

2024-08-29 17:47:54

Version change: '14.12.0' to '14.13.0'
remove Policy [Deprecated]: Monitor missing Endpoint Protection in Azure Security Center (af6cd1bd-1635-48cb-bde7-5b15693900b9)
remove Policy [Deprecated]: Endpoint protection solution should be installed on virtual machine scale sets (26a828e1-e88f-464e-bbb3-c134a282b9de)

2024-07-11 18:19:05

Version change: '14.11.0' to '14.12.0'
remove Policy [Deprecated]: Log Analytics agent should be installed on your virtual machine scale sets for Azure Security Center monitoring (a3a6ea0c-e018-4933-9ef0-5aaa1501449b)
remove Policy [Deprecated]: Log Analytics agent should be installed on your virtual machine for Azure Security Center monitoring (a4fe33eb-e377-4efb-ab31-0784311bc499)

2024-06-06 18:16:34

Version change: '14.10.0' to '14.11.0'
remove Policy [Deprecated]: Virtual machines should encrypt temp disks, caches, and data flows between Compute and Storage resources (0961003e-5a0a-4549-abde-af6a37f2724d)

2024-04-11 17:47:35

Version change: '14.9.0' to '14.10.0'
remove Policy [Deprecated]: Cognitive Services accounts should disable public network access (0725b4dd-7e76-479c-a735-68e7ee23d5ca)

2024-03-20 18:47:00

Version change: '14.8.0' to '14.9.0'
remove Policy [Deprecated]: Azure registry container images should have vulnerabilities resolved (powered by Qualys) (5f0f936f-2f01-4bf5-b6be-d423792fa562)

2024-01-17 19:06:27

Version change: '14.7.0' to '14.8.0'
remove Policy [Deprecated]: Azure Defender for DNS should be enabled (bdc59948-5574-49b3-bb91-76b7c986428d)

2023-12-12 19:47:53

add Policy App Service apps should have Client Certificates (Incoming client certificates) enabled (19dd1db6-f442-49cf-a838-b0786b4401ef)
Version change: '14.6.0' to '14.7.0'
remove Policy [Deprecated]: App Service apps should have 'Client Certificates (Incoming client certificates)' enabled (5bb220d9-2698-4ee4-8404-b9c30c9df609)

2023-12-07 18:54:02

add Policy Microsoft Defender for Storage should be enabled (640d2586-54d2-465f-877f-9ffc1d2109f4)
Version change: '14.5.0' to '14.6.0'
remove Policy [Deprecated]: Microsoft Defender for Storage (Classic) should be enabled (308fbb08-4ab8-4e67-9b29-592e93fb94fa)

2023-05-04 17:45:12

2023-03-23 18:43:19

add Policy Azure Machine Learning workspaces should use private link (45e05259-1eb5-4f70-9574-baf73e9d219b)
Version change: '14.2.0' to '14.3.0'
remove Policy [Deprecated]: Azure Machine Learning workspaces should use private link (40cec1dd-a100-4920-b15b-3024fe8901ab)

2023-02-21 18:41:21

add Policy Azure Key Vaults should use private link (a6abeaec-4d90-4a02-805f-6b26c4d3fbe9)
Version change: '14.0.0' to '14.2.0'
remove Policy [Deprecated]: Resource logs in Virtual Machine Scale Sets should be enabled (7c1b1214-f927-48bf-8882-84f0af6588b1)
remove Policy [Deprecated]: Private endpoint should be configured for Key Vault (5f0bc445-3935-4915-9981-011aa2b46147)

2022-09-27 16:35:21

2022-09-21 16:34:39

Description change: 'This initiative includes policies that address a subset of NIST SP 800-53 Rev. 5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative.' to 'National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative'

2022-07-07 16:32:14

2022-06-10 16:31:22

Version change: '11.0.0' to '12.0.0'
remove Policy [Deprecated]: API App should only be accessible over HTTPS (b7ddfbdc-1260-477d-91fd-98bd9be789a6)

2022-05-26 16:30:17

add Policy Azure Web PubSub Service should use private link (eb907f70-7514-460d-92b3-a5ae93b4f917)
add Policy Azure SignalR Service should use private link (2393d2cf-a342-44cd-a2e2-fe0188fd1234)
Version change: '9.0.0' to '11.0.0'
remove Policy [Deprecated]: Azure SignalR Service should use private link (53503636-bcc9-4748-9663-5348217f160f)
remove Policy [Deprecated]: Azure Web PubSub Service should use private link (52630df9-ca7e-442b-853b-c6ce548b31a2)
remove Policy [Deprecated]: Azure Cache for Redis should reside within a virtual network (7d092e0a-7acd-40d2-a975-dca21cae48c4)

2022-05-12 16:30:30

Version change: '8.0.0' to '9.0.0'
remove Policy [Deprecated]: Service principals should be used to protect your subscriptions instead of management certificates (6646a0bd-e110-40ca-bb97-84fcee63c414)

2022-04-22 19:50:54

2022-03-18 17:53:48

add Policy App Service apps should have resource logs enabled (91a78b24-f231-4a8a-8da9-02c35b2b6510)
Version change: '6.0.0' to '7.0.0'
remove Policy [Deprecated]: Diagnostic logs in App Services should be enabled (b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0)

2022-01-13 19:18:29

add Policy Microsoft Defender for Containers should be enabled (1c988dd6-ade4-430f-a608-2a3e5b0a6d38)
remove Policy [Deprecated]: Azure Defender for Kubernetes should be enabled (523b5cd1-3e23-492f-a539-13118b6d1e3a)
remove Policy [Deprecated]: Kubernetes cluster containers should only listen on allowed ports (440b515e-a580-421e-abeb-b159a61ddcbc)
remove Policy [Deprecated]: Azure Defender for container registries should be enabled (c25d9a16-bc35-4e15-a7e5-9db606bf9ed4)

2021-12-08 16:24:23

add Policy SQL managed instances should use customer-managed keys to encrypt data at rest (ac01ad65-10e5-46df-bdd9-6b0cad13e1d2)
add Policy SQL servers should use customer-managed keys to encrypt data at rest (0a370ff3-6cab-4e85-8995-295fd854c5b8)
remove Policy [Deprecated]: SQL servers should use customer-managed keys to encrypt data at rest (0d134df8-db83-46fb-ad72-fe0c9428c8dd)
remove Policy [Deprecated]: Sensitive data in your SQL databases should be classified (cc9835f2-9f6b-4cc8-ab4a-f8ef615eb349)
remove Policy [Deprecated]: SQL managed instances should use customer-managed keys to encrypt data at rest (048248b0-55cd-46da-b1ff-39efd52db260)

2021-11-15 17:00:50

Name change: '[Preview]: NIST SP 800-53 Rev. 5' to 'NIST SP 800-53 Rev. 5'
remove Policy [Deprecated]: Log Analytics agent health issues should be resolved on your machines (d62cfe2b-3ab0-4d41-980d-76803b58ca65)

