AzInitiativeAdvertizer

last sync: 2024-Apr-26 17:47:19 UTC

NIST SP 800-53 Rev. 4

Azure BuiltIn Policy Initiative (PolicySet)

Source

Azure Portal

Display name

NIST SP 800-53 Rev. 4

cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f

Version

17.10.0
Details on versioning

Category

Regulatory Compliance
Microsoft Learn

Description

National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative

Type

BuiltIn

Deprecated

False

Preview

False

Policy count

Total Policies: 733
Builtin Policies: 733
Static Policies: 0

Policy used

Policy DisplayName	Policy Id	Category	Effect	Roles#	Roles	State
[Deprecated]: Function apps should have 'Client Certificates (Incoming client certificates)' enabled	eaebaea7-8013-4ceb-9d14-7eb32271373c	App Service	Default Disabled Allowed Audit, Disabled	0		Deprecated
[Preview]: All Internet traffic should be routed via your deployed Azure Firewall	fc5e4038-4584-4632-8c85-c0448d374b2c	Network	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		Preview
[Preview]: Azure Arc enabled Kubernetes clusters should have Microsoft Defender for Cloud extension installed	8dfab9c4-fe7b-49ad-85e4-1e9be085358f	Kubernetes	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		Preview
[Preview]: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data	2e94d99a-8a36-4563-bc77-810d8893b671	Backup	Default Audit Allowed Audit, Deny, Disabled	0		Preview
[Preview]: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK)	47031206-ce96-41f8-861b-6a915f3de284	Internet of Things	Default Audit Allowed Audit, Deny, Disabled	0		Preview
[Preview]: Log Analytics extension should be installed on your Linux Azure Arc machines	842c54e8-c2f9-4d79-ae8d-38d8b8019373	Monitoring	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		Preview
[Preview]: Log Analytics extension should be installed on your Windows Azure Arc machines	d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e	Monitoring	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		Preview
[Preview]: Network traffic data collection agent should be installed on Linux virtual machines	04c4380f-3fae-46e8-96c9-30193528f602	Monitoring	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		Preview
[Preview]: Network traffic data collection agent should be installed on Windows virtual machines	2f2ee1de-44aa-4762-b6bd-0893fc3f306d	Monitoring	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		Preview
[Preview]: Storage account public access should be disallowed	4fa4b6c0-31ca-4c0d-b10d-24b96f62a751	Storage	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		Preview
A maximum of 3 owners should be designated for your subscription	4f11b553-d42e-4e3a-89be-32ca364cad4c	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
A vulnerability assessment solution should be enabled on your virtual machines	501541f7-f7e7-4cd6-868c-4190fdad3ac9	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Accept assessment results	3054c74b-9b45-2581-56cf-053a1a716c39	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Accept only FICAM-approved third-party credentials	2d2ca910-7957-23ee-2945-33f401606efc	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Accept PIV credentials	55be3260-a7a2-3c06-7fe6-072d07525ab7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Accounts with owner permissions on Azure resources should be MFA enabled	e3e008c3-56b9-4133-8fd7-d3347377402a	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Accounts with read permissions on Azure resources should be MFA enabled	81b3ccb4-e6e8-4e4a-8d05-5df25cd29fd4	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Accounts with write permissions on Azure resources should be MFA enabled	931e118d-50a1-4457-a5e4-78550e086c52	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Adaptive application controls for defining safe applications should be enabled on your machines	47a6b606-51aa-4496-8bb7-64b11cf66adc	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Adaptive network hardening recommendations should be applied on internet facing virtual machines	08e6af2d-db70-460a-bfe9-d5bd474ba9d6	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities	3cf2ab00-13f1-4d0c-8971-2ac904541a7e	Guest Configuration	Fixed modify	1	Contributor	GA
Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity	497dff13-db2a-4c0f-8603-28fa3b331ab6	Guest Configuration	Fixed modify	1	Contributor	GA
Address coding vulnerabilities	318b2bd9-9c39-9f8b-46a7-048401f33476	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Adhere to retention periods defined	1ecb79d7-1a06-9a3b-3be8-f434d04d1ec1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Adjust level of audit review, analysis, and reporting	de251b09-4a5e-1204-4bef-62ac58d47999	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Adopt biometric authentication mechanisms	7d7a8356-5c34-9a95-3118-1424cfaf192a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Alert personnel of information spillage	9622aaa9-5c49-40e2-5bf8-660b7cd23deb	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Align business objectives and IT goals	ab02bb73-4ce1-89dd-3905-d93042809ba0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
All network ports should be restricted on network security groups associated to your virtual machine	9daedab3-fb2d-461e-b861-71790eead4f6	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Allocate resources in determining information system requirements	90a156a6-49ed-18d1-1052-69aac27c05cd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Allowlist rules in your adaptive application control policy should be updated	123a3936-f020-408a-ba0c-47873faf1534	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
An Azure Active Directory administrator should be provisioned for SQL servers	1f314764-cb73-4fc9-b863-8eca98ac36e9	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Analyse data obtained from continuous monitoring	6a379d74-903b-244a-4c44-838728bea6b0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
API Management services should use a virtual network	ef619a2c-cc4d-4d03-b2ba-8c94a834d85b	API Management	Default Audit Allowed Audit, Deny, Disabled	0		GA
App Configuration should use private link	ca610c1d-041c-4332-9d88-7ed3094967c7	App Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service apps should have Client Certificates (Incoming client certificates) enabled	19dd1db6-f442-49cf-a838-b0786b4401ef	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service apps should have remote debugging turned off	cb510bfd-1cba-4d9f-a230-cb0976f4bb71	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service apps should have resource logs enabled	91a78b24-f231-4a8a-8da9-02c35b2b6510	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service apps should not have CORS configured to allow every resource to access your apps	5744710e-cc2f-4ee8-8809-3b11e89f4bc9	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service apps should only be accessible over HTTPS	a4af4a39-4135-47fb-b175-47fbdf85311d	App Service	Default Audit Allowed Audit, Disabled, Deny	0		GA
App Service apps should require FTPS only	4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service apps should use latest 'HTTP Version'	8c122334-9d20-4eb8-89ea-ac9a705b74ae	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service apps should use managed identity	2b9ad585-36bc-4615-b300-fd4435808332	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service apps should use the latest TLS version	f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
App Service Environment should have internal encryption enabled	fb74e86f-d351-4b8d-b034-93da7391c01f	App Service	Default Audit Allowed Audit, Disabled	0		GA
Assess information security events	37b0045b-3887-367b-8b4d-b9a6fa911bb9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Assess risk in third party relationships	0d04cb93-a0f1-2f4b-4b1b-a72a1b510d08	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Assess Security Controls	c423e64d-995c-9f67-0403-b540f65ba42a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Assign account managers	4c6df5ff-4ef2-4f17-a516-0da9189c603b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Assign an authorizing official (AO)	e29a8f1b-149b-2fa3-969d-ebee1baa9472	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Assign information security representative to change control	6abdf7c7-362b-3f35-099e-533ed50988f9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Assign risk designations	b7897ddc-9716-2460-96f7-7757ad038cc4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Assign system identifiers	f29b17a4-0df2-8a50-058a-8570f9979d28	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Audit Linux machines that allow remote connections from accounts without passwords	ea53dbee-c6c9-4f0e-9f9e-de0039b78023	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Audit Linux machines that do not have the passwd file permissions set to 0644	e6955644-301c-44b5-a4c4-528577de6861	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Audit Linux machines that have accounts without passwords	f6ec09a3-78bf-4f8f-99dc-6c77182d0f99	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Audit privileged functions	f26af0b1-65b6-689a-a03f-352ad2d00f98	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Audit usage of custom RBAC roles	a451c1ef-c6ca-483d-87ed-f49761e3ffb5	General	Default Audit Allowed Audit, Disabled	0		GA
Audit user account status	49c23d9b-02b0-0e42-4f94-e8cef1b8381b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Audit virtual machines without disaster recovery configured	0015ea4d-51ff-4ce3-8d8c-f3f8f0179a56	Compute	Fixed auditIfNotExists	0		GA
Audit Windows machines that allow re-use of the passwords after the specified number of unique passwords	5b054a0d-39e2-4d53-bea3-9734cad2c69b	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Audit Windows machines that do not have the maximum password age set to specified number of days	4ceb8dc2-559c-478b-a15b-733fbf1e3738	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Audit Windows machines that do not have the minimum password age set to specified number of days	237b38db-ca4d-4259-9e47-7882441ca2c0	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Audit Windows machines that do not have the password complexity setting enabled	bf16e0bb-31e1-4646-8202-60a235cc7e74	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Audit Windows machines that do not restrict the minimum password length to specified number of characters	a2d0e922-65d0-40c4-8f87-ea6da2d307a2	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Audit Windows machines that do not store passwords using reversible encryption	da0f98fe-a24b-4ad5-af69-bd0400233661	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Auditing on SQL server should be enabled	a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Authenticate to cryptographic module	6f1de470-79f3-1572-866e-db0771352fc8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Authentication to Linux machines should require SSH keys	630c64f9-8b6b-4c64-b511-6544ceff6fd6	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Authorize access to security functions and information	aeed863a-0f56-429f-945d-8bb66bd06841	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Authorize and manage access	50e9324a-7410-0539-0662-2c1e775538b7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Authorize remote access	dad8a2e9-6f27-4fc2-8933-7e99fe700c9c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Authorize remote access to privileged commands	01c387ea-383d-4ca9-295a-977fab516b03	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Authorize, monitor, and control usage of mobile code technologies	291f20d4-8d93-1d73-89f3-6ce28b825563	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Authorize, monitor, and control voip	e4e1f896-8a93-1151-43c7-0ad23b081ee2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Authorized IP ranges should be defined on Kubernetes Services	0e246bcf-5f6f-4f87-bc6f-775d4712c7ea	Security Center	Default Audit Allowed Audit, Disabled	0		GA
Auto provisioning of the Log Analytics agent should be enabled on your subscription	475aae12-b88a-4572-8b36-9b712b2b3a17	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Automate account management	2cc9c165-46bd-9762-5739-d2aae5ba90a1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate approval request for proposed changes	575ed5e8-4c29-99d0-0e4d-689fb1d29827	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate flaw remediation	a90c4d44-7fac-8e02-6d5b-0d92046b20e6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate implementation of approved change notifications	c72fc0c8-2df8-7506-30be-6ba1971747e1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate information sharing decisions	e54901fe-42c2-7f3b-3c5f-327aa5320a69	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate notification of employee termination	729c8708-2bec-093c-8427-2e87d2cd426d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate process to document implemented changes	43ac3ccb-4ef6-7d63-9a3f-6848485ba4e8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate process to highlight unreviewed change proposals	92b49e92-570f-1765-804a-378e6c592e28	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate process to prohibit implementation of unapproved changes	7d10debd-4775-85a7-1a41-7e128e0e8c50	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate proposed documented changes	5c40f27b-6791-18c5-3f85-7b863bd99c11	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automate remote maintenance activities	b8587fce-138f-86e8-33a3-c60768bf1da6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Automation account variables should be encrypted	3657f5a0-770e-44a3-b44e-9431ba1e9735	Automation	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure AI Services resources should have key access disabled (disable local authentication)	71ef260a-8f18-47b7-abcb-62d0673d94dc	Azure Ai Services	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure AI Services resources should restrict network access	037eea7a-bd0a-46c5-9a66-03aea78705d3	Azure Ai Services	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure API for FHIR should use a customer-managed key to encrypt data at rest	051cba44-2429-45b9-9649-46cec11c7119	API for FHIR	Default Audit Allowed audit, Audit, disabled, Disabled	0		GA
Azure API for FHIR should use private link	1ee56206-5dd1-42ab-b02d-8aae8b1634ce	API for FHIR	Default Audit Allowed Audit, Disabled	0		GA
Azure Automation accounts should use customer-managed keys to encrypt data at rest	56a5ee18-2ae6-4810-86f7-18e39ce5629b	Automation	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Backup should be enabled for Virtual Machines	013e242c-8828-4970-87b3-ab247555486d	Backup	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Batch account should use customer-managed keys to encrypt data	99e9ccd8-3db9-4592-b0d1-14b1715a4d8a	Batch	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Cache for Redis should use private link	7803067c-7d34-46e3-8c79-0ca68fc4036d	Cache	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Cognitive Search service should use a SKU that supports private link	a049bf77-880b-470f-ba6d-9f21c530cf83	Search	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Cognitive Search services should disable public network access	ee980b6d-0eca-4501-8d54-f6290fd512c3	Search	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Cognitive Search services should use private link	0fda3595-9f2b-4592-8675-4231d6fa82fe	Search	Default Audit Allowed Audit, Disabled	0		GA
Azure Container Instance container group should use customer-managed key for encryption	0aa61e00-0a01-4a3c-9945-e93cffedf0e6	Container Instance	Default Audit Allowed Audit, Disabled, Deny	0		GA
Azure Cosmos DB accounts should have firewall rules	862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb	Cosmos DB	Default Deny Allowed Audit, Deny, Disabled	0		GA
Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest	1f905d99-2ab7-462c-a6b0-f709acca6c8f	Cosmos DB	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Azure Data Box jobs should enable double encryption for data at rest on the device	c349d81b-9985-44ae-a8da-ff98d108ede8	Data Box	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password	86efb160-8de7-451d-bc08-5d475b0aadae	Data Box	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Data Explorer encryption at rest should use a customer-managed key	81e74cea-30fd-40d5-802f-d72103c2aaaa	Azure Data Explorer	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure data factories should be encrypted with a customer-managed key	4ec52d6d-beb7-40c4-9a9e-fe753254690e	Data Factory	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Data Factory should use private link	8b0323be-cc25-4b61-935d-002c3798c6ea	Data Factory	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure DDoS Protection should be enabled	a7aca53f-2ed4-4466-a25e-0b45ade68efd	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Defender for App Service should be enabled	2913021d-f2fd-4f3d-b958-22354e2bdbcb	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Defender for Azure SQL Database servers should be enabled	7fe3b40f-802b-4cdd-8bd4-fd799c948cc2	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Defender for Key Vault should be enabled	0e6763cc-5078-4e64-889d-ff4d9a839047	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Defender for Resource Manager should be enabled	c3d20c29-b36d-48fe-808b-99a87530ad99	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Defender for servers should be enabled	4da35fc9-c9e7-4960-aec9-797fe7d9051d	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Defender for SQL servers on machines should be enabled	6581d072-105e-4418-827f-bd446d56421b	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Defender for SQL should be enabled for unprotected Azure SQL servers	abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Defender for SQL should be enabled for unprotected SQL Managed Instances	abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure Event Grid domains should use private link	9830b652-8523-49cc-b1b3-e17dce1127ca	Event Grid	Default Audit Allowed Audit, Disabled	0		GA
Azure Event Grid topics should use private link	4b90e17e-8448-49db-875e-bd83fb6f804f	Event Grid	Default Audit Allowed Audit, Disabled	0		GA
Azure File Sync should use private link	1d320205-c6a1-4ac6-873d-46224024e8e2	Storage	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure HDInsight clusters should use customer-managed keys to encrypt data at rest	64d314f6-6062-4780-a861-c23e8951bee5	HDInsight	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure HDInsight clusters should use encryption at host to encrypt data at rest	1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6	HDInsight	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes	d9da03a1-f3c3-412a-9709-947156872263	HDInsight	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Key Vault should have firewall enabled	55615ac9-af46-4a59-874e-391cc3dfb490	Key Vault	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Key Vaults should use private link	a6abeaec-4d90-4a02-805f-6b26c4d3fbe9	Key Vault	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Machine Learning workspaces should be encrypted with a customer-managed key	ba769a63-b8cc-4b2d-abf6-ac33c7204be8	Machine Learning	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Machine Learning workspaces should use private link	45e05259-1eb5-4f70-9574-baf73e9d219b	Machine Learning	Default Audit Allowed Audit, Disabled	0		GA
Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption)	ea0dfaed-95fb-448c-934e-d6e713ce393d	Monitoring	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Azure Monitor Logs clusters should be encrypted with customer-managed key	1f68a601-6e6d-4e42-babf-3f643a047ea2	Monitoring	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Azure Policy Add-on for Kubernetes service (AKS) should be installed and enabled on your clusters	0a15ec92-a229-4763-bb14-0ea34a568f8d	Kubernetes	Default Audit Allowed Audit, Disabled	0		GA
Azure Role-Based Access Control (RBAC) should be used on Kubernetes Services	ac4a19c2-fa67-49b4-8ae5-0b2e78c49457	Security Center	Default Audit Allowed Audit, Disabled	0		GA
Azure Service Bus namespaces should use private link	1c06e275-d63d-4540-b761-71f364c2111d	Service Bus	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Azure SignalR Service should use private link	2393d2cf-a342-44cd-a2e2-fe0188fd1234	SignalR	Default Audit Allowed Audit, Disabled	0		GA
Azure Spring Cloud should use network injection	af35e2a4-ef96-44e7-a9ae-853dd97032c4	App Platform	Default Audit Allowed Audit, Disabled, Deny	0		GA
Azure Stack Edge devices should use double-encryption	b4ac1030-89c5-4697-8e00-28b5ba6a8811	Azure Stack Edge	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Azure Stream Analytics jobs should use customer-managed keys to encrypt data	87ba29ef-1ab3-4d82-b763-87fcd4f531f7	Stream Analytics	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Azure Synapse workspaces should use customer-managed keys to encrypt data at rest	f7d52b2d-e161-4dfa-a82b-55e564167385	Synapse	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Synapse workspaces should use private link	72d11df1-dd8a-41f7-8925-b05b960ebafc	Synapse	Default Audit Allowed Audit, Disabled	0		GA
Azure Web Application Firewall should be enabled for Azure Front Door entry-points	055aa869-bc98-4af8-bafc-23f1ab6ffe2c	Network	Default Audit Allowed Audit, Deny, Disabled	0		GA
Azure Web PubSub Service should use private link	eb907f70-7514-460d-92b3-a5ae93b4f917	Web PubSub	Default Audit Allowed Audit, Disabled	0		GA
Bind authenticators and identities dynamically	6f311b49-9b0d-8c67-3d6e-db80ae528173	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Block untrusted and unsigned processes that run from USB	3d399cf3-8fc6-0efc-6ab0-1412f1198517	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Blocked accounts with owner permissions on Azure resources should be removed	0cfea604-3201-4e14-88fc-fae4c427a6c5	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Blocked accounts with read and write permissions on Azure resources should be removed	8d7e1fde-fe26-4b5f-8108-f8e432cbc2be	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Bot Service should be encrypted with a customer-managed key	51522a96-0869-4791-82f3-981000c2c67f	Bot Service	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys	7d7be79c-23ba-4033-84dd-45e2a5ccdd67	Kubernetes	Default Audit Allowed Audit, Deny, Disabled	0		GA
Categorize information	93fa357f-2e38-22a9-5138-8cc5124e1923	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Certificates should have the specified maximum validity period	0a075868-4c26-42ef-914c-5bc007359560	Key Vault	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Check for privacy and security compliance before establishing internal connections	ee4bbbbb-2e52-9adb-4e3a-e641f7ac68ab	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Clear personnel with access to classified information	c42f19c9-5d88-92da-0742-371a0ea03126	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Cognitive Services accounts should enable data encryption with a customer-managed key	67121cc7-ff39-4ab8-b7e3-95b84dab487d	Cognitive Services	Default Audit Allowed Audit, Deny, Disabled	0		GA
Cognitive Services should use private link	cddd188c-4b82-4c48-a19d-ddf74ee66a01	Cognitive Services	Default Audit Allowed Audit, Disabled	0		GA
Communicate contingency plan changes	a1334a65-2622-28ee-5067-9d7f5b915cc5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Compile Audit records into system wide audit	214ea241-010d-8926-44cc-b90a96d52adc	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct a full text analysis of logged privileged commands	8eea8c14-4d93-63a3-0c82-000343ee5204	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct a security impact analysis	203101f5-99a3-1491-1b56-acccd9b66a9e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct backup of information system documentation	b269a749-705e-8bff-055a-147744675cdf	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct capacity planning	33602e78-35e3-4f06-17fb-13dd887448e4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct exit interview upon termination	496b407d-9b9e-81e8-4ba4-44bc686b016a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct incident response testing	3545c827-26ee-282d-4629-23952a12008b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct Risk Assessment	677e1da4-00c3-287a-563d-f4a1cf9b99a0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct risk assessment and distribute its results	d7c1ecc3-2980-a079-1569-91aec8ac4a77	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conduct risk assessment and document its results	1dbd51c2-2bd1-5e26-75ba-ed075d8f0d68	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Configure actions for noncompliant devices	b53aa659-513e-032c-52e6-1ce0ba46582f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Configure Azure Audit capabilities	a3e98638-51d4-4e28-910a-60e98c1a756f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Configure detection whitelist	2927e340-60e4-43ad-6b5f-7a1468232cc2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Configure workstations to check for digital certificates	26daf649-22d1-97e9-2a8a-01b182194d59	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Conform to FICAM-issued profiles	a8df9c78-4044-98be-2c05-31a315ac8957	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Container registries should be encrypted with a customer-managed key	5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580	Container Registry	Default Audit Allowed Audit, Deny, Disabled	0		GA
Container registries should not allow unrestricted network access	d0793b48-0edc-4296-a390-4c75d1bdfd71	Container Registry	Default Audit Allowed Audit, Deny, Disabled	0		GA
Container registries should use private link	e8eef0a8-67cf-4eb4-9386-14b0e78733d4	Container Registry	Default Audit Allowed Audit, Disabled	0		GA
Control information flow	59bedbdc-0ba9-39b9-66bb-1d1c192384e6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Control maintenance and repair activities	b6ad009f-5c24-1dc0-a25e-74b60e4da45f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Control physical access	55a7f9a0-6397-7589-05ef-5ed59a8149e7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Control use of portable storage devices	36b74844-4a99-4c80-1800-b18a516d1585	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Coordinate contingency plans with related plans	c5784049-959f-6067-420c-f4cefae93076	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Coordinate with external organizations to achieve cross org perspective	d4e6a629-28eb-79a9-000b-88030e4823ca	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Correlate audit records	10874318-0bf7-a41f-8463-03e395482080	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Correlate Vulnerability scan information	e3905a3c-97e7-0b4f-15fb-465c0927536f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
CosmosDB accounts should use private link	58440f8a-10c5-4151-bdce-dfbaad4a20b7	Cosmos DB	Default Audit Allowed Audit, Disabled	0		GA
Create a data inventory	043c1e56-5a16-52f8-6af8-583098ff3e60	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Create alternative actions for identified anomalies	cc2f7339-2fac-1ea9-9ca3-cd530fbb0da2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Create configuration plan protection	874a6f2e-2098-53bc-3a16-20dcdc425a7e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Create separate alternate and primary storage sites	81b6267b-97a7-9aa5-51ee-d2584a160424	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define a physical key management process	51e4b233-8ee3-8bdc-8f5f-f33bd0d229b7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define acceptable and unacceptable mobile code technologies	1afada58-8b34-7ac2-a38a-983218635201	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define access authorizations to support separation of duties	341bc9f1-7489-07d9-4ec6-971573e1546a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define and document government oversight	cbfa1bd0-714d-8d6f-0480-2ad6a53972df	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define and enforce conditions for shared and group accounts	f7eb1d0b-6d4f-2d59-1591-7563e11a9313	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define and enforce inactivity log policy	2af4640d-11a6-a64b-5ceb-a468f4341c0c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define and enforce the limit of concurrent sessions	d8350d4c-9314-400b-288f-20ddfce04fbd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define cryptographic use	c4ccd607-702b-8ae6-8eeb-fc3339cd4b42	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define information security roles and responsibilities	ef5a7059-6651-73b1-18b3-75b1b79c1565	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define information system account types	623b5f0a-8cbd-03a6-4892-201d27302f0c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define mobile device requirements	9ca3a3ea-3a1f-8ba0-31a8-6aed0fe1a7a4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define organizational requirements for cryptographic key management	d661e9eb-4e15-5ba1-6f02-cdc467db0d6c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define requirements for managing assets	25a1f840-65d0-900a-43e4-bee253de04de	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Define requirements for supplying goods and services	2b2f3a72-9e68-3993-2b69-13dcdecf8958	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Deliver security assessment results	8e49107c-3338-40d1-02aa-d524178a2afe	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs	331e8ea8-378a-410f-a2e5-ae22f38bb0da	Guest Configuration	Fixed deployIfNotExists	1	Contributor	GA
Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs	385f5831-96d4-41db-9a3c-cd3af78aaae6	Guest Configuration	Fixed deployIfNotExists	1	Contributor	GA
Design an access control model	03b6427e-6072-4226-4bd9-a410ab65317e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Designate authorized personnel to post publicly accessible information	b4512986-80f5-1656-0c58-08866bd2673a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Designate personnel to supervise unauthorized maintenance activities	7a489c62-242c-5db9-74df-c073056d6fa3	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Detect network services that have not been authorized or approved	86ecd378-a3a0-5d5b-207c-05e6aaca43fc	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Determine assertion requirements	7a0ecd94-3699-5273-76a5-edb8499f655a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Determine auditable events	2f67e567-03db-9d1f-67dc-b6ffb91312f4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Determine supplier contract obligations	67ada943-8539-083d-35d0-7af648974125	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop a concept of operations (CONOPS)	e7422f08-65b4-50e4-3779-d793156e0079	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop acceptable use policies and procedures	42116f15-5665-a52a-87bb-b40e64c74b6c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop access control policies and procedures	59f7feff-02aa-6539-2cf7-bea75b762140	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop an incident response plan	2b4e134f-1e4c-2bff-573e-082d85479b6e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop and document a business continuity and disaster recovery plan	bd6cbcba-4a2d-507c-53e3-296b5c238a8e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop and document a DDoS response plan	b7306e73-0494-83a2-31f5-280e934a8f70	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop and document application security requirements	6de65dc4-8b4f-34b7-9290-eb137a2e2929	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop and establish a system security plan	b2ea1058-8998-3dd1-84f1-82132ad482fd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop and maintain a vulnerability management standard	055da733-55c6-9e10-8194-c40731057ec4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop and maintain baseline configurations	2f20840e-7925-221c-725d-757442753e7c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop audit and accountability policies and procedures	a28323fe-276d-3787-32d2-cef6395764c4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop business classification schemes	11ba0508-58a8-44de-5f3a-9e05d80571da	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop configuration item identification plan	836f8406-3b8a-11bb-12cb-6c7fa0765668	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop configuration management plan	04837a26-2601-1982-3da7-bf463e6408f4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop contingency plan	aa305b4d-8c84-1754-0c74-dec004e66be0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop contingency planning policies and procedures	75b42dcf-7840-1271-260b-852273d7906e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop information security policies and procedures	af227964-5b8b-22a2-9364-06d2cb9d6d7c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop organization code of conduct policy	d02498e0-8a6f-6b02-8332-19adf6711d1e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop POA&M	477bd136-7dd9-55f8-48ac-bae096b86a07	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop security assessment plan	1c258345-5cd4-30c8-9ef3-5ee4dd5231d6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop security safeguards	423f6d9c-0c73-9cc6-64f4-b52242490368	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop spillage response procedures	bb048641-6017-7272-7772-a008f285a520	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Develop SSP that meets criteria	6b957f60-54cd-5752-44d5-ff5a64366c93	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Disable authenticators upon termination	d9d48ffb-0d8c-0bd5-5f31-5a5826d19f10	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Disable user accounts posing a significant risk	22c16ae4-19d0-29cb-422f-cb44061180ee	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Discover any indicators of compromise	07b42fb5-027e-5a3c-4915-9d9ef3020ec7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Disk access resources should use private link	f39f5f49-4abf-44de-8c70-0756997bfb51	Compute	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Disk encryption should be enabled on Azure Data Explorer	f4b53539-8df9-40e4-86c6-6b607703bd4e	Azure Data Explorer	Default Audit Allowed Audit, Deny, Disabled	0		GA
Display an explicit logout message	0471c6b7-1588-701c-2713-1fade73b75f6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Disseminate security alerts to personnel	9c93ef57-7000-63fb-9b74-88f2e17ca5d2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Distribute authenticators	098dcde7-016a-06c3-0985-0daaf3301d3a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Distribute information system documentation	84a01872-5318-049e-061e-d56734183e84	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Distribute policies and procedures	eff6e4a5-3efe-94dd-2ed1-25d56a019a82	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document access privileges	a08b18c7-9e0a-89f1-3696-d80902196719	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document acquisition contract acceptance criteria	0803eaa7-671c-08a7-52fd-ac419f775e75	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document and implement wireless access guidelines	04b3e7f6-4841-888d-4799-cda19a0084f6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document customer-defined actions	8c44a0ea-9b09-4d9c-0e91-f9bee3d05bfb	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document mobility training	83dfb2b8-678b-20a0-4c44-5c75ada023e6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document organizational access agreements	c981fa70-2e58-8141-1457-e7f62ebc2ade	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document personnel acceptance of privacy requirements	271a3e58-1b38-933d-74c9-a580006b80aa	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document protection of personal data in acquisition contracts	f9ec3263-9562-1768-65a1-729793635a8d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document protection of security information in acquisition contracts	d78f95ba-870a-a500-6104-8a5ce2534f19	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document remote access guidelines	3d492600-27ba-62cc-a1c3-66eb919f6a0d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document requirements for the use of shared data in contracts	0ba211ef-0e85-2a45-17fc-401d1b3f8f85	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document security and privacy training activities	524e7136-9f6a-75ba-9089-501018151346	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document security assurance requirements in acquisition contracts	13efd2d7-3980-a2a4-39d0-527180c009e8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document security documentation requirements in acquisition contract	a465e8e9-0095-85cb-a05f-1dd4960d02af	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document security functional requirements in acquisition contracts	57927290-8000-59bf-3776-90c468ac5b4b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document security operations	2c6bee3a-2180-2430-440d-db3c7a849870	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document security strength requirements in acquisition contracts	ebb0ba89-6d8c-84a7-252b-7393881e43de	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document separation of duties	e6f7b584-877a-0d69-77d4-ab8b923a9650	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document the information system environment in acquisition contracts	c148208b-1a6f-a4ac-7abc-23b1d41121b1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document the protection of cardholder data in third party contracts	77acc53d-0f67-6e06-7d04-5750653d4629	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document third-party personnel security requirements	b320aa42-33b4-53af-87ce-100091d48918	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Document wireless access security controls	8f835d6a-4d13-9a9c-37dc-176cebd37fda	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Double encryption should be enabled on Azure Data Explorer	ec068d99-e9c7-401f-8cef-5bdde4e6ccf1	Azure Data Explorer	Default Audit Allowed Audit, Deny, Disabled	0		GA
Email notification for high severity alerts should be enabled	6e2593d9-add6-4083-9c9b-4b7d2188c899	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Email notification to subscription owner for high severity alerts should be enabled	0b15565f-aa9e-48ba-8619-45960f2c314d	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Employ a media sanitization mechanism	eaaae23f-92c9-4460-51cf-913feaea4d52	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ automated training environment	c8aa992d-76b7-7ca0-07b3-31a58d773fa9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ automatic emergency lighting	aa892c0d-2c40-200c-0dd8-eac8c4748ede	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ automatic shutdown/restart when violations are detected	1b8a7ec3-11cc-a2d3-8cd0-eedf074424a4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ boundary protection to isolate information systems	311802f9-098d-0659-245a-94c5d47c0182	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ FICAM-approved resources to accept third-party credentials	db8b35d6-8adb-3f51-44ff-c648ab5b1530	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ FIPS 201-approved technology for PIV	8b333332-6efd-7c0d-5a9f-d1eb95105214	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ flow control mechanisms of encrypted information	79365f13-8ba4-1f6c-2ac4-aa39929f56d0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ independent assessors for continuous monitoring	3baee3fd-30f5-882c-018c-cc78703a0106	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ independent assessors to conduct security control assessments	b65c5d8e-9043-9612-2c17-65f231d763bb	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ independent team for penetration testing	611ebc63-8600-50b6-a0e3-fef272457132	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ least privilege access	1bc7fd64-291f-028e-4ed6-6e07886e163f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Employ restrictions on external system interconnections	80029bc5-834f-3a9c-a2d8-acbc1aab4e9f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enable detection of network devices	426c172c-9914-10d1-25dd-669641fc1af4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enable dual or joint authorization	2c843d78-8f64-92b5-6a9b-e8186c0e7eb6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enable network protection	8c255136-994b-9616-79f5-ae87810e0dcf	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Endpoint protection solution should be installed on virtual machine scale sets	26a828e1-e88f-464e-bbb3-c134a282b9de	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Enforce a limit of consecutive failed login attempts	b4409bff-2287-8407-05fd-c73175a68302	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce and audit access restrictions	8cd815bf-97e1-5144-0735-11f6ddb50a59	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce appropriate usage of all accounts	fd81a1b3-2d7a-107c-507e-29b87d040c19	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce expiration of cached authenticators	c7e8ddc1-14aa-1814-7fe1-aad1742b27da	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce logical access	10c4210b-3ec9-9603-050d-77e4d26c7ebb	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce mandatory and discretionary access control policies	b1666a13-8f67-9c47-155e-69e027ff6823	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce random unique session identifiers	c7d57a6a-7cc2-66c0-299f-83bf90558f5d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce rules of behavior and access agreements	509552f5-6528-3540-7959-fbeae4832533	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce security configuration settings	058e9719-1ff9-3653-4230-23f76b6492e0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce software execution privileges	68d2e478-3b19-23eb-1357-31b296547457	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Enforce SSL connection should be enabled for MySQL database servers	e802a67a-daf5-4436-9ea6-f6d821dd0c5d	SQL	Default Audit Allowed Audit, Disabled	0		GA
Enforce SSL connection should be enabled for PostgreSQL database servers	d158790f-bfb0-486c-8631-2dc6b4e8e6af	SQL	Default Audit Allowed Audit, Disabled	0		GA
Enforce user uniqueness	e336d5f4-4d8f-0059-759c-ae10f63d1747	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure access agreements are signed or resigned timely	e7589f4e-1e8b-72c2-3692-1e14d7f3699f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure alternate storage site safeguards are equivalent to primary site	178c8b7e-1b6e-4289-44dd-2f1526b678a1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure audit records are not altered	27ce30dd-3d56-8b54-6144-e26d9a37a541	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure authorized users protect provided authenticators	37dbe3dc-0e9c-24fa-36f2-11197cbfa207	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure cryptographic mechanisms are under configuration management	b8dad106-6444-5f55-307e-1e1cc9723e39	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure external providers consistently meet interests of the customers	3eabed6d-1912-2d3c-858b-f438d08d0412	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure information system fails in known state	12af7c7a-92af-9e96-0d0c-5e732d1a3751	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure resources are authorized	0716f0f5-4955-2ccb-8d5e-c6be14d57c0f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure security categorization is approved	6c79c3e5-5f7b-a48a-5c7b-8c158bc01115	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure security safeguards not needed when the individuals return	1fdf0b24-4043-3c55-357e-036985d50b52	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure system capable of dynamic isolation of resources	83eea3d3-0d2c-9ccd-1021-2111b29b2a62	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Ensure there are no unencrypted static authenticators	eda0cbb7-6043-05bf-645b-67411f1a59b3	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Eradicate contaminated information	54a9c072-4a93-2a03-6a43-a060d30383d7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish a configuration control board	7380631c-5bf5-0e3a-4509-0873becd8a63	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish a data leakage management procedure	3c9aa856-6b86-35dc-83f4-bc72cec74dea	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish a discrete line item in budgeting documentation	06af77de-02ca-0f3e-838a-a9420fe466f5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish a password policy	d8bbd80e-3bb1-5983-06c2-428526ec6a63	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish a privacy program	39eb03c1-97cc-11ab-0960-6209ed2869f7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish a risk management strategy	d36700f2-2f0d-7c2a-059c-bdadd1d79f70	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish a secure software development program	e750ca06-1824-464a-2cf3-d0fa754d1cb4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish a threat intelligence program	b0e3035d-6366-2e37-796e-8bcab9c649e6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish alternate storage site that facilitates recovery operations	245fe58b-96f8-9f1e-48c5-7f49903f66fd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish alternate storage site to store and retrieve backup information	0a412110-3874-9f22-187a-c7a81c8a6704	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish an alternate processing site	af5ff768-a34b-720e-1224-e6b3214f3ba6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish an information security program	84245967-7882-54f6-2d34-85059f725b47	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish and document a configuration management plan	526ed90e-890f-69e7-0386-ba5c0f1f784f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish and document change control processes	bd4dc286-2f30-5b95-777c-681f3a7913d3	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish and maintain an asset inventory	27965e62-141f-8cca-426f-d09514ee5216	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish authenticator types and processes	921ae4c1-507f-5ddb-8a58-cfa9b5fd96f0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish backup policies and procedures	4f23967c-a74b-9a09-9dc2-f566f61a87b9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish benchmarks for flaw remediation	dd2523d5-2db3-642b-a1cf-83ac973b32c2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish conditions for role membership	97cfd944-6f0c-7db2-3796-8e890ef70819	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish configuration management requirements for developers	8747b573-8294-86a0-8914-49e9b06a5ace	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish electronic signature and certificate requirements	6f3866e8-6e12-69cf-788c-809d426094a1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish firewall and router configuration standards	398fdbd8-56fd-274d-35c6-fa2d3b2755a1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish network segmentation for card holder data environment	f476f3b0-4152-526e-a209-44e5f8c968d7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish parameters for searching secret authenticators and verifiers	0065241c-72e9-3b2c-556f-75de66332a94	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish policies for supply chain risk management	9150259b-617b-596d-3bf5-5ca3fce20335	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish procedures for initial authenticator distribution	35963d41-4263-0ef9-98d5-70eb058f9e3c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish relationship between incident response capability and external providers	b470a37a-7a47-3792-34dd-7a793140702e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish requirements for audit review and reporting	b3c8cc83-20d3-3890-8bc8-5568777670f4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish requirements for internet service providers	5f2e834d-7e40-a4d5-a216-e49b16955ccf	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish security requirements for the manufacturing of connected devices	afbecd30-37ee-a27b-8e09-6ac49951a0ee	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish terms and conditions for accessing resources	3c93dba1-84fd-57de-33c7-ef0400a08134	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish terms and conditions for processing resources	5715bf33-a5bd-1084-4e19-bc3c83ec1c35	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish third-party personnel security requirements	3881168c-5d38-6f04-61cc-b5d87b2c4c58	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish usage restrictions for mobile code technologies	ffdaa742-0d6f-726f-3eac-6e6c34e36c93	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Establish voip usage restrictions	68a39c2b-0f17-69ee-37a3-aa10f9853a08	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Evaluate alternate processing site capabilities	60442979-6333-85f0-84c5-b887bac67448	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Event Hub namespaces should use a customer-managed key for encryption	a1ad735a-e96f-45d2-a7b2-9a4932cab7ec	Event Hub	Default Audit Allowed Audit, Disabled	0		GA
Event Hub namespaces should use private link	b8564268-eb4a-4337-89be-a19db070c59d	Event Hub	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Execute actions in response to information spills	ba78efc6-795c-64f4-7a02-91effbd34af9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Explicitly notify use of collaborative computing devices	62fa14f0-4cbe-762d-5469-0899a99b98aa	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Facilitate information sharing	a44c9fba-43f8-4b7b-7ee6-db52c96b4366	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Function apps should have remote debugging turned off	0e60b895-3786-45da-8377-9c6b4b6ac5f9	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Function apps should not have CORS configured to allow every resource to access your apps	0820b7b9-23aa-4725-a1ce-ae4558f718e5	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Function apps should only be accessible over HTTPS	6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab	App Service	Default Audit Allowed Audit, Disabled, Deny	0		GA
Function apps should require FTPS only	399b2637-a50f-4f95-96f8-3a145476eb15	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Function apps should use latest 'HTTP Version'	e2c1c086-2d84-4019-bff3-c44ccd95113c	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Function apps should use managed identity	0da106f2-4ca3-48e8-bc85-c638fe6aea8f	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Function apps should use the latest TLS version	f9d614c5-c173-4d56-95a7-b4437057d193	App Service	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Generate error messages	c2cb4658-44dc-9d11-3dad-7c6802dd5ba3	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Generate internal security alerts	171e377b-5224-4a97-1eaa-62a3b5231dac	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Geo-redundant backup should be enabled for Azure Database for MariaDB	0ec47710-77ff-4a3d-9181-6aa50af424d0	SQL	Default Audit Allowed Audit, Disabled	0		GA
Geo-redundant backup should be enabled for Azure Database for MySQL	82339799-d096-41ae-8538-b108becf0970	SQL	Default Audit Allowed Audit, Disabled	0		GA
Geo-redundant backup should be enabled for Azure Database for PostgreSQL	48af4db5-9b8b-401c-8e74-076be876a430	SQL	Default Audit Allowed Audit, Disabled	0		GA
Geo-redundant storage should be enabled for Storage Accounts	bf045164-79ba-4215-8f95-f8048dc1780b	Storage	Default Audit Allowed Audit, Disabled	0		GA