2021-07-08 14:19:52

add Initiative 179d1daa-458f-4e47-8086-2a68d0d6c38f

{

displayName: "NIST SP 800-53 Rev. 5",
policyType: "BuiltIn",
description: "National Institute of Standards and Technology (NIST) SP 800-53 Rev. 5 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk. These policies address a subset of NIST SP 800-53 R5 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r5-initiative",
metadata: {2 items
- version: "14.17.0",
- category: "Regulatory Compliance"
},
version: "14.17.0",
parameters: {122 items
- IncludeArcMachines: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Include Arc-connected servers when evaluating guest configuration policies",
    - description: "By selecting 'true,' you agree to be charged monthly per Arc connected machine; for more information, visit https://aka.ms/policy-pricing"
    },
  - allowedValues: [2 items
    - "true",
    - "false"
    ],
  - defaultValue: "false"
  },
- NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Status if Windows Defender is not available on machine",
    - description: "Windows Defender Exploit Guard is only available starting with Windows 10/Windows Server with update 1709. Setting this value to 'Non-Compliant' shows machines with older versions on which Windows Defender Exploit Guard is not available (such as Windows Server 2012 R2) as non-compliant. Setting this value to 'Compliant' shows these machines as compliant."
    },
  - allowedValues: [2 items
    - "Compliant",
    - "Non-Compliant"
    ],
  - defaultValue: "Compliant"
  },
- MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Minimum TLS version for Windows web servers",
    - description: "Windows web servers with lower TLS versions will be assessed as non-compliant"
    },
  - allowedValues: [2 items
    - "1.1",
    - "1.2"
    ],
  - defaultValue: "1.2"
  },
- requiredRetentionDays: {3 items
  - type: "String",
  - metadata: {1 item
    - displayName: "Required retention period (days) for resource logs"
    },
  - defaultValue: "365"
  },
- effect-febd0533-8e55-448f-b837-bd0e06f16469: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster containers should only use allowed images",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- excludedNamespaces: {3 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "Kubernetes namespaces excluded from evaluation of Kubernetes cluster policies in this initiative",
    - description: "List of Kubernetes namespaces to exclude from policy evaluation"
    },
  - defaultValue: [3 items
    - "kube-system",
    - "gatekeeper-system",
    - "azure-arc"
    ]
  },
- namespaces: {3 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "Kubernetes namespaces included for evaluation of Kubernetes cluster policies in this initiative",
    - description: "List of Kubernetes namespaces to (only) include for policy evaluation; an empty list will result in policies evaluated on all resources in all namespaces"
    },
  - defaultValue: []
  },
- labelSelector: {3 items
  - type: "Object",
  - metadata: {2 items
    - displayName: "Kubernetes label selector for resources included for evaluation of Kubernetes cluster policies in this initiative",
    - description: "Label query to select Kubernetes resources to include for policy evaluation; an empty label selector will result in policies evaluated on all Kubernetes resources"
    },
  - defaultValue: {}
  },
- allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469: {3 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Allowed container images for Kubernetes clusters",
    - description: "Regular expression used to match allowed container images in a Kubernetes cluster; Ex: allow any Azure Container Registry image by matching partial path: ^.+azurecr.io/.+$"
    },
  - defaultValue: "^(.+){0}$"
  },
- effect-95edb821-ddaf-4404-9732-666045e056b4: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster should not allow privileged containers",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- excludedContainers-95edb821-ddaf-4404-9732-666045e056b4: {3 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "Kubernetes containers excluded from evaluation of policy: Kubernetes cluster should not allow privileged containers",
    - description: "The list of InitContainers and Containers to exclude from policy evaluation. The list should use the container name. Use an empty list to apply this policy to all containers in all namespaces."
    },
  - defaultValue: []
  },
- effect-440b515e-a580-421e-abeb-b159a61ddcbc: {4 items
  - type: "String",
  - metadata: {3 items
    - displayName: "[Deprecated]: Effect for policy: Kubernetes cluster containers should only listen on allowed ports",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
    - deprecated: true
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "disabled"
  },
- allowedContainerPortsList-440b515e-a580-421e-abeb-b159a61ddcbc: {3 items
  - type: "Array",
  - metadata: {3 items
    - displayName: "[Deprecated]: Allowed listener ports for Kubernetes cluster containers",
    - description: "List of container ports on which Kubernetes cluster containers are allowed to listen",
    - deprecated: true
    },
  - defaultValue: []
  },
- effect-233a2a17-77ca-4fb1-9b6b-69223d272a44: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster services should listen only on allowed ports",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- allowedServicePortsList-233a2a17-77ca-4fb1-9b6b-69223d272a44: {3 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "Allowed listener ports for Kubernetes cluster services",
    - description: "The list of ports on which Kubernetes cluster services are allowed to listen"
    },
  - defaultValue: []
  },
- effect-e345eecc-fa47-480f-9e88-67dcc122b164: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164: {3 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Maximum allowed CPU units for containers in Kubernetes clusters",
    - description: "Ex: 200m; for more information, visit https://aka.ms/k8s-policy-pod-limits"
    },
  - defaultValue: "0"
  },
- memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164: {3 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Maximum allowed memory (bytes) for a container in Kubernetes clusters",
    - description: "Ex: 1Gi; for more information, visit https://aka.ms/k8s-policy-pod-limits"
    },
  - defaultValue: "0"
  },
- effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster pods and containers should only run with approved user and group IDs",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Run as user rule for Kubernetes containers",
    - description: "The 'RunAsUser' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - allowedValues: [3 items
    - "MustRunAs",
    - "MustRunAsNonRoot",
    - "RunAsAny"
    ],
  - defaultValue: "MustRunAsNonRoot"
  },
- runAsUserRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {3 items
  - type: "Object",
  - metadata: {2 items
    - displayName: "Allowed user ID ranges for Kubernetes containers",
    - description: "User ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: {1 item
    - ranges: []
    }
  },
- runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Run as group rule for Kubernetes containers",
    - description: "The 'RunAsGroup' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - allowedValues: [3 items
    - "MustRunAs",
    - "MayRunAs",
    - "RunAsAny"
    ],
  - defaultValue: "RunAsAny"
  },
- runAsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {3 items
  - type: "Object",
  - metadata: {2 items
    - displayName: "Allowed group ID ranges for Kubernetes containers",
    - description: "Group ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: {1 item
    - ranges: []
    }
  },
- supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Supplemental group rule for Kubernetes containers",
    - description: "The 'SupplementalGroups' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - allowedValues: [3 items
    - "MustRunAs",
    - "MayRunAs",
    - "RunAsAny"
    ],
  - defaultValue: "RunAsAny"
  },
- supplementalGroupsRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {3 items
  - type: "Object",
  - metadata: {2 items
    - displayName: "Allowed supplemental group ID ranges for Kubernetes containers",
    - description: "Supplemental group ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: {1 item
    - ranges: []
    }
  },
- fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "File system group rule for Kubernetes containers",
    - description: "The 'FSGroup' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - allowedValues: [3 items
    - "MustRunAs",
    - "MayRunAs",
    - "RunAsAny"
    ],
  - defaultValue: "RunAsAny"
  },
- fsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042: {3 items
  - type: "Object",
  - metadata: {2 items
    - displayName: "Allowed file system group ID ranges for Kubernetes cluster pods",
    - description: "File system group ranges that are allowed for pods to use; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: {1 item
    - ranges: []
    }
  },
- effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes clusters should not allow container privilege escalation",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster containers should not share host process ID or host IPC namespace",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-df49d893-a74c-421d-bc95-c663042e5b80: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster containers should run with a read only root file system",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes clusters should be accessible only over HTTPS",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster containers should only use allowed capabilities",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- allowedCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c: {3 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "List of capabilities that are allowed to be added to a Kubernetes cluster container",
    - description: "Use an empty list as input to block everything"
    },
  - defaultValue: []
  },
- requiredDropCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c: {3 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "The list of capabilities that must be dropped by a Kubernetes cluster container",
    - description: "For more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: []
  },
- effect-511f5417-5d12-434d-ab2e-816901e72a5e: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster containers should only use allowed AppArmor profiles",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- allowedProfiles-511f5417-5d12-434d-ab2e-816901e72a5e: {3 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "The list of AppArmor profiles that containers are allowed to use",
    - description: "Ex: 'runtime/default;docker/default'; use an empty list as input to block everything; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: []
  },
- effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster pods should only use approved host network and port range",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- allowHostNetwork-82985f06-dc18-4a48-bc1c-b9f4f0098cfe: {3 items
  - type: "Boolean",
  - metadata: {2 items
    - displayName: "Allow host network usage for Kubernetes cluster pods",
    - description: "Set this value to true if pod is allowed to use host network, otherwise set to false; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: false
  },
- minPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe: {3 items
  - type: "Integer",
  - metadata: {2 items
    - displayName: "Minimum value in the allowable host port range that Kubernetes cluster pods can use in the host network namespace",
    - description: "For more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: 0
  },
- maxPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe: {3 items
  - type: "Integer",
  - metadata: {2 items
    - displayName: "Maximum value in the allowable host port range that Kubernetes cluster pods can use in the host network namespace",
    - description: "For more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: 0
  },
- effect-098fc59e-46c7-4d99-9b16-64990e543d75: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Kubernetes cluster pod hostPath volumes should only use allowed host paths",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- allowedHostPaths-098fc59e-46c7-4d99-9b16-64990e543d75: {3 items
  - type: "Object",
  - metadata: {2 items
    - displayName: "Allowed host paths for pod hostPath volumes to use",
    - description: "Use an empty paths list to block all host paths; for more information, visit https://aka.ms/kubepolicydoc"
    },
  - defaultValue: {1 item
    - paths: []
    }
  },
- resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6: {3 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Name of the resource group for Network Watcher",
    - description: "Name of the resource group where Network Watchers are located, Ex: NetworkWatcherRG"
    },
  - defaultValue: "NetworkWatcherRG"
  },
- includeAKSClusters-7c1b1214-f927-48bf-8882-84f0af6588b1: {3 items
  - type: "Boolean",
  - metadata: {3 items
    - displayName: "[Deprecated]: Include AKS clusters when auditing if virtual machine scale set diagnostic logs are enabled",
    - description: "For more information, visit https://aka.ms/kubepolicydoc",
    - deprecated: true
    },
  - defaultValue: false
  },
- setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9: {4 items
  - type: "String",
  - metadata: {1 item
    - displayName: "Required auditing setting for SQL servers"
    },
  - allowedValues: [2 items
    - "enabled",
    - "disabled"
    ],
  - defaultValue: "enabled"
  },
- evaluatedSkuNames-ef619a2c-cc4d-4d03-b2ba-8c94a834d85b: {4 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "API Management SKUs that should use a virtual network",
    - description: "List of API Management SKUs against which this policy will be evaluated"
    },
  - allowedValues: [5 items
    - "Developer",
    - "Basic",
    - "Standard",
    - "Premium",
    - "Consumption"
    ],
  - defaultValue: [2 items
    - "Developer",
    - "Premium"
    ]
  },
- effect-b54ed75b-3e1a-44ac-a333-05ba39b99ff0: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Service Fabric clusters should only use Azure Active Directory for client authentication",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-71ef260a-8f18-47b7-abcb-62d0673d94dc: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Cognitive Services accounts should have local authentication methods disabled",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Web Application Firewall should be enabled for Azure Front Door entry-points",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Web Application Firewall (WAF) should be enabled for Application Gateway",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Cosmos DB accounts should have firewall rules",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-d9da03a1-f3c3-412a-9709-947156872263: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-617c02be-7f02-4efd-8836-3180d47b6c68: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Key vaults should have purge protection enabled",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Key vaults should have soft delete enabled",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- maximumValidityInMonths-0a075868-4c26-42ef-914c-5bc007359560: {3 items
  - type: "Integer",
  - metadata: {2 items
    - displayName: "Maximum validity (months) for Key Vault certificates",
    - description: "The limit for how long a Key Vault certificate may be valid; Azure best practices recommend against certificates with lengthy validity periods"
    },
  - defaultValue: 12
  },
- effect-0a075868-4c26-42ef-914c-5bc007359560: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Certificates should have the specified maximum validity period",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-98728c90-32c7-4049-8429-847dc0f4fe37: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Key Vault secrets should have an expiration date",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Key Vault keys should have an expiration date",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Double encryption should be enabled on Azure Data Explorer",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-c349d81b-9985-44ae-a8da-ff98d108ede8: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Data Box jobs should enable double encryption for data at rest on the device",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- supportedSKUs-c349d81b-9985-44ae-a8da-ff98d108ede8: {4 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "Azure Data Box SKUs that support software-based double encryption",
    - description: "The list of Azure Data Box SKUs that support software-based double encryption"
    },
  - allowedValues: [2 items
    - "DataBox",
    - "DataBoxHeavy"
    ],
  - defaultValue: [2 items
    - "DataBox",
    - "DataBoxHeavy"
    ]
  },
- effect-3657f5a0-770e-44a3-b44e-9431ba1e9735: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Automation account variables should be encrypted",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Stack Edge devices should use double-encryption",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-ea0dfaed-95fb-448c-934e-d6e713ce393d: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption)",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-3a58212a-c829-4f13-9872-6371df2fd0b4: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Infrastructure encryption should be enabled for Azure Database for MySQL servers",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-24fba194-95d6-48c0-aea7-f65bf859c598: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Storage accounts should have infrastructure encryption",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-f4b53539-8df9-40e4-86c6-6b607703bd4e: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Disk encryption should be enabled on Azure Data Explorer",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-41425d9f-d1a5-499a-9932-f8ed8453932c: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-fc4d8e41-e223-45ea-9bf5-eada37891d87: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Virtual machines and virtual machine scale sets should have encryption at host enabled",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-86efb160-8de7-451d-bc08-5d475b0aadae: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- supportedSKUs-86efb160-8de7-451d-bc08-5d475b0aadae: {4 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "Azure Data Box SKUs that support customer-managed key encryption key",
    - description: "The list of Azure Data Box SKUs that support customer-managed key encryption key"
    },
  - allowedValues: [2 items
    - "DataBox",
    - "DataBoxHeavy"
    ],
  - defaultValue: [2 items
    - "DataBox",
    - "DataBoxHeavy"
    ]
  },
- effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure data factories should be encrypted with a customer-managed key",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-64d314f6-6062-4780-a861-c23e8951bee5: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure HDInsight clusters should use customer-managed keys to encrypt data at rest",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure HDInsight clusters should use encryption at host to encrypt data at rest",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-fa298e57-9444-42ba-bf04-86e8470e32c7: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Cognitive Services accounts should enable data encryption with a customer-managed key",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Container registries should be encrypted with a customer-managed key",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Machine Learning workspaces should be encrypted with a customer-managed key",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-81e74cea-30fd-40d5-802f-d72103c2aaaa: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Data Explorer encryption at rest should use a customer-managed key",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Container Instance container group should use customer-managed key for encryption",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Disabled",
    - "Deny"
    ],
  - defaultValue: "Audit"
  },
- effect-47031206-ce96-41f8-861b-6a915f3de284: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK)",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Stream Analytics jobs should use customer-managed keys to encrypt data",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-51522a96-0869-4791-82f3-981000c2c67f: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Bot Service should be encrypted with a customer-managed key",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-b5ec538c-daa0-4006-8596-35468b9148e8: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Storage account encryption scopes should use customer-managed keys to encrypt data at rest",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-970f84d8-71b6-4091-9979-ace7e3fb6dbb: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: HPC Cache accounts should use customer-managed key for encryption",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Disabled",
    - "Deny"
    ],
  - defaultValue: "Audit"
  },
- effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Automation accounts should use customer-managed keys to encrypt data at rest",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-2e94d99a-8a36-4563-bc77-810d8893b671: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- enableDoubleEncryption-2e94d99a-8a36-4563-bc77-810d8893b671: {4 items
  - type: "Boolean",
  - metadata: {2 items
    - displayName: "Require that double encryption is enabled on Recovery Services vaults for Backup",
    - description: "Check if double encryption is enabled on Recovery Services vaults for Backup; for more information, visit https://aka.ms/ab-infraencryption"
    },
  - allowedValues: [2 items
    - true,
    - false
    ],
  - defaultValue: true
  },
- effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Logic Apps Integration Service Environment should be encrypted with customer-managed keys",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Batch account should use customer-managed keys to encrypt data",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-1f68a601-6e6d-4e42-babf-3f643a047ea2: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Monitor Logs clusters should be encrypted with customer-managed key",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-f7d52b2d-e161-4dfa-a82b-55e564167385: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Synapse workspaces should use customer-managed keys to encrypt data at rest",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-ca91455f-eace-4f96-be59-e6e2c35b4816: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Managed disks should be double encrypted with both platform-managed and customer-managed keys",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-702dd420-7fcc-42c5-afe8-4026edd20fe0: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: OS and data disks should be encrypted with a customer-managed key",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Only secure connections to your Azure Cache for Redis should be enabled",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-404c3081-a854-4457-ae30-26a93ef643f9: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Secure transfer to storage accounts should be enabled",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-d0793b48-0edc-4296-a390-4c75d1bdfd71: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Container registries should not allow unrestricted network access",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-7d092e0a-7acd-40d2-a975-dca21cae48c4: {4 items
  - type: "String",
  - metadata: {3 items
    - displayName: "[Deprecated]: Effect for policy: Azure Cache for Redis should reside within a virtual network",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
    - deprecated: true
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Storage accounts should restrict network access using virtual network rules",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-34c877ad-507e-4c82-993e-3452a6e0ad3c: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Storage accounts should restrict network access",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-55615ac9-af46-4a59-874e-391cc3dfb490: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Key Vault should disable public network access",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-1b8ca024-1d5c-4dec-8995-b1a932b41780: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Public network access on Azure SQL Database should be disabled",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-037eea7a-bd0a-46c5-9a66-03aea78705d3: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Cognitive Services accounts should restrict network access",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-53503636-bcc9-4748-9663-5348217f160f: {4 items
  - type: "String",
  - metadata: {3 items
    - displayName: "[Deprecated]: Effect for policy: Azure SignalR Service should use private link",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
    - deprecated: true
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-40cec1dd-a100-4920-b15b-3024fe8901ab: {4 items
  - type: "String",
  - metadata: {3 items
    - displayName: "[Deprecated]: (Deprecated) Effect for policy: Azure Machine Learning workspaces should use private link",
    - description: "This policy has been deprecated to remove a parameter's allowed value, replacement policy is 45e05259-1eb5-4f70-9574-baf73e9d219b.",
    - deprecated: true
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Disabled"
  },
- effect-45e05259-1eb5-4f70-9574-baf73e9d219b: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Machine Learning workspaces should use private link",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [2 items
    - "Audit",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-2154edb9-244f-4741-9970-660785bccdaa: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: VM Image Builder templates should use private link",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Disabled",
    - "Deny"
    ],
  - defaultValue: "Audit"
  },
- effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca: {4 items
  - type: "String",
  - metadata: {3 items
    - displayName: "[Deprecated]: Effect for policy: Cognitive Services accounts should disable public network access",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
    - deprecated: true
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Disabled"
  },
- effect-5f0bc445-3935-4915-9981-011aa2b46147: {4 items
  - type: "String",
  - metadata: {3 items
    - displayName: "[Deprecated]: Deprecated effect for policy: Private endpoint should be configured for Key Vault",
    - description: "The Deny effect has been deprecated for this policy given that the simultaneous creation of a Key Vault and its associated private endpoint is not possible. Therefore, Deny prevents the creation of any new Key Vault.",
    - deprecated: true
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-a6abeaec-4d90-4a02-805f-6b26c4d3fbe9: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Key Vaults should use private link",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [2 items
    - "Audit",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-af35e2a4-ef96-44e7-a9ae-853dd97032c4: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Spring Cloud should use network injection",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Disabled",
    - "Deny"
    ],
  - defaultValue: "Audit"
  },
- evaluatedSkuNames-af35e2a4-ef96-44e7-a9ae-853dd97032c4: {4 items
  - type: "Array",
  - metadata: {2 items
    - displayName: "Azure Spring Cloud SKUs that should use network injection",
    - description: "List of Azure Spring Cloud SKUs against which this policy will be evaluated"
    },
  - allowedValues: [1 item
    - "Standard"
    ],
  - defaultValue: [1 item
    - "Standard"
    ]
  },
- effect-a049bf77-880b-470f-ba6d-9f21c530cf83: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Cognitive Search service should use a SKU that supports private link",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-52630df9-ca7e-442b-853b-c6ce548b31a2: {4 items
  - type: "String",
  - metadata: {3 items
    - displayName: "[Deprecated]: Effect for policy: Azure Web PubSub Service should use private link",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects",
    - deprecated: true
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-4fa4b6c0-31ca-4c0d-b10d-24b96f62a751: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Storage account public access should be disallowed",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "audit",
    - "deny",
    - "disabled"
    ],
  - defaultValue: "audit"
  },
- effect-ee980b6d-0eca-4501-8d54-f6290fd512c3: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Azure Cognitive Search services should disable public network access",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Virtual machines should be migrated to new Azure Resource Manager resources",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  },
- effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606: {4 items
  - type: "String",
  - metadata: {2 items
    - displayName: "Effect for policy: Storage accounts should be migrated to new Azure Resource Manager resources",
    - description: "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
    },
  - allowedValues: [3 items
    - "Audit",
    - "Deny",
    - "Disabled"
    ],
  - defaultValue: "Audit"
  }
},
policyDefinitions: [701 items
- {5 items
  - policyDefinitionReferenceId: "72650e9f-97bc-4b2a-ab5f-9781a9fcecbc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/72650e9f-97bc-4b2a-ab5f-9781a9fcecbc Windows machines should meet requirements of the Azure compute security baseline ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fc9b3da7-8347-4380-8e70-0a0361d8dedd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fc9b3da7-8347-4380-8e70-0a0361d8dedd Linux machines should meet requirements for the Azure compute security baseline ,
  - definitionVersion: 2.*.*2.2.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bed48b13-6647-468e-aa2f-1af1d3f4dd40",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bed48b13-6647-468e-aa2f-1af1d3f4dd40 Windows Defender Exploit Guard should be enabled on your machines ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {2 items
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      },
    - NotAvailableMachineState: {1 item
      - value: "[parameters('NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_SC-3",
    - "NIST_SP_800-53_R5_SI-3",
    - "NIST_SP_800-53_R5_SI-16"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e6955644-301c-44b5-a4c4-528577de6861",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e6955644-301c-44b5-a4c4-528577de6861 Audit Linux machines that do not have the passwd file permissions set to 0644 ,
  - definitionVersion: 3.*.*3.1.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5b054a0d-39e2-4d53-bea3-9734cad2c69b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5b054a0d-39e2-4d53-bea3-9734cad2c69b Audit Windows machines that allow re-use of the passwords after the specified number of unique passwords ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "da0f98fe-a24b-4ad5-af69-bd0400233661",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/da0f98fe-a24b-4ad5-af69-bd0400233661 Audit Windows machines that do not store passwords using reversible encryption ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4ceb8dc2-559c-478b-a15b-733fbf1e3738",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4ceb8dc2-559c-478b-a15b-733fbf1e3738 Audit Windows machines that do not have the maximum password age set to specified number of days ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5752e6d6-1206-46d8-8ab1-ecc2f71a8112",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5752e6d6-1206-46d8-8ab1-ecc2f71a8112 Windows machines should be configured to use secure communication protocols ,
  - definitionVersion: 4.*.*4.1.1,
  - parameters: {2 items
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      },
    - MinimumTLSVersion: {1 item
      - value: "[parameters('MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "630c64f9-8b6b-4c64-b511-6544ceff6fd6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/630c64f9-8b6b-4c64-b511-6544ceff6fd6 Authentication to Linux machines should require SSH keys ,
  - definitionVersion: 3.*.*3.2.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "237b38db-ca4d-4259-9e47-7882441ca2c0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/237b38db-ca4d-4259-9e47-7882441ca2c0 Audit Windows machines that do not have the minimum password age set to specified number of days ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ea53dbee-c6c9-4f0e-9f9e-de0039b78023",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ea53dbee-c6c9-4f0e-9f9e-de0039b78023 Audit Linux machines that allow remote connections from accounts without passwords ,
  - definitionVersion: 3.*.*3.1.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bf16e0bb-31e1-4646-8202-60a235cc7e74",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bf16e0bb-31e1-4646-8202-60a235cc7e74 Audit Windows machines that do not have the password complexity setting enabled ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a2d0e922-65d0-40c4-8f87-ea6da2d307a2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a2d0e922-65d0-40c4-8f87-ea6da2d307a2 Audit Windows machines that do not restrict the minimum password length to specified number of characters ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f6ec09a3-78bf-4f8f-99dc-6c77182d0f99",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f6ec09a3-78bf-4f8f-99dc-6c77182d0f99 Audit Linux machines that have accounts without passwords ,
  - definitionVersion: 3.*.*3.1.0,
  - parameters: {1 item
    - IncludeArcMachines: {1 item
      - value: "[parameters('IncludeArcMachines')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "383856f8-de7f-44a2-81fc-e5135b5c2aa4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/383856f8-de7f-44a2-81fc-e5135b5c2aa4 Resource logs in IoT Hub should be enabled ,
  - definitionVersion: 3.*.*3.1.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f9be5368-9bf5-4b84-9e0a-7850da98bb46",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f9be5368-9bf5-4b84-9e0a-7850da98bb46 Resource logs in Azure Stream Analytics should be enabled ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f8d36e2f-389b-4ee4-898d-21aeb69a0f45",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f8d36e2f-389b-4ee4-898d-21aeb69a0f45 Resource logs in Service Bus should be enabled ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b4330a05-a843-4bc8-bf9a-cacce50c67f4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b4330a05-a843-4bc8-bf9a-cacce50c67f4 Resource logs in Search services should be enabled ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "34f95f76-5386-4de7-b824-0d8478470c9d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/34f95f76-5386-4de7-b824-0d8478470c9d Resource logs in Logic Apps should be enabled ,
  - definitionVersion: 5.*.*5.1.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "cf820ca0-f99e-4f3e-84fb-66e913812d21",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cf820ca0-f99e-4f3e-84fb-66e913812d21 Resource logs in Key Vault should be enabled ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "83a214f7-d01a-484b-91a9-ed54470c9a6a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/83a214f7-d01a-484b-91a9-ed54470c9a6a Resource logs in Event Hub should be enabled ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "057ef27e-665e-4328-8ea3-04b3122bd9fb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/057ef27e-665e-4328-8ea3-04b3122bd9fb Resource logs in Azure Data Lake Store should be enabled ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c95c74d9-38fe-4f0d-af86-0c7d626a315c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c95c74d9-38fe-4f0d-af86-0c7d626a315c Resource logs in Data Lake Analytics should be enabled ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "428256e6-1fac-4f48-a757-df34c2b3336d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/428256e6-1fac-4f48-a757-df34c2b3336d Resource logs in Batch accounts should be enabled ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "febd0533-8e55-448f-b837-bd0e06f16469",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/febd0533-8e55-448f-b837-bd0e06f16469 Kubernetes cluster containers should only use allowed images ,
  - definitionVersion: 9.*.*9.3.0,
  - parameters: {5 items
    - effect: {1 item
      - value: "[parameters('effect-febd0533-8e55-448f-b837-bd0e06f16469')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - allowedContainerImagesRegex: {1 item
      - value: "[parameters('allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "95edb821-ddaf-4404-9732-666045e056b4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/95edb821-ddaf-4404-9732-666045e056b4 Kubernetes cluster should not allow privileged containers ,
  - definitionVersion: 9.*.*9.2.0,
  - parameters: {5 items
    - effect: {1 item
      - value: "[parameters('effect-95edb821-ddaf-4404-9732-666045e056b4')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - excludedContainers: {1 item
      - value: "[parameters('excludedContainers-95edb821-ddaf-4404-9732-666045e056b4')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "233a2a17-77ca-4fb1-9b6b-69223d272a44",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/233a2a17-77ca-4fb1-9b6b-69223d272a44 Kubernetes cluster services should listen only on allowed ports ,
  - definitionVersion: 8.*.*8.2.0,
  - parameters: {5 items
    - effect: {1 item
      - value: "[parameters('effect-233a2a17-77ca-4fb1-9b6b-69223d272a44')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - allowedServicePortsList: {1 item
      - value: "[parameters('allowedServicePortsList-233a2a17-77ca-4fb1-9b6b-69223d272a44')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e345eecc-fa47-480f-9e88-67dcc122b164",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e345eecc-fa47-480f-9e88-67dcc122b164 Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits ,
  - definitionVersion: 9.*.*9.3.0,
  - parameters: {6 items
    - effect: {1 item
      - value: "[parameters('effect-e345eecc-fa47-480f-9e88-67dcc122b164')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - cpuLimit: {1 item
      - value: "[parameters('cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164')]"
      },
    - memoryLimit: {1 item