Govern and monitor audit processing activities	333b4ada-4a02-0648-3d4d-d812974f1bb2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Govern compliance of cloud service providers	5c33538e-02f8-0a7f-998b-a4c1e22076d3	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Govern policies and procedures	1a2a03a4-9992-5788-5953-d8f6615306de	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Govern the allocation of resources	33d34fac-56a8-1c0f-0636-3ed94892a709	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Guest accounts with owner permissions on Azure resources should be removed	339353f6-2387-4a45-abe4-7f529d121046	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Guest accounts with read permissions on Azure resources should be removed	e9ac8f8e-ce22-4355-8f04-99b911d6be52	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Guest accounts with write permissions on Azure resources should be removed	94e1c2ac-cbbe-4cac-a2b5-389c812dee87	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Guest Configuration extension should be installed on your machines	ae89ebca-1c92-4898-ac2c-9f63decb045c	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
HPC Cache accounts should use customer-managed key for encryption	970f84d8-71b6-4091-9979-ace7e3fb6dbb	Storage	Default Audit Allowed Audit, Disabled, Deny	0		GA
Identify actions allowed without authentication	92a7591f-73b3-1173-a09c-a08882d84c70	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify and authenticate network devices	ae5345d5-8dab-086a-7290-db43a3272198	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify and authenticate non-organizational users	e1379836-3492-6395-451d-2f5062e14136	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify and manage downstream information exchanges	c7fddb0e-3f44-8635-2b35-dc6b8e740b7c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify and mitigate potential issues at alternate storage site	13939f8c-4cd5-a6db-9af4-9dfec35e3722	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify classes of Incidents and Actions taken	23d1a569-2d1e-7f43-9e22-1f94115b7dd5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify contaminated systems and components	279052a0-8238-694d-9661-bf649f951747	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify external service providers	46ab2c5e-6654-1f58-8c83-e97a44f39308	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify incident response personnel	037c0089-6606-2dab-49ad-437005b5035f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify individuals with security roles and responsibilities	0dcbaf2f-075e-947b-8f4c-74ecc5cd302c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify spilled information	69d90ee6-9f9f-262a-2038-d909fb4e5723	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Identify status of individual users	ca748dfe-3e28-1d18-4221-89aea30aa0a5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement a fault tolerant name/address service	ced727b3-005e-3c5b-5cd5-230b79d56ee8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement a penetration testing methodology	c2eabc28-1e5c-78a2-a712-7cc176c44c07	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement an automated configuration management tool	33832848-42ab-63f3-1a55-c0ad309d44cd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement controls to secure all media	e435f7e3-0dd9-58c9-451f-9b44b96c0232	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement controls to secure alternate work sites	cd36eeec-67e7-205a-4b64-dbfe3b4e3e4e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement cryptographic mechanisms	10c3a1b1-29b0-a2d5-8f4c-a284b0f07830	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement formal sanctions process	5decc032-95bd-2163-9549-a41aba83228e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement incident handling	433de59e-7a53-a766-02c2-f80f8421469a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement Incident handling capability	98e33927-8d7f-6d5f-44f5-2469b40b7215	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement managed interface for each external service	b262e1dd-08e9-41d4-963a-258909ad794b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement parameters for memorized secret verifiers	3b30aa25-0f19-6c04-5ca4-bd3f880a763d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement personnel screening	e0c480bf-0d68-a42d-4cbb-b60f851f8716	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement physical security for offices, working areas, and secure areas	05ec66a2-137c-14b8-8e75-3d7a2bef07f8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement privileged access for executing vulnerability scanning activities	5b802722-71dd-a13d-2e7e-231e09589efb	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement security directives	26d178a4-9261-6f04-a100-47ed85314c6e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement security engineering principles of information systems	df2e9507-169b-4114-3a52-877561ee3198	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement system boundary protection	01ae60e2-38bb-0a32-7b20-d3a091423409	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement training for protecting authenticators	e4b00788-7e1c-33ec-0418-d048508e095b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Implement transaction based recovery	ba02d0a0-566a-25dc-73f1-101c726a19c5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Include dynamic reconfig of customer deployed resources	1e0d5ba8-a433-01aa-829c-86b06c9631ec	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Incorporate flaw remediation into configuration management	34aac8b2-488a-2b96-7280-5b9b481a317a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Incorporate simulated contingency training	9c954fcf-6dd8-81f1-41b5-832ae5c62caf	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Incorporate simulated events into incident response training	1fdeb7c4-4c93-8271-a135-17ebe85f1cc7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Information flow control using security policy filters	13ef3484-3a51-785a-9c96-500f21f84edd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Infrastructure encryption should be enabled for Azure Database for MySQL servers	3a58212a-c829-4f13-9872-6371df2fd0b4	SQL	Default Audit Allowed Audit, Deny, Disabled	0		GA
Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers	24fba194-95d6-48c0-aea7-f65bf859c598	SQL	Default Audit Allowed Audit, Deny, Disabled	0		GA
Initiate contingency plan testing corrective actions	8bfdbaa6-6824-3fec-9b06-7961bf7389a6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Initiate transfer or reassignment actions	b8a9bb2f-7290-3259-85ce-dca7d521302d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Install an alarm system	aa0ddd99-43eb-302d-3f8f-42b499182960	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Integrate Audit record analysis	85335602-93f5-7730-830b-d43426fd51fa	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Integrate audit review, analysis, and reporting	f741c4e6-41eb-15a4-25a2-61ac7ca232f0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Integrate cloud app security with a siem	9fdde4a9-85fa-7850-6df4-ae9c4a2e56f9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Integrate risk management process into SDLC	00f12b6f-10d7-8117-9577-0f2b76488385	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Internet-facing virtual machines should be protected with network security groups	f6de0be7-9a8a-4b8a-b349-43cf02d22f7c	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Invalidate session identifiers at logout	396f465d-375e-57de-58ba-021adb008191	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
IoT Hub device provisioning service instances should use private link	df39c015-56a4-45de-b4a3-efe77bed320d	Internet of Things	Default Audit Allowed Audit, Disabled	0		GA
IP Forwarding on your virtual machine should be disabled	bd352bd5-2853-4985-bf0d-73806b4a5744	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Isolate information spills	22457e81-3ec6-5271-a786-c3ca284601dd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Isolate SecurID systems, Security Incident Management systems	dd6d00a8-701a-5935-a22b-c7b9c0c698b2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Issue public key certificates	97d91b33-7050-237b-3e23-a77d57d84e13	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Key Vault keys should have an expiration date	152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0	Key Vault	Default Audit Allowed Audit, Deny, Disabled	0		GA
Key Vault secrets should have an expiration date	98728c90-32c7-4049-8429-847dc0f4fe37	Key Vault	Default Audit Allowed Audit, Deny, Disabled	0		GA
Key vaults should have deletion protection enabled	0b60c0b2-2dc2-4e1c-b5c9-abbed971de53	Key Vault	Default Audit Allowed Audit, Deny, Disabled	0		GA
Key vaults should have soft delete enabled	1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d	Key Vault	Default Audit Allowed Audit, Deny, Disabled	0		GA
Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits	e345eecc-fa47-480f-9e88-67dcc122b164	Kubernetes	Default Deny Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster containers should not share host process ID or host IPC namespace	47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8	Kubernetes	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster containers should only use allowed AppArmor profiles	511f5417-5d12-434d-ab2e-816901e72a5e	Kubernetes	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster containers should only use allowed capabilities	c26596ff-4d70-4e6a-9a30-c2506bd2f80c	Kubernetes	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster containers should only use allowed images	febd0533-8e55-448f-b837-bd0e06f16469	Kubernetes	Default Deny Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster containers should run with a read only root file system	df49d893-a74c-421d-bc95-c663042e5b80	Kubernetes	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster pod hostPath volumes should only use allowed host paths	098fc59e-46c7-4d99-9b16-64990e543d75	Kubernetes	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster pods and containers should only run with approved user and group IDs	f06ddb64-5fa3-4b77-b166-acb36f7f6042	Kubernetes	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster pods should only use approved host network and port range	82985f06-dc18-4a48-bc1c-b9f4f0098cfe	Kubernetes	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster services should listen only on allowed ports	233a2a17-77ca-4fb1-9b6b-69223d272a44	Kubernetes	Default Deny Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes cluster should not allow privileged containers	95edb821-ddaf-4404-9732-666045e056b4	Kubernetes	Default Deny Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes clusters should be accessible only over HTTPS	1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d	Kubernetes	Default Deny Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes clusters should not allow container privilege escalation	1c6e92c9-99f0-4e55-9cf2-0c234dc48f99	Kubernetes	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Kubernetes Services should be upgraded to a non-vulnerable Kubernetes version	fb893a29-21bb-418c-a157-e99480ec364c	Security Center	Default Audit Allowed Audit, Disabled	0		GA
Limit privileges to make changes in production environment	2af551d5-1775-326a-0589-590bfb7e9eb2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Linux machines should meet requirements for the Azure compute security baseline	fc9b3da7-8347-4380-8e70-0a0361d8dedd	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Log Analytics agent should be installed on your virtual machine for Azure Security Center monitoring	a4fe33eb-e377-4efb-ab31-0784311bc499	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Log Analytics agent should be installed on your virtual machine scale sets for Azure Security Center monitoring	a3a6ea0c-e018-4933-9ef0-5aaa1501449b	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Logic Apps Integration Service Environment should be encrypted with customer-managed keys	1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5	Logic Apps	Default Audit Allowed Audit, Deny, Disabled	0		GA
Long-term geo-redundant backup should be enabled for Azure SQL Databases	d38fc420-0735-4ef3-ac11-c806f651a570	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Maintain availability of information	3ad7f0bc-3d03-0585-4d24-529779bb02c2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Maintain data breach records	0fd1ca29-677b-2f12-1879-639716459160	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Maintain incident response plan	37546841-8ea1-5be0-214d-8ac599588332	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Maintain integrity of audit system	c0559109-6a27-a217-6821-5a6d44f92897	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Maintain list of authorized remote maintenance personnel	4ce91e4e-6dab-3c46-011a-aa14ae1561bf	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Maintain records of processing of personal data	92ede480-154e-0e22-4dca-8b46a74a3a51	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Maintain separate execution domains for running processes	bfc540fe-376c-2eef-4355-121312fa4437	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage a secure surveillance camera system	f2222056-062d-1060-6dc2-0107a68c34b2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage authenticator lifetime and reuse	29363ae1-68cd-01ca-799d-92c9197c8404	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage Authenticators	4aacaec9-0628-272c-3e83-0d68446694e0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage availability and capacity	edcc36f1-511b-81e0-7125-abee29752fe7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage gateways	63f63e71-6c3f-9add-4c43-64de23e554a7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage maintenance personnel	b273f1e3-79e7-13ee-5b5d-dca6c66c3d5d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage nonlocal maintenance and diagnostic activities	1fb1cb0e-1936-6f32-42fd-89970b535855	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage symmetric cryptographic keys	9c276cf3-596f-581a-7fbd-f5e46edaa0f4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage system and admin accounts	34d38ea7-6754-1838-7031-d7fd07099821	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage the input, output, processing, and storage of data	e603da3a-8af7-4f8a-94cb-1bcc0e0333d2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage the transportation of assets	4ac81669-00e2-9790-8648-71bc11bc91eb	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Manage transfers between standby and active system components	df54d34f-65f3-39f1-103c-a0464b8615df	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Managed disks should be double encrypted with both platform-managed and customer-managed keys	ca91455f-eace-4f96-be59-e6e2c35b4816	Compute	Default Audit Allowed Audit, Deny, Disabled	0		GA
Management ports of virtual machines should be protected with just-in-time network access control	b0f33259-77d7-4c9e-aac6-3aabcfae693c	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Management ports should be closed on your virtual machines	22730e10-96f6-4aac-ad84-9383d35b5917	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Map authenticated identities to individuals	4012c2b7-4e0e-a7ab-1688-4aab43f14420	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Measure the time between flaw identification and flaw remediation	dad1887d-161b-7b61-2e4d-5124a7b5724e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Microsoft Defender for Containers should be enabled	1c988dd6-ade4-430f-a608-2a3e5b0a6d38	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Microsoft Defender for Storage should be enabled	640d2586-54d2-465f-877f-9ffc1d2109f4	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Modify access authorizations upon personnel transfer	979ed3b6-83f9-26bc-4b86-5b05464700bf	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Monitor access across the organization	48c816c5-2190-61fc-8806-25d6f3df162f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Monitor account activity	7b28ba4f-0a87-46ac-62e1-46b7c09202a8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Monitor missing Endpoint Protection in Azure Security Center	af6cd1bd-1635-48cb-bde7-5b15693900b9	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Monitor privileged role assignment	ed87d27a-9abf-7c71-714c-61d881889da4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Monitor security and privacy training completion	82bd024a-5c99-05d6-96ff-01f539676a1a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Monitor third-party provider compliance	f8ded0c6-a668-9371-6bb6-661d58787198	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
MySQL servers should use customer-managed keys to encrypt data at rest	83cef61d-dbd1-4b20-a4fc-5fbc7da10833	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Network Watcher should be enabled	b6e2945c-0b7b-40f5-9233-7a5323b5cdc6	Network	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Non-internet-facing virtual machines should be protected with network security groups	bb91dfba-c30d-4263-9add-9c2384e659a6	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Not allow for information systems to accompany with individuals	41172402-8d73-64c7-0921-909083c086b0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Notify Account Managers of customer controlled accounts	4b8fd5da-609b-33bf-9724-1c946285a14c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Notify personnel of any failed security verification tests	18e9d748-73d4-0c96-55ab-b108bfbd5bc3	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Notify personnel upon sanctions	6228396e-2ace-7ca5-3247-45767dbf52f4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Notify upon termination or transfer	c79d378a-2521-822a-0407-57454f8d2c74	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Notify users of system logon or access	fe2dff43-0a8c-95df-0432-cb1c794b17d0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Notify when account is not needed	8489ff90-8d29-61df-2d84-f9ab0f4c5e84	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Obscure feedback information during authentication process	1ff03f2a-974b-3272-34f2-f6cd51420b30	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Observe and report security weaknesses	ff136354-1c92-76dc-2dab-80fb7c6a9f1a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Obtain Admin documentation	3f1216b0-30ee-1ac9-3899-63eb744e85f5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Obtain approvals for acquisitions and outsourcing	92b94485-1c49-3350-9ada-dffe94f08e87	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Obtain continuous monitoring plan for security controls	ca6d7878-3189-1833-4620-6c7254ed1607	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Obtain design and implementation information for the security controls	22a02c9a-49e4-5dc9-0d14-eb35ad717154	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Obtain functional properties of security controls	44b71aa8-099d-8b97-1557-0e853ec38e0d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Obtain legal opinion for monitoring system activities	d9af7f88-686a-5a8b-704b-eafdab278977	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Obtain user security function documentation	be1c34ab-295a-07a6-785c-36f63c1d223e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Only secure connections to your Azure Cache for Redis should be enabled	22bee202-a82f-4305-9a2a-6d7f44d4dedb	Cache	Default Audit Allowed Audit, Deny, Disabled	0		GA
OS and data disks should be encrypted with a customer-managed key	702dd420-7fcc-42c5-afe8-4026edd20fe0	Compute	Default Audit Allowed Audit, Deny, Disabled	0		GA
Perform a business impact assessment and application criticality assessment	cb8841d4-9d13-7292-1d06-ba4d68384681	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform a privacy impact assessment	d18af1ac-0086-4762-6dc8-87cdded90e39	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform a risk assessment	8c5d3d8d-5cba-0def-257c-5ab9ea9644dc	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform a trend analysis on threats	50e81644-923d-33fc-6ebb-9733bc8d1a06	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform all non-local maintenance	5bac5fb7-7735-357b-767d-02264bfe5c3b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform audit for configuration change control	1282809c-9001-176b-4a81-260a085f4872	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform information input validation	8b1f29eb-1b22-4217-5337-9207cb55231e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform security function verification at a defined frequency	f30edfad-4e1d-1eef-27ee-9292d6d89842	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform threat modeling	bf883b14-9c19-0f37-8825-5e39a8b66d5b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Perform vulnerability scans	3c5e0e1a-216f-8f49-0a15-76ed0d8b8e1f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Plan for continuance of essential business functions	d9edcea6-6cb8-0266-a48c-2061fbac4310	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Plan for resumption of essential business functions	7ded6497-815d-6506-242b-e043e0273928	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
PostgreSQL servers should use customer-managed keys to encrypt data at rest	18adea5e-f416-4d0f-8aa8-d24321e3e274	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Prepare alternate processing site for use as operational site	0f31d98d-5ce2-705b-4aa5-b4f6705110dd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Prevent identifier reuse for the defined time period	4781e5fd-76b8-7d34-6df3-a0a7fca47665	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Prevent split tunneling for remote devices	66e5cb69-9f1c-8b8d-8fbd-b832466d5aa8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Private endpoint connections on Azure SQL Database should be enabled	7698e800-9299-47a6-b3b6-5a0fee576eed	SQL	Default Audit Allowed Audit, Disabled	0		GA
Private endpoint should be enabled for MariaDB servers	0a1302fb-a631-4106-9753-f3d494733990	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Private endpoint should be enabled for MySQL servers	7595c971-233d-4bcf-bd18-596129188c49	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Private endpoint should be enabled for PostgreSQL servers	0564d078-92f5-4f97-8398-b9f58a51f70b	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Produce complete records of remote maintenance activities	74041cfe-3f87-1d17-79ec-34ca5f895542	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Produce Security Assessment report	70a7a065-a060-85f8-7863-eb7850ed2af9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Produce, control and distribute asymmetric cryptographic keys	de077e7e-0cc8-65a6-6e08-9ab46c827b05	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Produce, control and distribute symmetric cryptographic keys	16c54e01-9e65-7524-7c33-beda48a75779	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Prohibit binary/machine-executable code	8e920169-739d-40b5-3f99-c4d855327bb2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Prohibit remote activation of collaborative computing devices	678ca228-042d-6d8e-a598-c58d5670437d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Prohibit unfair practices	5fe84a4c-1b0c-a738-2aba-ed49c9069d3b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Protect administrator and user documentation	09960521-759e-5d12-086f-4192a72a5e92	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Protect against and prevent data theft from departing employees	80a97208-264e-79da-0cc7-4fca179a0c9c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Protect audit information	0e696f5a-451f-5c15-5532-044136538491	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Protect data in transit using encryption	b11697e8-9515-16f1-7a35-477d5c8a1344	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Protect incident response plan	2401b496-7f23-79b2-9f80-89bb5abf3d4a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Protect passwords with encryption	b2d3e5a2-97ab-5497-565a-71172a729d93	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Protect special information	a315c657-4a00-8eba-15ac-44692ad24423	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Protect wireless access	d42a8f69-a193-6cbc-48b9-04a9e29961f1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide audit review, analysis, and reporting capability	44f8a42d-739f-8030-89a8-4c2d5b3f6af3	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide capability to disconnect or disable remote access	4edaca8c-0912-1ac5-9eaa-6a1057740fae	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide capability to process customer-controlled audit records	21633c09-804e-7fcd-78e3-635c6bfe2be7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide contingency training	de936662-13dc-204c-75ec-1af80f994088	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide information spillage training	2d4d0e90-32d9-4deb-2166-a00d51ed57c0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide monitoring information as needed	7fc1f0da-0050-19bb-3d75-81ae15940df6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide periodic role-based security training	9ac8621d-9acd-55bf-9f99-ee4212cc3d85	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide periodic security awareness training	516be556-1353-080d-2c2f-f46f000d5785	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide privacy training	518eafdd-08e5-37a9-795b-15a8d798056d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide real-time alerts for audit event failures	0f4fa857-079d-9d3d-5c49-21f616189e03	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide role-based practical exercises	d041726f-00e0-41ca-368c-b1a122066482	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide role-based security training	4c385143-09fd-3a34-790c-a5fd9ec77ddc	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide role-based training on suspicious activities	f6794ab8-9a7d-3b24-76ab-265d3646232b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide secure name and address resolution services	bbb2e6d6-085f-5a35-a55d-e45daad38933	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide security awareness training for insider threats	9b8b05ec-3d21-215e-5d98-0f7cf0998202	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide security training before providing access	2b05dca2-25ec-9335-495c-29155f785082	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide security training for new users	1cb7bf71-841c-4741-438a-67c65fdd7194	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide the capability to extend or limit auditing on customer-deployed resources	d200f199-69f4-95a6-90b0-37ff0cf1040c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide the logout capability	db580551-0b3c-4ea1-8a4c-4cdb5feb340f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide timely maintenance support	eb598832-4bcc-658d-4381-3ecbe17b9866	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Provide updated security awareness training	d136ae80-54dd-321c-98b4-17acf4af2169	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Public network access on Azure SQL Database should be disabled	1b8ca024-1d5c-4dec-8995-b1a932b41780	SQL	Default Audit Allowed Audit, Deny, Disabled	0		GA
Public network access should be disabled for MariaDB servers	fdccbe47-f3e3-4213-ad5d-ea459b2fa077	SQL	Default Audit Allowed Audit, Deny, Disabled	0		GA
Public network access should be disabled for MySQL servers	d9844e8a-1437-4aeb-a32c-0c992f056095	SQL	Default Audit Allowed Audit, Deny, Disabled	0		GA
Public network access should be disabled for PostgreSQL servers	b52376f7-9612-48a1-81cd-1ffe4b61032c	SQL	Default Audit Allowed Audit, Deny, Disabled	0		GA
Reassign or remove user privileges as needed	7805a343-275c-41be-9d62-7215b96212d8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Reauthenticate or terminate a user session	d6653f89-7cb5-24a4-9d71-51581038231b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Recover and reconstitute resources after any disruption	f33c3238-11d2-508c-877c-4262ec1132e1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Reevaluate access upon personnel transfer	e89436d8-6a93-3b62-4444-1d2a42ad56b2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Refresh authenticators	3ae68d9a-5696-8c32-62d3-c6f9c52e437c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Reissue authenticators for changed groups and accounts	2f204e72-1896-3bf8-75c9-9128b8683a36	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Remediate information system flaws	be38a620-000b-21cf-3cb3-ea151b704c3b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Report atypical behavior of user accounts	e4054c0e-1184-09e6-4c5e-701e0bc90f81	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require approval for account creation	de770ba6-50dd-a316-2932-e0d972eaa734	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require compliance with intellectual property rights	725164e5-3b21-1ec2-7e42-14f077862841	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developer to identify SDLC ports, protocols, and services	f6da5cca-5795-60ff-49e1-4972567815fe	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developers to build security architecture	f131c8c5-a54a-4888-1efc-158928924bc1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developers to describe accurate security functionality	3e37c891-840c-3eb4-78d2-e2e0bb5063e0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developers to document approved changes and potential impact	3a868d0c-538f-968b-0191-bddb44da5b75	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developers to implement only approved changes	085467a6-9679-5c65-584a-f55acefd0d43	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developers to manage change integrity	b33d61c1-7463-7025-0ec0-a47585b59147	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developers to produce evidence of security assessment plan execution	f8a63511-66f1-503f-196d-d6217ee0823a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developers to provide training	676c3c35-3c36-612c-9523-36d266a65000	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require developers to provide unified security protection approach	7a114735-a420-057d-a651-9a73cd0416ef	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require external service providers to comply with security requirements	4e45863d-9ea9-32b4-a204-2680bc6007a6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require interconnection security agreements	096a7055-30cb-2db4-3fda-41b20ac72667	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require notification of third-party personnel transfer or termination	afd5d60a-48d2-8073-1ec2-6687e22f2ddd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require third-party providers to comply with personnel security policies and procedures	e8c31e15-642d-600f-78ab-bad47a5787e6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require use of individual authenticators	08ad71d0-52be-6503-4908-e015460a16ae	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Require users to sign access agreement	3af53f59-979f-24a8-540f-d7cdbc366607	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Rescreen individuals at a defined frequency	c6aeb800-0b19-944d-92dc-59b893722329	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Resource logs in Azure Data Lake Store should be enabled	057ef27e-665e-4328-8ea3-04b3122bd9fb	Data Lake	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in Azure Stream Analytics should be enabled	f9be5368-9bf5-4b84-9e0a-7850da98bb46	Stream Analytics	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in Batch accounts should be enabled	428256e6-1fac-4f48-a757-df34c2b3336d	Batch	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in Data Lake Analytics should be enabled	c95c74d9-38fe-4f0d-af86-0c7d626a315c	Data Lake	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in Event Hub should be enabled	83a214f7-d01a-484b-91a9-ed54470c9a6a	Event Hub	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in IoT Hub should be enabled	383856f8-de7f-44a2-81fc-e5135b5c2aa4	Internet of Things	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in Key Vault should be enabled	cf820ca0-f99e-4f3e-84fb-66e913812d21	Key Vault	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in Logic Apps should be enabled	34f95f76-5386-4de7-b824-0d8478470c9d	Logic Apps	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in Search services should be enabled	b4330a05-a843-4bc8-bf9a-cacce50c67f4	Search	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Resource logs in Service Bus should be enabled	f8d36e2f-389b-4ee4-898d-21aeb69a0f45	Service Bus	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Restore resources to operational state	f801d58e-5659-9a4a-6e8d-02c9334732e5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Restrict access to private keys	8d140e8b-76c7-77de-1d46-ed1b2e112444	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Restrict access to privileged accounts	873895e8-0e3a-6492-42e9-22cd030e9fcd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Restrict location of information processing, storage and services	0040d2e5-2779-170d-6a2c-1f5fca353335	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Restrict media use	6122970b-8d4a-7811-0278-4c6c68f61e4f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Restrict unauthorized software and firmware installation	4ee5975d-2507-5530-a20a-83a725889c6f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Restrict use of open source software	08c11b48-8745-034d-1c1b-a144feec73b9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Resume all mission and business functions	91a54089-2d69-0f56-62dc-b6371a1671c0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Retain previous versions of baseline configs	5e4e9685-3818-5934-0071-2620c4fa2ca5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Retain security policies and procedures	efef28d0-3226-966a-a1e8-70e89c1b30bc	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Retain terminated user data	7c7032fe-9ce6-9092-5890-87a1a3755db1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Retain training records	3153d9c0-2584-14d3-362d-578b01358aeb	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Reveal error messages	20762f1e-85fb-31b0-a600-e833633f10fe	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review access control policies and procedures	03d550b4-34ee-03f4-515f-f2e2faf7a413	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review account provisioning logs	a830fe9e-08c9-a4fb-420c-6f6bf1702395	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review administrator assignments weekly	f27a298f-9443-014a-0d40-fef12adf0259	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and reevaluate privileges	585af6e9-90c0-4575-67a7-2f9548972e32	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and sign revised rules of behavior	6c0a312f-04c5-5c97-36a5-e56763a02b6b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update configuration management policies and procedures	eb8a8df9-521f-3ccd-7e2c-3d1fcc812340	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update contingency planning policies and procedures	e9c60c37-65b0-2d72-6c3c-af66036203ae	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update identification and authentication policies and procedures	29acfac0-4bb4-121b-8283-8943198b1549	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update incident response policies and procedures	b28c8687-4bbd-8614-0b96-cdffa1ac6d9c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update information integrity policies and procedures	6bededc0-2985-54d5-4158-eb8bad8070a0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update media protection policies and procedures	b4e19d22-8c0e-7cad-3219-c84c62dc250f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update personnel security policies and procedures	e5c5fc78-4aa5-3d6b-81bc-5fcc88b318e9	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update physical and environmental policies and procedures	91cf132e-0c9f-37a8-a523-dc6a92cd2fb2	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update planning policies and procedures	28aa060e-25c7-6121-05d8-a846f11433df	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update risk assessment policies and procedures	20012034-96f0-85c2-4a86-1ae1eb457802	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update system and communications protection policies and procedures	adf517f3-6dcd-3546-9928-34777d0c277e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update system and services acquisition policies and procedures	f49925aa-9b11-76ae-10e2-6e973cc60f37	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update system maintenance policies and procedures	2067b904-9552-3259-0cdd-84468e284b7c	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update the events defined in AU-02	a930f477-9dcb-2113-8aa7-45bb6fc90861	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review and update the information security architecture	ced291b8-1d3d-7e27-40cf-829e9dd523c8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review audit data	6625638f-3ba1-7404-5983-0ea33d719d34	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review changes for any unauthorized changes	c246d146-82b0-301f-32e7-1065dcd248b7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review cloud identity report overview	8aec4343-9153-9641-172c-defb201f56b3	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review cloud service provider's compliance with policies and agreements	ffea18d9-13de-6505-37f3-4c1f88070ad7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review content prior to posting publicly accessible information	9e3c505e-7aeb-2096-3417-b132242731fc	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review contingency plan	53fc1282-0ee3-2764-1319-e20143bb0ea5	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review controlled folder access events	f48b60c6-4b37-332f-7288-b6ea50d300eb	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review development process, standards and tools	1e876c5c-0f2a-8eb6-69f7-5f91e7918ed6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review exploit protection events	a30bd8e9-7064-312a-0e1f-e1b485d59f6e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review file and folder activity	ef718fe4-7ceb-9ddf-3198-0ee8f6fe9cba	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review label activity and analytics	e23444b9-9662-40f3-289e-6d25c02b48fa	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review malware detections report weekly	4a6f5cbd-6c6b-006f-2bb1-091af1441bce	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review publicly accessible content for nonpublic information	b5244f81-6cab-3188-2412-179162294996	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review role group changes weekly	70fe686f-1f91-7dab-11bf-bca4201e183b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review security assessment and authorization policies and procedures	a4493012-908c-5f48-a468-1e243be884ce	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review the results of contingency plan testing	5d3abfea-a130-1208-29c0-e57de80aa6b0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review threat protection status weekly	fad161f5-5261-401a-22dd-e037bae011bd	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review user accounts	79f081c7-1634-01a1-708e-376197999289	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review user groups and applications with access to sensitive data	eb1c944e-0e94-647b-9b7e-fdb8d2af0838	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Review user privileges	f96d2186-79df-262d-3f76-f371e3b71798	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Revoke privileged roles as appropriate	32f22cfa-770b-057c-965b-450898425519	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Route traffic through authenticated proxy network	d91558ce-5a5c-551b-8fbb-83f793255e09	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Route traffic through managed network access points	bab9ef1d-a16d-421a-822d-3fa94e808156	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Run simulation attacks	a8f9c283-9a66-3eb3-9e10-bdba95b85884	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Satisfy token quality requirements	056a723b-4946-9d2a-5243-3aa27c4d31a1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption	fa298e57-9444-42ba-bf04-86e8470e32c7	Monitoring	Default Audit Allowed audit, Audit, deny, Deny, disabled, Disabled	0		GA
Secure commitment from leadership	70057208-70cc-7b31-3c3a-121af6bc1966	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Secure the interface to external systems	ff1efad2-6b09-54cc-01bf-d386c4d558a8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Secure transfer to storage accounts should be enabled	404c3081-a854-4457-ae30-26a93ef643f9	Storage	Default Audit Allowed Audit, Deny, Disabled	0		GA
Select additional testing for security control assessments	f78fc35e-1268-0bca-a798-afcba9d2330a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Separate duties of individuals	60ee1260-97f0-61bb-8155-5d8b75743655	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Separate user and information system management functionality	8a703eb5-4e53-701b-67e4-05ba2f7930c8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Separately store backup information	fc26e2fd-3149-74b4-5988-d64bb90f8ef7	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Service Bus Premium namespaces should use a customer-managed key for encryption	295fc8b1-dc9f-4f53-9c61-3f313ceab40a	Service Bus	Default Audit Allowed Audit, Disabled	0		GA
Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign	617c02be-7f02-4efd-8836-3180d47b6c68	Service Fabric	Default Audit Allowed Audit, Deny, Disabled	0		GA
Service Fabric clusters should only use Azure Active Directory for client authentication	b54ed75b-3e1a-44ac-a333-05ba39b99ff0	Service Fabric	Default Audit Allowed Audit, Deny, Disabled	0		GA
Set automated notifications for new and trending cloud applications in your organization	af38215f-70c4-0cd6-40c2-c52d86690a45	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Specify permitted actions associated with customer audit information	3eecf628-a1c8-1b48-1b5c-7ca781e97970	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
SQL databases should have vulnerability findings resolved	feedbf84-6b99-488c-acc2-71c829aa5ffc	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
SQL managed instances should use customer-managed keys to encrypt data at rest	ac01ad65-10e5-46df-bdd9-6b0cad13e1d2	SQL	Default Audit Allowed Audit, Deny, Disabled	0		GA
SQL servers on machines should have vulnerability findings resolved	6ba6d016-e7c3-4842-b8f2-4992ebc0d72d	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
SQL servers should use customer-managed keys to encrypt data at rest	0a370ff3-6cab-4e85-8995-295fd854c5b8	SQL	Default Audit Allowed Audit, Deny, Disabled	0		GA
SQL servers with auditing to storage account destination should be configured with 90 days retention or higher	89099bee-89e0-4b26-a5f4-165451757743	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Storage account encryption scopes should use customer-managed keys to encrypt data at rest	b5ec538c-daa0-4006-8596-35468b9148e8	Storage	Default Audit Allowed Audit, Deny, Disabled	0		GA
Storage accounts should be migrated to new Azure Resource Manager resources	37e0d2fe-28a5-43d6-a273-67d37d1f5606	Storage	Default Audit Allowed Audit, Deny, Disabled	0		GA
Storage accounts should have infrastructure encryption	4733ea7b-a883-42fe-8cac-97454c2a9e4a	Storage	Default Audit Allowed Audit, Deny, Disabled	0		GA
Storage accounts should restrict network access	34c877ad-507e-4c82-993e-3452a6e0ad3c	Storage	Default Audit Allowed Audit, Deny, Disabled	0		GA
Storage accounts should restrict network access using virtual network rules	2a1a9cdf-e04d-429a-8416-3bfb72a1b26f	Storage	Default Audit Allowed Audit, Deny, Disabled	0		GA
Storage accounts should use customer-managed key for encryption	6fac406b-40ca-413b-bf8e-0bf964659c25	Storage	Default Audit Allowed Audit, Disabled	0		GA
Storage accounts should use private link	6edd7eda-6dd8-40f7-810d-67160c639cd9	Storage	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Subnets should be associated with a Network Security Group	e71308d3-144b-4262-b144-efdc3cc90517	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Subscriptions should have a contact email address for security issues	4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Support personal verification credentials issued by legal authorities	1d39b5d9-0392-8954-8359-575ce1957d1a	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
System updates on virtual machine scale sets should be installed	c3f317a7-a95c-4547-b7e7-11017ebdf2fe	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
System updates should be installed on your machines	86b3d65f-7626-441e-b690-81a8b71cff60	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Take action in response to customer information	d25cbded-121e-0ed6-1857-dc698c9095b1	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host	41425d9f-d1a5-499a-9932-f8ed8453932c	Kubernetes	Default Audit Allowed Audit, Deny, Disabled	0		GA
Terminate customer controlled account credentials	76d66b5c-85e4-93f5-96a5-ebb2fad61dc6	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Terminate user session automatically	4502e506-5f35-0df4-684f-b326e3cc7093	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Test contingency plan at an alternate processing location	ba99d512-3baa-1c38-8b0b-ae16bbd34274	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Test the business continuity and disaster recovery plan	58a51cde-008b-1a5d-61b5-d95849770677	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
There should be more than one owner assigned to your subscription	09024ccc-0c5f-475e-9457-b7c0d9ed487b	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Track software license usage	77cc89bb-774f-48d7-8a84-fb8c322c3000	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Train personnel on disclosure of nonpublic information	97f0d974-1486-01e2-2088-b888f46c0589	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Transfer backup information to an alternate storage site	7bdb79ea-16b8-453e-4ca4-ad5b16012414	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Transparent Data Encryption on SQL databases should be enabled	17k78e20-9358-41c9-923c-fb736d382a12	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Turn on sensors for endpoint security solution	5fc24b95-53f7-0ed1-2330-701b539b97fe	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Undergo independent security review	9b55929b-0101-47c0-a16e-d6ac5c7d21f8	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update antivirus definitions	ea9d7c95-2f10-8a4d-61d8-7469bd2e8d65	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update contingency plan	14a4fd0a-9100-1e12-1362-792014a28155	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update information security policies	5226dee6-3420-711b-4709-8e675ebd828f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update interconnection security agreements	d48a6f19-a284-6fc6-0623-3367a74d3f50	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update organizational access agreements	e21f91d1-2803-0282-5f2d-26ebc4b170ef	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update POA&M items	cc057769-01d9-95ad-a36f-1e62a7f9540b	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update rules of behavior and access agreements	6610f662-37e9-2f71-65be-502bdc2f554d	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update rules of behavior and access agreements every 3 years	7ad83b58-2042-085d-08f0-13e946f26f89	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Update the security authorization	449ebb52-945b-36e5-3446-af6f33770f8f	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Use automated mechanisms for security alerts	b8689b2e-4308-a58b-a0b4-6f3343a000df	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Use dedicated machines for administrative tasks	b8972f60-8d77-1cb8-686f-9c9f4cdd8a59	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Use privileged identity management	e714b481-8fac-64a2-14a9-6f079b2501a4	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Use system clocks for audit records	1ee4c7eb-480a-0007-77ff-4ba370776266	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Verify identity before distributing authenticators	72889284-15d2-90b2-4b39-a1e9541e1152	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Verify security controls for external information systems	dc7ec756-221c-33c8-0afe-c48e10e42321	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Verify security functions	ece8bb17-4080-5127-915f-dc7267ee8549	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Verify software, firmware and information integrity	db28735f-518f-870e-15b4-49623cbe3aa0	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
View and configure system diagnostic data	0123edae-3567-a05a-9b05-b53ebe9d3e7e	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
View and investigate restricted users	98145a9b-428a-7e81-9d14-ebb154a24f93	Regulatory Compliance	Default Manual Allowed Manual, Disabled	0		GA
Virtual machines and virtual machine scale sets should have encryption at host enabled	fc4d8e41-e223-45ea-9bf5-eada37891d87	Compute	Default Audit Allowed Audit, Deny, Disabled	0		GA
Virtual machines' Guest Configuration extension should be deployed with system-assigned managed identity	d26f7642-7545-4e18-9b75-8c9bbdee3a9a	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Virtual machines should be migrated to new Azure Resource Manager resources	1d84d5fb-01f6-4d12-ba4f-4a26081d403d	Compute	Default Audit Allowed Audit, Deny, Disabled	0		GA
Virtual machines should encrypt temp disks, caches, and data flows between Compute and Storage resources	0961003e-5a0a-4549-abde-af6a37f2724d	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
VM Image Builder templates should use private link	2154edb9-244f-4741-9970-660785bccdaa	VM Image Builder	Default Audit Allowed Audit, Disabled, Deny	0		GA
Vulnerabilities in container security configurations should be remediated	e8cbc669-f12d-49eb-93e7-9273119e9933	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Vulnerabilities in security configuration on your machines should be remediated	e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Vulnerabilities in security configuration on your virtual machine scale sets should be remediated	3c735d8a-a4ba-4a3a-b7cf-db7754cf57f4	Security Center	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Vulnerability assessment should be enabled on SQL Managed Instance	1b7aa243-30e4-4c9e-bca8-d0d3022b634a	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Vulnerability assessment should be enabled on your SQL servers	ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9	SQL	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Vulnerability assessment should be enabled on your Synapse workspaces	0049a6b3-a662-4f3e-8635-39cf44ace45a	Synapse	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Web Application Firewall (WAF) should be enabled for Application Gateway	564feb30-bf6a-4854-b4bb-0d2d2d1e6c66	Network	Default Audit Allowed Audit, Deny, Disabled	0		GA
Windows Defender Exploit Guard should be enabled on your machines	bed48b13-6647-468e-aa2f-1af1d3f4dd40	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Windows machines should be configured to use secure communication protocols	5752e6d6-1206-46d8-8ab1-ecc2f71a8112	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA
Windows machines should meet requirements of the Azure compute security baseline	72650e9f-97bc-4b2a-ab5f-9781a9fcecbc	Guest Configuration	Default AuditIfNotExists Allowed AuditIfNotExists, Disabled	0		GA

Roles used

Total Roles usage: 4
Total Roles unique usage: 1

Role	Role Id	Policies count	Policies
Contributor	b24988ac-6180-42a0-ab88-20f7382dd24c	4	Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities, Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity, Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs, Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs

History

Date/Time (UTC ymd) (i)	Changes
2024-04-11 17:47:35	Version change: '17.9.0' to '17.10.0' remove Policy [Deprecated]: Cognitive Services accounts should disable public network access (0725b4dd-7e76-479c-a735-68e7ee23d5ca)
2024-03-20 18:47:00	Version change: '17.8.0' to '17.9.0' remove Policy [Deprecated]: Azure registry container images should have vulnerabilities resolved (powered by Qualys) (5f0f936f-2f01-4bf5-b6be-d423792fa562)
2024-01-17 19:06:27	Version change: '17.7.0' to '17.8.0' remove Policy [Deprecated]: Azure Defender for DNS should be enabled (bdc59948-5574-49b3-bb91-76b7c986428d)
2023-12-12 19:47:53	add Policy App Service apps should have Client Certificates (Incoming client certificates) enabled (19dd1db6-f442-49cf-a838-b0786b4401ef) Version change: '17.6.0' to '17.7.0' remove Policy [Deprecated]: App Service apps should have 'Client Certificates (Incoming client certificates)' enabled (5bb220d9-2698-4ee4-8404-b9c30c9df609)
2023-12-07 18:54:02	add Policy Microsoft Defender for Storage should be enabled (640d2586-54d2-465f-877f-9ffc1d2109f4) Version change: '17.5.0' to '17.6.0' remove Policy [Deprecated]: Microsoft Defender for Storage (Classic) should be enabled (308fbb08-4ab8-4e67-9b29-592e93fb94fa)
2023-05-04 17:45:12	add Policy Guest accounts with write permissions on Azure resources should be removed (94e1c2ac-cbbe-4cac-a2b5-389c812dee87) add Policy Guest accounts with owner permissions on Azure resources should be removed (339353f6-2387-4a45-abe4-7f529d121046) add Policy Accounts with owner permissions on Azure resources should be MFA enabled (e3e008c3-56b9-4133-8fd7-d3347377402a) add Policy Guest accounts with read permissions on Azure resources should be removed (e9ac8f8e-ce22-4355-8f04-99b911d6be52) add Policy Accounts with write permissions on Azure resources should be MFA enabled (931e118d-50a1-4457-a5e4-78550e086c52) add Policy Blocked accounts with read and write permissions on Azure resources should be removed (8d7e1fde-fe26-4b5f-8108-f8e432cbc2be) add Policy Accounts with read permissions on Azure resources should be MFA enabled (81b3ccb4-e6e8-4e4a-8d05-5df25cd29fd4) add Policy Blocked accounts with owner permissions on Azure resources should be removed (0cfea604-3201-4e14-88fc-fae4c427a6c5) Version change: '17.3.0' to '17.5.0' remove Policy [Deprecated]: MFA should be enabled for accounts with write permissions on your subscription (9297c21d-2ed6-4474-b48f-163f75654ce3) remove Policy [Deprecated]: External accounts with owner permissions should be removed from your subscription (f8456c1c-aa66-4dfb-861a-25d127b775c9) remove Policy Function apps that use Python should use a specified 'Python version' (7238174a-fd10-4ef0-817e-fc820a951d73) remove Policy [Deprecated]: Deprecated accounts with owner permissions should be removed from your subscription (ebb62a0c-3560-49e1-89ed-27e074e9f8ad) remove Policy [Deprecated]: Deprecated accounts should be removed from your subscription (6b1cbf55-e8b6-442f-ba4c-7246b6381474) remove Policy App Service apps that use Java should use a specified 'Java version' (496223c3-ad65-4ecd-878a-bae78737e9ed) remove Policy [Deprecated]: External accounts with read permissions should be removed from your subscription (5f76cf89-fbf2-47fd-a3f4-b891fa780b60) remove Policy App Service apps that use PHP should use a specified 'PHP version' (7261b898-8a84-4db8-9e04-18527132abb3) remove Policy Function apps that use Java should use a specified 'Java version' (9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc) remove Policy [Deprecated]: MFA should be enabled on accounts with read permissions on your subscription (e3576e28-8b17-4677-84c3-db2990658d64) remove Policy App Service apps that use Python should use a specified 'Python version' (7008174a-fd10-4ef0-817e-fc820a951d73) remove Policy [Deprecated]: External accounts with write permissions should be removed from your subscription (5c607a2e-c700-4744-8254-d77e7c9eb5e4) remove Policy [Deprecated]: MFA should be enabled on accounts with owner permissions on your subscription (aa633080-8b72-40c4-a2d7-d00c03e80bed)
2023-03-23 18:43:19	add Policy Azure Machine Learning workspaces should use private link (45e05259-1eb5-4f70-9574-baf73e9d219b) Version change: '17.2.0' to '17.3.0' remove Policy [Deprecated]: Azure Machine Learning workspaces should use private link (40cec1dd-a100-4920-b15b-3024fe8901ab)
2023-02-21 18:41:21	add Policy Azure Key Vaults should use private link (a6abeaec-4d90-4a02-805f-6b26c4d3fbe9) Version change: '17.0.0' to '17.2.0' remove Policy [Deprecated]: Private endpoint should be configured for Key Vault (5f0bc445-3935-4915-9981-011aa2b46147) remove Policy [Deprecated]: Resource logs in Virtual Machine Scale Sets should be enabled (7c1b1214-f927-48bf-8882-84f0af6588b1)
2022-09-27 16:35:21	add Policy Implement cryptographic mechanisms (10c3a1b1-29b0-a2d5-8f4c-a284b0f07830) add Policy Develop audit and accountability policies and procedures (a28323fe-276d-3787-32d2-cef6395764c4) add Policy Accept PIV credentials (55be3260-a7a2-3c06-7fe6-072d07525ab7) add Policy Review and update contingency planning policies and procedures (e9c60c37-65b0-2d72-6c3c-af66036203ae) add Policy Assign risk designations (b7897ddc-9716-2460-96f7-7757ad038cc4) add Policy Review cloud identity report overview (8aec4343-9153-9641-172c-defb201f56b3) add Policy Provide the capability to extend or limit auditing on customer-deployed resources (d200f199-69f4-95a6-90b0-37ff0cf1040c) add Policy Verify software, firmware and information integrity (db28735f-518f-870e-15b4-49623cbe3aa0) add Policy Provide capability to process customer-controlled audit records (21633c09-804e-7fcd-78e3-635c6bfe2be7) add Policy Transfer backup information to an alternate storage site (7bdb79ea-16b8-453e-4ca4-ad5b16012414) add Policy Allocate resources in determining information system requirements (90a156a6-49ed-18d1-1052-69aac27c05cd) add Policy Implement a fault tolerant name/address service (ced727b3-005e-3c5b-5cd5-230b79d56ee8) add Policy Employ least privilege access (1bc7fd64-291f-028e-4ed6-6e07886e163f) add Policy Separate duties of individuals (60ee1260-97f0-61bb-8155-5d8b75743655) add Policy Employ FICAM-approved resources to accept third-party credentials (db8b35d6-8adb-3f51-44ff-c648ab5b1530) add Policy Isolate SecurID systems, Security Incident Management systems (dd6d00a8-701a-5935-a22b-c7b9c0c698b2) add Policy Set automated notifications for new and trending cloud applications in your organization (af38215f-70c4-0cd6-40c2-c52d86690a45) add Policy Require developers to produce evidence of security assessment plan execution (f8a63511-66f1-503f-196d-d6217ee0823a) add Policy Ensure security safeguards not needed when the individuals return (1fdf0b24-4043-3c55-357e-036985d50b52) add Policy Develop POA&M (477bd136-7dd9-55f8-48ac-bae096b86a07) add Policy Implement personnel screening (e0c480bf-0d68-a42d-4cbb-b60f851f8716) add Policy Employ a media sanitization mechanism (eaaae23f-92c9-4460-51cf-913feaea4d52) add Policy Deliver security assessment results (8e49107c-3338-40d1-02aa-d524178a2afe) add Policy Review the results of contingency plan testing (5d3abfea-a130-1208-29c0-e57de80aa6b0) add Policy Provide the logout capability (db580551-0b3c-4ea1-8a4c-4cdb5feb340f) add Policy Review controlled folder access events (f48b60c6-4b37-332f-7288-b6ea50d300eb) add Policy Implement security directives (26d178a4-9261-6f04-a100-47ed85314c6e) add Policy Establish configuration management requirements for developers (8747b573-8294-86a0-8914-49e9b06a5ace) add Policy Authorize, monitor, and control voip (e4e1f896-8a93-1151-43c7-0ad23b081ee2) add Policy Turn on sensors for endpoint security solution (5fc24b95-53f7-0ed1-2330-701b539b97fe) add Policy View and configure system diagnostic data (0123edae-3567-a05a-9b05-b53ebe9d3e7e) add Policy Terminate user session automatically (4502e506-5f35-0df4-684f-b326e3cc7093) add Policy Identify and manage downstream information exchanges (c7fddb0e-3f44-8635-2b35-dc6b8e740b7c) add Policy Establish relationship between incident response capability and external providers (b470a37a-7a47-3792-34dd-7a793140702e) add Policy Invalidate session identifiers at logout (396f465d-375e-57de-58ba-021adb008191) add Policy Establish a configuration control board (7380631c-5bf5-0e3a-4509-0873becd8a63) add Policy Provide monitoring information as needed (7fc1f0da-0050-19bb-3d75-81ae15940df6) add Policy Require compliance with intellectual property rights (725164e5-3b21-1ec2-7e42-14f077862841) add Policy Govern compliance of cloud service providers (5c33538e-02f8-0a7f-998b-a4c1e22076d3) add Policy Restrict access to privileged accounts (873895e8-0e3a-6492-42e9-22cd030e9fcd) add Policy Review changes for any unauthorized changes (c246d146-82b0-301f-32e7-1065dcd248b7) add Policy Coordinate contingency plans with related plans (c5784049-959f-6067-420c-f4cefae93076) add Policy Authorize access to security functions and information (aeed863a-0f56-429f-945d-8bb66bd06841) add Policy Review user accounts (79f081c7-1634-01a1-708e-376197999289) add Policy Detect network services that have not been authorized or approved (86ecd378-a3a0-5d5b-207c-05e6aaca43fc) add Policy Develop and document application security requirements (6de65dc4-8b4f-34b7-9290-eb137a2e2929) add Policy Provide role-based training on suspicious activities (f6794ab8-9a7d-3b24-76ab-265d3646232b) add Policy Establish parameters for searching secret authenticators and verifiers (0065241c-72e9-3b2c-556f-75de66332a94) add Policy Design an access control model (03b6427e-6072-4226-4bd9-a410ab65317e) add Policy Review file and folder activity (ef718fe4-7ceb-9ddf-3198-0ee8f6fe9cba) add Policy Review and update identification and authentication policies and procedures (29acfac0-4bb4-121b-8283-8943198b1549) add Policy Audit privileged functions (f26af0b1-65b6-689a-a03f-352ad2d00f98) add Policy Distribute policies and procedures (eff6e4a5-3efe-94dd-2ed1-25d56a019a82) add Policy Review and reevaluate privileges (585af6e9-90c0-4575-67a7-2f9548972e32) add Policy Develop acceptable use policies and procedures (42116f15-5665-a52a-87bb-b40e64c74b6c) add Policy Manage authenticator lifetime and reuse (29363ae1-68cd-01ca-799d-92c9197c8404) add Policy Define access authorizations to support separation of duties (341bc9f1-7489-07d9-4ec6-971573e1546a) add Policy Ensure security categorization is approved (6c79c3e5-5f7b-a48a-5c7b-8c158bc01115) add Policy Establish a discrete line item in budgeting documentation (06af77de-02ca-0f3e-838a-a9420fe466f5) add Policy Produce, control and distribute asymmetric cryptographic keys (de077e7e-0cc8-65a6-6e08-9ab46c827b05) add Policy Enforce expiration of cached authenticators (c7e8ddc1-14aa-1814-7fe1-aad1742b27da) add Policy Adopt biometric authentication mechanisms (7d7a8356-5c34-9a95-3118-1424cfaf192a) add Policy Develop organization code of conduct policy (d02498e0-8a6f-6b02-8332-19adf6711d1e) add Policy Authorize and manage access (50e9324a-7410-0539-0662-2c1e775538b7) add Policy Document security strength requirements in acquisition contracts (ebb0ba89-6d8c-84a7-252b-7393881e43de) add Policy Analyse data obtained from continuous monitoring (6a379d74-903b-244a-4c44-838728bea6b0) add Policy Retain security policies and procedures (efef28d0-3226-966a-a1e8-70e89c1b30bc) add Policy Maintain separate execution domains for running processes (bfc540fe-376c-2eef-4355-121312fa4437) add Policy Provide real-time alerts for audit event failures (0f4fa857-079d-9d3d-5c49-21f616189e03) add Policy Update the security authorization (449ebb52-945b-36e5-3446-af6f33770f8f) add Policy Document access privileges (a08b18c7-9e0a-89f1-3696-d80902196719) add Policy Update organizational access agreements (e21f91d1-2803-0282-5f2d-26ebc4b170ef) add Policy Manage system and admin accounts (34d38ea7-6754-1838-7031-d7fd07099821) add Policy Restrict use of open source software (08c11b48-8745-034d-1c1b-a144feec73b9) add Policy Develop business classification schemes (11ba0508-58a8-44de-5f3a-9e05d80571da) add Policy Automate process to highlight unreviewed change proposals (92b49e92-570f-1765-804a-378e6c592e28) add Policy Manage the transportation of assets (4ac81669-00e2-9790-8648-71bc11bc91eb) add Policy Establish firewall and router configuration standards (398fdbd8-56fd-274d-35c6-fa2d3b2755a1) add Policy Reauthenticate or terminate a user session (d6653f89-7cb5-24a4-9d71-51581038231b) add Policy Protect data in transit using encryption (b11697e8-9515-16f1-7a35-477d5c8a1344) add Policy Implement training for protecting authenticators (e4b00788-7e1c-33ec-0418-d048508e095b) add Policy Perform information input validation (8b1f29eb-1b22-4217-5337-9207cb55231e) add Policy Enforce logical access (10c4210b-3ec9-9603-050d-77e4d26c7ebb) add Policy Route traffic through authenticated proxy network (d91558ce-5a5c-551b-8fbb-83f793255e09) add Policy Govern policies and procedures (1a2a03a4-9992-5788-5953-d8f6615306de) add Policy Ensure access agreements are signed or resigned timely (e7589f4e-1e8b-72c2-3692-1e14d7f3699f) add Policy Define information security roles and responsibilities (ef5a7059-6651-73b1-18b3-75b1b79c1565) add Policy Control information flow (59bedbdc-0ba9-39b9-66bb-1d1c192384e6) add Policy Accept only FICAM-approved third-party credentials (2d2ca910-7957-23ee-2945-33f401606efc) add Policy Document mobility training (83dfb2b8-678b-20a0-4c44-5c75ada023e6) add Policy Enforce rules of behavior and access agreements (509552f5-6528-3540-7959-fbeae4832533) add Policy Verify security controls for external information systems (dc7ec756-221c-33c8-0afe-c48e10e42321) add Policy Select additional testing for security control assessments (f78fc35e-1268-0bca-a798-afcba9d2330a) add Policy Display an explicit logout message (0471c6b7-1588-701c-2713-1fade73b75f6) add Policy Implement an automated configuration management tool (33832848-42ab-63f3-1a55-c0ad309d44cd) add Policy Develop and maintain a vulnerability management standard (055da733-55c6-9e10-8194-c40731057ec4) add Policy Review and update configuration management policies and procedures (eb8a8df9-521f-3ccd-7e2c-3d1fcc812340) add Policy Implement system boundary protection (01ae60e2-38bb-0a32-7b20-d3a091423409) add Policy Review and update incident response policies and procedures (b28c8687-4bbd-8614-0b96-cdffa1ac6d9c) add Policy Implement physical security for offices, working areas, and secure areas (05ec66a2-137c-14b8-8e75-3d7a2bef07f8) add Policy Establish and document change control processes (bd4dc286-2f30-5b95-777c-681f3a7913d3) add Policy Perform a business impact assessment and application criticality assessment (cb8841d4-9d13-7292-1d06-ba4d68384681) add Policy Ensure system capable of dynamic isolation of resources (83eea3d3-0d2c-9ccd-1021-2111b29b2a62) add Policy Isolate information spills (22457e81-3ec6-5271-a786-c3ca284601dd) add Policy Track software license usage (77cc89bb-774f-48d7-8a84-fb8c322c3000) add Policy Terminate customer controlled account credentials (76d66b5c-85e4-93f5-96a5-ebb2fad61dc6) add Policy Protect against and prevent data theft from departing employees (80a97208-264e-79da-0cc7-4fca179a0c9c) add Policy Obtain Admin documentation (3f1216b0-30ee-1ac9-3899-63eb744e85f5) add Policy Route traffic through managed network access points (bab9ef1d-a16d-421a-822d-3fa94e808156) add Policy Implement controls to secure all media (e435f7e3-0dd9-58c9-451f-9b44b96c0232) add Policy Protect administrator and user documentation (09960521-759e-5d12-086f-4192a72a5e92) add Policy Provide information spillage training (2d4d0e90-32d9-4deb-2166-a00d51ed57c0) add Policy Review and sign revised rules of behavior (6c0a312f-04c5-5c97-36a5-e56763a02b6b) add Policy Document third-party personnel security requirements (b320aa42-33b4-53af-87ce-100091d48918) add Policy Require developers to build security architecture (f131c8c5-a54a-4888-1efc-158928924bc1) add Policy Information flow control using security policy filters (13ef3484-3a51-785a-9c96-500f21f84edd) add Policy Test contingency plan at an alternate processing location (ba99d512-3baa-1c38-8b0b-ae16bbd34274) add Policy Update contingency plan (14a4fd0a-9100-1e12-1362-792014a28155) add Policy Separately store backup information (fc26e2fd-3149-74b4-5988-d64bb90f8ef7) add Policy Enforce mandatory and discretionary access control policies (b1666a13-8f67-9c47-155e-69e027ff6823) add Policy Restrict access to private keys (8d140e8b-76c7-77de-1d46-ed1b2e112444) add Policy Develop configuration item identification plan (836f8406-3b8a-11bb-12cb-6c7fa0765668) add Policy Prevent split tunneling for remote devices (66e5cb69-9f1c-8b8d-8fbd-b832466d5aa8) add Policy Control maintenance and repair activities (b6ad009f-5c24-1dc0-a25e-74b60e4da45f) add Policy Document security documentation requirements in acquisition contract (a465e8e9-0095-85cb-a05f-1dd4960d02af) add Policy Establish security requirements for the manufacturing of connected devices (afbecd30-37ee-a27b-8e09-6ac49951a0ee) add Policy Establish policies for supply chain risk management (9150259b-617b-596d-3bf5-5ca3fce20335) add Policy Develop security safeguards (423f6d9c-0c73-9cc6-64f4-b52242490368) add Policy Implement security engineering principles of information systems (df2e9507-169b-4114-3a52-877561ee3198) add Policy Review content prior to posting publicly accessible information (9e3c505e-7aeb-2096-3417-b132242731fc) add Policy Use system clocks for audit records (1ee4c7eb-480a-0007-77ff-4ba370776266) add Policy Perform threat modeling (bf883b14-9c19-0f37-8825-5e39a8b66d5b) add Policy Configure workstations to check for digital certificates (26daf649-22d1-97e9-2a8a-01b182194d59) add Policy Protect passwords with encryption (b2d3e5a2-97ab-5497-565a-71172a729d93) add Policy Use dedicated machines for administrative tasks (b8972f60-8d77-1cb8-686f-9c9f4cdd8a59) add Policy Ensure resources are authorized (0716f0f5-4955-2ccb-8d5e-c6be14d57c0f) add Policy Notify users of system logon or access (fe2dff43-0a8c-95df-0432-cb1c794b17d0) add Policy Prepare alternate processing site for use as operational site (0f31d98d-5ce2-705b-4aa5-b4f6705110dd) add Policy Protect audit information (0e696f5a-451f-5c15-5532-044136538491) add Policy Initiate transfer or reassignment actions (b8a9bb2f-7290-3259-85ce-dca7d521302d) add Policy Incorporate flaw remediation into configuration management (34aac8b2-488a-2b96-7280-5b9b481a317a) add Policy Employ FIPS 201-approved technology for PIV (8b333332-6efd-7c0d-5a9f-d1eb95105214) add Policy Document security assurance requirements in acquisition contracts (13efd2d7-3980-a2a4-39d0-527180c009e8) add Policy Establish a password policy (d8bbd80e-3bb1-5983-06c2-428526ec6a63) add Policy Authorize remote access to privileged commands (01c387ea-383d-4ca9-295a-977fab516b03) add Policy Document protection of personal data in acquisition contracts (f9ec3263-9562-1768-65a1-729793635a8d) add Policy Establish backup policies and procedures (4f23967c-a74b-9a09-9dc2-f566f61a87b9) add Policy Document organizational access agreements (c981fa70-2e58-8141-1457-e7f62ebc2ade) add Policy Establish an information security program (84245967-7882-54f6-2d34-85059f725b47) add Policy Implement formal sanctions process (5decc032-95bd-2163-9549-a41aba83228e) add Policy Create alternative actions for identified anomalies (cc2f7339-2fac-1ea9-9ca3-cd530fbb0da2) add Policy Manage a secure surveillance camera system (f2222056-062d-1060-6dc2-0107a68c34b2) add Policy Correlate Vulnerability scan information (e3905a3c-97e7-0b4f-15fb-465c0927536f) add Policy Identify and authenticate network devices (ae5345d5-8dab-086a-7290-db43a3272198) add Policy Define information system account types (623b5f0a-8cbd-03a6-4892-201d27302f0c) add Policy Implement parameters for memorized secret verifiers (3b30aa25-0f19-6c04-5ca4-bd3f880a763d) add Policy Notify when account is not needed (8489ff90-8d29-61df-2d84-f9ab0f4c5e84) add Policy Not allow for information systems to accompany with individuals (41172402-8d73-64c7-0921-909083c086b0) add Policy Restrict location of information processing, storage and services (0040d2e5-2779-170d-6a2c-1f5fca353335) add Policy Plan for continuance of essential business functions (d9edcea6-6cb8-0266-a48c-2061fbac4310) add Policy Assess Security Controls (c423e64d-995c-9f67-0403-b540f65ba42a) add Policy Establish a risk management strategy (d36700f2-2f0d-7c2a-059c-bdadd1d79f70) add Policy Restore resources to operational state (f801d58e-5659-9a4a-6e8d-02c9334732e5) add Policy Employ automated training environment (c8aa992d-76b7-7ca0-07b3-31a58d773fa9) add Policy Create a data inventory (043c1e56-5a16-52f8-6af8-583098ff3e60) add Policy Document wireless access security controls (8f835d6a-4d13-9a9c-37dc-176cebd37fda) add Policy Require use of individual authenticators (08ad71d0-52be-6503-4908-e015460a16ae) add Policy Perform a risk assessment (8c5d3d8d-5cba-0def-257c-5ab9ea9644dc) add Policy Verify security functions (ece8bb17-4080-5127-915f-dc7267ee8549) add Policy Develop an incident response plan (2b4e134f-1e4c-2bff-573e-082d85479b6e) add Policy Establish terms and conditions for processing resources (5715bf33-a5bd-1084-4e19-bc3c83ec1c35) add Policy Automate notification of employee termination (729c8708-2bec-093c-8427-2e87d2cd426d) add Policy Install an alarm system (aa0ddd99-43eb-302d-3f8f-42b499182960) add Policy Establish an alternate processing site (af5ff768-a34b-720e-1224-e6b3214f3ba6) add Policy Audit user account status (49c23d9b-02b0-0e42-4f94-e8cef1b8381b) add Policy Integrate audit review, analysis, and reporting (f741c4e6-41eb-15a4-25a2-61ac7ca232f0) add Policy Facilitate information sharing (a44c9fba-43f8-4b7b-7ee6-db52c96b4366) add Policy Require developers to provide unified security protection approach (7a114735-a420-057d-a651-9a73cd0416ef) add Policy Assign information security representative to change control (6abdf7c7-362b-3f35-099e-533ed50988f9) add Policy Review label activity and analytics (e23444b9-9662-40f3-289e-6d25c02b48fa) add Policy Require developers to document approved changes and potential impact (3a868d0c-538f-968b-0191-bddb44da5b75) add Policy Assign an authorizing official (AO) (e29a8f1b-149b-2fa3-969d-ebee1baa9472) add Policy Develop and maintain baseline configurations (2f20840e-7925-221c-725d-757442753e7c) add Policy Define acceptable and unacceptable mobile code technologies (1afada58-8b34-7ac2-a38a-983218635201) add Policy Notify upon termination or transfer (c79d378a-2521-822a-0407-57454f8d2c74) add Policy Authenticate to cryptographic module (6f1de470-79f3-1572-866e-db0771352fc8) add Policy Update antivirus definitions (ea9d7c95-2f10-8a4d-61d8-7469bd2e8d65) add Policy Review security assessment and authorization policies and procedures (a4493012-908c-5f48-a468-1e243be884ce) add Policy Establish a threat intelligence program (b0e3035d-6366-2e37-796e-8bcab9c649e6) add Policy Notify Account Managers of customer controlled accounts (4b8fd5da-609b-33bf-9724-1c946285a14c) add Policy Identify and mitigate potential issues at alternate storage site (13939f8c-4cd5-a6db-9af4-9dfec35e3722) add Policy Develop and establish a system security plan (b2ea1058-8998-3dd1-84f1-82132ad482fd) add Policy Automate process to prohibit implementation of unapproved changes (7d10debd-4775-85a7-1a41-7e128e0e8c50) add Policy Create separate alternate and primary storage sites (81b6267b-97a7-9aa5-51ee-d2584a160424) add Policy Monitor privileged role assignment (ed87d27a-9abf-7c71-714c-61d881889da4) add Policy Review threat protection status weekly (fad161f5-5261-401a-22dd-e037bae011bd) add Policy Identify status of individual users (ca748dfe-3e28-1d18-4221-89aea30aa0a5) add Policy Review cloud service provider's compliance with policies and agreements (ffea18d9-13de-6505-37f3-4c1f88070ad7) add Policy Assess information security events (37b0045b-3887-367b-8b4d-b9a6fa911bb9) add Policy Manage Authenticators (4aacaec9-0628-272c-3e83-0d68446694e0) add Policy Enable network protection (8c255136-994b-9616-79f5-ae87810e0dcf) add Policy Designate personnel to supervise unauthorized maintenance activities (7a489c62-242c-5db9-74df-c073056d6fa3) add Policy Generate error messages (c2cb4658-44dc-9d11-3dad-7c6802dd5ba3) add Policy Maintain availability of information (3ad7f0bc-3d03-0585-4d24-529779bb02c2) add Policy Monitor third-party provider compliance (f8ded0c6-a668-9371-6bb6-661d58787198) add Policy Perform all non-local maintenance (5bac5fb7-7735-357b-767d-02264bfe5c3b) add Policy Enforce software execution privileges (68d2e478-3b19-23eb-1357-31b296547457) add Policy Generate internal security alerts (171e377b-5224-4a97-1eaa-62a3b5231dac) add Policy Report atypical behavior of user accounts (e4054c0e-1184-09e6-4c5e-701e0bc90f81) add Policy Review and update the events defined in AU-02 (a930f477-9dcb-2113-8aa7-45bb6fc90861) add Policy Obtain user security function documentation (be1c34ab-295a-07a6-785c-36f63c1d223e) add Policy Automate process to document implemented changes (43ac3ccb-4ef6-7d63-9a3f-6848485ba4e8) add Policy Automate implementation of approved change notifications (c72fc0c8-2df8-7506-30be-6ba1971747e1) add Policy Develop configuration management plan (04837a26-2601-1982-3da7-bf463e6408f4) add Policy Define mobile device requirements (9ca3a3ea-3a1f-8ba0-31a8-6aed0fe1a7a4) add Policy Document the protection of cardholder data in third party contracts (77acc53d-0f67-6e06-7d04-5750653d4629) add Policy Protect wireless access (d42a8f69-a193-6cbc-48b9-04a9e29961f1) add Policy Take action in response to customer information (d25cbded-121e-0ed6-1857-dc698c9095b1) add Policy Identify individuals with security roles and responsibilities (0dcbaf2f-075e-947b-8f4c-74ecc5cd302c) add Policy Authorize remote access (dad8a2e9-6f27-4fc2-8933-7e99fe700c9c) add Policy Establish third-party personnel security requirements (3881168c-5d38-6f04-61cc-b5d87b2c4c58) add Policy Configure detection whitelist (2927e340-60e4-43ad-6b5f-7a1468232cc2) add Policy Secure the interface to external systems (ff1efad2-6b09-54cc-01bf-d386c4d558a8) add Policy Provide security awareness training for insider threats (9b8b05ec-3d21-215e-5d98-0f7cf0998202) add Policy Update rules of behavior and access agreements every 3 years (7ad83b58-2042-085d-08f0-13e946f26f89) add Policy Update POA&M items (cc057769-01d9-95ad-a36f-1e62a7f9540b) add Policy Review and update planning policies and procedures (28aa060e-25c7-6121-05d8-a846f11433df) add Policy Review malware detections report weekly (4a6f5cbd-6c6b-006f-2bb1-091af1441bce) add Policy Employ independent assessors for continuous monitoring (3baee3fd-30f5-882c-018c-cc78703a0106) add Policy Correlate audit records (10874318-0bf7-a41f-8463-03e395482080) add Policy Resume all mission and business functions (91a54089-2d69-0f56-62dc-b6371a1671c0) add Policy Update interconnection security agreements (d48a6f19-a284-6fc6-0623-3367a74d3f50) add Policy Undergo independent security review (9b55929b-0101-47c0-a16e-d6ac5c7d21f8) add Policy Conduct risk assessment and distribute its results (d7c1ecc3-2980-a079-1569-91aec8ac4a77) add Policy Identify spilled information (69d90ee6-9f9f-262a-2038-d909fb4e5723) add Policy Require developers to implement only approved changes (085467a6-9679-5c65-584a-f55acefd0d43) add Policy Provide secure name and address resolution services (bbb2e6d6-085f-5a35-a55d-e45daad38933) add Policy Incorporate simulated events into incident response training (1fdeb7c4-4c93-8271-a135-17ebe85f1cc7) add Policy Manage the input, output, processing, and storage of data (e603da3a-8af7-4f8a-94cb-1bcc0e0333d2) add Policy Discover any indicators of compromise (07b42fb5-027e-5a3c-4915-9d9ef3020ec7) add Policy Provide periodic role-based security training (9ac8621d-9acd-55bf-9f99-ee4212cc3d85) add Policy Manage gateways (63f63e71-6c3f-9add-4c43-64de23e554a7) add Policy Govern the allocation of resources (33d34fac-56a8-1c0f-0636-3ed94892a709) add Policy Review contingency plan (53fc1282-0ee3-2764-1319-e20143bb0ea5) add Policy Conform to FICAM-issued profiles (a8df9c78-4044-98be-2c05-31a315ac8957) add Policy Control use of portable storage devices (36b74844-4a99-4c80-1800-b18a516d1585) add Policy Create configuration plan protection (874a6f2e-2098-53bc-3a16-20dcdc425a7e) add Policy Review administrator assignments weekly (f27a298f-9443-014a-0d40-fef12adf0259) add Policy Conduct backup of information system documentation (b269a749-705e-8bff-055a-147744675cdf) add Policy Configure Azure Audit capabilities (a3e98638-51d4-4e28-910a-60e98c1a756f) add Policy Measure the time between flaw identification and flaw remediation (dad1887d-161b-7b61-2e4d-5124a7b5724e) add Policy Establish and document a configuration management plan (526ed90e-890f-69e7-0386-ba5c0f1f784f) add Policy Document security and privacy training activities (524e7136-9f6a-75ba-9089-501018151346) add Policy Establish voip usage restrictions (68a39c2b-0f17-69ee-37a3-aa10f9853a08) add Policy Review and update personnel security policies and procedures (e5c5fc78-4aa5-3d6b-81bc-5fcc88b318e9) add Policy Develop and document a business continuity and disaster recovery plan (bd6cbcba-4a2d-507c-53e3-296b5c238a8e) add Policy Map authenticated identities to individuals (4012c2b7-4e0e-a7ab-1688-4aab43f14420) add Policy Establish a data leakage management procedure (3c9aa856-6b86-35dc-83f4-bc72cec74dea) add Policy Provide privacy training (518eafdd-08e5-37a9-795b-15a8d798056d) add Policy Produce, control and distribute symmetric cryptographic keys (16c54e01-9e65-7524-7c33-beda48a75779) add Policy Explicitly notify use of collaborative computing devices (62fa14f0-4cbe-762d-5469-0899a99b98aa) add Policy Establish benchmarks for flaw remediation (dd2523d5-2db3-642b-a1cf-83ac973b32c2) add Policy Adhere to retention periods defined (1ecb79d7-1a06-9a3b-3be8-f434d04d1ec1) add Policy Document the information system environment in acquisition contracts (c148208b-1a6f-a4ac-7abc-23b1d41121b1) add Policy Issue public key certificates (97d91b33-7050-237b-3e23-a77d57d84e13) add Policy Provide security training for new users (1cb7bf71-841c-4741-438a-67c65fdd7194) add Policy Provide periodic security awareness training (516be556-1353-080d-2c2f-f46f000d5785) add Policy Control physical access (55a7f9a0-6397-7589-05ef-5ed59a8149e7) add Policy Assign account managers (4c6df5ff-4ef2-4f17-a516-0da9189c603b) add Policy Establish procedures for initial authenticator distribution (35963d41-4263-0ef9-98d5-70eb058f9e3c) add Policy Obtain functional properties of security controls (44b71aa8-099d-8b97-1557-0e853ec38e0d) add Policy Monitor access across the organization (48c816c5-2190-61fc-8806-25d6f3df162f) add Policy Retain previous versions of baseline configs (5e4e9685-3818-5934-0071-2620c4fa2ca5) add Policy Maintain list of authorized remote maintenance personnel (4ce91e4e-6dab-3c46-011a-aa14ae1561bf) add Policy Require developers to describe accurate security functionality (3e37c891-840c-3eb4-78d2-e2e0bb5063e0) add Policy Perform security function verification at a defined frequency (f30edfad-4e1d-1eef-27ee-9292d6d89842) add Policy Test the business continuity and disaster recovery plan (58a51cde-008b-1a5d-61b5-d95849770677) add Policy Provide security training before providing access (2b05dca2-25ec-9335-495c-29155f785082) add Policy Review exploit protection events (a30bd8e9-7064-312a-0e1f-e1b485d59f6e) add Policy Review development process, standards and tools (1e876c5c-0f2a-8eb6-69f7-5f91e7918ed6) add Policy Document personnel acceptance of privacy requirements (271a3e58-1b38-933d-74c9-a580006b80aa) add Policy Establish network segmentation for card holder data environment (f476f3b0-4152-526e-a209-44e5f8c968d7) add Policy Manage availability and capacity (edcc36f1-511b-81e0-7125-abee29752fe7) add Policy Produce Security Assessment report (70a7a065-a060-85f8-7863-eb7850ed2af9) add Policy Document customer-defined actions (8c44a0ea-9b09-4d9c-0e91-f9bee3d05bfb) add Policy Integrate Audit record analysis (85335602-93f5-7730-830b-d43426fd51fa) add Policy Revoke privileged roles as appropriate (32f22cfa-770b-057c-965b-450898425519) add Policy Restrict unauthorized software and firmware installation (4ee5975d-2507-5530-a20a-83a725889c6f) add Policy Define cryptographic use (c4ccd607-702b-8ae6-8eeb-fc3339cd4b42) add Policy Prevent identifier reuse for the defined time period (4781e5fd-76b8-7d34-6df3-a0a7fca47665) add Policy Obtain legal opinion for monitoring system activities (d9af7f88-686a-5a8b-704b-eafdab278977) add Policy Identify and authenticate non-organizational users (e1379836-3492-6395-451d-2f5062e14136) add Policy Employ automatic shutdown/restart when violations are detected (1b8a7ec3-11cc-a2d3-8cd0-eedf074424a4) add Policy Review publicly accessible content for nonpublic information (b5244f81-6cab-3188-2412-179162294996) add Policy Coordinate with external organizations to achieve cross org perspective (d4e6a629-28eb-79a9-000b-88030e4823ca) add Policy Define organizational requirements for cryptographic key management (d661e9eb-4e15-5ba1-6f02-cdc467db0d6c) add Policy Implement a penetration testing methodology (c2eabc28-1e5c-78a2-a712-7cc176c44c07) add Policy Enforce random unique session identifiers (c7d57a6a-7cc2-66c0-299f-83bf90558f5d) add Policy Rescreen individuals at a defined frequency (c6aeb800-0b19-944d-92dc-59b893722329) add Policy Perform a privacy impact assessment (d18af1ac-0086-4762-6dc8-87cdded90e39) add Policy Integrate cloud app security with a siem (9fdde4a9-85fa-7850-6df4-ae9c4a2e56f9) add Policy Require third-party providers to comply with personnel security policies and procedures (e8c31e15-642d-600f-78ab-bad47a5787e6) add Policy View and investigate restricted users (98145a9b-428a-7e81-9d14-ebb154a24f93) add Policy Document remote access guidelines (3d492600-27ba-62cc-a1c3-66eb919f6a0d) add Policy Use privileged identity management (e714b481-8fac-64a2-14a9-6f079b2501a4) add Policy Employ independent assessors to conduct security control assessments (b65c5d8e-9043-9612-2c17-65f231d763bb) add Policy Designate authorized personnel to post publicly accessible information (b4512986-80f5-1656-0c58-08866bd2673a) add Policy Establish and maintain an asset inventory (27965e62-141f-8cca-426f-d09514ee5216) add Policy Establish electronic signature and certificate requirements (6f3866e8-6e12-69cf-788c-809d426094a1) add Policy Employ independent team for penetration testing (611ebc63-8600-50b6-a0e3-fef272457132) add Policy Ensure external providers consistently meet interests of the customers (3eabed6d-1912-2d3c-858b-f438d08d0412) add Policy Run simulation attacks (a8f9c283-9a66-3eb3-9e10-bdba95b85884) add Policy Require external service providers to comply with security requirements (4e45863d-9ea9-32b4-a204-2680bc6007a6) add Policy Reissue authenticators for changed groups and accounts (2f204e72-1896-3bf8-75c9-9128b8683a36) add Policy Support personal verification credentials issued by legal authorities (1d39b5d9-0392-8954-8359-575ce1957d1a) add Policy Configure actions for noncompliant devices (b53aa659-513e-032c-52e6-1ce0ba46582f) add Policy Review and update media protection policies and procedures (b4e19d22-8c0e-7cad-3219-c84c62dc250f) add Policy Develop SSP that meets criteria (6b957f60-54cd-5752-44d5-ff5a64366c93) add Policy Review account provisioning logs (a830fe9e-08c9-a4fb-420c-6f6bf1702395) add Policy Manage symmetric cryptographic keys (9c276cf3-596f-581a-7fbd-f5e46edaa0f4) add Policy Enforce security configuration settings (058e9719-1ff9-3653-4230-23f76b6492e0) add Policy Notify personnel upon sanctions (6228396e-2ace-7ca5-3247-45767dbf52f4) add Policy Ensure authorized users protect provided authenticators (37dbe3dc-0e9c-24fa-36f2-11197cbfa207) add Policy Govern and monitor audit processing activities (333b4ada-4a02-0648-3d4d-d812974f1bb2) add Policy Disable user accounts posing a significant risk (22c16ae4-19d0-29cb-422f-cb44061180ee) add Policy Establish alternate storage site to store and retrieve backup information (0a412110-3874-9f22-187a-c7a81c8a6704) add Policy Assess risk in third party relationships (0d04cb93-a0f1-2f4b-4b1b-a72a1b510d08) add Policy Obtain continuous monitoring plan for security controls (ca6d7878-3189-1833-4620-6c7254ed1607) add Policy Automate remote maintenance activities (b8587fce-138f-86e8-33a3-c60768bf1da6) add Policy Restrict media use (6122970b-8d4a-7811-0278-4c6c68f61e4f) add Policy Prohibit remote activation of collaborative computing devices (678ca228-042d-6d8e-a598-c58d5670437d) add Policy Clear personnel with access to classified information (c42f19c9-5d88-92da-0742-371a0ea03126) add Policy Review and update risk assessment policies and procedures (20012034-96f0-85c2-4a86-1ae1eb457802) add Policy Plan for resumption of essential business functions (7ded6497-815d-6506-242b-e043e0273928) add Policy Document security functional requirements in acquisition contracts (57927290-8000-59bf-3776-90c468ac5b4b) add Policy Implement managed interface for each external service (b262e1dd-08e9-41d4-963a-258909ad794b) add Policy Automate account management (2cc9c165-46bd-9762-5739-d2aae5ba90a1) add Policy Adjust level of audit review, analysis, and reporting (de251b09-4a5e-1204-4bef-62ac58d47999) add Policy Disable authenticators upon termination (d9d48ffb-0d8c-0bd5-5f31-5a5826d19f10) add Policy Modify access authorizations upon personnel transfer (979ed3b6-83f9-26bc-4b86-5b05464700bf) add Policy Prohibit unfair practices (5fe84a4c-1b0c-a738-2aba-ed49c9069d3b) add Policy Train personnel on disclosure of nonpublic information (97f0d974-1486-01e2-2088-b888f46c0589) add Policy Obscure feedback information during authentication process (1ff03f2a-974b-3272-34f2-f6cd51420b30) add Policy Use automated mechanisms for security alerts (b8689b2e-4308-a58b-a0b4-6f3343a000df) add Policy Document and implement wireless access guidelines (04b3e7f6-4841-888d-4799-cda19a0084f6) add Policy Conduct a full text analysis of logged privileged commands (8eea8c14-4d93-63a3-0c82-000343ee5204) add Policy Review and update information integrity policies and procedures (6bededc0-2985-54d5-4158-eb8bad8070a0) add Policy Initiate contingency plan testing corrective actions (8bfdbaa6-6824-3fec-9b06-7961bf7389a6) add Policy Ensure information system fails in known state (12af7c7a-92af-9e96-0d0c-5e732d1a3751) add Policy Develop contingency planning policies and procedures (75b42dcf-7840-1271-260b-852273d7906e) add Policy Conduct Risk Assessment (677e1da4-00c3-287a-563d-f4a1cf9b99a0) add Policy Recover and reconstitute resources after any disruption (f33c3238-11d2-508c-877c-4262ec1132e1) add Policy Document separation of duties (e6f7b584-877a-0d69-77d4-ab8b923a9650) add Policy Provide capability to disconnect or disable remote access (4edaca8c-0912-1ac5-9eaa-6a1057740fae) add Policy Document security operations (2c6bee3a-2180-2430-440d-db3c7a849870) add Policy Review and update system and services acquisition policies and procedures (f49925aa-9b11-76ae-10e2-6e973cc60f37) add Policy Specify permitted actions associated with customer audit information (3eecf628-a1c8-1b48-1b5c-7ca781e97970) add Policy Automate proposed documented changes (5c40f27b-6791-18c5-3f85-7b863bd99c11) add Policy Establish usage restrictions for mobile code technologies (ffdaa742-0d6f-726f-3eac-6e6c34e36c93) add Policy Establish conditions for role membership (97cfd944-6f0c-7db2-3796-8e890ef70819) add Policy Determine assertion requirements (7a0ecd94-3699-5273-76a5-edb8499f655a) add Policy Identify incident response personnel (037c0089-6606-2dab-49ad-437005b5035f) add Policy Execute actions in response to information spills (ba78efc6-795c-64f4-7a02-91effbd34af9) add Policy Disseminate security alerts to personnel (9c93ef57-7000-63fb-9b74-88f2e17ca5d2) add Policy Distribute information system documentation (84a01872-5318-049e-061e-d56734183e84) add Policy Develop contingency plan (aa305b4d-8c84-1754-0c74-dec004e66be0) add Policy Secure commitment from leadership (70057208-70cc-7b31-3c3a-121af6bc1966) add Policy Update rules of behavior and access agreements (6610f662-37e9-2f71-65be-502bdc2f554d) add Policy Provide timely maintenance support (eb598832-4bcc-658d-4381-3ecbe17b9866) add Policy Include dynamic reconfig of customer deployed resources (1e0d5ba8-a433-01aa-829c-86b06c9631ec) add Policy Conduct exit interview upon termination (496b407d-9b9e-81e8-4ba4-44bc686b016a) add Policy Categorize information (93fa357f-2e38-22a9-5138-8cc5124e1923) add Policy Define requirements for supplying goods and services (2b2f3a72-9e68-3993-2b69-13dcdecf8958) add Policy Review and update system maintenance policies and procedures (2067b904-9552-3259-0cdd-84468e284b7c) add Policy Automate approval request for proposed changes (575ed5e8-4c29-99d0-0e4d-689fb1d29827) add Policy Refresh authenticators (3ae68d9a-5696-8c32-62d3-c6f9c52e437c) add Policy Determine auditable events (2f67e567-03db-9d1f-67dc-b6ffb91312f4) add Policy Ensure cryptographic mechanisms are under configuration management (b8dad106-6444-5f55-307e-1e1cc9723e39) add Policy Conduct incident response testing (3545c827-26ee-282d-4629-23952a12008b) add Policy Define requirements for managing assets (25a1f840-65d0-900a-43e4-bee253de04de) add Policy Provide audit review, analysis, and reporting capability (44f8a42d-739f-8030-89a8-4c2d5b3f6af3) add Policy Implement transaction based recovery (ba02d0a0-566a-25dc-73f1-101c726a19c5) add Policy Identify actions allowed without authentication (92a7591f-73b3-1173-a09c-a08882d84c70) add Policy Eradicate contaminated information (54a9c072-4a93-2a03-6a43-a060d30383d7) add Policy Retain training records (3153d9c0-2584-14d3-362d-578b01358aeb) add Policy Implement privileged access for executing vulnerability scanning activities (5b802722-71dd-a13d-2e7e-231e09589efb) add Policy Ensure audit records are not altered (27ce30dd-3d56-8b54-6144-e26d9a37a541) add Policy Develop spillage response procedures (bb048641-6017-7272-7772-a008f285a520) add Policy Maintain records of processing of personal data (92ede480-154e-0e22-4dca-8b46a74a3a51) add Policy Require users to sign access agreement (3af53f59-979f-24a8-540f-d7cdbc366607) add Policy Separate user and information system management functionality (8a703eb5-4e53-701b-67e4-05ba2f7930c8) add Policy Reveal error messages (20762f1e-85fb-31b0-a600-e833633f10fe) add Policy Perform a trend analysis on threats (50e81644-923d-33fc-6ebb-9733bc8d1a06) add Policy Require notification of third-party personnel transfer or termination (afd5d60a-48d2-8073-1ec2-6687e22f2ddd) add Policy Authorize, monitor, and control usage of mobile code technologies (291f20d4-8d93-1d73-89f3-6ce28b825563) add Policy Check for privacy and security compliance before establishing internal connections (ee4bbbbb-2e52-9adb-4e3a-e641f7ac68ab) add Policy Provide updated security awareness training (d136ae80-54dd-321c-98b4-17acf4af2169) add Policy Obtain approvals for acquisitions and outsourcing (92b94485-1c49-3350-9ada-dffe94f08e87) add Policy Compile Audit records into system wide audit (214ea241-010d-8926-44cc-b90a96d52adc) add Policy Maintain incident response plan (37546841-8ea1-5be0-214d-8ac599588332) add Policy Define and enforce conditions for shared and group accounts (f7eb1d0b-6d4f-2d59-1591-7563e11a9313) add Policy Review role group changes weekly (70fe686f-1f91-7dab-11bf-bca4201e183b) add Policy Integrate risk management process into SDLC (00f12b6f-10d7-8117-9577-0f2b76488385) add Policy Establish terms and conditions for accessing resources (3c93dba1-84fd-57de-33c7-ef0400a08134) add Policy Satisfy token quality requirements (056a723b-4946-9d2a-5243-3aa27c4d31a1) add Policy Review user groups and applications with access to sensitive data (eb1c944e-0e94-647b-9b7e-fdb8d2af0838) add Policy Manage maintenance personnel (b273f1e3-79e7-13ee-5b5d-dca6c66c3d5d) add Policy Require developer to identify SDLC ports, protocols, and services (f6da5cca-5795-60ff-49e1-4972567815fe) add Policy Define and enforce inactivity log policy (2af4640d-11a6-a64b-5ceb-a468f4341c0c) add Policy Require developers to manage change integrity (b33d61c1-7463-7025-0ec0-a47585b59147) add Policy Employ automatic emergency lighting (aa892c0d-2c40-200c-0dd8-eac8c4748ede) add Policy Implement Incident handling capability (98e33927-8d7f-6d5f-44f5-2469b40b7215) add Policy Distribute authenticators (098dcde7-016a-06c3-0985-0daaf3301d3a) add Policy Review and update physical and environmental policies and procedures (91cf132e-0c9f-37a8-a523-dc6a92cd2fb2) add Policy Enable dual or joint authorization (2c843d78-8f64-92b5-6a9b-e8186c0e7eb6) add Policy Align business objectives and IT goals (ab02bb73-4ce1-89dd-3905-d93042809ba0) add Policy Limit privileges to make changes in production environment (2af551d5-1775-326a-0589-590bfb7e9eb2) add Policy Conduct capacity planning (33602e78-35e3-4f06-17fb-13dd887448e4) add Policy Provide role-based practical exercises (d041726f-00e0-41ca-368c-b1a122066482) add Policy Protect special information (a315c657-4a00-8eba-15ac-44692ad24423) add Policy Perform audit for configuration change control (1282809c-9001-176b-4a81-260a085f4872) add Policy Provide contingency training (de936662-13dc-204c-75ec-1af80f994088) add Policy Protect incident response plan (2401b496-7f23-79b2-9f80-89bb5abf3d4a) add Policy Develop information security policies and procedures (af227964-5b8b-22a2-9364-06d2cb9d6d7c) add Policy Review access control policies and procedures (03d550b4-34ee-03f4-515f-f2e2faf7a413) add Policy Accept assessment results (3054c74b-9b45-2581-56cf-053a1a716c39) add Policy Verify identity before distributing authenticators (72889284-15d2-90b2-4b39-a1e9541e1152) add Policy Employ restrictions on external system interconnections (80029bc5-834f-3a9c-a2d8-acbc1aab4e9f) add Policy Document requirements for the use of shared data in contracts (0ba211ef-0e85-2a45-17fc-401d1b3f8f85) add Policy Maintain data breach records (0fd1ca29-677b-2f12-1879-639716459160) add Policy Retain terminated user data (7c7032fe-9ce6-9092-5890-87a1a3755db1) add Policy Manage nonlocal maintenance and diagnostic activities (1fb1cb0e-1936-6f32-42fd-89970b535855) add Policy Define a physical key management process (51e4b233-8ee3-8bdc-8f5f-f33bd0d229b7) add Policy Prohibit binary/machine-executable code (8e920169-739d-40b5-3f99-c4d855327bb2) add Policy Establish a privacy program (39eb03c1-97cc-11ab-0960-6209ed2869f7) add Policy Obtain design and implementation information for the security controls (22a02c9a-49e4-5dc9-0d14-eb35ad717154) add Policy Enforce user uniqueness (e336d5f4-4d8f-0059-759c-ae10f63d1747) add Policy Identify classes of Incidents and Actions taken (23d1a569-2d1e-7f43-9e22-1f94115b7dd5) add Policy Address coding vulnerabilities (318b2bd9-9c39-9f8b-46a7-048401f33476) add Policy Conduct a security impact analysis (203101f5-99a3-1491-1b56-acccd9b66a9e) add Policy Employ boundary protection to isolate information systems (311802f9-098d-0659-245a-94c5d47c0182) add Policy Ensure there are no unencrypted static authenticators (eda0cbb7-6043-05bf-645b-67411f1a59b3) add Policy Establish requirements for audit review and reporting (b3c8cc83-20d3-3890-8bc8-5568777670f4) add Policy Develop a concept of operations (CONOPS) (e7422f08-65b4-50e4-3779-d793156e0079) add Policy Enable detection of network devices (426c172c-9914-10d1-25dd-669641fc1af4) add Policy Reevaluate access upon personnel transfer (e89436d8-6a93-3b62-4444-1d2a42ad56b2) add Policy Implement incident handling (433de59e-7a53-a766-02c2-f80f8421469a) add Policy Automate information sharing decisions (e54901fe-42c2-7f3b-3c5f-327aa5320a69) add Policy Communicate contingency plan changes (a1334a65-2622-28ee-5067-9d7f5b915cc5) add Policy Alert personnel of information spillage (9622aaa9-5c49-40e2-5bf8-660b7cd23deb) add Policy Block untrusted and unsigned processes that run from USB (3d399cf3-8fc6-0efc-6ab0-1412f1198517) add Policy Manage transfers between standby and active system components (df54d34f-65f3-39f1-103c-a0464b8615df) add Policy Identify contaminated systems and components (279052a0-8238-694d-9661-bf649f951747) add Policy Bind authenticators and identities dynamically (6f311b49-9b0d-8c67-3d6e-db80ae528173) add Policy Establish requirements for internet service providers (5f2e834d-7e40-a4d5-a216-e49b16955ccf) add Policy Monitor account activity (7b28ba4f-0a87-46ac-62e1-46b7c09202a8) add Policy Require interconnection security agreements (096a7055-30cb-2db4-3fda-41b20ac72667) add Policy Require developers to provide training (676c3c35-3c36-612c-9523-36d266a65000) add Policy Define and document government oversight (cbfa1bd0-714d-8d6f-0480-2ad6a53972df) add Policy Require approval for account creation (de770ba6-50dd-a316-2932-e0d972eaa734) add Policy Maintain integrity of audit system (c0559109-6a27-a217-6821-5a6d44f92897) add Policy Observe and report security weaknesses (ff136354-1c92-76dc-2dab-80fb7c6a9f1a) add Policy Enforce and audit access restrictions (8cd815bf-97e1-5144-0735-11f6ddb50a59) add Policy Develop security assessment plan (1c258345-5cd4-30c8-9ef3-5ee4dd5231d6) add Policy Develop and document a DDoS response plan (b7306e73-0494-83a2-31f5-280e934a8f70) add Policy Develop access control policies and procedures (59f7feff-02aa-6539-2cf7-bea75b762140) add Policy Establish authenticator types and processes (921ae4c1-507f-5ddb-8a58-cfa9b5fd96f0) add Policy Review audit data (6625638f-3ba1-7404-5983-0ea33d719d34) add Policy Update information security policies (5226dee6-3420-711b-4709-8e675ebd828f) add Policy Determine supplier contract obligations (67ada943-8539-083d-35d0-7af648974125) add Policy Enforce appropriate usage of all accounts (fd81a1b3-2d7a-107c-507e-29b87d040c19) add Policy Identify external service providers (46ab2c5e-6654-1f58-8c83-e97a44f39308) add Policy Define and enforce the limit of concurrent sessions (d8350d4c-9314-400b-288f-20ddfce04fbd) add Policy Reassign or remove user privileges as needed (7805a343-275c-41be-9d62-7215b96212d8) add Policy Review user privileges (f96d2186-79df-262d-3f76-f371e3b71798) add Policy Remediate information system flaws (be38a620-000b-21cf-3cb3-ea151b704c3b) add Policy Conduct risk assessment and document its results (1dbd51c2-2bd1-5e26-75ba-ed075d8f0d68) add Policy Monitor security and privacy training completion (82bd024a-5c99-05d6-96ff-01f539676a1a) add Policy Ensure alternate storage site safeguards are equivalent to primary site (178c8b7e-1b6e-4289-44dd-2f1526b678a1) add Policy Document protection of security information in acquisition contracts (d78f95ba-870a-a500-6104-8a5ce2534f19) add Policy Enforce a limit of consecutive failed login attempts (b4409bff-2287-8407-05fd-c73175a68302) add Policy Evaluate alternate processing site capabilities (60442979-6333-85f0-84c5-b887bac67448) add Policy Produce complete records of remote maintenance activities (74041cfe-3f87-1d17-79ec-34ca5f895542) add Policy Assign system identifiers (f29b17a4-0df2-8a50-058a-8570f9979d28) add Policy Review and update system and communications protection policies and procedures (adf517f3-6dcd-3546-9928-34777d0c277e) add Policy Perform vulnerability scans (3c5e0e1a-216f-8f49-0a15-76ed0d8b8e1f) add Policy Review and update the information security architecture (ced291b8-1d3d-7e27-40cf-829e9dd523c8) add Policy Incorporate simulated contingency training (9c954fcf-6dd8-81f1-41b5-832ae5c62caf) add Policy Automate flaw remediation (a90c4d44-7fac-8e02-6d5b-0d92046b20e6) add Policy Establish alternate storage site that facilitates recovery operations (245fe58b-96f8-9f1e-48c5-7f49903f66fd) add Policy Implement controls to secure alternate work sites (cd36eeec-67e7-205a-4b64-dbfe3b4e3e4e) add Policy Provide role-based security training (4c385143-09fd-3a34-790c-a5fd9ec77ddc) add Policy Employ flow control mechanisms of encrypted information (79365f13-8ba4-1f6c-2ac4-aa39929f56d0) add Policy Establish a secure software development program (e750ca06-1824-464a-2cf3-d0fa754d1cb4) add Policy Notify personnel of any failed security verification tests (18e9d748-73d4-0c96-55ab-b108bfbd5bc3) add Policy Document acquisition contract acceptance criteria (0803eaa7-671c-08a7-52fd-ac419f775e75) Version change: '16.0.1' to '17.0.0' remove Policy Microsoft Managed Control 1367 - Incident Handling \| Insider Threats - Specific Capabilities (435b2547-6374-4f87-b42d-6e8dbe6ae62a) remove Policy Microsoft Managed Control 1116 - Audit Review, Analysis, And Reporting (5e47bc51-35d1-44b8-92af-e2f2d8b67635) remove Policy Microsoft Managed Control 1064 - Remote Access \| Privileged Commands / Access (eb4d9508-cbf0-4a3c-bb5c-6c95b159f3fb) remove Policy Microsoft Managed Control 1194 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (bc34667f-397e-4a65-9b72-d0358f0b6b09) remove Policy Microsoft Managed Control 1293 - Information System Backup \| Separate Storage For Critical Information (87f7cd82-2e45-4d0f-9e2f-586b0962d142) remove Policy Microsoft Managed Control 1310 - Device Identification And Authentication (450d7ede-823d-4931-a99d-57f6a38807dc) remove Policy Microsoft Managed Control 1089 - Security Awareness (ef080e67-0d1a-4f76-a0c5-fb9b0358485e) remove Policy Microsoft Managed Control 1324 - Authenticator Management (8cfea2b3-7f77-497e-ac20-0752f2ff6eee) remove Policy Microsoft Managed Control 1615 - System And Communications Protection Policy And Procedures (f35e02aa-0a55-49f8-8811-8abfa7e6f2c0) remove Policy Microsoft Managed Control 1118 - Audit Review, Analysis, And Reporting \| Correlate Audit Repositories (a96f743d-a195-420d-983a-08aa06bc441e) remove Policy Microsoft Managed Control 1686 - Information System Monitoring (e17085c5-0be8-4423-b39b-a52d3d1402e5) remove Policy Microsoft Managed Control 1439 - Media Sanitization And Disposal (dce72873-c5f1-47c3-9b4f-6b8207fd5a45) remove Policy Microsoft Managed Control 1342 - Authenticator Management \| Hardware Token-Based Authentication (283a4e29-69d5-4c94-b99e-29acf003c899) remove Policy Microsoft Managed Control 1528 - Access Agreements (deb9797c-22f8-40e8-b342-a84003c924e6) remove Policy Microsoft Managed Control 1538 - Security Categorization (1d7658b2-e827-49c3-a2ae-6d2bd0b45874) remove Policy Microsoft Managed Control 1216 - Least Functionality \| Periodic Review (7894fe6a-f5cb-44c8-ba90-c3f254ff9484) remove Policy Microsoft Managed Control 1544 - Risk Assessment (43ced7c9-cd53-456b-b0da-2522649a4271) remove Policy Microsoft Managed Control 1160 - Security Authorization (3e797ca6-2aa8-4333-b335-7036f1110c05) remove Policy Microsoft Managed Control 1579 - Acquisitions Process \| Use Of Approved Piv Products (4e54c7ef-7457-430b-9a3e-ef8881d4a8e0) remove Policy Microsoft Managed Control 1505 - Information Security Architecture (813a10a7-3943-4fe3-8678-00dc52db5490) remove Policy Microsoft Managed Control 1469 - Power Equipment And Cabling (f509c5b6-0de0-4a4e-9b2e-cd9cbf3a58fd) remove Policy Microsoft