      - value: "[parameters('memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f06ddb64-5fa3-4b77-b166-acb36f7f6042",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f06ddb64-5fa3-4b77-b166-acb36f7f6042 Kubernetes cluster pods and containers should only run with approved user and group IDs ,
  - definitionVersion: 6.*.*6.2.0,
  - parameters: {12 items
    - effect: {1 item
      - value: "[parameters('effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - runAsUserRule: {1 item
      - value: "[parameters('runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      },
    - runAsUserRanges: {1 item
      - value: "[parameters('runAsUserRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      },
    - runAsGroupRule: {1 item
      - value: "[parameters('runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      },
    - runAsGroupRanges: {1 item
      - value: "[parameters('runAsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      },
    - supplementalGroupsRule: {1 item
      - value: "[parameters('supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      },
    - supplementalGroupsRanges: {1 item
      - value: "[parameters('supplementalGroupsRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      },
    - fsGroupRule: {1 item
      - value: "[parameters('fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      },
    - fsGroupRanges: {1 item
      - value: "[parameters('fsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1c6e92c9-99f0-4e55-9cf2-0c234dc48f99",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1c6e92c9-99f0-4e55-9cf2-0c234dc48f99 Kubernetes clusters should not allow container privilege escalation ,
  - definitionVersion: 7.*.*7.2.0,
  - parameters: {4 items
    - effect: {1 item
      - value: "[parameters('effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8 Kubernetes cluster containers should not share host process ID or host IPC namespace ,
  - definitionVersion: 5.*.*5.2.0,
  - parameters: {4 items
    - effect: {1 item
      - value: "[parameters('effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "df49d893-a74c-421d-bc95-c663042e5b80",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/df49d893-a74c-421d-bc95-c663042e5b80 Kubernetes cluster containers should run with a read only root file system ,
  - definitionVersion: 6.*.*6.3.0,
  - parameters: {4 items
    - effect: {1 item
      - value: "[parameters('effect-df49d893-a74c-421d-bc95-c663042e5b80')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d Kubernetes clusters should be accessible only over HTTPS ,
  - definitionVersion: 8.*.*8.2.0,
  - parameters: {4 items
    - effect: {1 item
      - value: "[parameters('effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c26596ff-4d70-4e6a-9a30-c2506bd2f80c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c26596ff-4d70-4e6a-9a30-c2506bd2f80c Kubernetes cluster containers should only use allowed capabilities ,
  - definitionVersion: 6.*.*6.2.0,
  - parameters: {6 items
    - effect: {1 item
      - value: "[parameters('effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - allowedCapabilities: {1 item
      - value: "[parameters('allowedCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c')]"
      },
    - requiredDropCapabilities: {1 item
      - value: "[parameters('requiredDropCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "511f5417-5d12-434d-ab2e-816901e72a5e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/511f5417-5d12-434d-ab2e-816901e72a5e Kubernetes cluster containers should only use allowed AppArmor profiles ,
  - definitionVersion: 6.*.*6.2.0,
  - parameters: {5 items
    - effect: {1 item
      - value: "[parameters('effect-511f5417-5d12-434d-ab2e-816901e72a5e')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - allowedProfiles: {1 item
      - value: "[parameters('allowedProfiles-511f5417-5d12-434d-ab2e-816901e72a5e')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "82985f06-dc18-4a48-bc1c-b9f4f0098cfe",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/82985f06-dc18-4a48-bc1c-b9f4f0098cfe Kubernetes cluster pods should only use approved host network and port range ,
  - definitionVersion: 6.*.*6.2.0,
  - parameters: {7 items
    - effect: {1 item
      - value: "[parameters('effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - allowHostNetwork: {1 item
      - value: "[parameters('allowHostNetwork-82985f06-dc18-4a48-bc1c-b9f4f0098cfe')]"
      },
    - minPort: {1 item
      - value: "[parameters('minPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe')]"
      },
    - maxPort: {1 item
      - value: "[parameters('maxPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "098fc59e-46c7-4d99-9b16-64990e543d75",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/098fc59e-46c7-4d99-9b16-64990e543d75 Kubernetes cluster pod hostPath volumes should only use allowed host paths ,
  - definitionVersion: 6.*.*6.2.0,
  - parameters: {5 items
    - effect: {1 item
      - value: "[parameters('effect-098fc59e-46c7-4d99-9b16-64990e543d75')]"
      },
    - excludedNamespaces: {1 item
      - value: "[parameters('excludedNamespaces')]"
      },
    - namespaces: {1 item
      - value: "[parameters('namespaces')]"
      },
    - labelSelector: {1 item
      - value: "[parameters('labelSelector')]"
      },
    - allowedHostPaths: {1 item
      - value: "[parameters('allowedHostPaths-098fc59e-46c7-4d99-9b16-64990e543d75')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b6e2945c-0b7b-40f5-9233-7a5323b5cdc6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b6e2945c-0b7b-40f5-9233-7a5323b5cdc6 Network Watcher should be enabled ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {1 item
    - resourceGroupName: {1 item
      - value: "[parameters('resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6')]"
      }
    },
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9 Auditing on SQL server should be enabled ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - setting: {1 item
      - value: "[parameters('setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ef619a2c-cc4d-4d03-b2ba-8c94a834d85b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ef619a2c-cc4d-4d03-b2ba-8c94a834d85b API Management services should use a virtual network ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {1 item
    - evaluatedSkuNames: {1 item
      - value: "[parameters('evaluatedSkuNames-ef619a2c-cc4d-4d03-b2ba-8c94a834d85b')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b54ed75b-3e1a-44ac-a333-05ba39b99ff0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b54ed75b-3e1a-44ac-a333-05ba39b99ff0 Service Fabric clusters should only use Azure Active Directory for client authentication ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-b54ed75b-3e1a-44ac-a333-05ba39b99ff0')]"
      }
    },
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-2(1)",
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_IA-2",
    - "NIST_SP_800-53_R5_IA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "71ef260a-8f18-47b7-abcb-62d0673d94dc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/71ef260a-8f18-47b7-abcb-62d0673d94dc Azure AI Services resources should have key access disabled (disable local authentication) ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-71ef260a-8f18-47b7-abcb-62d0673d94dc')]"
      }
    },
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-2(1)",
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_IA-2",
    - "NIST_SP_800-53_R5_IA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "055aa869-bc98-4af8-bafc-23f1ab6ffe2c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/055aa869-bc98-4af8-bafc-23f1ab6ffe2c Azure Web Application Firewall should be enabled for Azure Front Door entry-points ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_SC-5",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "564feb30-bf6a-4854-b4bb-0d2d2d1e6c66",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/564feb30-bf6a-4854-b4bb-0d2d2d1e6c66 Web Application Firewall (WAF) should be enabled for Application Gateway ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_SC-5",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb Azure Cosmos DB accounts should have firewall rules ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d9da03a1-f3c3-412a-9709-947156872263",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d9da03a1-f3c3-412a-9709-947156872263 Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-d9da03a1-f3c3-412a-9709-947156872263')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "617c02be-7f02-4efd-8836-3180d47b6c68",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/617c02be-7f02-4efd-8836-3180d47b6c68 Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-617c02be-7f02-4efd-8836-3180d47b6c68')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0b60c0b2-2dc2-4e1c-b5c9-abbed971de53",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0b60c0b2-2dc2-4e1c-b5c9-abbed971de53 Key vaults should have deletion protection enabled ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d Key vaults should have soft delete enabled ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0a075868-4c26-42ef-914c-5bc007359560",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0a075868-4c26-42ef-914c-5bc007359560 Certificates should have the specified maximum validity period ,
  - definitionVersion: 2.*.*-preview2.2.1,
  - parameters: {2 items
    - maximumValidityInMonths: {1 item
      - value: "[parameters('maximumValidityInMonths-0a075868-4c26-42ef-914c-5bc007359560')]"
      },
    - effect: {1 item
      - value: "[parameters('effect-0a075868-4c26-42ef-914c-5bc007359560')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "98728c90-32c7-4049-8429-847dc0f4fe37",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/98728c90-32c7-4049-8429-847dc0f4fe37 Key Vault secrets should have an expiration date ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-98728c90-32c7-4049-8429-847dc0f4fe37')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0 Key Vault keys should have an expiration date ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ec068d99-e9c7-401f-8cef-5bdde4e6ccf1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ec068d99-e9c7-401f-8cef-5bdde4e6ccf1 Double encryption should be enabled on Azure Data Explorer ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c349d81b-9985-44ae-a8da-ff98d108ede8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c349d81b-9985-44ae-a8da-ff98d108ede8 Azure Data Box jobs should enable double encryption for data at rest on the device ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {2 items
    - effect: {1 item
      - value: "[parameters('effect-c349d81b-9985-44ae-a8da-ff98d108ede8')]"
      },
    - supportedSKUs: {1 item
      - value: "[parameters('supportedSKUs-c349d81b-9985-44ae-a8da-ff98d108ede8')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3657f5a0-770e-44a3-b44e-9431ba1e9735",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3657f5a0-770e-44a3-b44e-9431ba1e9735 Automation account variables should be encrypted ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-3657f5a0-770e-44a3-b44e-9431ba1e9735')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b4ac1030-89c5-4697-8e00-28b5ba6a8811",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b4ac1030-89c5-4697-8e00-28b5ba6a8811 Azure Stack Edge devices should use double-encryption ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ea0dfaed-95fb-448c-934e-d6e713ce393d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ea0dfaed-95fb-448c-934e-d6e713ce393d Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption) ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-ea0dfaed-95fb-448c-934e-d6e713ce393d')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3a58212a-c829-4f13-9872-6371df2fd0b4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3a58212a-c829-4f13-9872-6371df2fd0b4 Infrastructure encryption should be enabled for Azure Database for MySQL servers ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-3a58212a-c829-4f13-9872-6371df2fd0b4')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "24fba194-95d6-48c0-aea7-f65bf859c598",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/24fba194-95d6-48c0-aea7-f65bf859c598 Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-24fba194-95d6-48c0-aea7-f65bf859c598')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4733ea7b-a883-42fe-8cac-97454c2a9e4a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4733ea7b-a883-42fe-8cac-97454c2a9e4a Storage accounts should have infrastructure encryption ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f4b53539-8df9-40e4-86c6-6b607703bd4e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f4b53539-8df9-40e4-86c6-6b607703bd4e Disk encryption should be enabled on Azure Data Explorer ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-f4b53539-8df9-40e4-86c6-6b607703bd4e')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "41425d9f-d1a5-499a-9932-f8ed8453932c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/41425d9f-d1a5-499a-9932-f8ed8453932c Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-41425d9f-d1a5-499a-9932-f8ed8453932c')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fc4d8e41-e223-45ea-9bf5-eada37891d87",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fc4d8e41-e223-45ea-9bf5-eada37891d87 Virtual machines and virtual machine scale sets should have encryption at host enabled ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-fc4d8e41-e223-45ea-9bf5-eada37891d87')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "86efb160-8de7-451d-bc08-5d475b0aadae",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/86efb160-8de7-451d-bc08-5d475b0aadae Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {2 items
    - effect: {1 item
      - value: "[parameters('effect-86efb160-8de7-451d-bc08-5d475b0aadae')]"
      },
    - supportedSKUs: {1 item
      - value: "[parameters('supportedSKUs-86efb160-8de7-451d-bc08-5d475b0aadae')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4ec52d6d-beb7-40c4-9a9e-fe753254690e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4ec52d6d-beb7-40c4-9a9e-fe753254690e Azure data factories should be encrypted with a customer-managed key ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "64d314f6-6062-4780-a861-c23e8951bee5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/64d314f6-6062-4780-a861-c23e8951bee5 Azure HDInsight clusters should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-64d314f6-6062-4780-a861-c23e8951bee5')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6 Azure HDInsight clusters should use encryption at host to encrypt data at rest ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fa298e57-9444-42ba-bf04-86e8470e32c7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fa298e57-9444-42ba-bf04-86e8470e32c7 Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-fa298e57-9444-42ba-bf04-86e8470e32c7')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "67121cc7-ff39-4ab8-b7e3-95b84dab487d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/67121cc7-ff39-4ab8-b7e3-95b84dab487d Azure AI Services resources should encrypt data at rest with a customer-managed key (CMK) ,
  - definitionVersion: 2.*.*2.2.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1f905d99-2ab7-462c-a6b0-f709acca6c8f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1f905d99-2ab7-462c-a6b0-f709acca6c8f Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580 Container registries should be encrypted with a customer-managed key ,
  - definitionVersion: 1.*.*1.1.2,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ba769a63-b8cc-4b2d-abf6-ac33c7204be8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ba769a63-b8cc-4b2d-abf6-ac33c7204be8 Azure Machine Learning workspaces should be encrypted with a customer-managed key ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "81e74cea-30fd-40d5-802f-d72103c2aaaa",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/81e74cea-30fd-40d5-802f-d72103c2aaaa Azure Data Explorer encryption at rest should use a customer-managed key ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-81e74cea-30fd-40d5-802f-d72103c2aaaa')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0aa61e00-0a01-4a3c-9945-e93cffedf0e6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0aa61e00-0a01-4a3c-9945-e93cffedf0e6 Azure Container Instance container group should use customer-managed key for encryption ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "47031206-ce96-41f8-861b-6a915f3de284",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/47031206-ce96-41f8-861b-6a915f3de284 [Preview]: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK) ,
  - definitionVersion: 1.*.*-preview1.0.0-preview,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-47031206-ce96-41f8-861b-6a915f3de284')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "87ba29ef-1ab3-4d82-b763-87fcd4f531f7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/87ba29ef-1ab3-4d82-b763-87fcd4f531f7 Azure Stream Analytics jobs should use customer-managed keys to encrypt data ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "51522a96-0869-4791-82f3-981000c2c67f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/51522a96-0869-4791-82f3-981000c2c67f Bot Service should be encrypted with a customer-managed key ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-51522a96-0869-4791-82f3-981000c2c67f')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b5ec538c-daa0-4006-8596-35468b9148e8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b5ec538c-daa0-4006-8596-35468b9148e8 Storage account encryption scopes should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-b5ec538c-daa0-4006-8596-35468b9148e8')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "970f84d8-71b6-4091-9979-ace7e3fb6dbb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/970f84d8-71b6-4091-9979-ace7e3fb6dbb HPC Cache accounts should use customer-managed key for encryption ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-970f84d8-71b6-4091-9979-ace7e3fb6dbb')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "56a5ee18-2ae6-4810-86f7-18e39ce5629b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/56a5ee18-2ae6-4810-86f7-18e39ce5629b Azure Automation accounts should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2e94d99a-8a36-4563-bc77-810d8893b671",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2e94d99a-8a36-4563-bc77-810d8893b671 [Preview]: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data ,
  - definitionVersion: 1.*.*-preview1.0.0-preview,
  - parameters: {2 items
    - effect: {1 item
      - value: "[parameters('effect-2e94d99a-8a36-4563-bc77-810d8893b671')]"
      },
    - enableDoubleEncryption: {1 item
      - value: "[parameters('enableDoubleEncryption-2e94d99a-8a36-4563-bc77-810d8893b671')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5 Logic Apps Integration Service Environment should be encrypted with customer-managed keys ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "99e9ccd8-3db9-4592-b0d1-14b1715a4d8a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/99e9ccd8-3db9-4592-b0d1-14b1715a4d8a Azure Batch account should use customer-managed keys to encrypt data ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1f68a601-6e6d-4e42-babf-3f643a047ea2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1f68a601-6e6d-4e42-babf-3f643a047ea2 Azure Monitor Logs clusters should be encrypted with customer-managed key ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-1f68a601-6e6d-4e42-babf-3f643a047ea2')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f7d52b2d-e161-4dfa-a82b-55e564167385",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f7d52b2d-e161-4dfa-a82b-55e564167385 Azure Synapse workspaces should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-f7d52b2d-e161-4dfa-a82b-55e564167385')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7d7be79c-23ba-4033-84dd-45e2a5ccdd67",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7d7be79c-23ba-4033-84dd-45e2a5ccdd67 Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ca91455f-eace-4f96-be59-e6e2c35b4816",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ca91455f-eace-4f96-be59-e6e2c35b4816 Managed disks should be double encrypted with both platform-managed and customer-managed keys ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-ca91455f-eace-4f96-be59-e6e2c35b4816')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "702dd420-7fcc-42c5-afe8-4026edd20fe0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/702dd420-7fcc-42c5-afe8-4026edd20fe0 OS and data disks should be encrypted with a customer-managed key ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-702dd420-7fcc-42c5-afe8-4026edd20fe0')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "22bee202-a82f-4305-9a2a-6d7f44d4dedb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/22bee202-a82f-4305-9a2a-6d7f44d4dedb Only secure connections to your Azure Cache for Redis should be enabled ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "404c3081-a854-4457-ae30-26a93ef643f9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/404c3081-a854-4457-ae30-26a93ef643f9 Secure transfer to storage accounts should be enabled ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-404c3081-a854-4457-ae30-26a93ef643f9')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d0793b48-0edc-4296-a390-4c75d1bdfd71",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d0793b48-0edc-4296-a390-4c75d1bdfd71 Container registries should not allow unrestricted network access ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-d0793b48-0edc-4296-a390-4c75d1bdfd71')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2a1a9cdf-e04d-429a-8416-3bfb72a1b26f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2a1a9cdf-e04d-429a-8416-3bfb72a1b26f Storage accounts should restrict network access using virtual network rules ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "34c877ad-507e-4c82-993e-3452a6e0ad3c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/34c877ad-507e-4c82-993e-3452a6e0ad3c Storage accounts should restrict network access ,
  - definitionVersion: 1.*.*1.1.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-34c877ad-507e-4c82-993e-3452a6e0ad3c')]"
      }
    },
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "55615ac9-af46-4a59-874e-391cc3dfb490",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/55615ac9-af46-4a59-874e-391cc3dfb490 Azure Key Vault should have firewall enabled or public network access disabled ,
  - definitionVersion: 3.*.*3.3.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-55615ac9-af46-4a59-874e-391cc3dfb490')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1b8ca024-1d5c-4dec-8995-b1a932b41780",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1b8ca024-1d5c-4dec-8995-b1a932b41780 Public network access on Azure SQL Database should be disabled ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-1b8ca024-1d5c-4dec-8995-b1a932b41780')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "037eea7a-bd0a-46c5-9a66-03aea78705d3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/037eea7a-bd0a-46c5-9a66-03aea78705d3 Azure AI Services resources should restrict network access ,
  - definitionVersion: 3.*.*3.2.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-037eea7a-bd0a-46c5-9a66-03aea78705d3')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2393d2cf-a342-44cd-a2e2-fe0188fd1234",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2393d2cf-a342-44cd-a2e2-fe0188fd1234 Azure SignalR Service should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "45e05259-1eb5-4f70-9574-baf73e9d219b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/45e05259-1eb5-4f70-9574-baf73e9d219b Azure Machine Learning workspaces should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-45e05259-1eb5-4f70-9574-baf73e9d219b')]"
      }
    },
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2154edb9-244f-4741-9970-660785bccdaa",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2154edb9-244f-4741-9970-660785bccdaa VM Image Builder templates should use private link ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-2154edb9-244f-4741-9970-660785bccdaa')]"
      }
    },
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a6abeaec-4d90-4a02-805f-6b26c4d3fbe9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a6abeaec-4d90-4a02-805f-6b26c4d3fbe9 Azure Key Vaults should use private link ,
  - definitionVersion: 1.*.*-preview1.2.1,
  - parameters: {1 item
    - audit_effect: {1 item
      - value: "[parameters('effect-a6abeaec-4d90-4a02-805f-6b26c4d3fbe9')]"
      }
    },
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "af35e2a4-ef96-44e7-a9ae-853dd97032c4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/af35e2a4-ef96-44e7-a9ae-853dd97032c4 Azure Spring Cloud should use network injection ,
  - definitionVersion: 1.*.*1.2.0,
  - parameters: {2 items
    - effect: {1 item
      - value: "[parameters('effect-af35e2a4-ef96-44e7-a9ae-853dd97032c4')]"
      },
    - evaluatedSkuNames: {1 item
      - value: "[parameters('evaluatedSkuNames-af35e2a4-ef96-44e7-a9ae-853dd97032c4')]"
      }
    },
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a049bf77-880b-470f-ba6d-9f21c530cf83",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a049bf77-880b-470f-ba6d-9f21c530cf83 Azure AI Search service should use a SKU that supports private link ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-a049bf77-880b-470f-ba6d-9f21c530cf83')]"
      }
    },
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "eb907f70-7514-460d-92b3-a5ae93b4f917",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eb907f70-7514-460d-92b3-a5ae93b4f917 Azure Web PubSub Service should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4fa4b6c0-31ca-4c0d-b10d-24b96f62a751",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4fa4b6c0-31ca-4c0d-b10d-24b96f62a751 Storage account public access should be disallowed ,
  - definitionVersion: 3.*.*-preview3.1.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-4fa4b6c0-31ca-4c0d-b10d-24b96f62a751')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ee980b6d-0eca-4501-8d54-f6290fd512c3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ee980b6d-0eca-4501-8d54-f6290fd512c3 Azure AI Search services should disable public network access ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-ee980b6d-0eca-4501-8d54-f6290fd512c3')]"
      }
    },
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1d84d5fb-01f6-4d12-ba4f-4a26081d403d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1d84d5fb-01f6-4d12-ba4f-4a26081d403d Virtual machines should be migrated to new Azure Resource Manager resources ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "37e0d2fe-28a5-43d6-a273-67d37d1f5606",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/37e0d2fe-28a5-43d6-a273-67d37d1f5606 Storage accounts should be migrated to new Azure Resource Manager resources ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {1 item
    - effect: {1 item
      - value: "[parameters('effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606')]"
      }
    },
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b52376f7-9612-48a1-81cd-1ffe4b61032c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b52376f7-9612-48a1-81cd-1ffe4b61032c Public network access should be disabled for PostgreSQL servers ,
  - definitionVersion: 2.*.*2.0.1,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8d7e1fde-fe26-4b5f-8108-f8e432cbc2be",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8d7e1fde-fe26-4b5f-8108-f8e432cbc2be Blocked accounts with read and write permissions on Azure resources should be removed ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1f314764-cb73-4fc9-b863-8eca98ac36e9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1f314764-cb73-4fc9-b863-8eca98ac36e9 An Azure Active Directory administrator should be provisioned for SQL servers ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-2(1)",
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_IA-2",
    - "NIST_SP_800-53_R5_IA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ac4a19c2-fa67-49b4-8ae5-0b2e78c49457",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ac4a19c2-fa67-49b4-8ae5-0b2e78c49457 Role-Based Access Control (RBAC) should be used on Kubernetes Services ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-3(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5744710e-cc2f-4ee8-8809-3b11e89f4bc9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5744710e-cc2f-4ee8-8809-3b11e89f4bc9 App Service apps should not have CORS configured to allow every resource to access your apps ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "09024ccc-0c5f-475e-9457-b7c0d9ed487b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/09024ccc-0c5f-475e-9457-b7c0d9ed487b There should be more than one owner assigned to your subscription ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4f11b553-d42e-4e3a-89be-32ca364cad4c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4f11b553-d42e-4e3a-89be-32ca364cad4c A maximum of 3 owners should be designated for your subscription ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-6",
    - "NIST_SP_800-53_R5_AC-6(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9 Azure Defender for SQL should be enabled for unprotected SQL Managed Instances ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AC-16",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0e60b895-3786-45da-8377-9c6b4b6ac5f9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0e60b895-3786-45da-8377-9c6b4b6ac5f9 Function apps should have remote debugging turned off ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9 Azure Defender for SQL should be enabled for unprotected Azure SQL servers ,
  - definitionVersion: 2.*.*2.0.1,
  - parameters: {},
  - groupNames: [10 items
    - "NIST_SP_800-53_R5_AC-16",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "89099bee-89e0-4b26-a5f4-165451757743",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/89099bee-89e0-4b26-a5f4-165451757743 SQL servers with auditing to storage account destination should be configured with 90 days retention or higher ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-11"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4da35fc9-c9e7-4960-aec9-797fe7d9051d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4da35fc9-c9e7-4960-aec9-797fe7d9051d Azure Defender for servers should be enabled ,
  - definitionVersion: 1.*.*1.0.3,
  - parameters: {},
  - groupNames: [15 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_CM-7",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SC-3",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-3",
    - "NIST_SP_800-53_R5_SI-4",
    - "NIST_SP_800-53_R5_SI-16"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0ec47710-77ff-4a3d-9181-6aa50af424d0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0ec47710-77ff-4a3d-9181-6aa50af424d0 Geo-redundant backup should be enabled for Azure Database for MariaDB ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CP-6",
    - "NIST_SP_800-53_R5_CP-6(1)",
    - "NIST_SP_800-53_R5_CP-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0015ea4d-51ff-4ce3-8d8c-f3f8f0179a56",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0015ea4d-51ff-4ce3-8d8c-f3f8f0179a56 Audit virtual machines without disaster recovery configured ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "013e242c-8828-4970-87b3-ab247555486d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/013e242c-8828-4970-87b3-ab247555486d Azure Backup should be enabled for Virtual Machines ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3cf2ab00-13f1-4d0c-8971-2ac904541a7e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3cf2ab00-13f1-4d0c-8971-2ac904541a7e Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities ,
  - definitionVersion: 4.*.*4.1.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7 Subscriptions should have a contact email address for security issues ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_IR-6(2)",
    - "NIST_SP_800-53_R5_SI-4(12)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a7aca53f-2ed4-4466-a25e-0b45ade68efd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a7aca53f-2ed4-4466-a25e-0b45ade68efd Azure DDoS Protection should be enabled ,
  - definitionVersion: 3.*.*3.0.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab Function apps should only be accessible over HTTPS ,
  - definitionVersion: 5.*.*5.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0a370ff3-6cab-4e85-8995-295fd854c5b8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0a370ff3-6cab-4e85-8995-295fd854c5b8 SQL servers should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 2.*.*2.0.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0cfea604-3201-4e14-88fc-fae4c427a6c5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0cfea604-3201-4e14-88fc-fae4c427a6c5 Blocked accounts with owner permissions on Azure resources should be removed ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b0f33259-77d7-4c9e-aac6-3aabcfae693c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c Management ports of virtual machines should be protected with just-in-time network access control ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-4(3)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a451c1ef-c6ca-483d-87ed-f49761e3ffb5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a451c1ef-c6ca-483d-87ed-f49761e3ffb5 Audit usage of custom RBAC roles ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-6",
    - "NIST_SP_800-53_R5_AC-6(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "cb510bfd-1cba-4d9f-a230-cb0976f4bb71",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cb510bfd-1cba-4d9f-a230-cb0976f4bb71 App Service apps should have remote debugging turned off ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "48af4db5-9b8b-401c-8e74-076be876a430",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/48af4db5-9b8b-401c-8e74-076be876a430 Geo-redundant backup should be enabled for Azure Database for PostgreSQL ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CP-6",
    - "NIST_SP_800-53_R5_CP-6(1)",
    - "NIST_SP_800-53_R5_CP-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0da106f2-4ca3-48e8-bc85-c638fe6aea8f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0da106f2-4ca3-48e8-bc85-c638fe6aea8f Function apps should use managed identity ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_IA-2",
    - "NIST_SP_800-53_R5_IA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "497dff13-db2a-4c0f-8603-28fa3b331ab6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/497dff13-db2a-4c0f-8603-28fa3b331ab6 Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity ,
  - definitionVersion: 4.*.*4.1.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6e2593d9-add6-4083-9c9b-4b7d2188c899",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6e2593d9-add6-4083-9c9b-4b7d2188c899 Email notification for high severity alerts should be enabled ,
  - definitionVersion: 1.*.*1.2.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_IR-6(2)",
    - "NIST_SP_800-53_R5_SI-4(12)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9daedab3-fb2d-461e-b861-71790eead4f6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9daedab3-fb2d-461e-b861-71790eead4f6 All network ports should be restricted on network security groups associated to your virtual machine ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a4af4a39-4135-47fb-b175-47fbdf85311d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a4af4a39-4135-47fb-b175-47fbdf85311d App Service apps should only be accessible over HTTPS ,
  - definitionVersion: 4.*.*4.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ac01ad65-10e5-46df-bdd9-6b0cad13e1d2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ac01ad65-10e5-46df-bdd9-6b0cad13e1d2 SQL managed instances should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "17k78e20-9358-41c9-923c-fb736d382a12",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/17k78e20-9358-41c9-923c-fb736d382a12 Transparent Data Encryption on SQL databases should be enabled ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "339353f6-2387-4a45-abe4-7f529d121046",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/339353f6-2387-4a45-abe4-7f529d121046 Guest accounts with owner permissions on Azure resources should be removed ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0e6763cc-5078-4e64-889d-ff4d9a839047",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0e6763cc-5078-4e64-889d-ff4d9a839047 Azure Defender for Key Vault should be enabled ,
  - definitionVersion: 1.*.*1.0.3,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "82339799-d096-41ae-8538-b108becf0970",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/82339799-d096-41ae-8538-b108becf0970 Geo-redundant backup should be enabled for Azure Database for MySQL ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CP-6",
    - "NIST_SP_800-53_R5_CP-6(1)",
    - "NIST_SP_800-53_R5_CP-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2b9ad585-36bc-4615-b300-fd4435808332",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2b9ad585-36bc-4615-b300-fd4435808332 App Service apps should use managed identity ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_IA-2",
    - "NIST_SP_800-53_R5_IA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "385f5831-96d4-41db-9a3c-cd3af78aaae6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/385f5831-96d4-41db-9a3c-cd3af78aaae6 Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs ,
  - definitionVersion: 1.*.*1.3.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0b15565f-aa9e-48ba-8619-45960f2c314d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0b15565f-aa9e-48ba-8619-45960f2c314d Email notification to subscription owner for high severity alerts should be enabled ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_IR-6(2)",
    - "NIST_SP_800-53_R5_SI-4(12)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "feedbf84-6b99-488c-acc2-71c829aa5ffc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/feedbf84-6b99-488c-acc2-71c829aa5ffc SQL databases should have vulnerability findings resolved ,
  - definitionVersion: 4.*.*4.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fc5e4038-4584-4632-8c85-c0448d374b2c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fc5e4038-4584-4632-8c85-c0448d374b2c [Preview]: All Internet traffic should be routed via your deployed Azure Firewall ,
  - definitionVersion: 3.*.*-preview3.0.0-preview,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e9ac8f8e-ce22-4355-8f04-99b911d6be52",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e9ac8f8e-ce22-4355-8f04-99b911d6be52 Guest accounts with read permissions on Azure resources should be removed ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e71308d3-144b-4262-b144-efdc3cc90517",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e71308d3-144b-4262-b144-efdc3cc90517 Subnets should be associated with a Network Security Group ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7fe3b40f-802b-4cdd-8bd4-fd799c948cc2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7fe3b40f-802b-4cdd-8bd4-fd799c948cc2 Azure Defender for Azure SQL Database servers should be enabled ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0820b7b9-23aa-4725-a1ce-ae4558f718e5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0820b7b9-23aa-4725-a1ce-ae4558f718e5 Function apps should not have CORS configured to allow every resource to access your apps ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "331e8ea8-378a-410f-a2e5-ae22f38bb0da",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/331e8ea8-378a-410f-a2e5-ae22f38bb0da Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs ,
  - definitionVersion: 3.*.*3.2.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9 Vulnerability assessment should be enabled on your SQL servers ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bd352bd5-2853-4985-bf0d-73806b4a5744",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bd352bd5-2853-4985-bf0d-73806b4a5744 IP Forwarding on your virtual machine should be disabled ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-5",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "94e1c2ac-cbbe-4cac-a2b5-389c812dee87",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/94e1c2ac-cbbe-4cac-a2b5-389c812dee87 Guest accounts with write permissions on Azure resources should be removed ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f6de0be7-9a8a-4b8a-b349-43cf02d22f7c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f6de0be7-9a8a-4b8a-b349-43cf02d22f7c Internet-facing virtual machines should be protected with network security groups ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6581d072-105e-4418-827f-bd446d56421b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6581d072-105e-4418-827f-bd446d56421b Azure Defender for SQL servers on machines should be enabled ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "501541f7-f7e7-4cd6-868c-4190fdad3ac9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/501541f7-f7e7-4cd6-868c-4190fdad3ac9 A vulnerability assessment solution should be enabled on your virtual machines ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6fac406b-40ca-413b-bf8e-0bf964659c25",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6fac406b-40ca-413b-bf8e-0bf964659c25 Storage accounts should use customer-managed key for encryption ,
  - definitionVersion: 1.*.*1.0.3,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bb91dfba-c30d-4263-9add-9c2384e659a6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bb91dfba-c30d-4263-9add-9c2384e659a6 Non-internet-facing virtual machines should be protected with network security groups ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "640d2586-54d2-465f-877f-9ffc1d2109f4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/640d2586-54d2-465f-877f-9ffc1d2109f4 Microsoft Defender for Storage should be enabled ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0a15ec92-a229-4763-bb14-0ea34a568f8d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0a15ec92-a229-4763-bb14-0ea34a568f8d Azure Policy Add-on for Kubernetes service (AKS) should be installed and enabled on your clusters ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2913021d-f2fd-4f3d-b958-22354e2bdbcb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2913021d-f2fd-4f3d-b958-22354e2bdbcb Azure Defender for App Service should be enabled ,
  - definitionVersion: 1.*.*1.0.3,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ae89ebca-1c92-4898-ac2c-9f63decb045c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ae89ebca-1c92-4898-ac2c-9f63decb045c Guest Configuration extension should be installed on your machines ,
  - definitionVersion: 1.*.*1.0.3,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0e246bcf-5f6f-4f87-bc6f-775d4712c7ea",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0e246bcf-5f6f-4f87-bc6f-775d4712c7ea Authorized IP ranges should be defined on Kubernetes Services ,
  - definitionVersion: 2.*.*2.0.1,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1c988dd6-ade4-430f-a608-2a3e5b0a6d38",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1c988dd6-ade4-430f-a608-2a3e5b0a6d38 Microsoft Defender for Containers should be enabled ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d26f7642-7545-4e18-9b75-8c9bbdee3a9a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d26f7642-7545-4e18-9b75-8c9bbdee3a9a Virtual machines' Guest Configuration extension should be deployed with system-assigned managed identity ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d158790f-bfb0-486c-8631-2dc6b4e8e6af",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d158790f-bfb0-486c-8631-2dc6b4e8e6af Enforce SSL connection should be enabled for PostgreSQL database servers ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "83cef61d-dbd1-4b20-a4fc-5fbc7da10833",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/83cef61d-dbd1-4b20-a4fc-5fbc7da10833 MySQL servers should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 1.*.*1.0.4,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e [Preview]: Log Analytics extension should be installed on your Windows Azure Arc machines ,
  - definitionVersion: 1.*.*-preview1.0.1-preview,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6ba6d016-e7c3-4842-b8f2-4992ebc0d72d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6ba6d016-e7c3-4842-b8f2-4992ebc0d72d SQL servers on machines should have vulnerability findings resolved ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "22730e10-96f6-4aac-ad84-9383d35b5917",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917 Management ports should be closed on your virtual machines ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e802a67a-daf5-4436-9ea6-f6d821dd0c5d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e802a67a-daf5-4436-9ea6-f6d821dd0c5d Enforce SSL connection should be enabled for MySQL database servers ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "18adea5e-f416-4d0f-8aa8-d24321e3e274",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/18adea5e-f416-4d0f-8aa8-d24321e3e274 PostgreSQL servers should use customer-managed keys to encrypt data at rest ,
  - definitionVersion: 1.*.*1.0.4,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0564d078-92f5-4f97-8398-b9f58a51f70b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0564d078-92f5-4f97-8398-b9f58a51f70b Private endpoint should be enabled for PostgreSQL servers ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "842c54e8-c2f9-4d79-ae8d-38d8b8019373",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/842c54e8-c2f9-4d79-ae8d-38d8b8019373 [Preview]: Log Analytics extension should be installed on your Linux Azure Arc machines ,
  - definitionVersion: 1.*.*-preview1.0.1-preview,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1b7aa243-30e4-4c9e-bca8-d0d3022b634a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1b7aa243-30e4-4c9e-bca8-d0d3022b634a Vulnerability assessment should be enabled on SQL Managed Instance ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b App Service apps should use the latest TLS version ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0a1302fb-a631-4106-9753-f3d494733990",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0a1302fb-a631-4106-9753-f3d494733990 Private endpoint should be enabled for MariaDB servers ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8dfab9c4-fe7b-49ad-85e4-1e9be085358f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8dfab9c4-fe7b-49ad-85e4-1e9be085358f [Preview]: Azure Arc enabled Kubernetes clusters should have Microsoft Defender for Cloud extension installed ,
  - definitionVersion: 6.*.*-preview6.0.0-preview,
  - parameters: {},
  - groupNames: [7 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0049a6b3-a662-4f3e-8635-39cf44ace45a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0049a6b3-a662-4f3e-8635-39cf44ace45a Vulnerability assessment should be enabled on your Synapse workspaces ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f9d614c5-c173-4d56-95a7-b4437057d193",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f9d614c5-c173-4d56-95a7-b4437057d193 Function apps should use the latest TLS version ,
  - definitionVersion: 2.*.*2.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7595c971-233d-4bcf-bd18-596129188c49",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7595c971-233d-4bcf-bd18-596129188c49 Private endpoint should be enabled for MySQL servers ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c3d20c29-b36d-48fe-808b-99a87530ad99",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c3d20c29-b36d-48fe-808b-99a87530ad99 Azure Defender for Resource Manager should be enabled ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_AC-2(12)",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-5",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2f2ee1de-44aa-4762-b6bd-0893fc3f306d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2f2ee1de-44aa-4762-b6bd-0893fc3f306d [Preview]: Network traffic data collection agent should be installed on Windows virtual machines ,
  - definitionVersion: 1.*.*-preview1.0.2-preview,
  - parameters: {},
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "399b2637-a50f-4f95-96f8-3a145476eb15",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/399b2637-a50f-4f95-96f8-3a145476eb15 Function apps should require FTPS only ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "04c4380f-3fae-46e8-96c9-30193528f602",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/04c4380f-3fae-46e8-96c9-30193528f602 [Preview]: Network traffic data collection agent should be installed on Linux virtual machines ,
  - definitionVersion: 1.*.*-preview1.0.2-preview,
  - parameters: {},
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b App Service apps should require FTPS only ,
  - definitionVersion: 3.*.*3.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "295fc8b1-dc9f-4f53-9c61-3f313ceab40a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/295fc8b1-dc9f-4f53-9c61-3f313ceab40a Service Bus Premium namespaces should use a customer-managed key for encryption ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fb74e86f-d351-4b8d-b034-93da7391c01f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fb74e86f-d351-4b8d-b034-93da7391c01f App Service Environment should have internal encryption enabled ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-28",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e8eef0a8-67cf-4eb4-9386-14b0e78733d4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e8eef0a8-67cf-4eb4-9386-14b0e78733d4 Container registries should use private link ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fdccbe47-f3e3-4213-ad5d-ea459b2fa077",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fdccbe47-f3e3-4213-ad5d-ea459b2fa077 Public network access should be disabled for MariaDB servers ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ca610c1d-041c-4332-9d88-7ed3094967c7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ca610c1d-041c-4332-9d88-7ed3094967c7 App Configuration should use private link ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d9844e8a-1437-4aeb-a32c-0c992f056095",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d9844e8a-1437-4aeb-a32c-0c992f056095 Public network access should be disabled for MySQL servers ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9830b652-8523-49cc-b1b3-e17dce1127ca",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9830b652-8523-49cc-b1b3-e17dce1127ca Azure Event Grid domains should use private link ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4b90e17e-8448-49db-875e-bd83fb6f804f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4b90e17e-8448-49db-875e-bd83fb6f804f Azure Event Grid topics should use private link ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fb893a29-21bb-418c-a157-e99480ec364c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fb893a29-21bb-418c-a157-e99480ec364c Kubernetes Services should be upgraded to a non-vulnerable Kubernetes version ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-2(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a1ad735a-e96f-45d2-a7b2-9a4932cab7ec",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a1ad735a-e96f-45d2-a7b2-9a4932cab7ec Event Hub namespaces should use a customer-managed key for encryption ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "19dd1db6-f442-49cf-a838-b0786b4401ef",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/19dd1db6-f442-49cf-a838-b0786b4401ef App Service apps should have Client Certificates (Incoming client certificates) enabled ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "eaebaea7-8013-4ceb-9d14-7eb32271373c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eaebaea7-8013-4ceb-9d14-7eb32271373c [Deprecated]: Function apps should have 'Client Certificates (Incoming client certificates)' enabled ,
  - definitionVersion: 3.*.*3.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6edd7eda-6dd8-40f7-810d-67160c639cd9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6edd7eda-6dd8-40f7-810d-67160c639cd9 Storage accounts should use private link ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7698e800-9299-47a6-b3b6-5a0fee576eed",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7698e800-9299-47a6-b3b6-5a0fee576eed Private endpoint connections on Azure SQL Database should be enabled ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0fda3595-9f2b-4592-8675-4231d6fa82fe",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0fda3595-9f2b-4592-8675-4231d6fa82fe [Deprecated]: Azure AI Search services should use private link ,
  - definitionVersion: 1.*.*1.0.2,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "cddd188c-4b82-4c48-a19d-ddf74ee66a01",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cddd188c-4b82-4c48-a19d-ddf74ee66a01 [Deprecated]: Cognitive Services should use private link ,
  - definitionVersion: 3.*.*3.0.1,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "051cba44-2429-45b9-9649-46cec11c7119",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/051cba44-2429-45b9-9649-46cec11c7119 Azure API for FHIR should use a customer-managed key to encrypt data at rest ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8b0323be-cc25-4b61-935d-002c3798c6ea",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8b0323be-cc25-4b61-935d-002c3798c6ea Azure Data Factory should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f39f5f49-4abf-44de-8c70-0756997bfb51",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f39f5f49-4abf-44de-8c70-0756997bfb51 Disk access resources should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "58440f8a-10c5-4151-bdce-dfbaad4a20b7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/58440f8a-10c5-4151-bdce-dfbaad4a20b7 CosmosDB accounts should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7803067c-7d34-46e3-8c79-0ca68fc4036d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7803067c-7d34-46e3-8c79-0ca68fc4036d Azure Cache for Redis should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b8564268-eb4a-4337-89be-a19db070c59d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8564268-eb4a-4337-89be-a19db070c59d Event Hub namespaces should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "df39c015-56a4-45de-b4a3-efe77bed320d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/df39c015-56a4-45de-b4a3-efe77bed320d IoT Hub device provisioning service instances should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1c06e275-d63d-4540-b761-71f364c2111d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1c06e275-d63d-4540-b761-71f364c2111d Azure Service Bus namespaces should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1d320205-c6a1-4ac6-873d-46224024e8e2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1d320205-c6a1-4ac6-873d-46224024e8e2 Azure File Sync should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "91a78b24-f231-4a8a-8da9-02c35b2b6510",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/91a78b24-f231-4a8a-8da9-02c35b2b6510 App Service apps should have resource logs enabled ,
  - definitionVersion: 2.*.*2.0.1,
  - parameters: {1 item
    - requiredRetentionDays: {1 item
      - value: "[parameters('requiredRetentionDays')]"
      }
    },
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6(4)",
    - "NIST_SP_800-53_R5_AU-6(5)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1ee56206-5dd1-42ab-b02d-8aae8b1634ce",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1ee56206-5dd1-42ab-b02d-8aae8b1634ce Azure API for FHIR should use private link ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "72d11df1-dd8a-41f7-8925-b05b960ebafc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/72d11df1-dd8a-41f7-8925-b05b960ebafc Azure Synapse workspaces should use private link ,
  - definitionVersion: 1.*.*1.0.1,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(1)",
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bf045164-79ba-4215-8f95-f8048dc1780b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bf045164-79ba-4215-8f95-f8048dc1780b Geo-redundant storage should be enabled for Storage Accounts ,
  - definitionVersion: 1.*.*1.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CP-6",
    - "NIST_SP_800-53_R5_CP-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d38fc420-0735-4ef3-ac11-c806f651a570",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d38fc420-0735-4ef3-ac11-c806f651a570 Long-term geo-redundant backup should be enabled for Azure SQL Databases ,
  - definitionVersion: 2.*.*2.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CP-6",
    - "NIST_SP_800-53_R5_CP-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e2c1c086-2d84-4019-bff3-c44ccd95113c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e2c1c086-2d84-4019-bff3-c44ccd95113c Function apps should use latest 'HTTP Version' ,
  - definitionVersion: 4.*.*4.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-2(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8c122334-9d20-4eb8-89ea-ac9a705b74ae",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8c122334-9d20-4eb8-89ea-ac9a705b74ae App Service apps should use latest 'HTTP Version' ,
  - definitionVersion: 4.*.*4.0.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-2(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "59f7feff-02aa-6539-2cf7-bea75b762140",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/59f7feff-02aa-6539-2cf7-bea75b762140 Develop access control policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b1666a13-8f67-9c47-155e-69e027ff6823",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b1666a13-8f67-9c47-155e-69e027ff6823 Enforce mandatory and discretionary access control policies ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-1",
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_AC-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1a2a03a4-9992-5788-5953-d8f6615306de",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1a2a03a4-9992-5788-5953-d8f6615306de Govern policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-1",
    - "NIST_SP_800-53_R5_AU-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "03d550b4-34ee-03f4-515f-f2e2faf7a413",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/03d550b4-34ee-03f4-515f-f2e2faf7a413 Review access control policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "623b5f0a-8cbd-03a6-4892-201d27302f0c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/623b5f0a-8cbd-03a6-4892-201d27302f0c Define information system account types ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4c6df5ff-4ef2-4f17-a516-0da9189c603b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4c6df5ff-4ef2-4f17-a516-0da9189c603b Assign account managers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a08b18c7-9e0a-89f1-3696-d80902196719",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a08b18c7-9e0a-89f1-3696-d80902196719 Document access privileges ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "97cfd944-6f0c-7db2-3796-8e890ef70819",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/97cfd944-6f0c-7db2-3796-8e890ef70819 Establish conditions for role membership ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "873895e8-0e3a-6492-42e9-22cd030e9fcd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/873895e8-0e3a-6492-42e9-22cd030e9fcd Restrict access to privileged accounts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-6(5)",
    - "NIST_SP_800-53_R5_AC-6(9)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "de770ba6-50dd-a316-2932-e0d972eaa734",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/de770ba6-50dd-a316-2932-e0d972eaa734 Require approval for account creation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7b28ba4f-0a87-46ac-62e1-46b7c09202a8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7b28ba4f-0a87-46ac-62e1-46b7c09202a8 Monitor account activity ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-2(12)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4b8fd5da-609b-33bf-9724-1c946285a14c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4b8fd5da-609b-33bf-9724-1c946285a14c Notify Account Managers of customer controlled accounts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "49c23d9b-02b0-0e42-4f94-e8cef1b8381b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/49c23d9b-02b0-0e42-4f94-e8cef1b8381b Audit user account status ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-2(4)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a830fe9e-08c9-a4fb-420c-6f6bf1702395",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a830fe9e-08c9-a4fb-420c-6f6bf1702395 Review account provisioning logs ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "79f081c7-1634-01a1-708e-376197999289",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/79f081c7-1634-01a1-708e-376197999289 Review user accounts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f7eb1d0b-6d4f-2d59-1591-7563e11a9313",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f7eb1d0b-6d4f-2d59-1591-7563e11a9313 Define and enforce conditions for shared and group accounts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_AC-2(9)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2f204e72-1896-3bf8-75c9-9128b8683a36",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2f204e72-1896-3bf8-75c9-9128b8683a36 Reissue authenticators for changed groups and accounts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2",
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2cc9c165-46bd-9762-5739-d2aae5ba90a1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2cc9c165-46bd-9762-5739-d2aae5ba90a1 Automate account management ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2(1)",
    - "NIST_SP_800-53_R5_AC-2(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "34d38ea7-6754-1838-7031-d7fd07099821",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/34d38ea7-6754-1838-7031-d7fd07099821 Manage system and admin accounts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2(1)",
    - "NIST_SP_800-53_R5_AC-2(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "48c816c5-2190-61fc-8806-25d6f3df162f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/48c816c5-2190-61fc-8806-25d6f3df162f Monitor access across the organization ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-2(1)",
    - "NIST_SP_800-53_R5_AC-2(4)",
    - "NIST_SP_800-53_R5_AC-17(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8489ff90-8d29-61df-2d84-f9ab0f4c5e84",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8489ff90-8d29-61df-2d84-f9ab0f4c5e84 Notify when account is not needed ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2(1)",
    - "NIST_SP_800-53_R5_AC-2(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d9d48ffb-0d8c-0bd5-5f31-5a5826d19f10",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d9d48ffb-0d8c-0bd5-5f31-5a5826d19f10 Disable authenticators upon termination ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2(3)",
    - "NIST_SP_800-53_R5_PS-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "32f22cfa-770b-057c-965b-450898425519",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/32f22cfa-770b-057c-965b-450898425519 Revoke privileged roles as appropriate ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-2(3)",
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-6(9)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2af4640d-11a6-a64b-5ceb-a468f4341c0c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2af4640d-11a6-a64b-5ceb-a468f4341c0c Define and enforce inactivity log policy ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f26af0b1-65b6-689a-a03f-352ad2d00f98",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f26af0b1-65b6-689a-a03f-352ad2d00f98 Audit privileged functions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-6(9)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ed87d27a-9abf-7c71-714c-61d881889da4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ed87d27a-9abf-7c71-714c-61d881889da4 Monitor privileged role assignment ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-6(9)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e714b481-8fac-64a2-14a9-6f079b2501a4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e714b481-8fac-64a2-14a9-6f079b2501a4 Use privileged identity management ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-2(7)",
    - "NIST_SP_800-53_R5_AC-6(9)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fd81a1b3-2d7a-107c-507e-29b87d040c19",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fd81a1b3-2d7a-107c-507e-29b87d040c19 Enforce appropriate usage of all accounts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2(11)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e4054c0e-1184-09e6-4c5e-701e0bc90f81",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e4054c0e-1184-09e6-4c5e-701e0bc90f81 Report atypical behavior of user accounts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2(12)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "22c16ae4-19d0-29cb-422f-cb44061180ee",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/22c16ae4-19d0-29cb-422f-cb44061180ee Disable user accounts posing a significant risk ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-2(13)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "aeed863a-0f56-429f-945d-8bb66bd06841",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/aeed863a-0f56-429f-945d-8bb66bd06841 Authorize access to security functions and information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_AC-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "50e9324a-7410-0539-0662-2c1e775538b7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/50e9324a-7410-0539-0662-2c1e775538b7 Authorize and manage access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-3",
    - "NIST_SP_800-53_R5_AC-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "10c4210b-3ec9-9603-050d-77e4d26c7ebb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/10c4210b-3ec9-9603-050d-77e4d26c7ebb Enforce logical access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "eb1c944e-0e94-647b-9b7e-fdb8d2af0838",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eb1c944e-0e94-647b-9b7e-fdb8d2af0838 Review user groups and applications with access to sensitive data ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "59bedbdc-0ba9-39b9-66bb-1d1c192384e6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/59bedbdc-0ba9-39b9-66bb-1d1c192384e6 Control information flow ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-4",
    - "NIST_SP_800-53_R5_AC-4(21)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "79365f13-8ba4-1f6c-2ac4-aa39929f56d0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/79365f13-8ba4-1f6c-2ac4-aa39929f56d0 Employ flow control mechanisms of encrypted information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "13ef3484-3a51-785a-9c96-500f21f84edd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/13ef3484-3a51-785a-9c96-500f21f84edd Information flow control using security policy filters ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-4(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "398fdbd8-56fd-274d-35c6-fa2d3b2755a1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/398fdbd8-56fd-274d-35c6-fa2d3b2755a1 Establish firewall and router configuration standards ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-4(21)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f476f3b0-4152-526e-a209-44e5f8c968d7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f476f3b0-4152-526e-a209-44e5f8c968d7 Establish network segmentation for card holder data environment ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-4(21)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c7fddb0e-3f44-8635-2b35-dc6b8e740b7c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c7fddb0e-3f44-8635-2b35-dc6b8e740b7c Identify and manage downstream information exchanges ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-4(21)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "60ee1260-97f0-61bb-8155-5d8b75743655",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/60ee1260-97f0-61bb-8155-5d8b75743655 Separate duties of individuals ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e6f7b584-877a-0d69-77d4-ab8b923a9650",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e6f7b584-877a-0d69-77d4-ab8b923a9650 Document separation of duties ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "341bc9f1-7489-07d9-4ec6-971573e1546a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/341bc9f1-7489-07d9-4ec6-971573e1546a Define access authorizations to support separation of duties ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "03b6427e-6072-4226-4bd9-a410ab65317e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/03b6427e-6072-4226-4bd9-a410ab65317e Design an access control model ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1bc7fd64-291f-028e-4ed6-6e07886e163f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1bc7fd64-291f-028e-4ed6-6e07886e163f Employ least privilege access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f96d2186-79df-262d-3f76-f371e3b71798",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f96d2186-79df-262d-3f76-f371e3b71798 Review user privileges ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-6(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7805a343-275c-41be-9d62-7215b96212d8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7805a343-275c-41be-9d62-7215b96212d8 Reassign or remove user privileges as needed ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-6(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "68d2e478-3b19-23eb-1357-31b296547457",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/68d2e478-3b19-23eb-1357-31b296547457 Enforce software execution privileges ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-6(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8eea8c14-4d93-63a3-0c82-000343ee5204",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8eea8c14-4d93-63a3-0c82-000343ee5204 Conduct a full text analysis of logged privileged commands ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-6(9)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b4409bff-2287-8407-05fd-c73175a68302",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b4409bff-2287-8407-05fd-c73175a68302 Enforce a limit of consecutive failed login attempts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d8350d4c-9314-400b-288f-20ddfce04fbd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d8350d4c-9314-400b-288f-20ddfce04fbd Define and enforce the limit of concurrent sessions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4502e506-5f35-0df4-684f-b326e3cc7093",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4502e506-5f35-0df4-684f-b326e3cc7093 Terminate user session automatically ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "db580551-0b3c-4ea1-8a4c-4cdb5feb340f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/db580551-0b3c-4ea1-8a4c-4cdb5feb340f Provide the logout capability ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0471c6b7-1588-701c-2713-1fade73b75f6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0471c6b7-1588-701c-2713-1fade73b75f6 Display an explicit logout message ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "92a7591f-73b3-1173-a09c-a08882d84c70",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/92a7591f-73b3-1173-a09c-a08882d84c70 Identify actions allowed without authentication ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-14"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "dad8a2e9-6f27-4fc2-8933-7e99fe700c9c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/dad8a2e9-6f27-4fc2-8933-7e99fe700c9c Authorize remote access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(4)",
    - "NIST_SP_800-53_R5_SC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "83dfb2b8-678b-20a0-4c44-5c75ada023e6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/83dfb2b8-678b-20a0-4c44-5c75ada023e6 Document mobility training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-17"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3d492600-27ba-62cc-a1c3-66eb919f6a0d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3d492600-27ba-62cc-a1c3-66eb919f6a0d Document remote access guidelines ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "cd36eeec-67e7-205a-4b64-dbfe3b4e3e4e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cd36eeec-67e7-205a-4b64-dbfe3b4e3e4e Implement controls to secure alternate work sites ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(4)",
    - "NIST_SP_800-53_R5_PE-17"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "518eafdd-08e5-37a9-795b-15a8d798056d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/518eafdd-08e5-37a9-795b-15a8d798056d Provide privacy training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-17",
    - "NIST_SP_800-53_R5_AC-17(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fe2dff43-0a8c-95df-0432-cb1c794b17d0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fe2dff43-0a8c-95df-0432-cb1c794b17d0 Notify users of system logon or access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-17(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b11697e8-9515-16f1-7a35-477d5c8a1344",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b11697e8-9515-16f1-7a35-477d5c8a1344 Protect data in transit using encryption ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AC-17(2)",
    - "NIST_SP_800-53_R5_AC-19(5)",
    - "NIST_SP_800-53_R5_SC-8",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bab9ef1d-a16d-421a-822d-3fa94e808156",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bab9ef1d-a16d-421a-822d-3fa94e808156 Route traffic through managed network access points ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-17(3)",
    - "NIST_SP_800-53_R5_SI-4(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "01c387ea-383d-4ca9-295a-977fab516b03",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/01c387ea-383d-4ca9-295a-977fab516b03 Authorize remote access to privileged commands ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-17(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4edaca8c-0912-1ac5-9eaa-6a1057740fae",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4edaca8c-0912-1ac5-9eaa-6a1057740fae Provide capability to disconnect or disable remote access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-17(9)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "04b3e7f6-4841-888d-4799-cda19a0084f6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/04b3e7f6-4841-888d-4799-cda19a0084f6 Document and implement wireless access guidelines ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-18",
    - "NIST_SP_800-53_R5_AC-18(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d42a8f69-a193-6cbc-48b9-04a9e29961f1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d42a8f69-a193-6cbc-48b9-04a9e29961f1 Protect wireless access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-18",
    - "NIST_SP_800-53_R5_AC-18(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ae5345d5-8dab-086a-7290-db43a3272198",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ae5345d5-8dab-086a-7290-db43a3272198 Identify and authenticate network devices ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-18(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9ca3a3ea-3a1f-8ba0-31a8-6aed0fe1a7a4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9ca3a3ea-3a1f-8ba0-31a8-6aed0fe1a7a4 Define mobile device requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-19",
    - "NIST_SP_800-53_R5_AC-19(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3c93dba1-84fd-57de-33c7-ef0400a08134",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3c93dba1-84fd-57de-33c7-ef0400a08134 Establish terms and conditions for accessing resources ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-20"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5715bf33-a5bd-1084-4e19-bc3c83ec1c35",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5715bf33-a5bd-1084-4e19-bc3c83ec1c35 Establish terms and conditions for processing resources ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-20"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "dc7ec756-221c-33c8-0afe-c48e10e42321",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/dc7ec756-221c-33c8-0afe-c48e10e42321 Verify security controls for external information systems ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-20(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3d399cf3-8fc6-0efc-6ab0-1412f1198517",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3d399cf3-8fc6-0efc-6ab0-1412f1198517 Block untrusted and unsigned processes that run from USB ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AC-20(2)",
    - "NIST_SP_800-53_R5_MP-7",
    - "NIST_SP_800-53_R5_SI-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "36b74844-4a99-4c80-1800-b18a516d1585",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/36b74844-4a99-4c80-1800-b18a516d1585 Control use of portable storage devices ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AC-20(2)",
    - "NIST_SP_800-53_R5_MP-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e435f7e3-0dd9-58c9-451f-9b44b96c0232",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e435f7e3-0dd9-58c9-451f-9b44b96c0232 Implement controls to secure all media ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [14 items
    - "NIST_SP_800-53_R5_AC-20(2)",
    - "NIST_SP_800-53_R5_CP-9",
    - "NIST_SP_800-53_R5_MA-2",
    - "NIST_SP_800-53_R5_MA-3(3)",
    - "NIST_SP_800-53_R5_MA-5(1)",
    - "NIST_SP_800-53_R5_MP-2",
    - "NIST_SP_800-53_R5_MP-3",
    - "NIST_SP_800-53_R5_MP-4",
    - "NIST_SP_800-53_R5_MP-5",
    - "NIST_SP_800-53_R5_MP-6",
    - "NIST_SP_800-53_R5_MP-6(1)",
    - "NIST_SP_800-53_R5_MP-6(2)",
    - "NIST_SP_800-53_R5_MP-7",