Managed Control 1432 - Media Storage (1140e542-b80d-4048-af45-3f7245be274b) remove Policy Microsoft Managed Control 1015 - Account Management \| Disable Inactive Accounts (544a208a-9c3f-40bc-b1d1-d7e144495c14) remove Policy Microsoft Managed Control 1151 - System Interconnections (347e3b69-7fb7-47df-a8ef-71a1a7b44bca) remove Policy Microsoft Managed Control 1714 - Software & Information Integrity \| Automated Notifications Of Integrity Violations (e12494fa-b81e-4080-af71-7dbacc2da0ec) remove Policy Microsoft Managed Control 1607 - Developer Security Testing And Evaluation \| Dynamic Code Analysis (976a74cf-b192-4d35-8cab-2068f272addb) remove Policy Microsoft Managed Control 1669 - Flaw Remediation (48f2f62b-5743-4415-a143-288adc0e078d) remove Policy Microsoft Managed Control 1195 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (d1e1d65c-1013-4484-bd54-991332e6a0d2) remove Policy Microsoft Managed Control 1304 - User Identification And Authentication \| Local Access To Non-Privileged Accounts (6ca71be3-16cb-4d39-8b50-7f8fd5e2f11b) remove Policy Microsoft Managed Control 1578 - Acquisitions Process \| Functions / Ports / Protocols / Services In Use (45b7b644-5f91-498e-9d89-7402532d3645) remove Policy Microsoft Managed Control 1651 - Mobile Code (6db63528-c9ba-491c-8a80-83e1e6977a50) remove Policy Microsoft Managed Control 1060 - Remote Access (34a987fd-2003-45de-a120-014956581f2b) remove Policy Microsoft Managed Control 1465 - Monitoring Physical Access \| Monitoring Physical Access To Information Systems (e6e41554-86b5-4537-9f7f-4fc41a1d1640) remove Policy Microsoft Managed Control 1094 - Role-Based Security Training (4b1853e0-8973-446b-b567-09d901d31a09) remove Policy Microsoft Managed Control 1418 - Remote Maintenance \| Comparable Security / Sanitization (28e633fd-284e-4ea7-88b4-02ca157ed713) remove Policy Microsoft Managed Control 1130 - Time Stamps \| Synchronization With Authoritative Time Source (fd7c4c1d-51ee-4349-9dab-89a7f8c8d102) remove Policy Microsoft Managed Control 1683 - Information System Monitoring (8c79fee4-88dd-44ce-bbd4-4de88948c4f8) remove Policy Microsoft Managed Control 1451 - Physical Access Control (e3f1e5a3-25c1-4476-8cb6-3955031f8e65) remove Policy Microsoft Managed Control 1044 - Unsuccessful Logon Attempts (0abbac52-57cf-450d-8408-1208d0dd9e90) remove Policy Microsoft Managed Control 1114 - Response To Audit Processing Failures \| Real-Time Alerts (4c090801-59bc-4454-bb33-e0455133486a) remove Policy Microsoft Managed Control 1071 - Wireless Access Restrictions \| Restrict Configurations By Users (1a437f5b-9ad6-4f28-8861-de404d511ae4) remove Policy Microsoft Managed Control 1325 - Authenticator Management (1845796a-7581-49b2-ae20-443121538e19) remove Policy Microsoft Managed Control 1265 - Contingency Plan Testing \| Alternate Processing Site (a18adb5b-1db6-4a5b-901a-7d3797d12972) remove Policy Microsoft Managed Control 1626 - Boundary Protection \| External Telecommunications Services (e8f6bddd-6d67-439a-88d4-c5fe39a79341) remove Policy Microsoft Managed Control 1616 - System And Communications Protection Policy And Procedures (2006457a-48b3-4f7b-8d2e-1532287f9929) remove Policy Microsoft Managed Control 1335 - Authenticator Management \| Pki-Based Authentication (382016f3-d4ba-4e15-9716-55077ec4dc2a) remove Policy Microsoft Managed Control 1547 - Vulnerability Scanning (58abf9b8-c6d4-4b4b-bfb9-fe98fe295f52) remove Policy Microsoft Managed Control 1072 - Wireless Access Restrictions \| Antennas / Transmission Power Levels (1ca29e41-34ec-4e70-aba9-6248aca18c31) remove Policy Microsoft Managed Control 1339 - Authenticator Management \| Protection Of Authenticators (367ae386-db7f-4167-b672-984ff86277c0) remove Policy Microsoft Managed Control 1027 - Access Enforcement (a76ca9b0-3f4a-4192-9a38-b25e4f8ae48c) remove Policy Microsoft Managed Control 1409 - Maintenance Tools \| Prevent Unauthorized Removal (d1880188-e51a-4772-b2ab-68f5e8bd27f6) remove Policy Microsoft Managed Control 1424 - Maintenance Personnel \| Individuals Without Appropriate Access (cf55fc87-48e1-4676-a2f8-d9a8cf993283) remove Policy Microsoft Managed Control 1034 - Least Privilege (02a5ed00-6d2e-4e97-9a98-46c32c057329) remove Policy Microsoft Managed Control 1400 - Controlled Maintenance (a96d5098-a604-4cdf-90b1-ef6449a27424) remove Policy Microsoft Managed Control 1567 - System Development Life Cycle (e72edbf6-aa61-436d-a227-0f32b77194b3) remove Policy Microsoft Managed Control 1635 - Boundary Protection \| Host-Based Protection (87551b5d-1deb-4d0f-86cc-9dc14cb4bf7e) remove Policy Microsoft Managed Control 1604 - Developer Security Testing And Evaluation (44dbba23-0b61-478e-89c7-b3084667782f) remove Policy Microsoft Managed Control 1624 - Boundary Protection (37d079e3-d6aa-4263-a069-dd7ac6dd9684) remove Policy Microsoft Managed Control 1272 - Alternate Processing Site (ae46cf7a-e3fd-427b-9b91-44bc78e2d9d8) remove Policy Microsoft Managed Control 1286 - Telecommunications Services \| Provider Contingency Plan (b4f9b47a-2116-4e6f-88db-4edbf22753f1) remove Policy Microsoft Managed Control 1106 - Audit Events \| Reviews And Updates (d2b4feae-61ab-423f-a4c5-0e38ac4464d8) remove Policy Microsoft Managed Control 1355 - Incident Response Training (90e01f69-3074-4de8-ade7-0fef3e7d83e0) remove Policy Microsoft Managed Control 1049 - System Use Notification (9adf7ba7-900a-4f35-8d57-9f34aafc405c) remove Policy Microsoft Managed Control 1035 - Least Privilege \| Authorize Access To Security Functions (ca94b046-45e2-444f-a862-dc8ce262a516) remove Policy Microsoft Managed Control 1531 - Third-Party Personnel Security (f0643e0c-eee5-4113-8684-c608d05c5236) remove Policy Microsoft Managed Control 1534 - Personnel Sanctions (8b2b263e-cd05-4488-bcbf-4debec7a17d9) remove Policy Microsoft Managed Control 1169 - Continuous Monitoring \| Trend Analyses (e7ba2cb3-5675-4468-8b50-8486bdd998a5) remove Policy Microsoft Managed Control 1155 - System Interconnections \| Restrictions On External System Connections (4d33f9f1-12d0-46ad-9fbd-8f8046694977) remove Policy Microsoft Managed Control 1217 - Least Functionality \| Periodic Review (edea4f20-b02c-4115-be75-86c080e5c0ed) remove Policy Microsoft Managed Control 1474 - Emergency Power \| Long-Term Alternate Power Supply - Minimal Operational Capability (03ad326e-d7a1-44b1-9a76-e17492efc9e4) remove Policy Microsoft Managed Control 1560 - System And Services Acquisition Policy And Procedures (e29e0915-5c2f-4d09-8806-048b749ad763) remove Policy Microsoft Managed Control 1556 - Vulnerability Scanning \| Automated Trend Analyses (391ff8b3-afed-405e-9f7d-ef2f8168d5da) remove Policy Microsoft Managed Control 1309 - User Identification And Authentication \| Acceptance Of Piv Credentials (f355d62b-39a8-4ba3-abf7-90f71cb3b000) remove Policy Microsoft Managed Control 1587 - External Information System Services (32820956-9c6d-4376-934c-05cd8525be7c) remove Policy Microsoft Managed Control 1539 - Security Categorization (aabb155f-e7a5-4896-a767-e918bfae2ee0) remove Policy Microsoft Managed Control 1297 - Information System Recovery And Reconstitution \| Restore Within Time Period (93fd8af1-c161-4bae-9ba9-f62731f76439) remove Policy Microsoft Managed Control 1109 - Content Of Audit Records \| Centralized Management Of Planned Audit Record Content (7d9ffa23-ad92-4d0d-b1f4-7db274cc2aec) remove Policy Microsoft Managed Control 1584 - Information System Documentation (5864522b-ff1d-4979-a9f8-58bee1fb174c) remove Policy Microsoft Managed Control 1295 - Information System Recovery And Reconstitution (a895fbdb-204d-4302-9689-0a59dc42b3d9) remove Policy Microsoft Managed Control 1422 - Maintenance Personnel (ea556850-838d-4a37-8ce5-9d7642f95e11) remove Policy Microsoft Managed Control 1225 - Information System Component Inventory \| Automated Maintenance (8d096fe0-f510-4486-8b4d-d17dc230980b) remove Policy Microsoft Managed Control 1601 - Developer Security Testing And Evaluation (0ee79a0c-addf-4ce9-9b3c-d9576ed5e20e) remove Policy Microsoft Managed Control 1312 - Identifier Management (4d6a5968-9eef-4c18-8534-376790ab7274) remove Policy Microsoft Managed Control 1000 - Access Control Policy And Procedures Requirements (2ef3cc79-733e-48ed-ab6f-7bf439e9b406) remove Policy Microsoft Managed Control 1125 - Audit Reduction And Report Generation (c6ce745a-670e-47d3-a6c4-3cfe5ef00c10) remove Policy Microsoft Managed Control 1378 - Incident Response Plan (97fceb70-6983-42d0-9331-18ad8253184d) remove Policy Microsoft Managed Control 1375 - Incident Response Assistance \| Automation Support For Availability Of Information / Support (00379355-8932-4b52-b63a-3bc6daf3451a) remove Policy Microsoft Managed Control 1235 - Software Usage Restrictions (c49c610b-ece4-44b3-988c-2172b70d6e46) remove Policy Microsoft Managed Control 1559 - System And Services Acquisition Policy And Procedures (45692294-f074-42bd-ac54-16f1a3c07554) remove Policy Microsoft Managed Control 1370 - Incident Monitoring \| Automated Tracking / Data Collection / Analysis (924e1b2d-c502-478f-bfdb-a7e09a0d5c01) remove Policy Microsoft Managed Control 1425 - Timely Maintenance (5983d99c-f39b-4c32-a3dc-170f19f6941b) remove Policy Microsoft Managed Control 1161 - Continuous Monitoring (e2f8f6c6-dde4-436b-a79d-bc50e129eb3a) remove Policy Microsoft Managed Control 1209 - Configuration Settings (ce669c31-9103-4552-ae9c-cdef4e03580d) remove Policy Microsoft Managed Control 1255 - Contingency Plan \| Continue Essential Missions / Business Functions (f3793f5e-937f-44f7-bfba-40647ef3efa0) remove Policy Microsoft Managed Control 1056 - Session Termination \| User-Initiated Logouts / Message Displays (ac43352f-df83-4694-8738-cfce549fd08d) remove Policy Microsoft Managed Control 1317 - Authenticator Management (8877f519-c166-47b7-81b7-8a8eb4ff3775) remove Policy Microsoft Managed Control 1506 - Personnel Security Policy And Procedures (f7d2ff17-d604-4dd9-b607-9ecf63f28ad2) remove Policy Microsoft Managed Control 1480 - Temperature And Humidity Controls (18a767cc-1947-4338-a240-bc058c81164f) remove Policy Microsoft Managed Control 1648 - Collaborative Computing Devices (3a9eb14b-495a-4ebb-933c-ce4ef5264e32) remove Policy Microsoft Managed Control 1609 - Development Process, Standards, And Tools (9e93fa71-42ac-41a7-b177-efbfdc53c69f) remove Policy Microsoft Managed Control 1050 - Concurrent Session Control (bd20184c-b4ec-4ce5-8db6-6e86352d183f) remove Policy Microsoft Managed Control 1548 - Vulnerability Scanning (3afe6c78-6124-4d95-b85c-eb8c0c9539cb) remove Policy Microsoft Managed Control 1438 - Media Sanitization And Disposal (40fcc635-52a2-4dbc-9523-80a1f4aa1de6) remove Policy Microsoft Managed Control 1133 - Protection Of Audit Information \| Cryptographic Protection (90b60a09-133d-45bc-86ef-b206a6134bbe) remove Policy Microsoft Managed Control 1240 - User-Installed Software (129eb39f-d79a-4503-84cd-92f036b5e429) remove Policy Microsoft Managed Control 1419 - Remote Maintenance \| Cryptographic Protection (b6747bf9-2b97-45b8-b162-3c8becb9937d) remove Policy Microsoft Managed Control 1054 - Session Termination (5807e1b4-ba5e-4718-8689-a0ca05a191b2) remove Policy Microsoft Managed Control 1359 - Incident Response Testing \| Coordination With Related Plans (47bc7ea0-7d13-4f7c-a154-b903f7194253) remove Policy Microsoft Managed Control 1594 - Developer Configuration Management (042ba2a1-8bb8-45f4-b080-c78cf62b90e9) remove Policy Microsoft Managed Control 1142 - Certification, Authorization, Security Assessment Policy And Procedures (01524fa8-4555-48ce-ba5f-c3b8dcef5147) remove Policy Microsoft Managed Control 1517 - Personnel Termination (8f5ad423-50d6-4617-b058-69908f5586c9) remove Policy Microsoft Managed Control 1423 - Maintenance Personnel \| Individuals Without Appropriate Access (7741669e-d4f6-485a-83cb-e70ce7cbbc20) remove Policy Microsoft Managed Control 1356 - Incident Response Training \| Simulated Events (8829f8f5-e8be-441e-85c9-85b72a5d0ef3) remove Policy Microsoft Managed Control 1692 - Information System Monitoring \| Inbound And Outbound Communications Traffic (7ecda928-9df4-4dd7-8f44-641a91e470e8) remove Policy Microsoft Managed Control 1537 - Risk Assessment Policy And Procedures (b19454ca-0d70-42c0-acf5-ea1c1e5726d1) remove Policy Microsoft Managed Control 1727 - Memory Protection (697175a7-9715-4e89-b98b-c6f605888fa3) remove Policy Microsoft Managed Control 1427 - Media Protection Policy And Procedures (bc90e44f-d83f-4bdf-900f-3d5eb4111b31) remove Policy Microsoft Managed Control 1291 - Information System Backup \| Testing For Reliability / Integrity (6d8fd073-9c85-4ee2-a9d0-2e4ec9eb8912) remove Policy Microsoft Managed Control 1391 - Information Spillage Response \| Training (dd6ac1a1-660e-4810-baa8-74e868e2ed47) remove Policy Microsoft Managed Control 1018 - Account Management \| Role-Based Schemes (c9121abf-e698-4ee9-b1cf-71ee528ff07f) remove Policy Microsoft Managed Control 1589 - External Information System Services \| Risk Assessments / Organizational Approvals (86ec7f9b-9478-40ff-8cfd-6a0d510081a8) remove Policy Microsoft Managed Control 1608 - Supply Chain Protection (b73b7b3b-677c-4a2a-b949-ad4dc4acd89f) remove Policy Microsoft Managed Control 1127 - Time Stamps (3ce328db-aef3-48ed-9f81-2ab7cf839c66) remove Policy Microsoft Managed Control 1337 - Authenticator Management \| In-Person Or Trusted Third-Party Registration (463e5220-3f79-4e24-a63f-343e4096cd22) remove Policy Microsoft Managed Control 1208 - Configuration Settings (5ea87673-d06b-456f-a324-8abcee5c159f) remove Policy Microsoft Managed Control 1273 - Alternate Processing Site (e77fcbf2-a1e8-44f1-860e-ed6583761e65) remove Policy Microsoft Managed Control 1346 - Identification And Authentication (Non-Organizational Users) (464dc8ce-2200-4720-87a5-dc5952924cc6) remove Policy Microsoft Managed Control 1344 - Authenticator Feedback (2c895fe7-2d8e-43a2-838c-3a533a5b355e) remove Policy Microsoft Managed Control 1213 - Configuration Settings \| Respond To Unauthorized Changes (81f11e32-a293-4a58-82cd-134af52e2318) remove Policy Microsoft Managed Control 1215 - Least Functionality (88fc93e8-4745-4785-b5a5-b44bb92c44ff) remove Policy Microsoft Managed Control 1621 - Resource Availability (3cb9f731-744a-4691-a481-ca77b0411538) remove Policy Microsoft Managed Control 1394 - System Maintenance Policy And Procedures (4db56f68-3f50-45ab-88f3-ca46f5379a94) remove Policy Microsoft Managed Control 1564 - System Development Life Cycle (157f0ef9-143f-496d-b8f9-f8c8eeaad801) remove Policy Microsoft Managed Control 1345 - Cryptographic Module Authentication (f86aa129-7c07-4aa4-bbf5-792d93ffd9ea) remove Policy Microsoft Managed Control 1096 - Role-Based Security Training \| Practical Exercises (420c1477-aa43-49d0-bd7e-c4abdd9addff) remove Policy Microsoft Managed Control 1483 - Water Damage Protection (5cb81060-3c8a-4968-bcdc-395a1801f6c1) remove Policy Microsoft Managed Control 1248 - Contingency Plan (50fc602d-d8e0-444b-a039-ad138ee5deb0) remove Policy Microsoft Managed Control 1201 - Security Impact Analysis \| Separate Test Environments (7daef997-fdd3-461b-8807-a608a6dd70f1) remove Policy Microsoft Managed Control 1144 - Security Assessments (2fa15ff1-a693-4ee4-b094-324818dc9a51) remove Policy Microsoft Managed Control 1197 - Configuration Change Control \| Test / Validate / Document Changes (a20d2eaa-88e2-4907-96a2-8f3a05797e5c) remove Policy Microsoft Managed Control 1061 - Remote Access \| Automated Monitoring / Control (7ac22808-a2e8-41c4-9d46-429b50738914) remove Policy Microsoft Managed Control 1093 - Role-Based Security Training (7a0bdeeb-15f4-47e8-a1da-9f769f845fdf) remove Policy Microsoft Managed Control 1005 - Account Management (5b626abc-26d4-4e22-9de8-3831818526b1) remove Policy Microsoft Managed Control 1417 - Remote Maintenance \| Comparable Security / Sanitization (7522ed84-70d5-4181-afc0-21e50b1b6d0e) remove Policy Microsoft Managed Control 1303 - User Identification And Authentication \| Local Access To Privileged Accounts (80ca0a27-918a-4604-af9e-723a27ee51e8) remove Policy Microsoft Managed Control 1261 - Contingency Plan Testing (65aeceb5-a59c-4cb1-8d82-9c474be5d431) remove Policy Microsoft Managed Control 1078 - Use Of External Information Systems \| Limits On Authorized Use (b25faf85-8a16-4f28-8e15-d05c0072d64d) remove Policy Microsoft Managed Control 1013 - Account Management \| Automated System Account Management (8fd7b917-d83b-4379-af60-51e14e316c61) remove Policy Microsoft Managed Control 1457 - Physical Access Control (f2d9d3e6-8886-4305-865d-639163e5c305) remove Policy Microsoft Managed Control 1618 - Security Function Isolation (f52f89aa-4489-4ec4-950e-8c96a036baa9) remove Policy Microsoft Managed Control 1698 - Information System Monitoring \| Individuals Posing Greater Risk (31b752c1-05a9-432a-8fce-c39b56550119) remove Policy Microsoft Managed Control 1632 - Boundary Protection \| Prevent Split Tunneling For Remote Devices (4ce9073a-77fa-48f0-96b1-87aa8e6091c2) remove Policy Microsoft Managed Control 1644 - Cryptographic Key Establishment And Management \| Availability (a7211477-c970-446b-b4af-062f37461147) remove Policy Microsoft Managed Control 1410 - Maintenance Tools \| Prevent Unauthorized Removal (a2596a9f-e59f-420d-9625-6e0b536348be) remove Policy Microsoft Managed Control 1575 - Acquisitions Process \| Functional Properties Of Security Controls (93e1bb73-1b08-4dbe-9c62-8e2e92e7ec41) remove Policy Microsoft Managed Control 1436 - Media Transport (28aab8b4-74fd-4b7c-9080-5a7be525d574) remove Policy Microsoft Managed Control 1590 - External Information System Services \| Risk Assessments / Organizational Approvals (bf296b8c-f391-4ea4-9198-be3c9d39dd1f) remove Policy Microsoft Managed Control 1153 - System Interconnections (61cf3125-142c-4754-8a16-41ab4d529635) remove Policy Microsoft Managed Control 1349 - Identification And Authentication (Non-Organizational Users) \| Use Of Ficam-Approved Products (17641f70-94cd-4a5d-a613-3d1143e20e34) remove Policy Microsoft Managed Control 1682 - Malicious Code Protection \| Nonsignature-Based Detection (62b638c5-29d7-404b-8d93-f21e4b1ce198) remove Policy Microsoft Managed Control 1152 - System Interconnections (beff0acf-7e67-40b2-b1ca-1a0e8205cf1b) remove Policy Microsoft Managed Control 1033 - Separation Of Duties (48540f01-fc11-411a-b160-42807c68896e) remove Policy Microsoft Managed Control 1243 - Contingency Planning Policy And Procedures (ca9a4469-d6df-4ab2-a42f-1213c396f0ec) remove Policy Microsoft Managed Control 1277 - Alternate Processing Site \| Priority Of Service (dc43e829-3d50-4a0a-aa0f-428d551862aa) remove Policy Microsoft Managed Control 1523 - Personnel Transfer (5577a310-2551-49c8-803b-36e0d5e55601) remove Policy Microsoft Managed Control 1306 - User Identification And Authentication \| Network Access To Privileged Accounts - Replay... (cafc6c3c-5fc5-4c5e-a99b-a0ccb1d34eff) remove Policy Microsoft Managed Control 1622 - Boundary Protection (ecf56554-164d-499a-8d00-206b07c27bed) remove Policy Microsoft Managed Control 1224 - Information System Component Inventory \| Updates During Installations / Removals (28cfa30b-7f72-47ce-ba3b-eed26c8d2c82) remove Policy Microsoft Managed Control 1697 - Information System Monitoring \| Analyze Traffic / Covert Exfiltration (f9873db2-18ad-46b3-a11a-1a1f8cbf0335) remove Policy Microsoft Managed Control 1442 - Media Sanitization And Disposal \| Nondestructive Techniques (4f26049b-2c5a-4841-9ff3-d48a26aae475) remove Policy Microsoft Managed Control 1634 - Boundary Protection \| Prevent Unauthorized Exfiltration (292a7c44-37fa-4c68-af7c-9d836955ded2) remove Policy Microsoft Managed Control 1228 - Information System Component Inventory \| Accountability Information (39c54140-5902-4079-8bb5-ad31936fe764) remove Policy Microsoft Managed Control 1010 - Account Management (784663a8-1eb0-418a-a98c-24d19bc1bb62) remove Policy Microsoft Managed Control 1421 - Maintenance Personnel (e539caaa-da8c-41b8-9e1e-449851e2f7a6) remove Policy Microsoft Managed Control 1595 - Developer Configuration Management (1e0414e7-6ef5-4182-8076-aa82fbb53341) remove Policy Microsoft Managed Control 1170 - Penetration Testing (8b78b9b3-ee3c-48e0-a243-ed6dba5b7a12) remove Policy Microsoft Managed Control 1244 - Contingency Plan (6a13a8f8-c163-4b1b-8554-d63569dab937) remove Policy Microsoft Managed Control 1405 - Maintenance Tools \| Inspect Tools (fe1a0bf3-409a-4b00-b60d-0b1f917f7e7b) remove Policy Microsoft Managed Control 1186 - Configuration Change Control (b95ba3bd-4ded-49ea-9d10-c6f4b680813d) remove Policy Microsoft Managed Control 1107 - Content Of Audit Records (b29ed931-8e21-4779-8458-27916122a904) remove Policy Microsoft Managed Control 1203 - Access Restrictions For Change \| Automated Access Enforcement / Auditing (f9012d14-e3e6-4d7b-b926-9f37b5537066) remove Policy Microsoft Managed Control 1681 - Malicious Code Protection \| Automatic Updates (12623e7e-4736-4b2e-b776-c1600f35f93a) remove Policy Microsoft Managed Control 1529 - Third-Party Personnel Security (d74fdc92-1cb8-4a34-9978-8556425cd14c) remove Policy Microsoft Managed Control 1086 - Publicly Accessible Content (fb321e6f-16a0-4be3-878f-500956e309c5) remove Policy Microsoft Managed Control 1492 - System Security Plan (7ad5f307-e045-46f7-8214-5bdb7e973737) remove Policy Microsoft Managed Control 1057 - Permitted Actions Without Identification Or Authentication (78255758-6d45-4bf0-a005-7016bc03b13c) remove Policy Microsoft Managed Control 1069 - Wireless Access Restrictions \| Authentication And Encryption (91c97b44-791e-46e9-bad7-ab7c4949edbb) remove Policy Microsoft Managed Control 1157 - Plan Of Action And Milestones (15495367-cf68-464c-bbc3-f53ca5227b7a) remove Policy Microsoft Managed Control 1720 - Spam Protection (44b9a7cd-f36a-491a-a48b-6d04ae7c4221) remove Policy Microsoft Managed Control 1358 - Incident Response Testing (effbaeef-5bf4-400d-895e-ef8cbc0e64c7) remove Policy Microsoft Managed Control 1070 - Wireless Access Restrictions \| Disable Wireless Networking (68f837d0-8942-4b1e-9b31-be78b247bda8) remove Policy Microsoft Managed Control 1138 - Audit Generation (9c284fc0-268a-4f29-af44-3c126674edb4) remove Policy Microsoft Managed Control 1467 - Visitor Access Records (5350cbf9-8bdd-4904-b22a-e88be84ca49d) remove Policy Microsoft Managed Control 1101 - Audit And Accountability Policy And Procedures (7327b708-f0e0-457d-9d2a-527fcc9c9a65) remove Policy Microsoft Managed Control 1100 - Audit And Accountability Policy And Procedures (4057863c-ca7d-47eb-b1e0-503580cba8a4) remove Policy Microsoft Managed Control 1037 - Least Privilege \| Network Access To Privileged Commands (fa4c2a3d-1294-41a3-9ada-0e540471e9fb) remove Policy Microsoft Managed Control 1296 - Information System Recovery And Reconstitution \| Transaction Recovery (e57b98a0-a011-4956-a79d-5d17ed8b8e48) remove Policy Microsoft Managed Control 1009 - Account Management (b26f8610-e615-47c2-abd6-c00b2b0b503a) remove Policy Microsoft Managed Control 1599 - Developer Configuration Management \| Software / Firmware Integrity Verification (0004bbf0-5099-4179-869e-e9ffe5fb0945) remove Policy Microsoft Managed Control 1519 - Personnel Termination (2f13915a-324c-4ab8-b45c-2eefeeefb098) remove Policy Microsoft Managed Control 1158 - Security Authorization (fff50cf2-28eb-45b4-b378-c99412688907) remove Policy Microsoft Managed Control 1178 - Baseline Configuration \| Reviews And Updates (7818b8f4-47c6-441a-90ae-12ce04e99893) remove Policy Microsoft Managed Control 1326 - Authenticator Management (8605fc00-1bf5-4fb3-984e-c95cec4f231d) remove Policy Microsoft Managed Control 1029 - Information Flow Enforcement \| Security Policy Filters (53ac8f8e-c2b5-4d44-8a2d-058e9ced9b69) remove Policy Microsoft Managed Control 1164 - Continuous Monitoring (0fb8d3ce-9e96-481c-9c68-88d4e3019310) remove Policy Microsoft Managed Control 1524 - Personnel Transfer (72f1cb4e-2439-4fe8-88ea-b8671ce3c268) remove Policy Microsoft Managed Control 1108 - Content Of Audit Records \| Additional Audit Information (f9ad559e-c12d-415e-9a78-e50fdd7da7ba) remove Policy Microsoft Managed Control 1703 - Security Alerts & Advisories (804faf7d-b687-40f7-9f74-79e28adf4205) remove Policy Microsoft Managed Control 1278 - Alternate Processing Site \| Preparation For Use (8e5ef485-9e16-4c53-a475-fbb8107eac59) remove Policy Microsoft Managed Control 1562 - Allocation Of Resources (d4142013-7964-4163-a313-a900301c2cef) remove Policy Microsoft Managed Control 1684 - Information System Monitoring (16bfdb59-db38-47a5-88a9-2e9371a638cf) remove Policy Microsoft Managed Control 1460 - Access Control For Output Devices (6f3ce1bb-4f77-4695-8355-70b08d54fdda) remove Policy Microsoft Managed Control 1586 - External Information System Services (6e3b2fbd-8f37-4766-a64d-3f37703dcb51) remove Policy Microsoft Managed Control 1664 - Protection Of Information At Rest \| Cryptographic Protection (a2cdf6b8-9505-4619-b579-309ba72037ac) remove Policy Microsoft Managed Control 1407 - Maintenance Tools \| Prevent Unauthorized Removal (ff9fbd83-1d8d-4b41-aac2-94cb44b33976) remove Policy Microsoft Managed Control 1123 - Audit Review, Analysis, And Reporting \| Audit Level Adjustment (03996055-37a4-45a5-8b70-3f1caa45f87d) remove Policy Microsoft Managed Control 1117 - Audit Review, Analysis, And Reporting \| Process Integration (7fbfe680-6dbb-4037-963c-a621c5635902) remove Policy Microsoft Managed Control 1677 - Malicious Code Protection (4a248e1e-040f-43e5-bff2-afc3a57a3923) remove Policy Microsoft Managed Control 1499 - Rules Of Behavior (e59671ab-9720-4ee2-9c60-170e8c82251e) remove Policy Microsoft Managed Control 1377 - Incident Response Assistance \| Coordination With External Providers (68434bd1-e14b-4031-9edb-a4adf5f84a67) remove Policy Microsoft Managed Control 1443 - Media Use (cd0ec6fa-a2e7-4361-aee4-a8688659a9ed) remove Policy Microsoft Managed Control 1028 - Information Flow Enforcement (f171df5c-921b-41e9-b12b-50801c315475) remove Policy Microsoft Managed Control 1165 - Continuous Monitoring (47e10916-6c9e-446b-b0bd-ff5fd439d79d) remove Policy Microsoft Managed Control 1479 - Fire Protection \| Automatic Fire Suppression (e327b072-281d-4f75-9c28-4216e5d72f26) remove Policy Microsoft Managed Control 1617 - Application Partitioning (a631d8f5-eb81-4f9d-9ee1-74431371e4a3) remove Policy Microsoft Managed Control 1143 - Certification, Authorization, Security Assessment Policy And Procedures (7c6de11b-5f51-4f7c-8d83-d2467c8a816e) remove Policy Microsoft Managed Control 1162 - Continuous Monitoring (5770f3d6-8c2b-4f6f-bf0e-c8c8fc36d592) remove Policy Microsoft Managed Control 1298 - Identification And Authentication Policy And Procedures (1dc784b5-4895-4d27-9d40-a06b032bd1ee) remove Policy Microsoft Managed Control 1611 - Developer-Provided Training (fdda8a0c-ac32-43f6-b2f4-7dc1df03f43f) remove Policy Microsoft Managed Control 1230 - Configuration Management Plan (11158848-f679-4e9b-aa7b-9fb07d945071) remove Policy Microsoft Managed Control 1026 - Account Management \| Disable Accounts For High-Risk Individuals (55419419-c597-4cd4-b51e-009fd2266783) remove Policy Microsoft Managed Control 1392 - Information Spillage Response \| Post-Spill Operations (86dc819f-15e1-43f9-a271-41ae58d4cecc) remove Policy Microsoft Managed Control 1322 - Authenticator Management (9d1d971e-467e-4278-9633-c74c3d4fecc4) remove Policy Microsoft Managed Control 1500 - Rules Of Behavior (9dd5b241-03cb-47d3-a5cd-4b89f9c53c92) remove Policy Microsoft Managed Control 1711 - Security Functionality Verification (b083a535-a66a-41ec-ba7f-f9498bf67cde) remove Policy Microsoft Managed Control 1487 - Alternate Work Site (e9c3371d-c30c-4f58-abd9-30b8a8199571) remove Policy Microsoft Managed Control 1139 - Audit Generation (4ed62522-de00-4dda-9810-5205733d2f34) remove Policy Microsoft Managed Control 1441 - Media Sanitization And Disposal \| Equipment Testing (6519d7f3-e8a2-4ff3-a935-9a9497152ad7) remove Policy Microsoft Managed Control 1177 - Baseline Configuration \| Reviews And Updates (63dbc7a8-e20b-4d38-b857-a7f6c0cd94bc) remove Policy Microsoft Managed Control 1262 - Contingency Plan Testing (831e510e-db41-4c72-888e-a0621ab62265) remove Policy Microsoft Managed Control 1679 - Malicious Code Protection (2cf42a28-193e-41c5-98df-7688e7ef0a88) remove Policy Microsoft Managed Control 1582 - Information System Documentation (cd9e2f38-259b-462c-bfad-0ad7ab4e65c5) remove Policy Microsoft Managed Control 1053 - Session Lock \| Pattern-Hiding Displays (7582b19c-9dba-438e-aed8-ede59ac35ba3) remove Policy Microsoft Managed Control 1527 - Access Agreements (2823de66-332f-4bfd-94a3-3eb036cd3b67) remove Policy Microsoft Managed Control 1264 - Contingency Plan Testing \| Coordinate With Related Plans (dd280d4b-50a1-42fb-a479-ece5878acf19) remove Policy Microsoft Managed Control 1690 - Information System Monitoring \| System-Wide Intrusion Detection System (a2567a23-d1c3-4783-99f3-d471302a4d6b) remove Policy Microsoft Managed Control 1290 - Information System Backup (92f85ce9-17b7-49ea-85ee-ea7271ea6b82) remove Policy Microsoft Managed Control 1247 - Contingency Plan (4e666db5-b2ef-4b06-aac6-09bfce49151b) remove Policy Microsoft Managed Control 1136 - Audit Record Retention (97ed5bac-a92f-4f6d-a8ed-dc094723597c) remove Policy Microsoft Managed Control 1716 - Software & Information Integrity \| Integration Of Detection And Response (e54c325e-42a0-4dcf-b105-046e0f6f590f) remove Policy Microsoft Managed Control 1254 - Contingency Plan \| Resume All Missions / Business Functions (704e136a-4fe0-427c-b829-cd69957f5d2b) remove Policy Microsoft Managed Control 1545 - Risk Assessment (3f4b171a-a56b-4328-8112-32cf7f947ee1) remove Policy Microsoft Managed Control 1613 - Developer Security Architecture And Design (fe2ad78b-8748-4bff-a924-f74dfca93f30) remove Policy Microsoft Managed Control 1212 - Configuration Settings \| Automated Central Management / Application / Verification (56d970ee-4efc-49c8-8a4e-5916940d784c) remove Policy Microsoft Managed Control 1725 - Error Handling (afc234b5-456b-4aa5-b3e2-ce89108124cc) remove Policy Microsoft Managed Control 1503 - Information Security Architecture (c1fa9c2f-d439-4ab9-8b83-81fb1934f81d) remove Policy Microsoft Managed Control 1242 - Contingency Planning Policy And Procedures (cf3b3293-667a-445e-a722-fa0b0afc0958) remove Policy Microsoft Managed Control 1040 - Least Privilege \| Review Of User Privileges (54205576-cec9-463f-ba44-b4b3f5d0a84c) remove Policy Microsoft Managed Control 1650 - Public Key Infrastructure Certificates (201d3740-bd16-4baf-b4b8-7cda352228b7) remove Policy Microsoft Managed Control 1038 - Least Privilege \| Privileged Accounts (26692e88-71b7-4a5f-a8ac-9f31dd05bd8e) remove Policy Microsoft Managed Control 1456 - Physical Access Control (733ba9e3-9e7c-440a-a7aa-6196a90a2870) remove Policy Microsoft Managed Control 1670 - Flaw Remediation (c6108469-57ee-4666-af7e-79ba61c7ae0c) remove Policy Microsoft Managed Control 1572 - Acquisitions Process (04f5fb00-80bb-48a9-a75b-4cb4d4c97c36) remove Policy Microsoft Managed Control 1700 - Information System Monitoring \| Unauthorized Network Services (7831b4ba-c3f4-4cb1-8c11-ef8d59438cd5) remove Policy Microsoft Managed Control 1619 - Information In Shared Resources (c722e569-cb52-45f3-a643-836547d016e1) remove Policy Microsoft Managed Control 1641 - Transmission Confidentiality And Integrity \| Cryptographic Or Alternate Physical Protection (d39d4f68-7346-4133-8841-15318a714a24) remove Policy Microsoft Managed Control 1066 - Remote Access \| Disconnect / Disable Access (4455c2e8-c65d-4acf-895e-304916f90b36) remove Policy Microsoft Managed Control 1514 - Personnel Screening \| Information With Special Protection Measures (9ed5ca00-0e43-434e-a018-7aab91461ba7) remove Policy Microsoft Managed Control 1486 - Alternate Work Site (cb790345-a51f-43de-934e-98dbfaf9dca5) remove Policy Microsoft Managed Control 1269 - Alternate Storage Site \| Separation From Primary Site (19b9439d-865d-4474-b17d-97d2702fdb66) remove Policy Microsoft Managed Control 1445 - Physical And Environmental Protection Policy And Procedures (32d07d59-2716-4972-b37b-214a67ac4a37) remove Policy Microsoft Managed Control 1079 - Use Of External Information Systems \| Limits On Authorized Use (85c32733-7d23-4948-88da-058e2c56b60f) remove Policy Microsoft Managed Control 1231 - Configuration Management Plan (244e0c05-cc45-4fe7-bf36-42dcf01f457d) remove Policy Microsoft Managed Control 1402 - Controlled Maintenance \| Automated Maintenance Activities (0a560d32-8075-4fec-9615-9f7c853f4ea9) remove Policy Microsoft Managed Control 1713 - Software & Information Integrity \| Integrity Checks (0d87c70b-5012-48e9-994b-e70dd4b8def0) remove Policy Microsoft Managed Control 1122 - Audit Review, Analysis, And Reporting \| Permitted Actions (243ec95e-800c-49d4-ba52-1fdd9f6b8b57) remove Policy Microsoft Managed Control 1498 - Rules Of Behavior (633988b9-cf2f-4323-8394-f0d2af9cd6e1) remove Policy Microsoft Managed Control 1032 - Separation Of Duties (5aa85661-d618-46b8-a20f-ca40a86f0751) remove Policy Microsoft Managed Control 1327 - Authenticator Management \| Password-Based Authentication (03188d8f-1ae5-4fe1-974d-2d7d32ef937d) remove Policy Microsoft Managed Control 1453 - Physical Access Control (9693b564-3008-42bc-9d5d-9c7fe198c011) remove Policy Microsoft Managed Control 1188 - Configuration Change Control (bb20548a-c926-4e4d-855c-bcddc6faf95e) remove Policy Microsoft Managed Control 1352 - Incident Response Policy And Procedures (518cb545-bfa8-43f8-a108-3b7d5037469a) remove Policy Microsoft Managed Control 1270 - Alternate Storage Site \| Recovery Time / Point Objectives (53c76a39-2097-408a-b237-b279f7b4614d) remove Policy Microsoft Managed Control 1596 - Developer Configuration Management (21e25e01-0ae0-41be-919e-04ce92b8e8b8) remove Policy Microsoft Managed Control 1008 - Account Management (8356cfc6-507a-4d20-b818-08038011cd07) remove Policy Microsoft Managed Control 1458 - Physical Access Control \| Information System Access (8c19ceb7-56e9-4488-8ddb-b1eb3aa6d203) remove Policy Microsoft Managed Control 1516 - Personnel Termination (da3cd269-156f-435b-b472-c3af34c032ed) remove Policy Microsoft Managed Control 1302 - User Identification And Authentication \| Network Access To Non-Privileged Accounts (09828c65-e323-422b-9774-9d5c646124da) remove Policy Microsoft Managed Control 1489 - Location Of Information System Components (9d0a794f-1444-4c96-9534-e35fc8c39c91) remove Policy Microsoft Managed Control 1347 - Identification And Authentication (Non-Organizational Users) \| Acceptance Of Piv Credentials... (131a2706-61e9-4916-a164-00e052056462) remove Policy Microsoft Managed Control 1063 - Remote Access \| Managed Access Control Points (593ce201-54b2-4dd0-b34f-c308005d7780) remove Policy Microsoft Managed Control 1412 - Remote Maintenance (3492d949-0dbb-4589-88b3-7b59601cc764) remove Policy Microsoft Managed Control 1048 - System Use Notification (483e7ca9-82b3-45a2-be97-b93163a0deb7) remove Policy Microsoft Managed Control 1705 - Security Alerts & Advisories (f82e3639-fa2b-4e06-a786-932d8379b972) remove Policy Microsoft Managed Control 1046 - Unsuccessful Logon Attempts \| Purge / Wipe Mobile Device (0b1aa965-7502-41f9-92be-3e2fe7cc392a) remove Policy Microsoft Managed Control 1709 - Security Functionality Verification (025992d6-7fee-4137-9bbf-2ffc39c0686c) remove Policy Microsoft Managed Control 1084 - Publicly Accessible Content (d0eb15db-dd1c-4d1d-b200-b12dd6cd060c) remove Policy Microsoft Managed Control 1353 - Incident Response Training (c785ad59-f78f-44ad-9a7f-d1202318c748) remove Policy Microsoft Managed Control 1542 - Risk Assessment (eab340d0-3d55-4826-a0e5-feebfeb0131d) remove Policy Microsoft Managed Control 1025 - Account Management \| Account Monitoring / Atypical Usage (adfe020d-0a97-45f4-a39c-696ef99f3a95) remove Policy Microsoft Managed Control 1111 - Response To Audit Processing Failures (21de687c-f15e-4e51-bf8d-f35c8619965b) remove Policy Microsoft Managed Control 1694 - Information System Monitoring \| Analyze Communications Traffic Anomalies (426c4ac9-ff17-49d0-acd7-a13c157081c0) remove Policy Microsoft Managed Control 1636 - Boundary Protection \| Isolation Of Security Tools / Mechanisms / Support Components (7b694eed-7081-43c6-867c-41c76c961043) remove Policy Microsoft Managed Control 1477 - Fire Protection \| Detection Devices / Systems (4862a63c-6c74-4a9d-a221-89af3c374503) remove Policy Microsoft Managed Control 1237 - Software Usage Restrictions \| Open Source Software (e80b6812-0bfa-4383-8223-cdd86a46a890) remove Policy Microsoft Managed Control 1671 - Flaw Remediation (5c5bbef7-a316-415b-9b38-29753ce8e698) remove Policy Microsoft Managed Control 1258 - Contingency Training (7814506c-382c-4d33-a142-249dd4a0dbff) remove Policy Microsoft Managed Control 1518 - Personnel Termination (0d58f734-c052-40e9-8b2f-a1c2bff0b815) remove Policy Microsoft Managed Control 1280 - Telecommunications Services \| Priority Of Service Provisions (fa108498-b3a8-4ffb-9e79-1107e76afad3) remove Policy Microsoft Managed Control 1292 - Information System Backup \| Test Restoration Using Sampling (d03516cf-0293-489f-9b32-a18f2a79f836) remove Policy Microsoft Managed Control 1052 - Session Lock (027cae1c-ec3e-4492-9036-4168d540c42a) remove Policy Microsoft Managed Control 1521 - Personnel Termination \| Automated Notification (3cbddf9c-a3aa-4330-a0f5-4c0c1f1862e5) remove Policy Microsoft Managed Control 1699 - Information System Monitoring \| Privileged Users (69c7bee8-bc19-4129-a51e-65a7b39d3e7c) remove Policy Microsoft Managed Control 1525 - Personnel Transfer (9be2f688-7a61-45e3-8230-e1ec93893f66) remove Policy Microsoft Managed Control 1588 - External Information System Services (68ebae26-e0e0-4ecb-8379-aabf633b51e9) remove Policy Microsoft Managed Control 1723 - Information Input Validation (e91927a0-ac1d-44a0-95f8-5185f9dfce9f) remove Policy Microsoft Managed Control 1245 - Contingency Plan (a0e45314-57b8-4623-80cd-bbb561f59516) remove Policy Microsoft Managed Control 1565 - System Development Life Cycle (45ce2396-5c76-4654-9737-f8792ab3d26b) remove Policy Microsoft Managed Control 1552 - Vulnerability Scanning \| Update By Frequency / Prior To New Scan / When Identified (43684572-e4f1-4642-af35-6b933bc506da) remove Policy Microsoft Managed Control 1343 - Authenticator Management \| Expiration Of Cached Authenticators (2c251a55-31eb-4e53-99c6-e9c43c393ac2) remove Policy Microsoft Managed Control 1074 - Access Control for Portable And Mobile Systems (27a69937-af92-4198-9b86-08d355c7e59a) remove Policy Microsoft Managed Control 1678 - Malicious Code Protection (dd533cb0-b416-4be7-8e86-4d154824dfd7) remove Policy Microsoft Managed Control 1702 - Information System Monitoring \| Indicators Of Compromise (4dfc0855-92c4-4641-b155-a55ddd962362) remove Policy Microsoft Managed Control 1452 - Physical Access Control (82c76455-4d3f-4e09-a654-22e592107e74) remove Policy Microsoft Managed Control 1077 - Use Of External Information Systems (2dad3668-797a-412e-a798-07d3849a7a79) remove Policy Microsoft Managed Control 1282 - Telecommunications Services \| Single Points Of Failure (34042a97-ec6d-4263-93d2-8c1c46823b2a) remove Policy Microsoft Managed Control 1600 - Developer Security Testing And Evaluation (c53f3123-d233-44a7-930b-f40d3bfeb7d6) remove Policy Microsoft Managed Control 1023 - Account Management \| Usage Conditions (e55698b6-3dea-4aa9-99b9-d8218c6ab6e5) remove Policy Microsoft Managed Control 1141 - Audit Generation \| Changes By Authorized Individuals (6fdefbf4-93e7-4513-bc95-c1858b7093e0) remove Policy Microsoft Managed Control 1003 - Account Management (3b68b179-3704-4ff7-b51d-7d65374d165d) remove Policy Microsoft Managed Control 1468 - Visitor Access Records \| Automated Records Maintenance / Review (75603f96-80a1-4757-991d-5a1221765ddd) remove Policy Microsoft Managed Control 1454 - Physical Access Control (ad58985d-ab32-4f99-8bd3-b7e134c90229) remove Policy Microsoft Managed Control 1561 - Allocation Of Resources (40364c3f-c331-4e29-b1e3-2fbe998ba2f5) remove Policy Microsoft Managed Control 1220 - Least Functionality \| Authorized Software / Whitelisting (c40f31a7-81e1-4130-99e5-a02ceea2a1d6) remove Policy Microsoft Managed Control 1192 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (4ebd97f7-b105-4f50-8daf-c51465991240) remove Policy Microsoft Managed Control 1606 - Developer Security Testing And Evaluation \| Threat And Vulnerability Analyses (baa8a9a4-5bbe-4c72-98f6-a3a47ae2b1ca) remove Policy Microsoft Managed Control 1193 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (f5fd629f-3075-4cae-ab53-bad65495a4ac) remove Policy Microsoft Managed Control 1393 - Information Spillage Response \| Exposure To Unauthorized Personnel (731856d8-1598-4b75-92de-7d46235747c0) remove Policy Microsoft Managed Control 1259 - Contingency Training (9d9e18f7-bad9-4d30-8806-a0c9d5e26208) remove Policy Microsoft Managed Control 1597 - Developer Configuration Management (68b250ec-2e4f-4eee-898a-117a9fda7016) remove Policy Microsoft Managed Control 1268 - Alternate Storage Site (23f6e984-3053-4dfc-ab48-543b764781f5) remove Policy Microsoft Managed Control 1673 - Flaw Remediation \| Automated Flaw Remediation Status (dff0b90d-5a6f-491c-b2f8-b90aa402d844) remove Policy Microsoft Managed Control 1062 - Remote Access \| Protection Of Confidentiality / Integrity Using Encryption (4708723f-e099-4af1-bbf9-b6df7642e444) remove Policy Microsoft Managed Control 1654 - Voice Over Internet Protocol (0a2ee16e-ab1f-414a-800b-d1608835862b) remove Policy Microsoft Managed Control 1385 - Information Spillage Response (3e495e65-8663-49ca-9b38-9f45e800bc58) remove Policy Microsoft Managed Control 1680 - Malicious Code Protection \| Central Management (399cd6ee-0e18-41db-9dea-cde3bd712f38) remove Policy Microsoft Managed Control 1426 - Media Protection Policy And Procedures (21f639bc-f42b-46b1-8f40-7a2a389c291a) remove Policy Microsoft Managed Control 1511 - Personnel Screening (a9eae324-d327-4539-9293-b48e122465f8) remove Policy Microsoft Managed Control 1637 - Boundary Protection \| Fail Secure (4075bedc-c62a-4635-bede-a01be89807f3) remove Policy Microsoft Managed Control 1176 - Baseline Configuration (c30690a5-7bf3-467f-b0cd-ef5c7c7449cd) remove Policy Microsoft Managed Control 1021 - Account Management \| Restrictions On Use Of Shared / Group Accounts (9a3eb0a3-428d-4669-baff-20a14eb4b551) remove Policy Microsoft Managed Control 1131 - Protection Of Audit Information (b472a17e-c2bc-493f-b50b-42d55a346962) remove Policy Microsoft Managed Control 1128 - Time Stamps (ef212163-3bc4-4e86-bcf8-705127086393) remove Policy Microsoft Managed Control 1180 - Baseline Configuration \| Automation Support For Accuracy / Currency (874e7880-a067-42a7-bcbe-1a340f54c8cc) remove Policy Microsoft Managed Control 1507 - Personnel Security Policy And Procedures (86ccd1bf-e7ad-4851-93ce-6ec817469c1e) remove Policy Microsoft Managed Control 1718 - Software & Information Integrity \| Binary Or Machine Executable Code (0dced7ab-9ce5-4137-93aa-14c13e06ab17) remove Policy Microsoft Managed Control 1041 - Least Privilege \| Privilege Levels For Code Execution (b3d8d15b-627a-4219-8c96-4d16f788888b) remove Policy Microsoft Managed Control 1676 - Malicious Code Protection (c10fb58b-56a8-489e-9ce3-7ffe24e78e4b) remove Policy Microsoft Managed Control 1701 - Information System Monitoring \| Host-Based Devices (f25bc08f-27cb-43b6-9a23-014d00700426) remove Policy Microsoft Managed Control 1526 - Access Agreements (953e6261-a05a-44fd-8246-000e1a3edbb9) remove Policy Microsoft Managed Control 1614 - Developer Security Architecture And Design (8154e3b3-cc52-40be-9407-7756581d71f6) remove Policy Microsoft Managed Control 1704 - Security Alerts & Advisories (2d44b6fa-1134-4ea6-ad4e-9edb68f65429) remove Policy Microsoft Managed Control 1311 - Identifier Management (e7568697-0c9e-4ea3-9cec-9e567d14f3c6) remove Policy Microsoft Managed Control 1321 - Authenticator Management (eb627cc6-3a9d-46b5-96b7-5fca49178a37) remove Policy Microsoft Managed Control 1085 - Publicly Accessible Content (13d117e0-38b0-4bbb-aaab-563be5dd10ba) remove Policy Microsoft Managed Control 1623 - Boundary Protection (02ce1b22-412a-4528-8630-c42146f917ed) remove Policy Microsoft Managed Control 1536 - Risk Assessment Policy And Procedures (6e40d9de-2ad4-4cb5-8945-23143326a502) remove Policy Microsoft Managed Control 1429 - Media Labeling (b07c9b24-729e-4e85-95fc-f224d2d08a80) remove Policy Microsoft Managed Control 1102 - Audit Events (9943c16a-c54c-4b4a-ad28-bfd938cdbf57) remove Policy Microsoft Managed Control 1204 - Access Restrictions For Change \| Review System Changes (0f4f6750-d1ab-4a4c-8dfd-af3237682665) remove Policy Microsoft Managed Control 1030 - Information Flow Enforcement \| Physical / Logical Separation Of Information Flows (d3531453-b869-4606-9122-29c1cd6e7ed1) remove Policy Microsoft Managed Control 1238 - User-Installed Software (a36cedd4-3ffd-4b1f-8b18-aa71d8d87ce1) remove Policy Microsoft Managed Control 1267 - Alternate Storage Site (4e97ba1d-be5d-4953-8da4-0cccf28f4805) remove Policy Microsoft Managed Control 1520 - Personnel Termination (7f2c513b-eb16-463b-b469-c10e5fa94f0a) remove Policy Microsoft Managed Control 1253 - Contingency Plan \| Resume Essential Missions / Business Functions (0afce0b3-dd9f-42bb-af28-1e4284ba8311) remove Policy Microsoft Managed Control 1098 - Security Training Records (84363adb-dde3-411a-9fc1-36b56737f822) remove Policy Microsoft Managed Control 1006 - Account Management (aae8d54c-4bce-4c04-b3aa-5b65b67caac8) remove Policy Microsoft Managed Control 1719 - Spam Protection (c13da9b4-fe14-4fe2-853a-5997c9d4215a) remove Policy Microsoft Managed Control 1675 - Flaw Remediation \| Time To Remediate Flaws / Benchmarks For Corrective Actions (facb66e0-1c48-478a-bed5-747a312323e1) remove Policy Microsoft Managed Control 1722 - Spam Protection \| Automatic Updates (e1da06bd-25b6-4127-a301-c313d6873fff) remove Policy Microsoft Managed Control 1449 - Physical Access Authorizations (f784d3b0-5f2b-49b7-b9f3-00ba8653ced5) remove Policy Microsoft Managed Control 1576 - Acquisitions Process \| Design / Implementation Information For Security Controls (5f18c885-ade3-48c5-80b1-8f9216019c18) remove Policy Microsoft Managed Control 1236 - Software Usage Restrictions (9ba3ed84-c768-4e18-b87c-34ef1aff1b57) remove Policy Microsoft Managed Control 1105 - Audit Events (5b73f57b-587d-4470-a344-0b0ae805f459) remove Policy Microsoft Managed Control 1434 - Media Transport (2c18f06b-a68d-41c3-8863-b8cd3acb5f8f) remove Policy Microsoft Managed Control 1495 - System Security Plan (f4978d0e-a596-48e7-9f8c-bbf52554ce8d) remove Policy Microsoft Managed Control 1535 - Personnel Sanctions (f9a165d2-967d-4733-8399-1074270dae2e) remove Policy Microsoft Managed Control 1721 - Spam Protection \| Central Management (d207aaef-7c4d-4f8c-9dce-4d62dfa3d29a) remove Policy Microsoft Managed Control 1364 - Incident Handling \| Dynamic Reconfiguration (4c615c2a-dc83-4dda-8220-abce7b50c9bc) remove Policy Microsoft Managed Control 1625 - Boundary Protection \| Access Points (b9b66a4d-70a1-4b47-8fa1-289cec68c605) remove Policy Microsoft Managed Control 1182 - Baseline Configuration \| Configure Systems, Components, Or Devices For High-Risk Areas (4f34f554-da4b-4786-8d66-7915c90893da) remove Policy Microsoft Managed Control 1287 - Information System Backup (819dc6da-289d-476e-8500-7e341ef8677d) remove Policy Microsoft Managed Control 1631 - Boundary Protection \| Deny By Default / Allow By Exception (74ae9b8e-e7bb-4c9c-992f-c535282f7a2c) remove Policy Microsoft Managed Control 1462 - Monitoring Physical Access (9b1f3a9a-13a1-4b40-8420-36bca6fd8c02) remove Policy Microsoft Managed Control 1382 - Incident Response Plan (841392b3-40da-4473-b328-4cde49db67b3) remove Policy Microsoft Managed Control 1581 - Information System Documentation (742b549b-7a25-465f-b83c-ea1ffb4f4e0e) remove Policy Microsoft Managed Control 1413 - Remote Maintenance (aeedddb6-6bc0-42d5-809b-80048033419d) remove Policy Microsoft Managed Control 1172 - Internal System Connections (b43e946e-a4c8-4b92-8201-4a39331db43c) remove Policy Microsoft Managed Control 1019 - Account Management \| Role-Based Schemes (6a3ee9b2-3977-459c-b8ce-2db583abd9f7) remove Policy Microsoft Managed Control 1473 - Emergency Power (d7047705-d719-46a7-8bb0-76ad233eba71) remove Policy Microsoft Managed Control 1211 - Configuration Settings (6a8b9dc8-6b00-4701-aa96-bba3277ebf50) remove Policy Microsoft Managed Control 1199 - Configuration Change Control \| Cryptography Management (a9a08d1c-09b1-48f1-90ea-029bbdf7111e) remove Policy Microsoft Managed Control 1481 - Temperature And Humidity Controls (717a1c78-a267-4f56-ac58-ee6c54dc4339) remove Policy Microsoft Managed Control 1149 - Security Assessments \| Specialized Assessments (2e1b855b-a013-481a-aeeb-2bcb129fd35d) remove Policy Microsoft Managed Control 1110 - Audit Storage Capacity (6182bfa7-0f2a-43f5-834a-a2ddf31c13c7) remove Policy Microsoft Managed Control 1167 - Continuous Monitoring (cbb2be76-4891-430b-95a7-ca0b0a3d1300) remove Policy Microsoft Managed Control 1509 - Position Categorization (70792197-9bfc-4813-905a-bd33993e327f) remove Policy Microsoft Managed Control 1104 - Audit Events (cdd8d244-18b2-4306-a1d1-df175ae0935f) remove Policy Microsoft Managed Control 1129 - Time Stamps \| Synchronization With Authoritative Time Source (71bb965d-4047-4623-afd4-b8189a58df5d) remove Policy Microsoft Managed Control 1482 - Temperature And Humidity Controls \| Monitoring With Alarms / Notifications (9df4277e-8c88-4d5c-9b1a-541d53d15d7b) remove Policy Microsoft Managed Control 1045 - Unsuccessful Logon Attempts (554d2dd6-f3a8-4ad5-b66f-5ce23bd18892) remove Policy Microsoft Managed Control 1717 - Software & Information Integrity \| Binary Or Machine Executable Code (967773fc-d9ab-4a4e-8ff6-f5e9e3f5dbef) remove Policy Microsoft Managed Control 1090 - Security Awareness (2fb740e5-cbc7-4d10-8686-d1bf826652b1) remove Policy Microsoft Managed Control 1092 - Security Awareness \| Insider Threat (8a29d47b-8604-4667-84ef-90d203fcb305) remove Policy Microsoft Managed Control 1016 - Account Management \| Automated Audit Actions (d8b43277-512e-40c3-ab00-14b3b6e72238) remove Policy Microsoft Managed Control 1257 - Contingency Training (b958b241-4245-4bd6-bd2d-b8f0779fb543) remove Policy Microsoft Managed Control 1620 - Denial Of Service Protection (d17c826b-1dec-43e1-a984-7b71c446649c) remove Policy Microsoft Managed Control 1376 - Incident Response Assistance \| Coordination With External Providers (493a95f3-f2e3-47d0-af02-65e6d6decc2f) remove Policy Microsoft Managed Control 1672 - Flaw Remediation \| Central Management (b45fe972-904e-45a4-ac20-673ba027a301) remove Policy Microsoft Managed Control 1431 - Media Storage (a7173c52-2b99-4696-a576-63dd5f970ef4) remove Policy Microsoft Managed Control 1289 - Information System Backup (7a724864-956a-496c-b778-637cb1d762cf) remove Policy Microsoft Managed Control 1533 - Third-Party Personnel Security (bba2a036-fb3b-4261-b1be-a13dfb5fbcaa) remove Policy Microsoft Managed Control 1638 - Boundary Protection \| Dynamic Isolation / Segregation (49b99653-32cd-405d-a135-e7d60a9aae1f) remove Policy Microsoft Managed Control 1659 - Architecture And Provisioning For Name / Address Resolution Service (35a4102f-a778-4a2e-98c2-971056288df8) remove Policy Microsoft Managed Control 1666 - System And Information Integrity Policy And Procedures (12e30ee3-61e6-4509-8302-a871e8ebb91e) remove Policy Microsoft Managed Control 1146 - Security Assessments (dd83410c-ecb6-4547-8f14-748c3cbdc7ac) remove Policy Microsoft Managed Control 1288 - Information System Backup (8d854c3b-a3e6-4ec9-9f0c-c7274dbaeb2f) remove Policy Microsoft Managed Control 1068 - Wireless Access Restrictions (2d045bca-a0fd-452e-9f41-4ec33769717c) remove Policy Microsoft Managed Control 1333 - Authenticator Management \| Pki-Based Authentication (3298d6bf-4bc6-4278-a95d-f7ef3ac6e594) remove Policy Microsoft Managed Control 1368 - Incident Handling \| Correlation With External Organizations (465f32da-0ace-4603-8d1b-7be5a3a702de) remove Policy Microsoft Managed Control 1360 - Incident Handling (be5b05e7-0b82-4ebc-9eda-25e447b1a41e) remove Policy Microsoft Managed Control 1649 - Collaborative Computing Devices (26d292cc-b0b8-4c29-9337-68abc758bf7b) remove Policy Microsoft Managed Control 1605 - Developer Security Testing And Evaluation \| Static Code Analysis (0062eb8b-dc75-4718-8ea5-9bb4a9606655) remove Policy Microsoft Managed Control 1168 - Continuous Monitoring \| Independent Assessment (82409f9e-1f32-4775-bf07-b99d53a91b06) remove Policy Microsoft Managed Control 1708 - Security Functionality Verification (7a1e2c88-13de-4959-8ee7-47e3d74f1f48) remove Policy Microsoft Managed Control 1363 - Incident Handling \| Automated Incident Handling Processes (ea3e8156-89a1-45b1-8bd6-938abc79fdfd) remove Policy Microsoft Managed Control 1332 - Authenticator Management \| Password-Based Authentication (068260be-a5e6-4b0a-a430-cd27071c226a) remove Policy Microsoft Managed Control 1187 - Configuration Change Control (9f2b2f9e-4ba6-46c3-907f-66db138b6f85) remove Policy Microsoft Managed Control 1340 - Authenticator Management \| No Embedded Unencrypted Static Authenticators (e51ff84b-e5ea-408f-b651-2ecc2933e4c6) remove Policy Microsoft Managed Control 1488 - Alternate Work Site (d8ef30eb-a44f-47af-8524-ac19a36d41d2) remove Policy Microsoft Managed Control 1043 - Least Privilege \| Prohibit Non-Privileged Users From Executing Privileged Functions (361a77f6-0f9c-4748-8eec-bc13aaaa2455) remove Policy Microsoft Managed Control 1059 - Remote Access (a29b5d9f-4953-4afe-b560-203a6410b6b4) remove Policy Microsoft Managed Control 1396 - Controlled Maintenance (276af98f-4ff9-4e69-99fb-c9b2452fb85f) remove Policy Microsoft Managed Control 1464 - Monitoring Physical Access \| Intrusion Alarms / Surveillance Equipment (41256567-1795-4684-b00b-a1308ce43cac) remove Policy Microsoft Managed Control 1147 - Security Assessments (8fef824a-29a8-4a4c-88fc-420a39c0d541) remove Policy Microsoft Managed Control 1075 - Access Control for Portable And Mobile Systems \| Full Device / Container-Based Encryption (fc933d22-04df-48ed-8f87-22a3773d4309) remove Policy Microsoft Managed Control 1491 - Security Planning Policy And Procedures (1571dd40-dafc-4ef4-8f55-16eba27efc7b) remove Policy Microsoft Managed Control 1373 - Incident Reporting \| Automated Reporting (4cca950f-c3b7-492a-8e8f-ea39663c14f9) remove Policy Microsoft Managed Control 1466 - Visitor Access Records (0d943a9c-a6f1-401f-a792-740cdb09c451) remove Policy Microsoft Managed Control 1338 - Authenticator Management \| Automated Support For Password Strength Determination (6c59a207-6aed-41dc-83a2-e1ff66e4a4db) remove Policy Microsoft Managed Control 1081 - Information Sharing (3867f2a9-23bb-4729-851f-c3ad98580caf) remove Policy Microsoft Managed Control 1580 - Information System Documentation (854db8ac-6adf-42a0-bef3-b73f764f40b9) remove Policy Microsoft Managed Control 1047 - System Use Notification (e1ff6d62-a55c-41ab-90ba-90bb5b7b6f62) remove Policy Microsoft Managed Control 1196 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (4e7f4ea4-dd62-44f6-8886-ac6137cf52b0) remove Policy Microsoft Managed Control 1430 - Media Labeling (0f559588-5e53-4b14-a7c4-85d28ebc2234) remove Policy Microsoft Managed Control 