    - "NIST_SP_800-53_R5_SC-28(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a44c9fba-43f8-4b7b-7ee6-db52c96b4366",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a44c9fba-43f8-4b7b-7ee6-db52c96b4366 Facilitate information sharing ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-21"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e54901fe-42c2-7f3b-3c5f-327aa5320a69",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e54901fe-42c2-7f3b-3c5f-327aa5320a69 Automate information sharing decisions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-21"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b4512986-80f5-1656-0c58-08866bd2673a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b4512986-80f5-1656-0c58-08866bd2673a Designate authorized personnel to post publicly accessible information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-22"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "97f0d974-1486-01e2-2088-b888f46c0589",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/97f0d974-1486-01e2-2088-b888f46c0589 Train personnel on disclosure of nonpublic information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-22"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9e3c505e-7aeb-2096-3417-b132242731fc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9e3c505e-7aeb-2096-3417-b132242731fc Review content prior to posting publicly accessible information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-22"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b5244f81-6cab-3188-2412-179162294996",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b5244f81-6cab-3188-2412-179162294996 Review publicly accessible content for nonpublic information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AC-22"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "524e7136-9f6a-75ba-9089-501018151346",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/524e7136-9f6a-75ba-9089-501018151346 Document security and privacy training activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AT-1",
    - "NIST_SP_800-53_R5_AT-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5226dee6-3420-711b-4709-8e675ebd828f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5226dee6-3420-711b-4709-8e675ebd828f Update information security policies ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AT-1",
    - "NIST_SP_800-53_R5_AU-1",
    - "NIST_SP_800-53_R5_PL-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1cb7bf71-841c-4741-438a-67c65fdd7194",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1cb7bf71-841c-4741-438a-67c65fdd7194 Provide security training for new users ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d136ae80-54dd-321c-98b4-17acf4af2169",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d136ae80-54dd-321c-98b4-17acf4af2169 Provide updated security awareness training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "516be556-1353-080d-2c2f-f46f000d5785",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/516be556-1353-080d-2c2f-f46f000d5785 Provide periodic security awareness training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9b8b05ec-3d21-215e-5d98-0f7cf0998202",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9b8b05ec-3d21-215e-5d98-0f7cf0998202 Provide security awareness training for insider threats ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2b05dca2-25ec-9335-495c-29155f785082",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2b05dca2-25ec-9335-495c-29155f785082 Provide security training before providing access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4c385143-09fd-3a34-790c-a5fd9ec77ddc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4c385143-09fd-3a34-790c-a5fd9ec77ddc Provide role-based security training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9ac8621d-9acd-55bf-9f99-ee4212cc3d85",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9ac8621d-9acd-55bf-9f99-ee4212cc3d85 Provide periodic role-based security training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d041726f-00e0-41ca-368c-b1a122066482",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d041726f-00e0-41ca-368c-b1a122066482 Provide role-based practical exercises ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-3(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "82bd024a-5c99-05d6-96ff-01f539676a1a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/82bd024a-5c99-05d6-96ff-01f539676a1a Monitor security and privacy training completion ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3153d9c0-2584-14d3-362d-578b01358aeb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3153d9c0-2584-14d3-362d-578b01358aeb Retain training records ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AT-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a28323fe-276d-3787-32d2-cef6395764c4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a28323fe-276d-3787-32d2-cef6395764c4 Develop audit and accountability policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "af227964-5b8b-22a2-9364-06d2cb9d6d7c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/af227964-5b8b-22a2-9364-06d2cb9d6d7c Develop information security policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AU-1",
    - "NIST_SP_800-53_R5_PL-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2f67e567-03db-9d1f-67dc-b6ffb91312f4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2f67e567-03db-9d1f-67dc-b6ffb91312f4 Determine auditable events ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-2",
    - "NIST_SP_800-53_R5_AU-3",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a3e98638-51d4-4e28-910a-60e98c1a756f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a3e98638-51d4-4e28-910a-60e98c1a756f Configure Azure Audit capabilities ,
  - definitionVersion: 1.*.*1.1.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-3(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "333b4ada-4a02-0648-3d4d-d812974f1bb2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/333b4ada-4a02-0648-3d4d-d812974f1bb2 Govern and monitor audit processing activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AU-4",
    - "NIST_SP_800-53_R5_AU-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0f4fa857-079d-9d3d-5c49-21f616189e03",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0f4fa857-079d-9d3d-5c49-21f616189e03 Provide real-time alerts for audit event failures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-5(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "10874318-0bf7-a41f-8463-03e395482080",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/10874318-0bf7-a41f-8463-03e395482080 Correlate audit records ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_AU-6(3)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b3c8cc83-20d3-3890-8bc8-5568777670f4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b3c8cc83-20d3-3890-8bc8-5568777670f4 Establish requirements for audit review and reporting ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f741c4e6-41eb-15a4-25a2-61ac7ca232f0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f741c4e6-41eb-15a4-25a2-61ac7ca232f0 Integrate audit review, analysis, and reporting ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9fdde4a9-85fa-7850-6df4-ae9c4a2e56f9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9fdde4a9-85fa-7850-6df4-ae9c4a2e56f9 Integrate cloud app security with a siem ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_AU-6(3)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f27a298f-9443-014a-0d40-fef12adf0259",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f27a298f-9443-014a-0d40-fef12adf0259 Review administrator assignments weekly ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6625638f-3ba1-7404-5983-0ea33d719d34",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6625638f-3ba1-7404-5983-0ea33d719d34 Review audit data ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_AU-12",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8aec4343-9153-9641-172c-defb201f56b3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8aec4343-9153-9641-172c-defb201f56b3 Review cloud identity report overview ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f48b60c6-4b37-332f-7288-b6ea50d300eb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f48b60c6-4b37-332f-7288-b6ea50d300eb Review controlled folder access events ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ef718fe4-7ceb-9ddf-3198-0ee8f6fe9cba",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ef718fe4-7ceb-9ddf-3198-0ee8f6fe9cba Review file and folder activity ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "70fe686f-1f91-7dab-11bf-bca4201e183b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/70fe686f-1f91-7dab-11bf-bca4201e183b Review role group changes weekly ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_AU-6",
    - "NIST_SP_800-53_R5_AU-6(1)",
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "85335602-93f5-7730-830b-d43426fd51fa",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/85335602-93f5-7730-830b-d43426fd51fa Integrate Audit record analysis ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-6(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3eecf628-a1c8-1b48-1b5c-7ca781e97970",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3eecf628-a1c8-1b48-1b5c-7ca781e97970 Specify permitted actions associated with customer audit information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-6(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "44f8a42d-739f-8030-89a8-4c2d5b3f6af3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/44f8a42d-739f-8030-89a8-4c2d5b3f6af3 Provide audit review, analysis, and reporting capability ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "27ce30dd-3d56-8b54-6144-e26d9a37a541",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/27ce30dd-3d56-8b54-6144-e26d9a37a541 Ensure audit records are not altered ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "21633c09-804e-7fcd-78e3-635c6bfe2be7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/21633c09-804e-7fcd-78e3-635c6bfe2be7 Provide capability to process customer-controlled audit records ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-7(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1ee4c7eb-480a-0007-77ff-4ba370776266",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1ee4c7eb-480a-0007-77ff-4ba370776266 Use system clocks for audit records ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2c843d78-8f64-92b5-6a9b-e8186c0e7eb6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2c843d78-8f64-92b5-6a9b-e8186c0e7eb6 Enable dual or joint authorization ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0e696f5a-451f-5c15-5532-044136538491",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0e696f5a-451f-5c15-5532-044136538491 Protect audit information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AU-9",
    - "NIST_SP_800-53_R5_AU-9(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4f23967c-a74b-9a09-9dc2-f566f61a87b9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4f23967c-a74b-9a09-9dc2-f566f61a87b9 Establish backup policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AU-9(2)",
    - "NIST_SP_800-53_R5_CP-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c0559109-6a27-a217-6821-5a6d44f92897",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c0559109-6a27-a217-6821-5a6d44f92897 Maintain integrity of audit system ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-9(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6f3866e8-6e12-69cf-788c-809d426094a1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6f3866e8-6e12-69cf-788c-809d426094a1 Establish electronic signature and certificate requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1ecb79d7-1a06-9a3b-3be8-f434d04d1ec1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1ecb79d7-1a06-9a3b-3be8-f434d04d1ec1 Adhere to retention periods defined ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-11"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "efef28d0-3226-966a-a1e8-70e89c1b30bc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/efef28d0-3226-966a-a1e8-70e89c1b30bc Retain security policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-11"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7c7032fe-9ce6-9092-5890-87a1a3755db1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7c7032fe-9ce6-9092-5890-87a1a3755db1 Retain terminated user data ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_AU-11",
    - "NIST_SP_800-53_R5_PS-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "214ea241-010d-8926-44cc-b90a96d52adc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/214ea241-010d-8926-44cc-b90a96d52adc Compile Audit records into system wide audit ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d200f199-69f4-95a6-90b0-37ff0cf1040c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d200f199-69f4-95a6-90b0-37ff0cf1040c Provide the capability to extend or limit auditing on customer-deployed resources ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_AU-12(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a4493012-908c-5f48-a468-1e243be884ce",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a4493012-908c-5f48-a468-1e243be884ce Review security assessment and authorization policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1c258345-5cd4-30c8-9ef3-5ee4dd5231d6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1c258345-5cd4-30c8-9ef3-5ee4dd5231d6 Develop security assessment plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c423e64d-995c-9f67-0403-b540f65ba42a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c423e64d-995c-9f67-0403-b540f65ba42a Assess Security Controls ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "70a7a065-a060-85f8-7863-eb7850ed2af9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/70a7a065-a060-85f8-7863-eb7850ed2af9 Produce Security Assessment report ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8e49107c-3338-40d1-02aa-d524178a2afe",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8e49107c-3338-40d1-02aa-d524178a2afe Deliver security assessment results ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b65c5d8e-9043-9612-2c17-65f231d763bb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b65c5d8e-9043-9612-2c17-65f231d763bb Employ independent assessors to conduct security control assessments ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-2(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f78fc35e-1268-0bca-a798-afcba9d2330a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f78fc35e-1268-0bca-a798-afcba9d2330a Select additional testing for security control assessments ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3054c74b-9b45-2581-56cf-053a1a716c39",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3054c74b-9b45-2581-56cf-053a1a716c39 Accept assessment results ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-2(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "096a7055-30cb-2db4-3fda-41b20ac72667",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/096a7055-30cb-2db4-3fda-41b20ac72667 Require interconnection security agreements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d48a6f19-a284-6fc6-0623-3367a74d3f50",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d48a6f19-a284-6fc6-0623-3367a74d3f50 Update interconnection security agreements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "477bd136-7dd9-55f8-48ac-bae096b86a07",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/477bd136-7dd9-55f8-48ac-bae096b86a07 Develop POA&M ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "cc057769-01d9-95ad-a36f-1e62a7f9540b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cc057769-01d9-95ad-a36f-1e62a7f9540b Update POA&M items ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e29a8f1b-149b-2fa3-969d-ebee1baa9472",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e29a8f1b-149b-2fa3-969d-ebee1baa9472 Assign an authorizing official (AO) ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0716f0f5-4955-2ccb-8d5e-c6be14d57c0f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0716f0f5-4955-2ccb-8d5e-c6be14d57c0f Ensure resources are authorized ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "449ebb52-945b-36e5-3446-af6f33770f8f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/449ebb52-945b-36e5-3446-af6f33770f8f Update the security authorization ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2927e340-60e4-43ad-6b5f-7a1468232cc2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2927e340-60e4-43ad-6b5f-7a1468232cc2 Configure detection whitelist ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5fc24b95-53f7-0ed1-2330-701b539b97fe",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5fc24b95-53f7-0ed1-2330-701b539b97fe Turn on sensors for endpoint security solution ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CA-7",
    - "NIST_SP_800-53_R5_SI-4(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9b55929b-0101-47c0-a16e-d6ac5c7d21f8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9b55929b-0101-47c0-a16e-d6ac5c7d21f8 Undergo independent security review ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CA-7",
    - "NIST_SP_800-53_R5_SA-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3baee3fd-30f5-882c-018c-cc78703a0106",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3baee3fd-30f5-882c-018c-cc78703a0106 Employ independent assessors for continuous monitoring ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-7(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6a379d74-903b-244a-4c44-838728bea6b0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6a379d74-903b-244a-4c44-838728bea6b0 Analyse data obtained from continuous monitoring ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "611ebc63-8600-50b6-a0e3-fef272457132",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/611ebc63-8600-50b6-a0e3-fef272457132 Employ independent team for penetration testing ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ee4bbbbb-2e52-9adb-4e3a-e641f7ac68ab",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ee4bbbbb-2e52-9adb-4e3a-e641f7ac68ab Check for privacy and security compliance before establishing internal connections ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CA-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "eb8a8df9-521f-3ccd-7e2c-3d1fcc812340",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eb8a8df9-521f-3ccd-7e2c-3d1fcc812340 Review and update configuration management policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b53aa659-513e-032c-52e6-1ce0ba46582f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b53aa659-513e-032c-52e6-1ce0ba46582f Configure actions for noncompliant devices ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CM-2",
    - "NIST_SP_800-53_R5_CM-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2f20840e-7925-221c-725d-757442753e7c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2f20840e-7925-221c-725d-757442753e7c Develop and maintain baseline configurations ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CM-2",
    - "NIST_SP_800-53_R5_CM-2(2)",
    - "NIST_SP_800-53_R5_CM-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "058e9719-1ff9-3653-4230-23f76b6492e0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/058e9719-1ff9-3653-4230-23f76b6492e0 Enforce security configuration settings ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_CM-2",
    - "NIST_SP_800-53_R5_CM-2(2)",
    - "NIST_SP_800-53_R5_CM-6",
    - "NIST_SP_800-53_R5_CM-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7380631c-5bf5-0e3a-4509-0873becd8a63",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7380631c-5bf5-0e3a-4509-0873becd8a63 Establish a configuration control board ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CM-2",
    - "NIST_SP_800-53_R5_CM-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "526ed90e-890f-69e7-0386-ba5c0f1f784f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/526ed90e-890f-69e7-0386-ba5c0f1f784f Establish and document a configuration management plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CM-2",
    - "NIST_SP_800-53_R5_CM-2(2)",
    - "NIST_SP_800-53_R5_CM-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "33832848-42ab-63f3-1a55-c0ad309d44cd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/33832848-42ab-63f3-1a55-c0ad309d44cd Implement an automated configuration management tool ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CM-2",
    - "NIST_SP_800-53_R5_CM-2(2)",
    - "NIST_SP_800-53_R5_CM-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5e4e9685-3818-5934-0071-2620c4fa2ca5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5e4e9685-3818-5934-0071-2620c4fa2ca5 Retain previous versions of baseline configs ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-2(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "41172402-8d73-64c7-0921-909083c086b0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/41172402-8d73-64c7-0921-909083c086b0 Not allow for information systems to accompany with individuals ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-2(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1fdf0b24-4043-3c55-357e-036985d50b52",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1fdf0b24-4043-3c55-357e-036985d50b52 Ensure security safeguards not needed when the individuals return ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-2(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bd4dc286-2f30-5b95-777c-681f3a7913d3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bd4dc286-2f30-5b95-777c-681f3a7913d3 Establish and document change control processes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_CM-3",
    - "NIST_SP_800-53_R5_CM-3(2)",
    - "NIST_SP_800-53_R5_CM-4",
    - "NIST_SP_800-53_R5_CM-4(1)",
    - "NIST_SP_800-53_R5_CM-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8747b573-8294-86a0-8914-49e9b06a5ace",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8747b573-8294-86a0-8914-49e9b06a5ace Establish configuration management requirements for developers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_CM-3",
    - "NIST_SP_800-53_R5_CM-3(2)",
    - "NIST_SP_800-53_R5_CM-4",
    - "NIST_SP_800-53_R5_CM-4(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1282809c-9001-176b-4a81-260a085f4872",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1282809c-9001-176b-4a81-260a085f4872 Perform audit for configuration change control ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_CM-3",
    - "NIST_SP_800-53_R5_CM-3(2)",
    - "NIST_SP_800-53_R5_CM-4",
    - "NIST_SP_800-53_R5_CM-4(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "203101f5-99a3-1491-1b56-acccd9b66a9e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/203101f5-99a3-1491-1b56-acccd9b66a9e Conduct a security impact analysis ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CM-3",
    - "NIST_SP_800-53_R5_CM-4",
    - "NIST_SP_800-53_R5_CM-4(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "055da733-55c6-9e10-8194-c40731057ec4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/055da733-55c6-9e10-8194-c40731057ec4 Develop and maintain a vulnerability management standard ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CM-3",
    - "NIST_SP_800-53_R5_CM-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d36700f2-2f0d-7c2a-059c-bdadd1d79f70",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d36700f2-2f0d-7c2a-059c-bdadd1d79f70 Establish a risk management strategy ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CM-3",
    - "NIST_SP_800-53_R5_CM-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d18af1ac-0086-4762-6dc8-87cdded90e39",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d18af1ac-0086-4762-6dc8-87cdded90e39 Perform a privacy impact assessment ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CM-3",
    - "NIST_SP_800-53_R5_CM-4",
    - "NIST_SP_800-53_R5_CM-4(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8c5d3d8d-5cba-0def-257c-5ab9ea9644dc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8c5d3d8d-5cba-0def-257c-5ab9ea9644dc Perform a risk assessment ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CM-3",
    - "NIST_SP_800-53_R5_CM-4",
    - "NIST_SP_800-53_R5_RA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5c40f27b-6791-18c5-3f85-7b863bd99c11",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5c40f27b-6791-18c5-3f85-7b863bd99c11 Automate proposed documented changes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-3(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "575ed5e8-4c29-99d0-0e4d-689fb1d29827",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/575ed5e8-4c29-99d0-0e4d-689fb1d29827 Automate approval request for proposed changes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-3(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "92b49e92-570f-1765-804a-378e6c592e28",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/92b49e92-570f-1765-804a-378e6c592e28 Automate process to highlight unreviewed change proposals ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-3(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7d10debd-4775-85a7-1a41-7e128e0e8c50",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7d10debd-4775-85a7-1a41-7e128e0e8c50 Automate process to prohibit implementation of unapproved changes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-3(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "43ac3ccb-4ef6-7d63-9a3f-6848485ba4e8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/43ac3ccb-4ef6-7d63-9a3f-6848485ba4e8 Automate process to document implemented changes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-3(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c72fc0c8-2df8-7506-30be-6ba1971747e1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c72fc0c8-2df8-7506-30be-6ba1971747e1 Automate implementation of approved change notifications ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-3(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6abdf7c7-362b-3f35-099e-533ed50988f9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6abdf7c7-362b-3f35-099e-533ed50988f9 Assign information security representative to change control ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-3(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b8dad106-6444-5f55-307e-1e1cc9723e39",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8dad106-6444-5f55-307e-1e1cc9723e39 Ensure cryptographic mechanisms are under configuration management ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-3(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8cd815bf-97e1-5144-0735-11f6ddb50a59",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8cd815bf-97e1-5144-0735-11f6ddb50a59 Enforce and audit access restrictions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2af551d5-1775-326a-0589-590bfb7e9eb2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2af551d5-1775-326a-0589-590bfb7e9eb2 Limit privileges to make changes in production environment ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-5(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "585af6e9-90c0-4575-67a7-2f9548972e32",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/585af6e9-90c0-4575-67a7-2f9548972e32 Review and reevaluate privileges ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-5(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "be38a620-000b-21cf-3cb3-ea151b704c3b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/be38a620-000b-21cf-3cb3-ea151b704c3b Remediate information system flaws ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [9 items
    - "NIST_SP_800-53_R5_CM-6",
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_RA-5(2)",
    - "NIST_SP_800-53_R5_RA-5(3)",
    - "NIST_SP_800-53_R5_RA-5(6)",
    - "NIST_SP_800-53_R5_SA-10",
    - "NIST_SP_800-53_R5_SA-11",
    - "NIST_SP_800-53_R5_SI-2",
    - "NIST_SP_800-53_R5_SI-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5c33538e-02f8-0a7f-998b-a4c1e22076d3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5c33538e-02f8-0a7f-998b-a4c1e22076d3 Govern compliance of cloud service providers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0123edae-3567-a05a-9b05-b53ebe9d3e7e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0123edae-3567-a05a-9b05-b53ebe9d3e7e View and configure system diagnostic data ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CM-6(1)",
    - "NIST_SP_800-53_R5_SI-7(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "043c1e56-5a16-52f8-6af8-583098ff3e60",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/043c1e56-5a16-52f8-6af8-583098ff3e60 Create a data inventory ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_CM-8",
    - "NIST_SP_800-53_R5_CM-8(1)",
    - "NIST_SP_800-53_R5_CM-8(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "92ede480-154e-0e22-4dca-8b46a74a3a51",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/92ede480-154e-0e22-4dca-8b46a74a3a51 Maintain records of processing of personal data ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CM-8",
    - "NIST_SP_800-53_R5_CM-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "426c172c-9914-10d1-25dd-669641fc1af4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/426c172c-9914-10d1-25dd-669641fc1af4 Enable detection of network devices ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-8(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "af38215f-70c4-0cd6-40c2-c52d86690a45",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/af38215f-70c4-0cd6-40c2-c52d86690a45 Set automated notifications for new and trending cloud applications in your organization ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CM-8(3)",
    - "NIST_SP_800-53_R5_SI-4(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "27965e62-141f-8cca-426f-d09514ee5216",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/27965e62-141f-8cca-426f-d09514ee5216 Establish and maintain an asset inventory ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CM-8(4)",
    - "NIST_SP_800-53_R5_PE-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "836f8406-3b8a-11bb-12cb-6c7fa0765668",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/836f8406-3b8a-11bb-12cb-6c7fa0765668 Develop configuration item identification plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "04837a26-2601-1982-3da7-bf463e6408f4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/04837a26-2601-1982-3da7-bf463e6408f4 Develop configuration management plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "874a6f2e-2098-53bc-3a16-20dcdc425a7e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/874a6f2e-2098-53bc-3a16-20dcdc425a7e Create configuration plan protection ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "725164e5-3b21-1ec2-7e42-14f077862841",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/725164e5-3b21-1ec2-7e42-14f077862841 Require compliance with intellectual property rights ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "77cc89bb-774f-48d7-8a84-fb8c322c3000",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/77cc89bb-774f-48d7-8a84-fb8c322c3000 Track software license usage ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "08c11b48-8745-034d-1c1b-a144feec73b9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/08c11b48-8745-034d-1c1b-a144feec73b9 Restrict use of open source software ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CM-10(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e9c60c37-65b0-2d72-6c3c-af66036203ae",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e9c60c37-65b0-2d72-6c3c-af66036203ae Review and update contingency planning policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "aa305b4d-8c84-1754-0c74-dec004e66be0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/aa305b4d-8c84-1754-0c74-dec004e66be0 Develop contingency plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "75b42dcf-7840-1271-260b-852273d7906e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/75b42dcf-7840-1271-260b-852273d7906e Develop contingency planning policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "eff6e4a5-3efe-94dd-2ed1-25d56a019a82",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eff6e4a5-3efe-94dd-2ed1-25d56a019a82 Distribute policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c5784049-959f-6067-420c-f4cefae93076",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c5784049-959f-6067-420c-f4cefae93076 Coordinate contingency plans with related plans ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_CP-2",
    - "NIST_SP_800-53_R5_CP-2(1)",
    - "NIST_SP_800-53_R5_CP-4(1)",
    - "NIST_SP_800-53_R5_IR-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "53fc1282-0ee3-2764-1319-e20143bb0ea5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/53fc1282-0ee3-2764-1319-e20143bb0ea5 Review contingency plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "14a4fd0a-9100-1e12-1362-792014a28155",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/14a4fd0a-9100-1e12-1362-792014a28155 Update contingency plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a1334a65-2622-28ee-5067-9d7f5b915cc5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a1334a65-2622-28ee-5067-9d7f5b915cc5 Communicate contingency plan changes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bd6cbcba-4a2d-507c-53e3-296b5c238a8e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bd6cbcba-4a2d-507c-53e3-296b5c238a8e Develop and document a business continuity and disaster recovery plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "33602e78-35e3-4f06-17fb-13dd887448e4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/33602e78-35e3-4f06-17fb-13dd887448e4 Conduct capacity planning ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7ded6497-815d-6506-242b-e043e0273928",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7ded6497-815d-6506-242b-e043e0273928 Plan for resumption of essential business functions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d9edcea6-6cb8-0266-a48c-2061fbac4310",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d9edcea6-6cb8-0266-a48c-2061fbac4310 Plan for continuance of essential business functions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "cb8841d4-9d13-7292-1d06-ba4d68384681",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cb8841d4-9d13-7292-1d06-ba4d68384681 Perform a business impact assessment and application criticality assessment ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-2(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "de936662-13dc-204c-75ec-1af80f994088",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/de936662-13dc-204c-75ec-1af80f994088 Provide contingency training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9c954fcf-6dd8-81f1-41b5-832ae5c62caf",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9c954fcf-6dd8-81f1-41b5-832ae5c62caf Incorporate simulated contingency training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-3(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "58a51cde-008b-1a5d-61b5-d95849770677",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/58a51cde-008b-1a5d-61b5-d95849770677 Test the business continuity and disaster recovery plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5d3abfea-a130-1208-29c0-e57de80aa6b0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5d3abfea-a130-1208-29c0-e57de80aa6b0 Review the results of contingency plan testing ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8bfdbaa6-6824-3fec-9b06-7961bf7389a6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8bfdbaa6-6824-3fec-9b06-7961bf7389a6 Initiate contingency plan testing corrective actions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ba99d512-3baa-1c38-8b0b-ae16bbd34274",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ba99d512-3baa-1c38-8b0b-ae16bbd34274 Test contingency plan at an alternate processing location ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-4(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "60442979-6333-85f0-84c5-b887bac67448",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/60442979-6333-85f0-84c5-b887bac67448 Evaluate alternate processing site capabilities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-4(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0a412110-3874-9f22-187a-c7a81c8a6704",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0a412110-3874-9f22-187a-c7a81c8a6704 Establish alternate storage site to store and retrieve backup information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "178c8b7e-1b6e-4289-44dd-2f1526b678a1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/178c8b7e-1b6e-4289-44dd-2f1526b678a1 Ensure alternate storage site safeguards are equivalent to primary site ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "81b6267b-97a7-9aa5-51ee-d2584a160424",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/81b6267b-97a7-9aa5-51ee-d2584a160424 Create separate alternate and primary storage sites ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "245fe58b-96f8-9f1e-48c5-7f49903f66fd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/245fe58b-96f8-9f1e-48c5-7f49903f66fd Establish alternate storage site that facilitates recovery operations ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-6(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "13939f8c-4cd5-a6db-9af4-9dfec35e3722",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/13939f8c-4cd5-a6db-9af4-9dfec35e3722 Identify and mitigate potential issues at alternate storage site ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-6(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "af5ff768-a34b-720e-1224-e6b3214f3ba6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/af5ff768-a34b-720e-1224-e6b3214f3ba6 Establish an alternate processing site ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_CP-7",
    - "NIST_SP_800-53_R5_CP-7(1)",
    - "NIST_SP_800-53_R5_CP-7(2)",
    - "NIST_SP_800-53_R5_CP-7(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5f2e834d-7e40-a4d5-a216-e49b16955ccf",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5f2e834d-7e40-a4d5-a216-e49b16955ccf Establish requirements for internet service providers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_CP-7(3)",
    - "NIST_SP_800-53_R5_CP-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0f31d98d-5ce2-705b-4aa5-b4f6705110dd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0f31d98d-5ce2-705b-4aa5-b4f6705110dd Prepare alternate processing site for use as operational site ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-7(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b269a749-705e-8bff-055a-147744675cdf",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b269a749-705e-8bff-055a-147744675cdf Conduct backup of information system documentation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fc26e2fd-3149-74b4-5988-d64bb90f8ef7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fc26e2fd-3149-74b4-5988-d64bb90f8ef7 Separately store backup information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-9(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7bdb79ea-16b8-453e-4ca4-ad5b16012414",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7bdb79ea-16b8-453e-4ca4-ad5b16012414 Transfer backup information to an alternate storage site ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-9(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f33c3238-11d2-508c-877c-4262ec1132e1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f33c3238-11d2-508c-877c-4262ec1132e1 Recover and reconstitute resources after any disruption ,
  - definitionVersion: 1.*.*1.1.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ba02d0a0-566a-25dc-73f1-101c726a19c5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ba02d0a0-566a-25dc-73f1-101c726a19c5 Implement transaction based recovery ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-10(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f801d58e-5659-9a4a-6e8d-02c9334732e5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f801d58e-5659-9a4a-6e8d-02c9334732e5 Restore resources to operational state ,
  - definitionVersion: 1.*.*1.1.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_CP-10(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "29acfac0-4bb4-121b-8283-8943198b1549",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/29acfac0-4bb4-121b-8283-8943198b1549 Review and update identification and authentication policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e336d5f4-4d8f-0059-759c-ae10f63d1747",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e336d5f4-4d8f-0059-759c-ae10f63d1747 Enforce user uniqueness ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1d39b5d9-0392-8954-8359-575ce1957d1a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1d39b5d9-0392-8954-8359-575ce1957d1a Support personal verification credentials issued by legal authorities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-2",
    - "NIST_SP_800-53_R5_IA-2(12)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7d7a8356-5c34-9a95-3118-1424cfaf192a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7d7a8356-5c34-9a95-3118-1424cfaf192a Adopt biometric authentication mechanisms ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-2(1)",
    - "NIST_SP_800-53_R5_IA-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "08ad71d0-52be-6503-4908-e015460a16ae",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/08ad71d0-52be-6503-4908-e015460a16ae Require use of individual authenticators ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-2(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f29b17a4-0df2-8a50-058a-8570f9979d28",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f29b17a4-0df2-8a50-058a-8570f9979d28 Assign system identifiers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4781e5fd-76b8-7d34-6df3-a0a7fca47665",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4781e5fd-76b8-7d34-6df3-a0a7fca47665 Prevent identifier reuse for the defined time period ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ca748dfe-3e28-1d18-4221-89aea30aa0a5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ca748dfe-3e28-1d18-4221-89aea30aa0a5 Identify status of individual users ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-4(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "72889284-15d2-90b2-4b39-a1e9541e1152",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/72889284-15d2-90b2-4b39-a1e9541e1152 Verify identity before distributing authenticators ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "921ae4c1-507f-5ddb-8a58-cfa9b5fd96f0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/921ae4c1-507f-5ddb-8a58-cfa9b5fd96f0 Establish authenticator types and processes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "35963d41-4263-0ef9-98d5-70eb058f9e3c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/35963d41-4263-0ef9-98d5-70eb058f9e3c Establish procedures for initial authenticator distribution ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-5",
    - "NIST_SP_800-53_R5_IA-5(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4aacaec9-0628-272c-3e83-0d68446694e0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4aacaec9-0628-272c-3e83-0d68446694e0 Manage Authenticators ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "29363ae1-68cd-01ca-799d-92c9197c8404",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/29363ae1-68cd-01ca-799d-92c9197c8404 Manage authenticator lifetime and reuse ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3ae68d9a-5696-8c32-62d3-c6f9c52e437c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3ae68d9a-5696-8c32-62d3-c6f9c52e437c Refresh authenticators ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e4b00788-7e1c-33ec-0418-d048508e095b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e4b00788-7e1c-33ec-0418-d048508e095b Implement training for protecting authenticators ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ebb0ba89-6d8c-84a7-252b-7393881e43de",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ebb0ba89-6d8c-84a7-252b-7393881e43de Document security strength requirements in acquisition contracts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-5(1)",
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d8bbd80e-3bb1-5983-06c2-428526ec6a63",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d8bbd80e-3bb1-5983-06c2-428526ec6a63 Establish a password policy ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3b30aa25-0f19-6c04-5ca4-bd3f880a763d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3b30aa25-0f19-6c04-5ca4-bd3f880a763d Implement parameters for memorized secret verifiers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b2d3e5a2-97ab-5497-565a-71172a729d93",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b2d3e5a2-97ab-5497-565a-71172a729d93 Protect passwords with encryption ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-5(1)",
    - "NIST_SP_800-53_R5_SC-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8d140e8b-76c7-77de-1d46-ed1b2e112444",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8d140e8b-76c7-77de-1d46-ed1b2e112444 Restrict access to private keys ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IA-5(2)",
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6f311b49-9b0d-8c67-3d6e-db80ae528173",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6f311b49-9b0d-8c67-3d6e-db80ae528173 Bind authenticators and identities dynamically ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0065241c-72e9-3b2c-556f-75de66332a94",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0065241c-72e9-3b2c-556f-75de66332a94 Establish parameters for searching secret authenticators and verifiers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4012c2b7-4e0e-a7ab-1688-4aab43f14420",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4012c2b7-4e0e-a7ab-1688-4aab43f14420 Map authenticated identities to individuals ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "37dbe3dc-0e9c-24fa-36f2-11197cbfa207",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/37dbe3dc-0e9c-24fa-36f2-11197cbfa207 Ensure authorized users protect provided authenticators ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "eda0cbb7-6043-05bf-645b-67411f1a59b3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eda0cbb7-6043-05bf-645b-67411f1a59b3 Ensure there are no unencrypted static authenticators ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c7e8ddc1-14aa-1814-7fe1-aad1742b27da",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c7e8ddc1-14aa-1814-7fe1-aad1742b27da Enforce expiration of cached authenticators ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-5(13)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1ff03f2a-974b-3272-34f2-f6cd51420b30",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1ff03f2a-974b-3272-34f2-f6cd51420b30 Obscure feedback information during authentication process ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6f1de470-79f3-1572-866e-db0771352fc8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6f1de470-79f3-1572-866e-db0771352fc8 Authenticate to cryptographic module ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e1379836-3492-6395-451d-2f5062e14136",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e1379836-3492-6395-451d-2f5062e14136 Identify and authenticate non-organizational users ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "55be3260-a7a2-3c06-7fe6-072d07525ab7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/55be3260-a7a2-3c06-7fe6-072d07525ab7 Accept PIV credentials ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-8(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2d2ca910-7957-23ee-2945-33f401606efc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2d2ca910-7957-23ee-2945-33f401606efc Accept only FICAM-approved third-party credentials ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-8(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a8df9c78-4044-98be-2c05-31a315ac8957",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a8df9c78-4044-98be-2c05-31a315ac8957 Conform to FICAM-issued profiles ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IA-8(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b28c8687-4bbd-8614-0b96-cdffa1ac6d9c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b28c8687-4bbd-8614-0b96-cdffa1ac6d9c Review and update incident response policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2d4d0e90-32d9-4deb-2166-a00d51ed57c0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2d4d0e90-32d9-4deb-2166-a00d51ed57c0 Provide information spillage training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IR-2",
    - "NIST_SP_800-53_R5_IR-9(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1fdeb7c4-4c93-8271-a135-17ebe85f1cc7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1fdeb7c4-4c93-8271-a135-17ebe85f1cc7 Incorporate simulated events into incident response training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-2(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c8aa992d-76b7-7ca0-07b3-31a58d773fa9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c8aa992d-76b7-7ca0-07b3-31a58d773fa9 Employ automated training environment ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3545c827-26ee-282d-4629-23952a12008b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3545c827-26ee-282d-4629-23952a12008b Conduct incident response testing ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IR-3",
    - "NIST_SP_800-53_R5_IR-3(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "84245967-7882-54f6-2d34-85059f725b47",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/84245967-7882-54f6-2d34-85059f725b47 Establish an information security program ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IR-3",
    - "NIST_SP_800-53_R5_IR-3(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a8f9c283-9a66-3eb3-9e10-bdba95b85884",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a8f9c283-9a66-3eb3-9e10-bdba95b85884 Run simulation attacks ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_IR-3",
    - "NIST_SP_800-53_R5_IR-3(2)",
    - "NIST_SP_800-53_R5_PE-13(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2b4e134f-1e4c-2bff-573e-082d85479b6e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2b4e134f-1e4c-2bff-573e-082d85479b6e Develop an incident response plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-4(1)",
    - "NIST_SP_800-53_R5_IR-7(1)",
    - "NIST_SP_800-53_R5_IR-8",
    - "NIST_SP_800-53_R5_IR-9",
    - "NIST_SP_800-53_R5_SI-4(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "423f6d9c-0c73-9cc6-64f4-b52242490368",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/423f6d9c-0c73-9cc6-64f4-b52242490368 Develop security safeguards ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-9(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8c255136-994b-9616-79f5-ae87810e0dcf",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8c255136-994b-9616-79f5-ae87810e0dcf Enable network protection ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-4(1)",
    - "NIST_SP_800-53_R5_IR-7(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "54a9c072-4a93-2a03-6a43-a060d30383d7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/54a9c072-4a93-2a03-6a43-a060d30383d7 Eradicate contaminated information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-7(1)",
    - "NIST_SP_800-53_R5_IR-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ba78efc6-795c-64f4-7a02-91effbd34af9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ba78efc6-795c-64f4-7a02-91effbd34af9 Execute actions in response to information spills ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-7(1)",
    - "NIST_SP_800-53_R5_IR-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "433de59e-7a53-a766-02c2-f80f8421469a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/433de59e-7a53-a766-02c2-f80f8421469a Implement incident handling ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-4(1)",
    - "NIST_SP_800-53_R5_IR-4(4)",
    - "NIST_SP_800-53_R5_IR-7(1)",
    - "NIST_SP_800-53_R5_IR-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "50e81644-923d-33fc-6ebb-9733bc8d1a06",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/50e81644-923d-33fc-6ebb-9733bc8d1a06 Perform a trend analysis on threats ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-7(1)",
    - "NIST_SP_800-53_R5_RA-5(6)",
    - "NIST_SP_800-53_R5_SI-3",
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "98145a9b-428a-7e81-9d14-ebb154a24f93",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/98145a9b-428a-7e81-9d14-ebb154a24f93 View and investigate restricted users ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-7(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "37b0045b-3887-367b-8b4d-b9a6fa911bb9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/37b0045b-3887-367b-8b4d-b9a6fa911bb9 Assess information security events ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "37546841-8ea1-5be0-214d-8ac599588332",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/37546841-8ea1-5be0-214d-8ac599588332 Maintain incident response plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IR-4",
    - "NIST_SP_800-53_R5_IR-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1e0d5ba8-a433-01aa-829c-86b06c9631ec",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1e0d5ba8-a433-01aa-829c-86b06c9631ec Include dynamic reconfig of customer deployed resources ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-4(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "23d1a569-2d1e-7f43-9e22-1f94115b7dd5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/23d1a569-2d1e-7f43-9e22-1f94115b7dd5 Identify classes of Incidents and Actions taken ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-4(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "98e33927-8d7f-6d5f-44f5-2469b40b7215",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/98e33927-8d7f-6d5f-44f5-2469b40b7215 Implement Incident handling capability ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-4(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d4e6a629-28eb-79a9-000b-88030e4823ca",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d4e6a629-28eb-79a9-000b-88030e4823ca Coordinate with external organizations to achieve cross org perspective ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-4(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2c6bee3a-2180-2430-440d-db3c7a849870",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2c6bee3a-2180-2430-440d-db3c7a849870 Document security operations ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_IR-6(1)",
    - "NIST_SP_800-53_R5_IR-7",
    - "NIST_SP_800-53_R5_SI-4(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b470a37a-7a47-3792-34dd-7a793140702e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b470a37a-7a47-3792-34dd-7a793140702e Establish relationship between incident response capability and external providers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-7(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "037c0089-6606-2dab-49ad-437005b5035f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/037c0089-6606-2dab-49ad-437005b5035f Identify incident response personnel ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-7(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0fd1ca29-677b-2f12-1879-639716459160",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0fd1ca29-677b-2f12-1879-639716459160 Maintain data breach records ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2401b496-7f23-79b2-9f80-89bb5abf3d4a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2401b496-7f23-79b2-9f80-89bb5abf3d4a Protect incident response plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "69d90ee6-9f9f-262a-2038-d909fb4e5723",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/69d90ee6-9f9f-262a-2038-d909fb4e5723 Identify spilled information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9622aaa9-5c49-40e2-5bf8-660b7cd23deb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9622aaa9-5c49-40e2-5bf8-660b7cd23deb Alert personnel of information spillage ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_IR-9",
    - "NIST_SP_800-53_R5_SI-4(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "22457e81-3ec6-5271-a786-c3ca284601dd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/22457e81-3ec6-5271-a786-c3ca284601dd Isolate information spills ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "279052a0-8238-694d-9661-bf649f951747",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/279052a0-8238-694d-9661-bf649f951747 Identify contaminated systems and components ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bb048641-6017-7272-7772-a008f285a520",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bb048641-6017-7272-7772-a008f285a520 Develop spillage response procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_IR-9(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "2067b904-9552-3259-0cdd-84468e284b7c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/2067b904-9552-3259-0cdd-84468e284b7c Review and update system maintenance policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b6ad009f-5c24-1dc0-a25e-74b60e4da45f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b6ad009f-5c24-1dc0-a25e-74b60e4da45f Control maintenance and repair activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_MA-2",
    - "NIST_SP_800-53_R5_MA-3",
    - "NIST_SP_800-53_R5_MA-3(1)",
    - "NIST_SP_800-53_R5_MA-3(2)",
    - "NIST_SP_800-53_R5_MA-3(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "eaaae23f-92c9-4460-51cf-913feaea4d52",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eaaae23f-92c9-4460-51cf-913feaea4d52 Employ a media sanitization mechanism ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [7 items
    - "NIST_SP_800-53_R5_MA-2",
    - "NIST_SP_800-53_R5_MA-3(3)",
    - "NIST_SP_800-53_R5_MA-5(1)",
    - "NIST_SP_800-53_R5_MP-4",
    - "NIST_SP_800-53_R5_MP-6",
    - "NIST_SP_800-53_R5_MP-6(1)",
    - "NIST_SP_800-53_R5_MP-6(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1fb1cb0e-1936-6f32-42fd-89970b535855",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1fb1cb0e-1936-6f32-42fd-89970b535855 Manage nonlocal maintenance and diagnostic activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_MA-2",
    - "NIST_SP_800-53_R5_MA-3",
    - "NIST_SP_800-53_R5_MA-3(1)",
    - "NIST_SP_800-53_R5_MA-3(2)",
    - "NIST_SP_800-53_R5_MA-3(3)",
    - "NIST_SP_800-53_R5_MA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b8587fce-138f-86e8-33a3-c60768bf1da6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8587fce-138f-86e8-33a3-c60768bf1da6 Automate remote maintenance activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "74041cfe-3f87-1d17-79ec-34ca5f895542",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/74041cfe-3f87-1d17-79ec-34ca5f895542 Produce complete records of remote maintenance activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5bac5fb7-7735-357b-767d-02264bfe5c3b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5bac5fb7-7735-357b-767d-02264bfe5c3b Perform all non-local maintenance ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-4(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "10c3a1b1-29b0-a2d5-8f4c-a284b0f07830",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/10c3a1b1-29b0-a2d5-8f4c-a284b0f07830 Implement cryptographic mechanisms ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-4(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4ce91e4e-6dab-3c46-011a-aa14ae1561bf",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4ce91e4e-6dab-3c46-011a-aa14ae1561bf Maintain list of authorized remote maintenance personnel ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b273f1e3-79e7-13ee-5b5d-dca6c66c3d5d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b273f1e3-79e7-13ee-5b5d-dca6c66c3d5d Manage maintenance personnel ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7a489c62-242c-5db9-74df-c073056d6fa3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7a489c62-242c-5db9-74df-c073056d6fa3 Designate personnel to supervise unauthorized maintenance activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "eb598832-4bcc-658d-4381-3ecbe17b9866",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/eb598832-4bcc-658d-4381-3ecbe17b9866 Provide timely maintenance support ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MA-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b4e19d22-8c0e-7cad-3219-c84c62dc250f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b4e19d22-8c0e-7cad-3219-c84c62dc250f Review and update media protection policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MP-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4ac81669-00e2-9790-8648-71bc11bc91eb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4ac81669-00e2-9790-8648-71bc11bc91eb Manage the transportation of assets ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_MP-5",
    - "NIST_SP_800-53_R5_PE-16"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6122970b-8d4a-7811-0278-4c6c68f61e4f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6122970b-8d4a-7811-0278-4c6c68f61e4f Restrict media use ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_MP-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "91cf132e-0c9f-37a8-a523-dc6a92cd2fb2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/91cf132e-0c9f-37a8-a523-dc6a92cd2fb2 Review and update physical and environmental policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PE-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "55a7f9a0-6397-7589-05ef-5ed59a8149e7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/55a7f9a0-6397-7589-05ef-5ed59a8149e7 Control physical access ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [6 items
    - "NIST_SP_800-53_R5_PE-2",
    - "NIST_SP_800-53_R5_PE-3",
    - "NIST_SP_800-53_R5_PE-4",
    - "NIST_SP_800-53_R5_PE-5",
    - "NIST_SP_800-53_R5_PE-8",
    - "NIST_SP_800-53_R5_SI-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "05ec66a2-137c-14b8-8e75-3d7a2bef07f8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/05ec66a2-137c-14b8-8e75-3d7a2bef07f8 Implement physical security for offices, working areas, and secure areas ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [11 items
    - "NIST_SP_800-53_R5_PE-3",
    - "NIST_SP_800-53_R5_PE-4",
    - "NIST_SP_800-53_R5_PE-5",
    - "NIST_SP_800-53_R5_PE-8",
    - "NIST_SP_800-53_R5_PE-13",
    - "NIST_SP_800-53_R5_PE-13(1)",
    - "NIST_SP_800-53_R5_PE-13(2)",
    - "NIST_SP_800-53_R5_PE-14",
    - "NIST_SP_800-53_R5_PE-14(2)",
    - "NIST_SP_800-53_R5_PE-15",
    - "NIST_SP_800-53_R5_PE-18"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "51e4b233-8ee3-8bdc-8f5f-f33bd0d229b7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/51e4b233-8ee3-8bdc-8f5f-f33bd0d229b7 Define a physical key management process ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_PE-3",
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e603da3a-8af7-4f8a-94cb-1bcc0e0333d2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e603da3a-8af7-4f8a-94cb-1bcc0e0333d2 Manage the input, output, processing, and storage of data ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_PE-5",
    - "NIST_SP_800-53_R5_SI-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "aa0ddd99-43eb-302d-3f8f-42b499182960",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/aa0ddd99-43eb-302d-3f8f-42b499182960 Install an alarm system ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_PE-6(1)",
    - "NIST_SP_800-53_R5_PE-14(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f2222056-062d-1060-6dc2-0107a68c34b2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f2222056-062d-1060-6dc2-0107a68c34b2 Manage a secure surveillance camera system ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PE-6(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "aa892c0d-2c40-200c-0dd8-eac8c4748ede",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/aa892c0d-2c40-200c-0dd8-eac8c4748ede Employ automatic emergency lighting ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PE-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c2eabc28-1e5c-78a2-a712-7cc176c44c07",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c2eabc28-1e5c-78a2-a712-7cc176c44c07 Implement a penetration testing methodology ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PE-13(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "25a1f840-65d0-900a-43e4-bee253de04de",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/25a1f840-65d0-900a-43e4-bee253de04de Define requirements for managing assets ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PE-16"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "28aa060e-25c7-6121-05d8-a846f11433df",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/28aa060e-25c7-6121-05d8-a846f11433df Review and update planning policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6b957f60-54cd-5752-44d5-ff5a64366c93",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6b957f60-54cd-5752-44d5-ff5a64366c93 Develop SSP that meets criteria ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b2ea1058-8998-3dd1-84f1-82132ad482fd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b2ea1058-8998-3dd1-84f1-82132ad482fd Develop and establish a system security plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "39eb03c1-97cc-11ab-0960-6209ed2869f7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/39eb03c1-97cc-11ab-0960-6209ed2869f7 Establish a privacy program ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_PL-2",
    - "NIST_SP_800-53_R5_SA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "afbecd30-37ee-a27b-8e09-6ac49951a0ee",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/afbecd30-37ee-a27b-8e09-6ac49951a0ee Establish security requirements for the manufacturing of connected devices ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "df2e9507-169b-4114-3a52-877561ee3198",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/df2e9507-169b-4114-3a52-877561ee3198 Implement security engineering principles of information systems ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "42116f15-5665-a52a-87bb-b40e64c74b6c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/42116f15-5665-a52a-87bb-b40e64c74b6c Develop acceptable use policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_PL-4",
    - "NIST_SP_800-53_R5_PL-4(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "509552f5-6528-3540-7959-fbeae4832533",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/509552f5-6528-3540-7959-fbeae4832533 Enforce rules of behavior and access agreements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_PL-4",
    - "NIST_SP_800-53_R5_PS-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d02498e0-8a6f-6b02-8332-19adf6711d1e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d02498e0-8a6f-6b02-8332-19adf6711d1e Develop organization code of conduct policy ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "271a3e58-1b38-933d-74c9-a580006b80aa",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/271a3e58-1b38-933d-74c9-a580006b80aa Document personnel acceptance of privacy requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5fe84a4c-1b0c-a738-2aba-ed49c9069d3b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5fe84a4c-1b0c-a738-2aba-ed49c9069d3b Prohibit unfair practices ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6c0a312f-04c5-5c97-36a5-e56763a02b6b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6c0a312f-04c5-5c97-36a5-e56763a02b6b Review and sign revised rules of behavior ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6610f662-37e9-2f71-65be-502bdc2f554d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6610f662-37e9-2f71-65be-502bdc2f554d Update rules of behavior and access agreements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7ad83b58-2042-085d-08f0-13e946f26f89",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7ad83b58-2042-085d-08f0-13e946f26f89 Update rules of behavior and access agreements every 3 years ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ced291b8-1d3d-7e27-40cf-829e9dd523c8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ced291b8-1d3d-7e27-40cf-829e9dd523c8 Review and update the information security architecture ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e7422f08-65b4-50e4-3779-d793156e0079",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e7422f08-65b4-50e4-3779-d793156e0079 Develop a concept of operations (CONOPS) ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PL-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e5c5fc78-4aa5-3d6b-81bc-5fcc88b318e9",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e5c5fc78-4aa5-3d6b-81bc-5fcc88b318e9 Review and update personnel security policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b7897ddc-9716-2460-96f7-7757ad038cc4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b7897ddc-9716-2460-96f7-7757ad038cc4 Assign risk designations ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c42f19c9-5d88-92da-0742-371a0ea03126",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c42f19c9-5d88-92da-0742-371a0ea03126 Clear personnel with access to classified information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e0c480bf-0d68-a42d-4cbb-b60f851f8716",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e0c480bf-0d68-a42d-4cbb-b60f851f8716 Implement personnel screening ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c6aeb800-0b19-944d-92dc-59b893722329",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c6aeb800-0b19-944d-92dc-59b893722329 Rescreen individuals at a defined frequency ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a315c657-4a00-8eba-15ac-44692ad24423",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a315c657-4a00-8eba-15ac-44692ad24423 Protect special information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_PS-3(3)",
    - "NIST_SP_800-53_R5_SC-28"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "80a97208-264e-79da-0cc7-4fca179a0c9c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/80a97208-264e-79da-0cc7-4fca179a0c9c Protect against and prevent data theft from departing employees ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "496b407d-9b9e-81e8-4ba4-44bc686b016a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/496b407d-9b9e-81e8-4ba4-44bc686b016a Conduct exit interview upon termination ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c79d378a-2521-822a-0407-57454f8d2c74",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c79d378a-2521-822a-0407-57454f8d2c74 Notify upon termination or transfer ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_PS-4",
    - "NIST_SP_800-53_R5_PS-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "729c8708-2bec-093c-8427-2e87d2cd426d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/729c8708-2bec-093c-8427-2e87d2cd426d Automate notification of employee termination ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-4(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e89436d8-6a93-3b62-4444-1d2a42ad56b2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e89436d8-6a93-3b62-4444-1d2a42ad56b2 Reevaluate access upon personnel transfer ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b8a9bb2f-7290-3259-85ce-dca7d521302d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8a9bb2f-7290-3259-85ce-dca7d521302d Initiate transfer or reassignment actions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "979ed3b6-83f9-26bc-4b86-5b05464700bf",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/979ed3b6-83f9-26bc-4b86-5b05464700bf Modify access authorizations upon personnel transfer ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c981fa70-2e58-8141-1457-e7f62ebc2ade",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c981fa70-2e58-8141-1457-e7f62ebc2ade Document organizational access agreements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3af53f59-979f-24a8-540f-d7cdbc366607",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3af53f59-979f-24a8-540f-d7cdbc366607 Require users to sign access agreement ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e21f91d1-2803-0282-5f2d-26ebc4b170ef",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e21f91d1-2803-0282-5f2d-26ebc4b170ef Update organizational access agreements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e7589f4e-1e8b-72c2-3692-1e14d7f3699f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e7589f4e-1e8b-72c2-3692-1e14d7f3699f Ensure access agreements are signed or resigned timely ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3881168c-5d38-6f04-61cc-b5d87b2c4c58",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3881168c-5d38-6f04-61cc-b5d87b2c4c58 Establish third-party personnel security requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e8c31e15-642d-600f-78ab-bad47a5787e6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e8c31e15-642d-600f-78ab-bad47a5787e6 Require third-party providers to comply with personnel security policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b320aa42-33b4-53af-87ce-100091d48918",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b320aa42-33b4-53af-87ce-100091d48918 Document third-party personnel security requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "afd5d60a-48d2-8073-1ec2-6687e22f2ddd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/afd5d60a-48d2-8073-1ec2-6687e22f2ddd Require notification of third-party personnel transfer or termination ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f8ded0c6-a668-9371-6bb6-661d58787198",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f8ded0c6-a668-9371-6bb6-661d58787198 Monitor third-party provider compliance ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-7"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5decc032-95bd-2163-9549-a41aba83228e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5decc032-95bd-2163-9549-a41aba83228e Implement formal sanctions process ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6228396e-2ace-7ca5-3247-45767dbf52f4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6228396e-2ace-7ca5-3247-45767dbf52f4 Notify personnel upon sanctions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_PS-8"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "20012034-96f0-85c2-4a86-1ae1eb457802",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/20012034-96f0-85c2-4a86-1ae1eb457802 Review and update risk assessment policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "93fa357f-2e38-22a9-5138-8cc5124e1923",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/93fa357f-2e38-22a9-5138-8cc5124e1923 Categorize information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "11ba0508-58a8-44de-5f3a-9e05d80571da",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/11ba0508-58a8-44de-5f3a-9e05d80571da Develop business classification schemes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e23444b9-9662-40f3-289e-6d25c02b48fa",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e23444b9-9662-40f3-289e-6d25c02b48fa Review label activity and analytics ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_RA-2",
    - "NIST_SP_800-53_R5_SI-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6c79c3e5-5f7b-a48a-5c7b-8c158bc01115",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6c79c3e5-5f7b-a48a-5c7b-8c158bc01115 Ensure security categorization is approved ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1dbd51c2-2bd1-5e26-75ba-ed075d8f0d68",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1dbd51c2-2bd1-5e26-75ba-ed075d8f0d68 Conduct risk assessment and document its results ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "677e1da4-00c3-287a-563d-f4a1cf9b99a0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/677e1da4-00c3-287a-563d-f4a1cf9b99a0 Conduct Risk Assessment ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d7c1ecc3-2980-a079-1569-91aec8ac4a77",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d7c1ecc3-2980-a079-1569-91aec8ac4a77 Conduct risk assessment and distribute its results ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3c5e0e1a-216f-8f49-0a15-76ed0d8b8e1f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3c5e0e1a-216f-8f49-0a15-76ed0d8b8e1f Perform vulnerability scans ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [7 items
    - "NIST_SP_800-53_R5_RA-5",
    - "NIST_SP_800-53_R5_RA-5(2)",
    - "NIST_SP_800-53_R5_RA-5(3)",
    - "NIST_SP_800-53_R5_RA-5(6)",
    - "NIST_SP_800-53_R5_SA-10",
    - "NIST_SP_800-53_R5_SA-11",
    - "NIST_SP_800-53_R5_SI-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d25cbded-121e-0ed6-1857-dc698c9095b1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d25cbded-121e-0ed6-1857-dc698c9095b1 Take action in response to customer information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "5b802722-71dd-a13d-2e7e-231e09589efb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/5b802722-71dd-a13d-2e7e-231e09589efb Implement privileged access for executing vulnerability scanning activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ff136354-1c92-76dc-2dab-80fb7c6a9f1a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ff136354-1c92-76dc-2dab-80fb7c6a9f1a Observe and report security weaknesses ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bf883b14-9c19-0f37-8825-5e39a8b66d5b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bf883b14-9c19-0f37-8825-5e39a8b66d5b Perform threat modeling ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5(6)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a30bd8e9-7064-312a-0e1f-e1b485d59f6e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a30bd8e9-7064-312a-0e1f-e1b485d59f6e Review exploit protection events ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e3905a3c-97e7-0b4f-15fb-465c0927536f",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e3905a3c-97e7-0b4f-15fb-465c0927536f Correlate Vulnerability scan information ,