1558 - Vulnerability Scanning \| Correlate Scanning Information (65592b16-4367-42c5-a26e-d371be450e17) remove Policy Microsoft Managed Control 1603 - Developer Security Testing And Evaluation (2b909c26-162f-47ce-8e15-0c1f55632eac) remove Policy Microsoft Managed Control 1175 - Configuration Management Policy And Procedures (6dab4254-c30d-4bb7-ae99-1d21586c063c) remove Policy Microsoft Managed Control 1121 - Audit Review, Analysis, And Reporting \| Correlation With Physical Monitoring (c72b0eb9-1fc2-44e5-a866-e7cb0532f7c1) remove Policy Microsoft Managed Control 1233 - Configuration Management Plan (9d79001f-95fe-45d0-8736-f217e78c1f57) remove Policy Microsoft Managed Control 1420 - Maintenance Personnel (05ae08cc-a282-413b-90c7-21a2c60b8404) remove Policy Microsoft Managed Control 1655 - Voice Over Internet Protocol (121eab72-390e-4629-a7e2-6d6184f57c6b) remove Policy Microsoft Managed Control 1095 - Role-Based Security Training (bc3f6f7a-057b-433e-9834-e8c97b0194f6) remove Policy Microsoft Managed Control 1496 - System Security Plan (0ca96127-2f87-46ab-a4fc-0d2a786df1c8) remove Policy Microsoft Managed Control 1134 - Protection Of Audit Information \| Access By Subset Of Privileged Users (4e95f70e-181c-4422-9da2-43079710c789) remove Policy Microsoft Managed Control 1484 - Water Damage Protection \| Automation Support (486b006a-3653-45e8-b41c-a052d3e05456) remove Policy Microsoft Managed Control 1640 - Transmission Confidentiality And Integrity (05a289ce-6a20-4b75-a0f3-dc8601b6acd0) remove Policy Microsoft Managed Control 1399 - Controlled Maintenance (2256e638-eb23-480f-9e15-6cf1af0a76b3) remove Policy Microsoft Managed Control 1097 - Role-Based Security Training \| Suspicious Communications And Anomalous System Behavior (cf3e4836-f19e-47eb-a8cd-c3ca150452c0) remove Policy Microsoft Managed Control 1076 - Use Of External Information Systems (98a4bd5f-6436-46d4-ad00-930b5b1dfed4) remove Policy Microsoft Managed Control 1549 - Vulnerability Scanning (d6976a08-d969-4df2-bb38-29556c2eb48a) remove Policy Microsoft Managed Control 1668 - Flaw Remediation (8fb0966e-be1d-42c3-baca-60df5c0bcc61) remove Policy Microsoft Managed Control 1185 - Configuration Change Control (6420cd73-b939-43b7-9d99-e8688fea053c) remove Policy Microsoft Managed Control 1657 - Secure Name / Address Resolution Service (Authoritative Source) (90f01329-a100-43c2-af31-098996135d2b) remove Policy Microsoft Managed Control 1229 - Information System Component Inventory \| No Duplicate Accounting Of Components (03752212-103c-4ab8-a306-7e813022ca9d) remove Policy Microsoft Managed Control 1397 - Controlled Maintenance (391af4ab-1117-46b9-b2c7-78bbd5cd995b) remove Policy Microsoft Managed Control 1428 - Media Access (0a77fcc7-b8d8-451a-ab52-56197913c0c7) remove Policy Microsoft Managed Control 1183 - Baseline Configuration \| Configure Systems, Components, Or Devices For High-Risk Areas (5352e3e0-e63a-452e-9e5f-9c1d181cff9c) remove Policy Microsoft Managed Control 1223 - Information System Component Inventory (05a1bb01-ad5a-49c1-aad3-b0c893b2ec3a) remove Policy Microsoft Managed Control 1571 - Acquisitions Process (b11c985b-f2cd-4bd7-85f4-b52426edf905) remove Policy Microsoft Managed Control 1530 - Third-Party Personnel Security (6e8f9566-29f1-49cd-b61f-f8628a3cf993) remove Policy Microsoft Managed Control 1515 - Personnel Termination (02dd141a-a2b2-49a7-bcbd-ca31142f6211) remove Policy Microsoft Managed Control 1543 - Risk Assessment (fd00b778-b5b5-49c0-a994-734ea7bd3624) remove Policy Microsoft Managed Control 1251 - Contingency Plan \| Coordinate With Related Plans (5e2b3730-8c14-4081-8893-19dbb5de7348) remove Policy Microsoft Managed Control 1119 - Audit Review, Analysis, And Reporting \| Central Review And Analysis (845f6359-b764-4b40-b579-657aefe23c44) remove Policy Microsoft Managed Control 1307 - User Identification And Authentication \| Network Access To Non-Privileged Accounts - Replay... (84e622c8-4bed-417c-84c6-b2fb0dd73682) remove Policy Microsoft Managed Control 1145 - Security Assessments (a0724970-9c75-4a64-a225-a28002953f28) remove Policy Microsoft Managed Control 1232 - Configuration Management Plan (396ba986-eac1-4d6d-85c4-d3fda6b78272) remove Policy Microsoft Managed Control 1553 - Vulnerability Scanning \| Breadth / Depth Of Coverage (9e5225fe-cdfb-4fce-9aec-0fe20dd53b62) remove Policy Microsoft Managed Control 1055 - Session Termination\| User-Initiated Logouts / Message Displays (769efd9b-3587-4e22-90ce-65ddcd5bd969) remove Policy Microsoft Managed Control 1350 - Identification And Authentication (Non-Organizational Users) \| Use Of Ficam-Issued Profiles (d77fd943-6ba6-4a21-ba07-22b03e347cc4) remove Policy Microsoft Managed Control 1592 - External Information System Services \| Consistent Interests Of Consumers And Providers (1d01ba6c-289f-42fd-a408-494b355b6222) remove Policy Microsoft Managed Control 1357 - Incident Response Training \| Automated Training Environments (e4213689-05e8-4241-9d4e-8dd1cdafd105) remove Policy Microsoft Managed Control 1219 - Least Functionality \| Authorized Software / Whitelisting (2a39ac75-622b-4c88-9a3f-45b7373f7ef7) remove Policy Microsoft Managed Control 1154 - System Interconnections \| Unclassified Non-National Security System Connections (e757ceb9-93b3-45fe-a4f4-f43f64f1ac5a) remove Policy Microsoft Managed Control 1497 - System Security Plan \| Plan / Coordinate With Other Organizational Entities (2e3c5583-1729-4d36-8771-59c32f090a22) remove Policy Microsoft Managed Control 1313 - Identifier Management (36220f5b-79a1-4cdb-8c74-2d2449f9a510) remove Policy Microsoft Managed Control 1001 - Access Control Policy And Procedures Requirements (4e26f8c3-4bf3-4191-b8fc-d888805101b7) remove Policy Microsoft Managed Control 1444 - Media Use \| Prohibit Use Without Owner (666143df-f5e0-45bd-b554-135f0f93e44e) remove Policy Microsoft Managed Control 1275 - Alternate Processing Site \| Separation From Primary Site (a23d9d53-ad2e-45ef-afd5-e6d10900a737) remove Policy Microsoft Managed Control 1707 - Security Alerts & Advisories \| Automated Alerts And Advisories (fd4a2ac8-868a-4702-a345-6c896c3361ce) remove Policy Microsoft Managed Control 1014 - Account Management \| Removal Of Temporary / Emergency Accounts (5dee936c-8037-4df1-ab35-6635733da48c) remove Policy Microsoft Managed Control 1284 - Telecommunications Services \| Provider Contingency Plan (942b3e97-6ae3-410e-a794-c9c999b97c0b) remove Policy Microsoft Managed Control 1239 - User-Installed Software (0be51298-f643-4556-88af-d7db90794879) remove Policy Microsoft Managed Control 1058 - Permitted Actions Without Identification Or Authentication (76e85d08-8fbb-4112-a1c1-93521e6a9254) remove Policy Microsoft Managed Control 1200 - Security Impact Analysis (e98fe9d7-2ed3-44f8-93b7-24dca69783ff) remove Policy Microsoft Managed Control 1411 - Remote Maintenance (898d4fe8-f743-4333-86b7-0c9245d93e7d) remove Policy Microsoft Managed Control 1570 - Acquisitions Process (a7fcf38d-bb09-4600-be7d-825046eb162a) remove Policy Microsoft Managed Control 1687 - Information System Monitoring (7a87fc7f-301e-49f3-ba2a-4d74f424fa97) remove Policy Microsoft Managed Control 1082 - Information Sharing (24d480ef-11a0-4b1b-8e70-4e023bf2be23) remove Policy Microsoft Managed Control 1091 - Security Awareness (b23bd715-5d1c-4e5c-9759-9cbdf79ded9d) remove Policy Microsoft Managed Control 1513 - Personnel Screening \| Information With Special Protection Measures (c416970d-b12b-49eb-8af4-fb144cd7c290) remove Policy Microsoft Managed Control 1386 - Information Spillage Response (5120193e-91fd-4f9d-bc6d-194f94734065) remove Policy Microsoft Managed Control 1381 - Incident Response Plan (e5368258-9684-4567-8126-269f34e65eab) remove Policy Microsoft Managed Control 1598 - Developer Configuration Management (ae7e1f5e-2d63-4b38-91ef-bce14151cce3) remove Policy Microsoft Managed Control 1020 - Account Management \| Role-Based Schemes (0b291ee8-3140-4cad-beb7-568c077c78ce) remove Policy Microsoft Managed Control 1330 - Authenticator Management \| Password-Based Authentication (f75cedb2-5def-4b31-973e-b69e8c7bd031) remove Policy Microsoft Managed Control 1099 - Security Training Records (01910bab-8639-4bd0-84ef-cc53b24d79ba) remove Policy Microsoft Managed Control 1308 - User Identification And Authentication \| Remote Access - Separate Device (81817e1c-5347-48dd-965a-40159d008229) remove Policy Microsoft Managed Control 1184 - Configuration Change Control (13579d0e-0ab0-4b26-b0fb-d586f6d7ed20) remove Policy Microsoft Managed Control 1331 - Authenticator Management \| Password-Based Authentication (05460fe2-301f-4ed1-8174-d62c8bb92ff4) remove Policy Microsoft Managed Control 1645 - Cryptographic Key Establishment And Management \| Symmetric Keys (afbd0baf-ff1a-4447-a86f-088a97347c0c) remove Policy Microsoft Managed Control 1688 - Information System Monitoring (063c3f09-e0f0-4587-8fd5-f4276fae675f) remove Policy Microsoft Managed Control 1416 - Remote Maintenance \| Document Remote Maintenance (38dfd8a3-5290-4099-88b7-4081f4c4d8ae) remove Policy Microsoft Managed Control 1414 - Remote Maintenance (2ce63a52-e47b-4ae2-adbb-6e40d967f9e6) remove Policy Microsoft Managed Control 1315 - Identifier Management (3aa87116-f1a1-4edb-bfbf-14e036f8d454) remove Policy Microsoft Managed Control 1568 - Acquisitions Process (b6a8eae8-9854-495a-ac82-d2cd3eac02a6) remove Policy Microsoft Managed Control 1135 - Non-Repudiation (9c308b6b-2429-4b97-86cf-081b8e737b04) remove Policy Microsoft Managed Control 1126 - Audit Reduction And Report Generation \| Automatic Processing (7f37f71b-420f-49bf-9477-9c0196974ecf) remove Policy Microsoft Managed Control 1408 - Maintenance Tools \| Prevent Unauthorized Removal (c5f56ac6-4bb2-4086-bc41-ad76344ba2c2) remove Policy Microsoft Managed Control 1276 - Alternate Processing Site \| Accessibility (e214e563-1206-4a43-a56b-ac5880c9c571) remove Policy Microsoft Managed Control 1593 - External Information System Services \| Processing, Storage, And Service Location (2cd0a426-b5f5-4fe0-9539-a6043cdbc6fa) remove Policy Microsoft Managed Control 1173 - Internal System Connections (c4aff9e7-2e60-46fa-86be-506b79033fc5) remove Policy Microsoft Managed Control 1174 - Configuration Management Policy And Procedures (42a9a714-8fbb-43ac-b115-ea12d2bd652f) remove Policy Microsoft Managed Control 1724 - Error Handling (d07594d1-0307-4c08-94db-5d71ff31f0f6) remove Policy Microsoft Managed Control 1384 - Information Spillage Response (79fbc228-461c-4a45-9004-a865ca0728a7) remove Policy Microsoft Managed Control 1510 - Position Categorization (79da5b09-0e7e-499e-adda-141b069c7998) remove Policy Microsoft Managed Control 1501 - Rules Of Behavior (88817b58-8472-4f6c-81fa-58ce42b67f51) remove Policy Microsoft Managed Control 1004 - Account Management (c17822dc-736f-4eb4-a97d-e6be662ff835) remove Policy Microsoft Managed Control 1546 - Vulnerability Scanning (2ce1ea7e-4038-4e53-82f4-63e8859333c1) remove Policy Microsoft Managed Control 1166 - Continuous Monitoring (bb02733d-3cc5-4bb0-a6cd-695ba2c2272e) remove Policy Microsoft Managed Control 1206 - Access Restrictions For Change \| Limit Production / Operational Privileges (e0de232d-02a0-4652-872d-88afb4ae5e91) remove Policy Microsoft Managed Control 1387 - Information Spillage Response (e3007185-3857-43a9-8237-06ca94f1084c) remove Policy Microsoft Managed Control 1630 - Boundary Protection \| External Telecommunications Services (3643717a-3897-4bfd-8530-c7c96b26b2a0) remove Policy Microsoft Managed Control 1087 - Security Awareness And Training Policy And Procedures (100c82ba-42e9-4d44-a2ba-94b209248583) remove Policy Microsoft Managed Control 1695 - Information System Monitoring \| Wireless Intrusion Detection (13fcf812-ec82-4eda-9b89-498de9efd620) remove Policy Microsoft Managed Control 1459 - Access Control For Transmission Medium (75cc73c7-5cdb-479d-a06f-7b4d0dbb1da0) remove Policy Microsoft Managed Control 1042 - Least Privilege \| Auditing Use Of Privileged Functions (319dc4f0-0fed-4ac9-8fc3-7aeddee82c07) remove Policy Microsoft Managed Control 1532 - Third-Party Personnel Security (a2c66299-9017-4d95-8040-8bdbf7901d52) remove Policy Microsoft Managed Control 1591 - External Information System Services \| Identification Of Functions / Ports / Protocols... (f751cdb7-fbee-406b-969b-815d367cb9b3) remove Policy Microsoft Managed Control 1329 - Authenticator Management \| Password-Based Authentication (498f6234-3e20-4b6a-a880-cbd646d973bd) remove Policy Microsoft Managed Control 1551 - Vulnerability Scanning \| Update Tool Capability (5bbda922-0172-4095-89e6-5b4a0bf03af7) remove Policy Microsoft Managed Control 1470 - Emergency Shutoff (c89ba09f-2e0f-44d0-8095-65b05bd151ef) remove Policy Microsoft Managed Control 1602 - Developer Security Testing And Evaluation (ddae2e97-a449-499f-a1c8-aea4a7e52ec9) remove Policy Microsoft Managed Control 1067 - Wireless Access Restrictions (5c5e54f6-0127-44d0-8b61-f31dc8dd6190) remove Policy Microsoft Managed Control 1320 - Authenticator Management (6f54c732-71d4-4f93-a696-4e373eca3a77) remove Policy Microsoft Managed Control 1401 - Controlled Maintenance (b78ee928-e3c1-4569-ad97-9f8c4b629847) remove Policy Microsoft Managed Control 1573 - Acquisitions Process (58c93053-7b98-4cf0-b99f-1beb985416c2) remove Policy Microsoft Managed Control 1642 - Network Disconnect (53397227-5ee3-4b23-9e5e-c8a767ce6928) remove Policy Microsoft Managed Control 1159 - Security Authorization (0925f098-7877-450b-8ba4-d1e55f2d8795) remove Policy Microsoft Managed Control 1665 - Process Isolation (5df3a55c-8456-44d4-941e-175f79332512) remove Policy Microsoft Managed Control 1249 - Contingency Plan (d3bf4251-0818-42db-950b-afd5b25a51c2) remove Policy Microsoft Managed Control 1250 - Contingency Plan (8de614d8-a8b7-4f70-a62a-6d37089a002c) remove Policy Microsoft Managed Control 1550 - Vulnerability Scanning (902908fb-25a8-4225-a3a5-5603c80066c9) remove Policy Microsoft Managed Control 1554 - Vulnerability Scanning \| Discoverable Information (10984b4e-c93e-48d7-bf20-9c03b04e9eca) remove Policy Microsoft Managed Control 1260 - Contingency Training \| Simulated Events (42254fc4-2738-4128-9613-72aaa4f0d9c3) remove Policy Microsoft Managed Control 1557 - Vulnerability Scanning \| Review Historic Audit Logs (36fbe499-f2f2-41b6-880e-52d7ea1d94a5) remove Policy Microsoft Managed Control 1036 - Least Privilege \| Non-Privileged Access For Nonsecurity Functions (9a16d673-8cf0-4dcf-b1d5-9b3e114fef71) remove Policy Microsoft Managed Control 1007 - Account Management (17200329-bf6c-46d8-ac6d-abf4641c2add) remove Policy Microsoft Managed Control 1691 - Information System Monitoring \| Automated Tools For Real-Time Analysis (71475fb4-49bd-450b-a1a5-f63894c24725) remove Policy Microsoft Managed Control 1490 - Security Planning Policy And Procedures (9e61da80-0957-4892-b70c-609d5eaafb6b) remove Policy Microsoft Managed Control 1210 - Configuration Settings (3502c968-c490-4570-8167-1476f955e9b8) remove Policy Microsoft Managed Control 1447 - Physical Access Authorizations (b9783a99-98fe-4a95-873f-29613309fe9a) remove Policy Microsoft Managed Control 1566 - System Development Life Cycle (50ad3724-e2ac-4716-afcc-d8eabd97adb9) remove Policy Microsoft Managed Control 1156 - Plan Of Action And Milestones (4d52e864-9a3b-41ee-8f03-520815fe5378) remove Policy Microsoft Managed Control 1404 - Maintenance Tools (13d8f903-0cd6-449f-a172-50f6579c182b) remove Policy Microsoft Managed Control 1455 - Physical Access Control (068a88d4-e520-434e-baf0-9005a8164e6a) remove Policy Microsoft Managed Control 1191 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (7f26a61b-a74d-467c-99cf-63644db144f7) remove Policy Microsoft Managed Control 1351 - Incident Response Policy And Procedures (bcfb6683-05e5-4ce6-9723-c3fbe9896bdd) remove Policy Microsoft Managed Control 1372 - Incident Reporting (25b96717-c912-4c00-9143-4e487f411726) remove Policy Microsoft Managed Control 1563 - Allocation Of Resources (9afe2edf-232c-4fdf-8e6a-e867a5c525fd) remove Policy Microsoft Managed Control 1628 - Boundary Protection \| External Telecommunications Services (67de62b4-a737-4781-8861-3baed3c35069) remove Policy Microsoft Managed Control 1132 - Protection Of Audit Information \| Audit Backup On Separate Physical Systems / Components (05938e10-cdbd-4a54-9b2b-1cbcfc141ad0) remove Policy Microsoft Managed Control 1663 - Protection Of Information At Rest (60171210-6dde-40af-a144-bf2670518bfa) remove Policy Microsoft Managed Control 1627 - Boundary Protection \| External Telecommunications Services (fd73310d-76fc-422d-bda4-3a077149f179) remove Policy Microsoft Managed Control 1226 - Information System Component Inventory \| Automated Unauthorized Component Detection (c158eb1c-ae7e-4081-8057-d527140c4e0c) remove Policy Microsoft Managed Control 1463 - Monitoring Physical Access (59721f87-ae25-4db0-a2a4-77cc5b25d495) remove Policy Microsoft Managed Control 1227 - Information System Component Inventory \| Automated Unauthorized Component Detection (03b78f5e-4877-4303-b0f4-eb6583f25768) remove Policy Microsoft Managed Control 1246 - Contingency Plan (398eb61e-8111-40d5-a0c9-003df28f1753) remove Policy Microsoft Managed Control 1383 - Incident Response Plan (d4558451-e16a-4d2d-a066-fe12a6282bb9) remove Policy Microsoft Managed Control 1448 - Physical Access Authorizations (825d6494-e583-42f2-a3f2-6458e6f0004f) remove Policy Microsoft Managed Control 1012 - Account Management (efd7b9ae-1db6-4eb6-b0fe-87e6565f9738) remove Policy Microsoft Managed Control 1512 - Personnel Screening (5a8324ad-f599-429b-aaed-f9c6e8c987a8) remove Policy Microsoft Managed Control 1179 - Baseline Configuration \| Reviews And Updates (3f9ce557-c8ab-4e6c-bb2c-9b8ed002c46c) remove Policy Microsoft Managed Control 1395 - System Maintenance Policy And Procedures (7207a023-a517-41c5-9df2-09d4c6845a05) remove Policy Microsoft Managed Control 1181 - Baseline Configuration \| Retention Of Previous Configurations (21839937-d241-4fa5-95c6-b669253d9ab9) remove Policy Microsoft Managed Control 1653 - Mobile Code (6b1c00a7-7fd0-42b0-8c5b-c45f6fa1f71b) remove Policy Microsoft Managed Control 1493 - System Security Plan (22b469b3-fccf-42da-aa3b-a28e6fb113ce) remove Policy Microsoft Managed Control 1658 - Secure Name / Address Resolution Service (Recursive Or Caching Resolver) (063b540e-4bdc-4e7a-a569-3a42ddf22098) remove Policy Microsoft Managed Control 1398 - Controlled Maintenance (443e8f3d-b51a-45d8-95a7-18b0e42f4dc4) remove Policy Microsoft Managed Control 1222 - Information System Component Inventory (fb39e62f-6bda-4558-8088-ec03d5670914) remove Policy Microsoft Managed Control 1696 - Information System Monitoring \| Correlate Monitoring Information (69d2a238-20ab-4206-a6dc-f302bf88b1b8) remove Policy Microsoft Managed Control 1190 - Configuration Change Control (c66a3d1e-465b-4f28-9da5-aef701b59892) remove Policy Microsoft Managed Control 1712 - Software & Information Integrity (44e543aa-41db-42aa-98eb-8a5eb1db53f0) remove Policy Microsoft Managed Control 1305 - User Identification And Authentication \| Group Authentication (9d9166a8-1722-4b8f-847c-2cf3f2618b3d) remove Policy Microsoft Managed Control 1450 - Physical Access Authorizations (134d7a13-ba3e-41e2-b236-91bfcfa24e01) remove Policy Microsoft Managed Control 1207 - Access Restrictions For Change \| Limit Production / Operational Privileges (8713a0ed-0d1e-4d10-be82-83dffb39830e) remove Policy Microsoft Managed Control 1504 - Information Security Architecture (9e7c35d0-12d4-4e0c-80a2-8a352537aefd) remove Policy Microsoft Managed Control 1541 - Risk Assessment (70f6af82-7be6-44aa-9b15-8b9231b2e434) remove Policy Microsoft Managed Control 1374 - Incident Response Assistance (cc5c8616-52ef-4e5e-8000-491634ed9249) remove Policy Microsoft Managed Control 1610 - Development Process, Standards, And Tools (b9f3fb54-4222-46a1-a308-4874061f8491) remove Policy Microsoft Managed Control 1646 - Cryptographic Key Establishment And Management \| Asymmetric Keys (506814fa-b930-4b10-894e-a45b98c40e1a) remove Policy Microsoft Managed Control 1612 - Developer Security Architecture And Design (a2037b3d-8b04-4171-8610-e6d4f1d08db5) remove Policy Microsoft Managed Control 1279 - Telecommunications Services (7d00bcd6-963d-4c02-ad8e-b45fa50bf3b0) remove Policy Microsoft Managed Control 1065 - Remote Access \| Privileged Commands / Access (f87b8085-dca9-4cf1-8f7b-9822b997797c) remove Policy Microsoft Managed Control 1039 - Least Privilege \| Review Of User Privileges (3a7b9de4-a8a2-4672-914d-c5f6752aa7f9) remove Policy Microsoft Managed Control 1656 - Secure Name / Address Resolution Service (Authoritative Source) (1cb067d5-c8b5-4113-a7ee-0a493633924b) remove Policy Microsoft Managed Control 1403 - Controlled Maintenance \| Automated Maintenance Activities (57149289-d52b-4f40-9fe6-5233c1ef80f7) remove Policy Microsoft Managed Control 1715 - Software & Information Integrity \| Automated Response To Integrity Violations (dd469ae0-71a8-4adc-aafc-de6949ca3339) remove Policy Microsoft Managed Control 1475 - Emergency Lighting (34a63848-30cf-4081-937e-ce1a1c885501) remove Policy Microsoft Managed Control 1088 - Security Awareness And Training Policy And Procedures (1d50f99d-1356-49c0-934a-45f742ba7783) remove Policy Microsoft Managed Control 1366 - Incident Handling \| Information Correlation (06c45c30-ae44-4f0f-82be-41331da911cc) remove Policy Microsoft Managed Control 1446 - Physical And Environmental Protection Policy And Procedures (bf6850fe-abba-468e-9ef4-d09ec7d983cd) remove Policy Microsoft Managed Control 1198 - Configuration Change Control \| Security Representative (f56be5c3-660b-4c61-9078-f67cf072c356) remove Policy Microsoft Managed Control 1643 - Cryptographic Key Establishment And Management (6d8d492c-dd7a-46f7-a723-fa66a425b87c) remove Policy Microsoft Managed Control 1379 - Incident Response Plan (9442dd2c-a07f-46cd-b55a-553b66ba47ca) remove Policy Microsoft Managed Control 1569 - Acquisitions Process (ad2f8e61-a564-4dfd-8eaa-816f5be8cb34) remove Policy Microsoft Managed Control 1437 - Media Transport \| Cryptographic Protection (6d1eb6ed-bf13-4046-b993-b9e2aef0f76c) remove Policy Microsoft Managed Control 1266 - Contingency Plan Testing \| Alternate Processing Site (3b4a3eb2-c25d-40bf-ad41-5094b6f59cee) remove Policy Microsoft Managed Control 1365 - Incident Handling \| Continuity Of Operations (4116891d-72f7-46ee-911c-8056cc8dcbd5) remove Policy Microsoft Managed Control 1080 - Use Of External Information Systems \| Portable Storage Devices (852981b4-a380-4704-aa1e-2e52d63445e5) remove Policy Microsoft Managed Control 1388 - Information Spillage Response (2c7c575a-d4c5-4f6f-bd49-dee97a8cba55) remove Policy Microsoft Managed Control 1706 - Security Alerts & Advisories (f475ee0e-f560-4c9b-876b-04a77460a404) remove Policy Microsoft Managed Control 1710 - Security Functionality Verification (af2a93c8-e6dd-4c94-acdd-4a2eedfc478e) remove Policy Microsoft Managed Control 1685 - Information System Monitoring (36b0ef30-366f-4b1b-8652-a3511df11f53) remove Policy Microsoft Managed Control 1362 - Incident Handling (5d169442-d6ef-439b-8dca-46c2c3248214) remove Policy Microsoft Managed Control 1120 - Audit Review, Analysis, And Reporting \| Integration / Scanning And Monitoring Capabilities (c69b870e-857b-458b-af02-bb234f7a00d3) remove Policy Microsoft Managed Control 1073 - Access Control for Portable And Mobile Systems (ab55cdb0-c7dd-4bd8-ae22-a7cea7594e9c) remove Policy Microsoft Managed Control 1647 - Use of Cryptography (791cfc15-6974-42a0-9f4c-2d4b82f4a78c) remove Policy Microsoft Managed Control 1031 - Separation Of Duties (6b93a801-fe25-4574-a60d-cb22acffae00) remove Policy Microsoft Managed Control 1629 - Boundary Protection \| External Telecommunications Services (c171b095-7756-41de-8644-a062a96043f2) remove Policy Microsoft Managed Control 1494 - System Security Plan (9ed09d84-3311-4853-8b67-2b55dfa33d09) remove Policy Microsoft Managed Control 1522 - Personnel Transfer (38b470cc-f939-4a15-80e0-9f0c74f2e2c9) remove Policy Microsoft Managed Control 1485 - Delivery And Removal (50301354-95d0-4a11-8af5-8039ecf6d38b) remove Policy Microsoft Managed Control 1577 - Acquisitions Process \| Continuous Monitoring Plan (d922484a-8cfc-4a6b-95a4-77d6a685407f) remove Policy Microsoft Managed Control 1583 - Information System Documentation (0882d488-8e80-4466-bc0f-0cd15b6cb66d) remove Policy Microsoft Managed Control 1051 - Session Lock (7cac6ee9-b58b-40c8-a5ce-f0efc3d9b339) remove Policy Microsoft Managed Control 1316 - Identifier Management \| Identify User Status (8ce14753-66e5-465d-9841-26ef55c09c0d) remove Policy Microsoft Managed Control 1318 - Authenticator Management (fced5fda-3bdb-4d73-bfea-0e2c80428b66) remove Policy Microsoft Managed Control 1214 - Least Functionality (f714a4e2-b580-47b6-ae8c-f2812d3750f3) remove Policy Microsoft Managed Control 1461 - Monitoring Physical Access (aafef03e-fea8-470b-88fa-54bd1fcd7064) remove Policy Microsoft Managed Control 1406 - Maintenance Tools \| Inspect Media (a0f5339c-9292-43aa-a0bc-d27c6b8e30aa) remove Policy Microsoft Managed Control 1433 - Media Transport (5b879b41-2728-41c5-ad24-9ee2c37cbe65) remove Policy Microsoft Managed Control 1693 - Information System Monitoring \| System-Generated Alerts (a450eba6-2efc-4a00-846a-5804a93c6b77) remove Policy Microsoft Managed Control 1440 - Media Sanitization And Disposal \| Review / Approve / Track / Document / Verify (881299bf-2a5b-4686-a1b2-321d33679953) remove Policy Microsoft Managed Control 1137 - Audit Generation (4344df62-88ab-4637-b97b-bcaf2ec97e7c) remove Policy Microsoft Managed Control 1415 - Remote Maintenance (61a1dd98-b259-4840-abd5-fbba7ee0da83) remove Policy Microsoft Managed Control 1662 - Fail In Known State (165cb91f-7ea8-4ab7-beaf-8636b98c9d15) remove Policy Microsoft Managed Control 1314 - Identifier Management (ef0c8530-efd9-45b8-b753-f03083d06295) remove Policy Microsoft Managed Control 1476 - Fire Protection (0f3c4ac2-3e35-4906-a80b-473b12a622d7) remove Policy Microsoft Managed Control 1389 - Information Spillage Response (c39e6fda-ae70-4891-a739-be7bba6d1062) remove Policy Microsoft Managed Control 1472 - Emergency Shutoff (ef869332-921d-4c28-9402-3be73e6e50c8) remove Policy Microsoft Managed Control 1661 - Session Authenticity \| Invalidate Session Identifiers At Logout (4c643c9a-1be7-4016-a5e7-e4bada052920) remove Policy Microsoft Managed Control 1652 - Mobile Code (6998e84a-2d29-4e10-8962-76754d4f772d) remove Policy Microsoft Managed Control 1112 - Response To Audit Processing Failures (d530aad8-4ee2-45f4-b234-c061dae683c0) remove Policy Microsoft Managed Control 1002 - Account Management (632024c2-8079-439d-a7f6-90af1d78cc65) remove Policy Microsoft Managed Control 1689 - Information System Monitoring (de901f2f-a01a-4456-97f0-33cda7966172) remove Policy Microsoft Managed Control 1323 - Authenticator Management (abe8f70b-680f-470c-9b86-a7edfb664ecc) remove Policy Microsoft Managed Control 1281 - Telecommunications Services \| Priority Of Service Provisions (8dc459b3-0e77-45af-8d71-cfd8c9654fe2) remove Policy Microsoft Managed Control 1163 - Continuous Monitoring (961663a1-8a91-4e59-b6f5-1eee57c0f49c) remove Policy Microsoft Managed Control 1171 - Penetration Testing \| Independent Penetration Agent Or Team (6d4820bc-8b61-4982-9501-2123cb776c00) remove Policy Microsoft Managed Control 1574 - Acquisitions Process (0f935dab-83d6-47b8-85ef-68b8584161b9) remove Policy Microsoft Managed Control 1218 - Least Functionality \| Prevent Program Execution (4a1d0394-b9f5-493e-9e83-563fd0ac4df8) remove Policy Microsoft Managed Control 1300 - User Identification And Authentication (99deec7d-5526-472e-b07c-3645a792026a) remove