  - definitionVersion: 1.*.*1.1.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_RA-5(10)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f49925aa-9b11-76ae-10e2-6e973cc60f37",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f49925aa-9b11-76ae-10e2-6e973cc60f37 Review and update system and services acquisition policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "90a156a6-49ed-18d1-1052-69aac27c05cd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/90a156a6-49ed-18d1-1052-69aac27c05cd Allocate resources in determining information system requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ab02bb73-4ce1-89dd-3905-d93042809ba0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ab02bb73-4ce1-89dd-3905-d93042809ba0 Align business objectives and IT goals ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "33d34fac-56a8-1c0f-0636-3ed94892a709",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/33d34fac-56a8-1c0f-0636-3ed94892a709 Govern the allocation of resources ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SA-2",
    - "NIST_SP_800-53_R5_SC-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "70057208-70cc-7b31-3c3a-121af6bc1966",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/70057208-70cc-7b31-3c3a-121af6bc1966 Secure commitment from leadership ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SA-2",
    - "NIST_SP_800-53_R5_SC-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "06af77de-02ca-0f3e-838a-a9420fe466f5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/06af77de-02ca-0f3e-838a-a9420fe466f5 Establish a discrete line item in budgeting documentation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ef5a7059-6651-73b1-18b3-75b1b79c1565",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ef5a7059-6651-73b1-18b3-75b1b79c1565 Define information security roles and responsibilities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0dcbaf2f-075e-947b-8f4c-74ecc5cd302c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0dcbaf2f-075e-947b-8f4c-74ecc5cd302c Identify individuals with security roles and responsibilities ,
  - definitionVersion: 1.*.*1.1.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "00f12b6f-10d7-8117-9577-0f2b76488385",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/00f12b6f-10d7-8117-9577-0f2b76488385 Integrate risk management process into SDLC ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "67ada943-8539-083d-35d0-7af648974125",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/67ada943-8539-083d-35d0-7af648974125 Determine supplier contract obligations ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0803eaa7-671c-08a7-52fd-ac419f775e75",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0803eaa7-671c-08a7-52fd-ac419f775e75 Document acquisition contract acceptance criteria ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f9ec3263-9562-1768-65a1-729793635a8d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f9ec3263-9562-1768-65a1-729793635a8d Document protection of personal data in acquisition contracts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d78f95ba-870a-a500-6104-8a5ce2534f19",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d78f95ba-870a-a500-6104-8a5ce2534f19 Document protection of security information in acquisition contracts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0ba211ef-0e85-2a45-17fc-401d1b3f8f85",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0ba211ef-0e85-2a45-17fc-401d1b3f8f85 Document requirements for the use of shared data in contracts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "13efd2d7-3980-a2a4-39d0-527180c009e8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/13efd2d7-3980-a2a4-39d0-527180c009e8 Document security assurance requirements in acquisition contracts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a465e8e9-0095-85cb-a05f-1dd4960d02af",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a465e8e9-0095-85cb-a05f-1dd4960d02af Document security documentation requirements in acquisition contract ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "57927290-8000-59bf-3776-90c468ac5b4b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/57927290-8000-59bf-3776-90c468ac5b4b Document security functional requirements in acquisition contracts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c148208b-1a6f-a4ac-7abc-23b1d41121b1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c148208b-1a6f-a4ac-7abc-23b1d41121b1 Document the information system environment in acquisition contracts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SA-4",
    - "NIST_SP_800-53_R5_SA-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "77acc53d-0f67-6e06-7d04-5750653d4629",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/77acc53d-0f67-6e06-7d04-5750653d4629 Document the protection of cardholder data in third party contracts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "44b71aa8-099d-8b97-1557-0e853ec38e0d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/44b71aa8-099d-8b97-1557-0e853ec38e0d Obtain functional properties of security controls ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "22a02c9a-49e4-5dc9-0d14-eb35ad717154",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/22a02c9a-49e4-5dc9-0d14-eb35ad717154 Obtain design and implementation information for the security controls ,
  - definitionVersion: 1.*.*1.1.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ca6d7878-3189-1833-4620-6c7254ed1607",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ca6d7878-3189-1833-4620-6c7254ed1607 Obtain continuous monitoring plan for security controls ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f6da5cca-5795-60ff-49e1-4972567815fe",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f6da5cca-5795-60ff-49e1-4972567815fe Require developer to identify SDLC ports, protocols, and services ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4(9)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8b333332-6efd-7c0d-5a9f-d1eb95105214",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8b333332-6efd-7c0d-5a9f-d1eb95105214 Employ FIPS 201-approved technology for PIV ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-4(10)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3f1216b0-30ee-1ac9-3899-63eb744e85f5",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3f1216b0-30ee-1ac9-3899-63eb744e85f5 Obtain Admin documentation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "be1c34ab-295a-07a6-785c-36f63c1d223e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/be1c34ab-295a-07a6-785c-36f63c1d223e Obtain user security function documentation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8c44a0ea-9b09-4d9c-0e91-f9bee3d05bfb",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8c44a0ea-9b09-4d9c-0e91-f9bee3d05bfb Document customer-defined actions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "09960521-759e-5d12-086f-4192a72a5e92",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/09960521-759e-5d12-086f-4192a72a5e92 Protect administrator and user documentation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "84a01872-5318-049e-061e-d56734183e84",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/84a01872-5318-049e-061e-d56734183e84 Distribute information system documentation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4e45863d-9ea9-32b4-a204-2680bc6007a6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4e45863d-9ea9-32b4-a204-2680bc6007a6 Require external service providers to comply with security requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "cbfa1bd0-714d-8d6f-0480-2ad6a53972df",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cbfa1bd0-714d-8d6f-0480-2ad6a53972df Define and document government oversight ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ffea18d9-13de-6505-37f3-4c1f88070ad7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ffea18d9-13de-6505-37f3-4c1f88070ad7 Review cloud service provider's compliance with policies and agreements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-9"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0d04cb93-a0f1-2f4b-4b1b-a72a1b510d08",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0d04cb93-a0f1-2f4b-4b1b-a72a1b510d08 Assess risk in third party relationships ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-9(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "92b94485-1c49-3350-9ada-dffe94f08e87",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/92b94485-1c49-3350-9ada-dffe94f08e87 Obtain approvals for acquisitions and outsourcing ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-9(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "46ab2c5e-6654-1f58-8c83-e97a44f39308",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/46ab2c5e-6654-1f58-8c83-e97a44f39308 Identify external service providers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-9(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3eabed6d-1912-2d3c-858b-f438d08d0412",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3eabed6d-1912-2d3c-858b-f438d08d0412 Ensure external providers consistently meet interests of the customers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-9(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "0040d2e5-2779-170d-6a2c-1f5fca353335",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/0040d2e5-2779-170d-6a2c-1f5fca353335 Restrict location of information processing, storage and services ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-9(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "318b2bd9-9c39-9f8b-46a7-048401f33476",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/318b2bd9-9c39-9f8b-46a7-048401f33476 Address coding vulnerabilities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6de65dc4-8b4f-34b7-9290-eb137a2e2929",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6de65dc4-8b4f-34b7-9290-eb137a2e2929 Develop and document application security requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e750ca06-1824-464a-2cf3-d0fa754d1cb4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e750ca06-1824-464a-2cf3-d0fa754d1cb4 Establish a secure software development program ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b33d61c1-7463-7025-0ec0-a47585b59147",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b33d61c1-7463-7025-0ec0-a47585b59147 Require developers to manage change integrity ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "085467a6-9679-5c65-584a-f55acefd0d43",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/085467a6-9679-5c65-584a-f55acefd0d43 Require developers to implement only approved changes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3a868d0c-538f-968b-0191-bddb44da5b75",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3a868d0c-538f-968b-0191-bddb44da5b75 Require developers to document approved changes and potential impact ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "db28735f-518f-870e-15b4-49623cbe3aa0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/db28735f-518f-870e-15b4-49623cbe3aa0 Verify software, firmware and information integrity ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [4 items
    - "NIST_SP_800-53_R5_SA-10(1)",
    - "NIST_SP_800-53_R5_SC-21",
    - "NIST_SP_800-53_R5_SI-7",
    - "NIST_SP_800-53_R5_SI-7(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f8a63511-66f1-503f-196d-d6217ee0823a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f8a63511-66f1-503f-196d-d6217ee0823a Require developers to produce evidence of security assessment plan execution ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-11"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1e876c5c-0f2a-8eb6-69f7-5f91e7918ed6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1e876c5c-0f2a-8eb6-69f7-5f91e7918ed6 Review development process, standards and tools ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-15"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "676c3c35-3c36-612c-9523-36d266a65000",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/676c3c35-3c36-612c-9523-36d266a65000 Require developers to provide training ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-16"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f131c8c5-a54a-4888-1efc-158928924bc1",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f131c8c5-a54a-4888-1efc-158928924bc1 Require developers to build security architecture ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-17"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3e37c891-840c-3eb4-78d2-e2e0bb5063e0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3e37c891-840c-3eb4-78d2-e2e0bb5063e0 Require developers to describe accurate security functionality ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-17"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7a114735-a420-057d-a651-9a73cd0416ef",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7a114735-a420-057d-a651-9a73cd0416ef Require developers to provide unified security protection approach ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SA-17"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "adf517f3-6dcd-3546-9928-34777d0c277e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/adf517f3-6dcd-3546-9928-34777d0c277e Review and update system and communications protection policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8a703eb5-4e53-701b-67e4-05ba2f7930c8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8a703eb5-4e53-701b-67e4-05ba2f7930c8 Separate user and information system management functionality ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b8972f60-8d77-1cb8-686f-9c9f4cdd8a59",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8972f60-8d77-1cb8-686f-9c9f4cdd8a59 Use dedicated machines for administrative tasks ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b7306e73-0494-83a2-31f5-280e934a8f70",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b7306e73-0494-83a2-31f5-280e934a8f70 Develop and document a DDoS response plan ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "edcc36f1-511b-81e0-7125-abee29752fe7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/edcc36f1-511b-81e0-7125-abee29752fe7 Manage availability and capacity ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "01ae60e2-38bb-0a32-7b20-d3a091423409",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/01ae60e2-38bb-0a32-7b20-d3a091423409 Implement system boundary protection ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [5 items
    - "NIST_SP_800-53_R5_SC-7",
    - "NIST_SP_800-53_R5_SC-7(4)",
    - "NIST_SP_800-53_R5_SC-7(12)",
    - "NIST_SP_800-53_R5_SC-7(18)",
    - "NIST_SP_800-53_R5_SI-4(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b262e1dd-08e9-41d4-963a-258909ad794b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b262e1dd-08e9-41d4-963a-258909ad794b Implement managed interface for each external service ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-7(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ff1efad2-6b09-54cc-01bf-d386c4d558a8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ff1efad2-6b09-54cc-01bf-d386c4d558a8 Secure the interface to external systems ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-7(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "66e5cb69-9f1c-8b8d-8fbd-b832466d5aa8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/66e5cb69-9f1c-8b8d-8fbd-b832466d5aa8 Prevent split tunneling for remote devices ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-7(7)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d91558ce-5a5c-551b-8fbb-83f793255e09",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d91558ce-5a5c-551b-8fbb-83f793255e09 Route traffic through authenticated proxy network ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-7(8)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "dd6d00a8-701a-5935-a22b-c7b9c0c698b2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/dd6d00a8-701a-5935-a22b-c7b9c0c698b2 Isolate SecurID systems, Security Incident Management systems ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-7(13)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "df54d34f-65f3-39f1-103c-a0464b8615df",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/df54d34f-65f3-39f1-103c-a0464b8615df Manage transfers between standby and active system components ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-7(18)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "83eea3d3-0d2c-9ccd-1021-2111b29b2a62",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/83eea3d3-0d2c-9ccd-1021-2111b29b2a62 Ensure system capable of dynamic isolation of resources ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-7(20)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "311802f9-098d-0659-245a-94c5d47c0182",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/311802f9-098d-0659-245a-94c5d47c0182 Employ boundary protection to isolate information systems ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-7(21)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "26daf649-22d1-97e9-2a8a-01b182194d59",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/26daf649-22d1-97e9-2a8a-01b182194d59 Configure workstations to check for digital certificates ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-8(1)",
    - "NIST_SP_800-53_R5_SC-23"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d6653f89-7cb5-24a4-9d71-51581038231b",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d6653f89-7cb5-24a4-9d71-51581038231b Reauthenticate or terminate a user session ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c4ccd607-702b-8ae6-8eeb-fc3339cd4b42",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c4ccd607-702b-8ae6-8eeb-fc3339cd4b42 Define cryptographic use ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-12",
    - "NIST_SP_800-53_R5_SC-13"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d661e9eb-4e15-5ba1-6f02-cdc467db0d6c",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d661e9eb-4e15-5ba1-6f02-cdc467db0d6c Define organizational requirements for cryptographic key management ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7a0ecd94-3699-5273-76a5-edb8499f655a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7a0ecd94-3699-5273-76a5-edb8499f655a Determine assertion requirements ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "97d91b33-7050-237b-3e23-a77d57d84e13",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/97d91b33-7050-237b-3e23-a77d57d84e13 Issue public key certificates ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SC-12",
    - "NIST_SP_800-53_R5_SC-17"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9c276cf3-596f-581a-7fbd-f5e46edaa0f4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9c276cf3-596f-581a-7fbd-f5e46edaa0f4 Manage symmetric cryptographic keys ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3ad7f0bc-3d03-0585-4d24-529779bb02c2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3ad7f0bc-3d03-0585-4d24-529779bb02c2 Maintain availability of information ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "16c54e01-9e65-7524-7c33-beda48a75779",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/16c54e01-9e65-7524-7c33-beda48a75779 Produce, control and distribute symmetric cryptographic keys ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "de077e7e-0cc8-65a6-6e08-9ab46c827b05",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/de077e7e-0cc8-65a6-6e08-9ab46c827b05 Produce, control and distribute asymmetric cryptographic keys ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-12(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "678ca228-042d-6d8e-a598-c58d5670437d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/678ca228-042d-6d8e-a598-c58d5670437d Prohibit remote activation of collaborative computing devices ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-15"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "62fa14f0-4cbe-762d-5469-0899a99b98aa",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/62fa14f0-4cbe-762d-5469-0899a99b98aa Explicitly notify use of collaborative computing devices ,
  - definitionVersion: 1.*.*1.1.1,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-15"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1afada58-8b34-7ac2-a38a-983218635201",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1afada58-8b34-7ac2-a38a-983218635201 Define acceptable and unacceptable mobile code technologies ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-18"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ffdaa742-0d6f-726f-3eac-6e6c34e36c93",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ffdaa742-0d6f-726f-3eac-6e6c34e36c93 Establish usage restrictions for mobile code technologies ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-18"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "291f20d4-8d93-1d73-89f3-6ce28b825563",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/291f20d4-8d93-1d73-89f3-6ce28b825563 Authorize, monitor, and control usage of mobile code technologies ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-18"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ced727b3-005e-3c5b-5cd5-230b79d56ee8",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ced727b3-005e-3c5b-5cd5-230b79d56ee8 Implement a fault tolerant name/address service ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [3 items
    - "NIST_SP_800-53_R5_SC-20",
    - "NIST_SP_800-53_R5_SC-21",
    - "NIST_SP_800-53_R5_SC-22"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bbb2e6d6-085f-5a35-a55d-e45daad38933",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bbb2e6d6-085f-5a35-a55d-e45daad38933 Provide secure name and address resolution services ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-20"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c7d57a6a-7cc2-66c0-299f-83bf90558f5d",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c7d57a6a-7cc2-66c0-299f-83bf90558f5d Enforce random unique session identifiers ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-23"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "396f465d-375e-57de-58ba-021adb008191",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/396f465d-375e-57de-58ba-021adb008191 Invalidate session identifiers at logout ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-23(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "12af7c7a-92af-9e96-0d0c-5e732d1a3751",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/12af7c7a-92af-9e96-0d0c-5e732d1a3751 Ensure information system fails in known state ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-24"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "3c9aa856-6b86-35dc-83f4-bc72cec74dea",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/3c9aa856-6b86-35dc-83f4-bc72cec74dea Establish a data leakage management procedure ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-28"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "bfc540fe-376c-2eef-4355-121312fa4437",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/bfc540fe-376c-2eef-4355-121312fa4437 Maintain separate execution domains for running processes ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SC-39"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "6bededc0-2985-54d5-4158-eb8bad8070a0",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/6bededc0-2985-54d5-4158-eb8bad8070a0 Review and update information integrity policies and procedures ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-1"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "34aac8b2-488a-2b96-7280-5b9b481a317a",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/34aac8b2-488a-2b96-7280-5b9b481a317a Incorporate flaw remediation into configuration management ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-2"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "a90c4d44-7fac-8e02-6d5b-0d92046b20e6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/a90c4d44-7fac-8e02-6d5b-0d92046b20e6 Automate flaw remediation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-2(2)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "dad1887d-161b-7b61-2e4d-5124a7b5724e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/dad1887d-161b-7b61-2e4d-5124a7b5724e Measure the time between flaw identification and flaw remediation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-2(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "dd2523d5-2db3-642b-a1cf-83ac973b32c2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/dd2523d5-2db3-642b-a1cf-83ac973b32c2 Establish benchmarks for flaw remediation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-2(3)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "63f63e71-6c3f-9add-4c43-64de23e554a7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/63f63e71-6c3f-9add-4c43-64de23e554a7 Manage gateways ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [2 items
    - "NIST_SP_800-53_R5_SI-3",
    - "NIST_SP_800-53_R5_SI-4(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "4a6f5cbd-6c6b-006f-2bb1-091af1441bce",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/4a6f5cbd-6c6b-006f-2bb1-091af1441bce Review malware detections report weekly ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "fad161f5-5261-401a-22dd-e037bae011bd",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/fad161f5-5261-401a-22dd-e037bae011bd Review threat protection status weekly ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ea9d7c95-2f10-8a4d-61d8-7469bd2e8d65",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ea9d7c95-2f10-8a4d-61d8-7469bd2e8d65 Update antivirus definitions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-3"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "d9af7f88-686a-5a8b-704b-eafdab278977",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/d9af7f88-686a-5a8b-704b-eafdab278977 Obtain legal opinion for monitoring system activities ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "7fc1f0da-0050-19bb-3d75-81ae15940df6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/7fc1f0da-0050-19bb-3d75-81ae15940df6 Provide monitoring information as needed ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-4"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "e4e1f896-8a93-1151-43c7-0ad23b081ee2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/e4e1f896-8a93-1151-43c7-0ad23b081ee2 Authorize, monitor, and control voip ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-4(4)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8f835d6a-4d13-9a9c-37dc-176cebd37fda",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8f835d6a-4d13-9a9c-37dc-176cebd37fda Document wireless access security controls ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-4(14)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "86ecd378-a3a0-5d5b-207c-05e6aaca43fc",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/86ecd378-a3a0-5d5b-207c-05e6aaca43fc Detect network services that have not been authorized or approved ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-4(22)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "07b42fb5-027e-5a3c-4915-9d9ef3020ec7",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/07b42fb5-027e-5a3c-4915-9d9ef3020ec7 Discover any indicators of compromise ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-4(24)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b0e3035d-6366-2e37-796e-8bcab9c649e6",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b0e3035d-6366-2e37-796e-8bcab9c649e6 Establish a threat intelligence program ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "171e377b-5224-4a97-1eaa-62a3b5231dac",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/171e377b-5224-4a97-1eaa-62a3b5231dac Generate internal security alerts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "9c93ef57-7000-63fb-9b74-88f2e17ca5d2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/9c93ef57-7000-63fb-9b74-88f2e17ca5d2 Disseminate security alerts to personnel ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "26d178a4-9261-6f04-a100-47ed85314c6e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/26d178a4-9261-6f04-a100-47ed85314c6e Implement security directives ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-5"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "b8689b2e-4308-a58b-a0b4-6f3343a000df",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/b8689b2e-4308-a58b-a0b4-6f3343a000df Use automated mechanisms for security alerts ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-5(1)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "ece8bb17-4080-5127-915f-dc7267ee8549",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/ece8bb17-4080-5127-915f-dc7267ee8549 Verify security functions ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "f30edfad-4e1d-1eef-27ee-9292d6d89842",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/f30edfad-4e1d-1eef-27ee-9292d6d89842 Perform security function verification at a defined frequency ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "18e9d748-73d4-0c96-55ab-b108bfbd5bc3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/18e9d748-73d4-0c96-55ab-b108bfbd5bc3 Notify personnel of any failed security verification tests ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "cc2f7339-2fac-1ea9-9ca3-cd530fbb0da2",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/cc2f7339-2fac-1ea9-9ca3-cd530fbb0da2 Create alternative actions for identified anomalies ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-6"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "1b8a7ec3-11cc-a2d3-8cd0-eedf074424a4",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/1b8a7ec3-11cc-a2d3-8cd0-eedf074424a4 Employ automatic shutdown/restart when violations are detected ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-7(5)"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "8b1f29eb-1b22-4217-5337-9207cb55231e",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/8b1f29eb-1b22-4217-5337-9207cb55231e Perform information input validation ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-10"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "c2cb4658-44dc-9d11-3dad-7c6802dd5ba3",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/c2cb4658-44dc-9d11-3dad-7c6802dd5ba3 Generate error messages ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-11"
    ]
  },
- {5 items
  - policyDefinitionReferenceId: "20762f1e-85fb-31b0-a600-e833633f10fe",
  - policyDefinitionId: /providers/Microsoft.Authorization/policyDefinitions/20762f1e-85fb-31b0-a600-e833633f10fe Reveal error messages ,
  - definitionVersion: 1.*.*1.1.0,
  - parameters: {},
  - groupNames: [1 item
    - "NIST_SP_800-53_R5_SI-11"
    ]
  }
],
policyDefinitionGroups: [970 items
- {2 items
  - name: "NIST_SP_800-53_R5_AC-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-2(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-2(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(14)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(14)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-3(15)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-3(15)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(14)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(14)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(15)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(15)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(17)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(17)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(19)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(19)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(20)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(20)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(21)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(21)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(22)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(22)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(23)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(23)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(24)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(24)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(25)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(25)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(26)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(26)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(27)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(27)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(28)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(28)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(29)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(29)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(30)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(30)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(31)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(31)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-4(32)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-4(32)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-6(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-6(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-7(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-7(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-7(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-7(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-7(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-7(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-9(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-9(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-9(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-9(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-9(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-11(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-11(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-12"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-12(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-12(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-12(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-12(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-12(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-12(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-14",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-14"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-16(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-16(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-17",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-17(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-17(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-17(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-17(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-17(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-17(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-17(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-17(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-18",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-18(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-18(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-18(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-18(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-18(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-19",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-19"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-19(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-19(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-19(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-19(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-20",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-20(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-20(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-20(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-20(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-20(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-20(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-21",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-21"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-21(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-21(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-21(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-21(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-22",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-22"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-23",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-23"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-24",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-24"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-24(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-24(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-24(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-24(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AC-25",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AC-25"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-2(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-2(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-2(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-2(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-2(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-3(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-3(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AT-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AT-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-5(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-5(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-5(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-5(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-5(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-6(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-6(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-7(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-7(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-9(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-9(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-9(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-9(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-9(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-9(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-9(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-9(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-10(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-10(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-10(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-10(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-10(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-11(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-11(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-12(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-12(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-12(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-12(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-12(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-13",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-13"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-13(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-13(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-13(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-13(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-13(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-13(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-14",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-14"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-14(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-14(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-14(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-14(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-16",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-16"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-16(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-16(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-16(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-16(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_AU-16(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_AU-16(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-2(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-2(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-3(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-3(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-3(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-3(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-7(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-7(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-7(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-7(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-7(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-7(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-8(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-8(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CA-9(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CA-9(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-2(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-2(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-2(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-2(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-3(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-3(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-5(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-5(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-5(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-5(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-7(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-7(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-8(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-8(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-9(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-9(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-10(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-10(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-11(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-11(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-11(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-11(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-12"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-12(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-12(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-13",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-13"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CM-14",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CM-14"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-2(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-2(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-2(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-2(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-2(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-2(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-4(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-4(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-4(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-4(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-7(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-7(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-7(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-7(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-7(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-7(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-8(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-8(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-8(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-8(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-9(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-9(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-9(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-9(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-9(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-9(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-9(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-9(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-10(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-10(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-10(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-10(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-10(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-10(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-12"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_CP-13",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_CP-13"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-2(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-2(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-4(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-4(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-4(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-4(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-4(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-4(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(14)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(14)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(15)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(15)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(16)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(16)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(17)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(17)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-5(18)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-5(18)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-8(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-8(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-8(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-8(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-12(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-12(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-12(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-12(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-12(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IA-12(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IA-12(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-2(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-2(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(14)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(14)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-4(15)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-4(15)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-7(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-7(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-7(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-7(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-9(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-9(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-9(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-9(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_IR-9(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_IR-9(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-3(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-3(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-3(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-4(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-4(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-4(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-4(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-4(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-4(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-5(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-5(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-5(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-5(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-5(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MA-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MA-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-5(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-5(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-6(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-6(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-6(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-7(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-7(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-8(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_MP-8(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_MP-8(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-2(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-2(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-3(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-3(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-3(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-3(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-5(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-5(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-6(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-6(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-8(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-8(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-9(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-9(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-9(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-9(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-11(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-11(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-11(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-11(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-12"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-12(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-12(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-13",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-13"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-13(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-13(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-13(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-13(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-13(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-13(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-14",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-14"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-14(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-14(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-14(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-14(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-15",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-15"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-15(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-15(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-16",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-16"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-17",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-17"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-18",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-18"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-19",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-19"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-19(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-19(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-20",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-20"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-21",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-21"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-22",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-22"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PE-23",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PE-23"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PL-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PL-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PS-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PS-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-4(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-4(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-5(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-5(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-7(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-7(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-7(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-7(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_PT-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_PT-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-5(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-5(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_RA-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_RA-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-4(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-4(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(14)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(14)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(15)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(15)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(16)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(16)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(17)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(17)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(18)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(18)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(19)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(19)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(20)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(20)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(21)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(21)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(22)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(22)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(23)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(23)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(24)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(24)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(25)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(25)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(26)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(26)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(27)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(27)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(28)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(28)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(29)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(29)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(30)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(30)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(31)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(31)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(32)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(32)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-8(33)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-8(33)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-9(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-9(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-10(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-10(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-10(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-10(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-10(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-10(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-10(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-10(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-11(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-11(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-15(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-15(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-16",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-16"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-17(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-17(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-20",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-20"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-21",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-21"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-22",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-22"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SA-23",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SA-23"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-3(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-3(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-5(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-5(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-5(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-5(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(14)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(14)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(15)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(15)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(16)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(16)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(17)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(17)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(18)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(18)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(19)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(19)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(20)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(20)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(21)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(21)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(22)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(22)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(23)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(23)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(24)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(24)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(25)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(25)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(26)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(26)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(27)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(27)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(28)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(28)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-7(29)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-7(29)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-8(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-8(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-8(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-8(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-8(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-11(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-11(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-12(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-12(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-12(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-12(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-12(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-13",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-13"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-15",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-15"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-15(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-15(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-15(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-15(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-15(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-15(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-16",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-16"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-16(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-16(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-16(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-16(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-16(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-16(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-17",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-17"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-18",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-18(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-18(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-18(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-18(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-18(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-18(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-20",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-20"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-20(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-20(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-21",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-21"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-22",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-22"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-23",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-23"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-23(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-23(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-23(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-23(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-23(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-23(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-24",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-24"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-25",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-25"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-26",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-26"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-27",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-27"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-28",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-28"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-28(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-28(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-28(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-28(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-28(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-28(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-29",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-29"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-29(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-29(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-30",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-30(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-30(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-30(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-30(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-30(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-31",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-31"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-31(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-31(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-31(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-31(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-31(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-31(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-32",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-32"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-32(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-32(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-34",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-34"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-34(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-34(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-34(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-34(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-35",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-35"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-36",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-36"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-36(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-36(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-36(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-36(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-37",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-37"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-37(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-37(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-38",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-38"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-39",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-39"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-39(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-39(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-39(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-39(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-40",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-40(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-40(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-40(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-40(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-40(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-41",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-41"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-42",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-42(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-42(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-42(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-42(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-42(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-43",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-43"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-44",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-44"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-45",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-45"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-45(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-45(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-45(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-45(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-46",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-46"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-47",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-47"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-48",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-48"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-48(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-48(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-49",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-49"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-50",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-50"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SC-51",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SC-51"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-2(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-2(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-2(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-2(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-2(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-2(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-3(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-3(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-3(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-3(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-3(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(11)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(11)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(13)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(13)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(14)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(14)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(15)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(15)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(16)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(16)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(17)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(17)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(18)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(18)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(19)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(19)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(20)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(20)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(21)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(21)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(22)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(22)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(23)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(23)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(24)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(24)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-4(25)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-4(25)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-6(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-6(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-6(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-6(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(9)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(9)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(10)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(10)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(12)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(12)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(15)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(15)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(16)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(16)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-7(17)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-7(17)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-8(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-8(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-8(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-8(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-10(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-10(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-10(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-10(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-10(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-10(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-10(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-12"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-12(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-12(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-12(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-12(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-12(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-12(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-13",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-13(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-13(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-13(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-13(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-13(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-14",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-14"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-14(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-14(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-14(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-14(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-14(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-14(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-15",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-15"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-16",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-16"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-17",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-17"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-18",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-18(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-18(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-18(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-18(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-18(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-18(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19(5)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(5)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19(6)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(6)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19(7)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(7)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-19(8)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-19(8)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-20",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-20"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-21",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-21"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-22",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-22"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SI-23",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SI-23"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-1",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-1"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-2",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-2"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-2(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-2(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-3",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-3"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-3(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-3(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-3(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-3(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-3(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-3(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-4",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-4(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-4(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-4(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-4(4)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-4(4)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-5",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-5"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-5(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-5(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-5(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-5(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-6",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-6"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-6(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-6(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-7",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-7"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-8",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-8"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-9",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-9"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-9(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-9(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-10",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-10"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-11",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-11"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-11(1)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-11(1)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-11(2)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-11(2)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-11(3)",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-11(3)"
  },
- {2 items
  - name: "NIST_SP_800-53_R5_SR-12",
  - additionalMetadataId: "/providers/Microsoft.PolicyInsights/policyMetadata/NIST_SP_800-53_R5_SR-12"
  }
],
versions: [13 items
- "14.17.0",
- "14.16.0",
- "14.15.0",
- "14.14.0",
- "14.13.0",
- "14.12.0",
- "14.11.0",
- "14.10.0",
- "14.9.0",
- "14.8.0",
- "14.7.0",
- "14.6.0",
- "14.5.0"
]

}