Policy Microsoft Managed Control 1726 - Information Output Handling And Retention (baff1279-05e0-4463-9a70-8ba5de4c7aa4) remove Policy Microsoft Managed Control 1334 - Authenticator Management \| Pki-Based Authentication (44bfdadc-8c2e-4c30-9c99-f005986fabcd) remove Policy Microsoft Managed Control 1361 - Incident Handling (03ed3be1-7276-4452-9a5d-e4168565ac67) remove Policy Microsoft Managed Control 1294 - Information System Backup \| Transfer To Alternate Storage Site (49dbe627-2c1e-438c-979e-dd7a39bbf81d) remove Policy Microsoft Managed Control 1380 - Incident Response Plan (b4319b7e-ea8d-42ff-8a67-ccd462972827) remove Policy Microsoft Managed Control 1341 - Authenticator Management \| Multiple Information System Accounts (34cb7e92-fe4c-4826-b51e-8cd203fa5d35) remove Policy Microsoft Managed Control 1189 - Configuration Change Control (ee45e02a-4140-416c-82c4-fecfea660b9d) remove Policy Microsoft Managed Control 1205 - Access Restrictions For Change \| Signed Components (5b070cab-0fb8-4e48-ad29-fc90b4c2797c) remove Policy Microsoft Managed Control 1369 - Incident Monitoring (18cc35ed-a429-486d-8d59-cb47e87304ed) remove Policy Microsoft Managed Control 1674 - Flaw Remediation \| Time To Remediate Flaws / Benchmarks For Corrective Actions (93e9e233-dd0a-4bde-aea5-1371bce0e002) remove Policy Microsoft Managed Control 1639 - Boundary Protection \| Isolation Of Information System Components (78e8e649-50f6-4fe3-99ac-fedc2e63b03f) remove Policy Microsoft Managed Control 1274 - Alternate Processing Site (2aee175f-cd16-4825-939a-a85349d96210) remove Policy Microsoft Managed Control 1241 - User-Installed Software \| Alerts For Unauthorized Installations (eca4d7b2-65e2-4e04-95d4-c68606b063c3) remove Policy Microsoft Managed Control 1252 - Contingency Plan \| Capacity Planning (a328fd72-8ff5-4f96-8c9c-b30ed95db4ab) remove Policy Microsoft Managed Control 1124 - Audit Reduction And Report Generation (c10152dd-78f8-4335-ae2d-ad92cc028da4) remove Policy Microsoft Managed Control 1502 - Rules Of Behavior \| Social Media And Networking Restrictions (e901375c-8f01-4ac8-9183-d5312f47fe63) remove Policy Microsoft Managed Control 1202 - Access Restrictions For Change (40a2a83b-74f2-4c02-ae65-f460a5d2792a) remove Policy Microsoft Managed Control 1299 - Identification And Authentication Policy And Procedures (fd4e54f7-9ab0-4bae-b6cc-457809948a89) remove Policy Microsoft Managed Control 1471 - Emergency Shutoff (7dd0e9ce-1772-41fb-a50a-99977071f916) remove Policy Microsoft Managed Control 1011 - Account Management (7e6a54f3-883f-43d5-87c4-172dfd64a1f5) remove Policy Microsoft Managed Control 1150 - Security Assessments \| External Organizations (d630429d-e763-40b1-8fba-d20ba7314afb) remove Policy Microsoft Managed Control 1478 - Fire Protection \| Suppression Devices / Systems (f997df46-cfbb-4cc8-aac8-3fecdaf6a183) remove Policy Microsoft Managed Control 1336 - Authenticator Management \| Pki-Based Authentication (77f56280-e367-432a-a3b9-8ca2aa636a26) remove Policy Microsoft Managed Control 1022 - Account Management \| Shared / Group Account Credential Termination (411f7e2d-9a0b-4627-a0b9-1700432db47d) remove Policy Microsoft Managed Control 1148 - Security Assessments \| Independent Assessors (28e62650-c7c2-4786-bdfa-17edc1673902) remove Policy Microsoft Managed Control 1234 - Software Usage Restrictions (b293f881-361c-47ed-b997-bc4e2296bc0b) remove Policy Microsoft Managed Control 1585 - Security Engineering Principles (d57f8732-5cdc-4cda-8d27-ab148e1f3a55) remove Policy Microsoft Managed Control 1017 - Account Management \| Inactivity Logout (0fc3db37-e59a-48c1-84e9-1780cedb409e) remove Policy Microsoft Managed Control 1083 - Publicly Accessible Content (4e319cb6-2ca3-4a58-ad75-e67f484e50ec) remove Policy Microsoft Managed Control 1540 - Security Categorization (f771f8cb-6642-45cc-9a15-8a41cd5c6977) remove Policy Microsoft Managed Control 1660 - Session Authenticity (63096613-ce83-43e5-96f4-e588e8813554) remove Policy Microsoft Managed Control 1354 - Incident Response Training (9fd92c17-163a-4511-bb96-bbb476449796) remove Policy Microsoft Managed Control 1103 - Audit Events (16feeb31-6377-437e-bbab-d7f73911896d) remove Policy Microsoft Managed Control 1285 - Telecommunications Services \| Provider Contingency Plan (01f7726b-db54-45c2-bcb5-9bd7a43796ee) remove Policy Microsoft Managed Control 1301 - User Identification And Authentication \| Network Access To Privileged Accounts (b6a8e0cc-ac23-468b-abe4-a8a1cc6d7a08) remove Policy Microsoft Managed Control 1435 - Media Transport (fa8d221b-d130-4637-ba16-501e666628bb) remove Policy Microsoft Managed Control 1508 - Position Categorization (76f500cc-4bca-4583-bda1-6d084dc21086) remove Policy Microsoft Managed Control 1256 - Contingency Plan \| Identify Critical Assets (232ab24b-810b-4640-9019-74a7d0d6a980) remove Policy Microsoft Managed Control 1115 - Audit Review, Analysis, And Reporting (0b653845-2ad9-4e09-a4f3-5a7c1d78353d) remove Policy Microsoft Managed Control 1555 - Vulnerability Scanning \| Privileged Access (5afa8cab-1ed7-4e40-884c-64e0ac2059cc) remove Policy Microsoft Managed Control 1263 - Contingency Plan Testing (41472613-3b05-49f6-8fe8-525af113ce17) remove Policy Microsoft Managed Control 1633 - Boundary Protection \| Route Traffic To Authenticated Proxy Servers (07557aa0-e02f-4460-9a81-8ecd2fed601a) remove Policy Microsoft Managed Control 1113 - Response To Audit Processing Failures \| Audit Storage Capacity (562afd61-56be-4313-8fe4-b9564aa4ba7d) remove Policy Microsoft Managed Control 1283 - Telecommunications Services \| Separation Of Primary / Alternate Providers (a9172e76-7f56-46e9-93bf-75d69bdb5491) remove Policy Microsoft Managed Control 1667 - System And Information Integrity Policy And Procedures (d61880dc-6e38-4f2a-a30c-3406a98f8220) remove Policy Microsoft Managed Control 1140 - Audit Generation \| System-Wide / Time-Correlated Audit Trail (90d8b8ad-8ee3-4db7-913f-2a53fcff5316) remove Policy Microsoft Managed Control 1328 - Authenticator Management \| Password-Based Authentication (f5c66fdc-3d02-4034-9db5-ba57802609de) remove Policy Microsoft Managed Control 1319 - Authenticator Management (66f7ae57-5560-4fc5-85c9-659f204e7a42) remove Policy Microsoft Managed Control 1390 - Information Spillage Response \| Responsible Personnel (c3b65b63-09ec-4cb5-8028-7dd324d10eb0) remove Policy Microsoft Managed Control 1221 - Least Functionality \| Authorized Software / Whitelisting (22589a07-0007-486a-86ca-95355081ae2a) remove Policy Microsoft Managed Control 1271 - Alternate Storage Site \| Accessibility (da3bfb53-9c46-4010-b3db-a7ba1296dada) remove Policy Microsoft Managed Control 1371 - Incident Reporting (9447f354-2c85-4700-93b3-ecdc6cb6a417) remove Policy Microsoft Managed Control 1348 - Identification And Authentication (Non-Organizational Users) \| Acceptance Of Third-Party... (855ced56-417b-4d74-9d5f-dd1bc81e22d6) remove Policy Microsoft Managed Control 1024 - Account Management \| Account Monitoring / Atypical Usage (84914fb4-12da-4c53-a341-a9fd463bed10)
2022-09-21 16:34:39	Description change: 'This initiative includes policies that address a subset of NIST SP 800-53 Rev. 4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative.' to 'National Institute of Standards and Technology (NIST) SP 800-53 R4 provides a standardized approach for assessing, monitoring and authorizing cloud computing products and services to manage information security risk.These policies address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative'
2022-08-18 16:32:47	Version change: '16.0.0' to '16.0.1'
2022-07-07 16:32:14	Version change: '15.0.0' to '16.0.0' remove Policy [Deprecated]: API apps should have 'Client Certificates (Incoming client certificates)' enabled (0c192fe8-9cbb-4516-85b3-0ade8bd03886) remove Policy [Deprecated]: FTPS only should be required in your API App (9a1b8c48-453a-4044-86c3-d8bfd823e4f5) remove Policy [Deprecated]: Ensure that 'PHP version' is the latest, if used as a part of the API app (1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba) remove Policy [Deprecated]: Latest TLS version should be used in your API App (8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e) remove Policy [Deprecated]: API apps that use Python should use the latest 'Python version' (74c3584d-afae-46f7-a20a-6f8adba71a16) remove Policy [Deprecated]: Ensure that 'Java version' is the latest, if used as a part of the API app (88999f4c-376a-45c8-bcb3-4058f713cf39) remove Policy [Deprecated]: Ensure that 'HTTP Version' is the latest, if used to run the API app (991310cd-e9f3-47bc-b7b6-f57b557d07db) remove Policy [Deprecated]: Managed identity should be used in your API App (c4d441f8-f9d9-4a9e-9cef-e82117cb3eef) remove Policy [Deprecated]: CORS should not allow every resource to access your API App (358c20a6-3f9e-4f0e-97ff-c6ce485e2aac) remove Policy [Deprecated]: Remote debugging should be turned off for API Apps (e9c8d085-d9cc-4b17-9cdc-059f1f01f19e)
2022-06-10 16:31:22	Version change: '14.0.0' to '15.0.0' remove Policy [Deprecated]: API App should only be accessible over HTTPS (b7ddfbdc-1260-477d-91fd-98bd9be789a6)
2022-05-26 16:30:17	add Policy Azure SignalR Service should use private link (2393d2cf-a342-44cd-a2e2-fe0188fd1234) add Policy Azure Web PubSub Service should use private link (eb907f70-7514-460d-92b3-a5ae93b4f917) Version change: '12.0.0' to '14.0.0' remove Policy [Deprecated]: Azure Web PubSub Service should use private link (52630df9-ca7e-442b-853b-c6ce548b31a2) remove Policy [Deprecated]: Azure Cache for Redis should reside within a virtual network (7d092e0a-7acd-40d2-a975-dca21cae48c4) remove Policy [Deprecated]: Azure SignalR Service should use private link (53503636-bcc9-4748-9663-5348217f160f)
2022-05-12 16:30:30	Version change: '11.0.0' to '12.0.0' remove Policy [Deprecated]: Service principals should be used to protect your subscriptions instead of management certificates (6646a0bd-e110-40ca-bb97-84fcee63c414)
2022-03-18 16:32:42	Version change: '10.0.0' to '11.0.0'
2021-07-08 14:19:52	add Policy [Deprecated]: Ensure that 'PHP version' is the latest, if used as a part of the API app (1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba) add Policy Kubernetes cluster should not allow privileged containers (95edb821-ddaf-4404-9732-666045e056b4) add Policy Disk access resources should use private link (f39f5f49-4abf-44de-8c70-0756997bfb51) add Policy [Preview]: Network traffic data collection agent should be installed on Windows virtual machines (2f2ee1de-44aa-4762-b6bd-0893fc3f306d) add Policy Azure API for FHIR should use a customer-managed key to encrypt data at rest (051cba44-2429-45b9-9649-46cec11c7119) add Policy Azure Cosmos DB accounts should have firewall rules (862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb) add Policy Azure Defender for SQL servers on machines should be enabled (6581d072-105e-4418-827f-bd446d56421b) add Policy [Deprecated]: FTPS only should be required in your API App (9a1b8c48-453a-4044-86c3-d8bfd823e4f5) add Policy [Deprecated]: Resource logs in Virtual Machine Scale Sets should be enabled (7c1b1214-f927-48bf-8882-84f0af6588b1) add Policy Kubernetes Services should be upgraded to a non-vulnerable Kubernetes version (fb893a29-21bb-418c-a157-e99480ec364c) add Policy App Configuration should use private link (ca610c1d-041c-4332-9d88-7ed3094967c7) add Policy Azure Stream Analytics jobs should use customer-managed keys to encrypt data (87ba29ef-1ab3-4d82-b763-87fcd4f531f7) add Policy Private endpoint should be enabled for PostgreSQL servers (0564d078-92f5-4f97-8398-b9f58a51f70b) add Policy Azure AI Services resources should restrict network access (037eea7a-bd0a-46c5-9a66-03aea78705d3) add Policy [Deprecated]: Azure Web PubSub Service should use private link (52630df9-ca7e-442b-853b-c6ce548b31a2) add Policy Kubernetes cluster containers should run with a read only root file system (df49d893-a74c-421d-bc95-c663042e5b80) add Policy Azure Web Application Firewall should be enabled for Azure Front Door entry-points (055aa869-bc98-4af8-bafc-23f1ab6ffe2c) add Policy VM Image Builder templates should use private link (2154edb9-244f-4741-9970-660785bccdaa) add Policy Web Application Firewall (WAF) should be enabled for Application Gateway (564feb30-bf6a-4854-b4bb-0d2d2d1e6c66) add Policy App Service apps should use latest 'HTTP Version' (8c122334-9d20-4eb8-89ea-ac9a705b74ae) add Policy [Deprecated]: Azure Machine Learning workspaces should use private link (40cec1dd-a100-4920-b15b-3024fe8901ab) add Policy Double encryption should be enabled on Azure Data Explorer (ec068d99-e9c7-401f-8cef-5bdde4e6ccf1) add Policy Disk encryption should be enabled on Azure Data Explorer (f4b53539-8df9-40e4-86c6-6b607703bd4e) add Policy Service Bus Premium namespaces should use a customer-managed key for encryption (295fc8b1-dc9f-4f53-9c61-3f313ceab40a) add Policy Azure Spring Cloud should use network injection (af35e2a4-ef96-44e7-a9ae-853dd97032c4) add Policy Function apps should not have CORS configured to allow every resource to access your apps (0820b7b9-23aa-4725-a1ce-ae4558f718e5) add Policy [Deprecated]: API apps should have 'Client Certificates (Incoming client certificates)' enabled (0c192fe8-9cbb-4516-85b3-0ade8bd03886) add Policy Cognitive Services should use private link (cddd188c-4b82-4c48-a19d-ddf74ee66a01) add Policy Non-internet-facing virtual machines should be protected with network security groups (bb91dfba-c30d-4263-9add-9c2384e659a6) add Policy Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers (24fba194-95d6-48c0-aea7-f65bf859c598) add Policy [Deprecated]: Azure Defender for DNS should be enabled (bdc59948-5574-49b3-bb91-76b7c986428d) add Policy Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption) (ea0dfaed-95fb-448c-934e-d6e713ce393d) add Policy Azure File Sync should use private link (1d320205-c6a1-4ac6-873d-46224024e8e2) add Policy [Deprecated]: Latest TLS version should be used in your API App (8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e) add Policy Azure AI Services resources should have key access disabled (disable local authentication) (71ef260a-8f18-47b7-abcb-62d0673d94dc) add Policy Kubernetes cluster containers should only use allowed capabilities (c26596ff-4d70-4e6a-9a30-c2506bd2f80c) add Policy Enforce SSL connection should be enabled for MySQL database servers (e802a67a-daf5-4436-9ea6-f6d821dd0c5d) add Policy Azure Synapse workspaces should use customer-managed keys to encrypt data at rest (f7d52b2d-e161-4dfa-a82b-55e564167385) add Policy [Deprecated]: Azure Defender for container registries should be enabled (c25d9a16-bc35-4e15-a7e5-9db606bf9ed4) add Policy Azure Automation accounts should use customer-managed keys to encrypt data at rest (56a5ee18-2ae6-4810-86f7-18e39ce5629b) add Policy Key vaults should have deletion protection enabled (0b60c0b2-2dc2-4e1c-b5c9-abbed971de53) add Policy Kubernetes cluster containers should only use allowed AppArmor profiles (511f5417-5d12-434d-ab2e-816901e72a5e) add Policy [Deprecated]: Service principals should be used to protect your subscriptions instead of management certificates (6646a0bd-e110-40ca-bb97-84fcee63c414) add Policy MySQL servers should use customer-managed keys to encrypt data at rest (83cef61d-dbd1-4b20-a4fc-5fbc7da10833) add Policy Public network access should be disabled for PostgreSQL servers (b52376f7-9612-48a1-81cd-1ffe4b61032c) add Policy Subnets should be associated with a Network Security Group (e71308d3-144b-4262-b144-efdc3cc90517) add Policy Event Hub namespaces should use private link (b8564268-eb4a-4337-89be-a19db070c59d) add Policy Azure Batch account should use customer-managed keys to encrypt data (99e9ccd8-3db9-4592-b0d1-14b1715a4d8a) add Policy Kubernetes cluster pods and containers should only run with approved user and group IDs (f06ddb64-5fa3-4b77-b166-acb36f7f6042) add Policy Storage accounts should have infrastructure encryption (4733ea7b-a883-42fe-8cac-97454c2a9e4a) add Policy Vulnerability assessment should be enabled on SQL Managed Instance (1b7aa243-30e4-4c9e-bca8-d0d3022b634a) add Policy Resource logs in Logic Apps should be enabled (34f95f76-5386-4de7-b824-0d8478470c9d) add Policy Container registries should not allow unrestricted network access (d0793b48-0edc-4296-a390-4c75d1bdfd71) add Policy Automation account variables should be encrypted (3657f5a0-770e-44a3-b44e-9431ba1e9735) add Policy Auto provisioning of the Log Analytics agent should be enabled on your subscription (475aae12-b88a-4572-8b36-9b712b2b3a17) add Policy Resource logs in Service Bus should be enabled (f8d36e2f-389b-4ee4-898d-21aeb69a0f45) add Policy Management ports should be closed on your virtual machines (22730e10-96f6-4aac-ad84-9383d35b5917) add Policy Private endpoint should be enabled for MariaDB servers (0a1302fb-a631-4106-9753-f3d494733990) add Policy Kubernetes cluster pod hostPath volumes should only use allowed host paths (098fc59e-46c7-4d99-9b16-64990e543d75) add Policy Resource logs in Key Vault should be enabled (cf820ca0-f99e-4f3e-84fb-66e913812d21) add Policy SQL servers on machines should have vulnerability findings resolved (6ba6d016-e7c3-4842-b8f2-4992ebc0d72d) add Policy Cognitive Services accounts should enable data encryption with a customer-managed key (67121cc7-ff39-4ab8-b7e3-95b84dab487d) add Policy Function apps that use Python should use a specified 'Python version' (7238174a-fd10-4ef0-817e-fc820a951d73) add Policy Azure Defender for App Service should be enabled (2913021d-f2fd-4f3d-b958-22354e2bdbcb) add Policy Resource logs in Event Hub should be enabled (83a214f7-d01a-484b-91a9-ed54470c9a6a) add Policy Container registries should be encrypted with a customer-managed key (5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580) add Policy Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host (41425d9f-d1a5-499a-9932-f8ed8453932c) add Policy Log Analytics agent should be installed on your virtual machine scale sets for Azure Security Center monitoring (a3a6ea0c-e018-4933-9ef0-5aaa1501449b) add Policy Kubernetes clusters should be accessible only over HTTPS (1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d) add Policy [Preview]: Storage account public access should be disallowed (4fa4b6c0-31ca-4c0d-b10d-24b96f62a751) add Policy Azure Monitor Logs clusters should be encrypted with customer-managed key (1f68a601-6e6d-4e42-babf-3f643a047ea2) add Policy SQL servers with auditing to storage account destination should be configured with 90 days retention or higher (89099bee-89e0-4b26-a5f4-165451757743) add Policy Function apps that use Java should use a specified 'Java version' (9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc) add Policy [Deprecated]: App Service apps should have 'Client Certificates (Incoming client certificates)' enabled (5bb220d9-2698-4ee4-8404-b9c30c9df609) add Policy CosmosDB accounts should use private link (58440f8a-10c5-4151-bdce-dfbaad4a20b7) add Policy [Deprecated]: Sensitive data in your SQL databases should be classified (cc9835f2-9f6b-4cc8-ab4a-f8ef615eb349) add Policy Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest (1f905d99-2ab7-462c-a6b0-f709acca6c8f) add Policy Resource logs in Data Lake Analytics should be enabled (c95c74d9-38fe-4f0d-af86-0c7d626a315c) add Policy Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys (7d7be79c-23ba-4033-84dd-45e2a5ccdd67) add Policy Kubernetes cluster services should listen only on allowed ports (233a2a17-77ca-4fb1-9b6b-69223d272a44) add Policy Resource logs in Azure Stream Analytics should be enabled (f9be5368-9bf5-4b84-9e0a-7850da98bb46) add Policy Storage account encryption scopes should use customer-managed keys to encrypt data at rest (b5ec538c-daa0-4006-8596-35468b9148e8) add Policy Kubernetes cluster containers should only use allowed images (febd0533-8e55-448f-b837-bd0e06f16469) add Policy Azure Key Vault should have firewall enabled (55615ac9-af46-4a59-874e-391cc3dfb490) add Policy [Deprecated]: Managed identity should be used in your API App (c4d441f8-f9d9-4a9e-9cef-e82117cb3eef) add Policy App Service apps that use Java should use a specified 'Java version' (496223c3-ad65-4ecd-878a-bae78737e9ed) add Policy IoT Hub device provisioning service instances should use private link (df39c015-56a4-45de-b4a3-efe77bed320d) add Policy Internet-facing virtual machines should be protected with network security groups (f6de0be7-9a8a-4b8a-b349-43cf02d22f7c) add Policy Azure Event Grid domains should use private link (9830b652-8523-49cc-b1b3-e17dce1127ca) add Policy PostgreSQL servers should use customer-managed keys to encrypt data at rest (18adea5e-f416-4d0f-8aa8-d24321e3e274) add Policy Resource logs in IoT Hub should be enabled (383856f8-de7f-44a2-81fc-e5135b5c2aa4) add Policy Logic Apps Integration Service Environment should be encrypted with customer-managed keys (1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5) add Policy Email notification for high severity alerts should be enabled (6e2593d9-add6-4083-9c9b-4b7d2188c899) add Policy Azure Data Factory should use private link (8b0323be-cc25-4b61-935d-002c3798c6ea) add Policy App Service apps should require FTPS only (4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b) add Policy Azure API for FHIR should use private link (1ee56206-5dd1-42ab-b02d-8aae8b1634ce) add Policy Vulnerability assessment should be enabled on your SQL servers (ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9) add Policy Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits (e345eecc-fa47-480f-9e88-67dcc122b164) add Policy Public network access on Azure SQL Database should be disabled (1b8ca024-1d5c-4dec-8995-b1a932b41780) add Policy Geo-redundant storage should be enabled for Storage Accounts (bf045164-79ba-4215-8f95-f8048dc1780b) add Policy App Service Environment should have internal encryption enabled (fb74e86f-d351-4b8d-b034-93da7391c01f) add Policy [Preview]: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK) (47031206-ce96-41f8-861b-6a915f3de284) add Policy Kubernetes cluster containers should not share host process ID or host IPC namespace (47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8) add Policy Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption (fa298e57-9444-42ba-bf04-86e8470e32c7) add Policy Azure Event Grid topics should use private link (4b90e17e-8448-49db-875e-bd83fb6f804f) add Policy Azure HDInsight clusters should use encryption at host to encrypt data at rest (1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6) add Policy Virtual machines should be migrated to new Azure Resource Manager resources (1d84d5fb-01f6-4d12-ba4f-4a26081d403d) add Policy Storage accounts should be migrated to new Azure Resource Manager resources (37e0d2fe-28a5-43d6-a273-67d37d1f5606) add Policy Long-term geo-redundant backup should be enabled for Azure SQL Databases (d38fc420-0735-4ef3-ac11-c806f651a570) add Policy Azure Cognitive Search services should use private link (0fda3595-9f2b-4592-8675-4231d6fa82fe) add Policy Resource logs in Batch accounts should be enabled (428256e6-1fac-4f48-a757-df34c2b3336d) add Policy [Deprecated]: Microsoft Defender for Storage (Classic) should be enabled (308fbb08-4ab8-4e67-9b29-592e93fb94fa) add Policy App Service apps should use managed identity (2b9ad585-36bc-4615-b300-fd4435808332) add Policy [Preview]: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data (2e94d99a-8a36-4563-bc77-810d8893b671) add Policy Azure Backup should be enabled for Virtual Machines (013e242c-8828-4970-87b3-ab247555486d) add Policy [Deprecated]: Private endpoint should be configured for Key Vault (5f0bc445-3935-4915-9981-011aa2b46147) add Policy Azure Defender for servers should be enabled (4da35fc9-c9e7-4960-aec9-797fe7d9051d) add Policy [Preview]: Azure Arc enabled Kubernetes clusters should have Microsoft Defender for Cloud extension installed (8dfab9c4-fe7b-49ad-85e4-1e9be085358f) add Policy Windows Defender Exploit Guard should be enabled on your machines (bed48b13-6647-468e-aa2f-1af1d3f4dd40) add Policy [Deprecated]: SQL servers should use customer-managed keys to encrypt data at rest (0d134df8-db83-46fb-ad72-fe0c9428c8dd) add Policy App Service apps should use the latest TLS version (f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b) add Policy Azure Data Box jobs should enable double encryption for data at rest on the device (c349d81b-9985-44ae-a8da-ff98d108ede8) add Policy [Preview]: Log Analytics extension should be installed on your Linux Azure Arc machines (842c54e8-c2f9-4d79-ae8d-38d8b8019373) add Policy [Deprecated]: Cognitive Services accounts should disable public network access (0725b4dd-7e76-479c-a735-68e7ee23d5ca) add Policy Kubernetes cluster pods should only use approved host network and port range (82985f06-dc18-4a48-bc1c-b9f4f0098cfe) add Policy Azure Defender for Key Vault should be enabled (0e6763cc-5078-4e64-889d-ff4d9a839047) add Policy Azure Cache for Redis should use private link (7803067c-7d34-46e3-8c79-0ca68fc4036d) add Policy Key Vault secrets should have an expiration date (98728c90-32c7-4049-8429-847dc0f4fe37) add Policy [Preview]: Network traffic data collection agent should be installed on Linux virtual machines (04c4380f-3fae-46e8-96c9-30193528f602) add Policy Azure Data Explorer encryption at rest should use a customer-managed key (81e74cea-30fd-40d5-802f-d72103c2aaaa) add Policy Guest Configuration extension should be installed on your machines (ae89ebca-1c92-4898-ac2c-9f63decb045c) add Policy Virtual machines and virtual machine scale sets should have encryption at host enabled (fc4d8e41-e223-45ea-9bf5-eada37891d87) add Policy Azure data factories should be encrypted with a customer-managed key (4ec52d6d-beb7-40c4-9a9e-fe753254690e) add Policy Public network access should be disabled for MySQL servers (d9844e8a-1437-4aeb-a32c-0c992f056095) add Policy Container registries should use private link (e8eef0a8-67cf-4eb4-9386-14b0e78733d4) add Policy [Deprecated]: Kubernetes cluster containers should only listen on allowed ports (440b515e-a580-421e-abeb-b159a61ddcbc) add Policy Function apps should use the latest TLS version (f9d614c5-c173-4d56-95a7-b4437057d193) add Policy Log Analytics agent should be installed on your virtual machine for Azure Security Center monitoring (a4fe33eb-e377-4efb-ab31-0784311bc499) add Policy Storage accounts should use private link (6edd7eda-6dd8-40f7-810d-67160c639cd9) add Policy [Deprecated]: Function apps should have 'Client Certificates (Incoming client certificates)' enabled (eaebaea7-8013-4ceb-9d14-7eb32271373c) add Policy Key vaults should have soft delete enabled (1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d) add Policy Managed disks should be double encrypted with both platform-managed and customer-managed keys (ca91455f-eace-4f96-be59-e6e2c35b4816) add Policy Geo-redundant backup should be enabled for Azure Database for PostgreSQL (48af4db5-9b8b-401c-8e74-076be876a430) add Policy Allowlist rules in your adaptive application control policy should be updated (123a3936-f020-408a-ba0c-47873faf1534) add Policy [Preview]: Log Analytics extension should be installed on your Windows Azure Arc machines (d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e) add Policy Resource logs in Azure Data Lake Store should be enabled (057ef27e-665e-4328-8ea3-04b3122bd9fb) add Policy HPC Cache accounts should use customer-managed key for encryption (970f84d8-71b6-4091-9979-ace7e3fb6dbb) add Policy OS and data disks should be encrypted with a customer-managed key (702dd420-7fcc-42c5-afe8-4026edd20fe0) add Policy Network Watcher should be enabled (b6e2945c-0b7b-40f5-9233-7a5323b5cdc6) add Policy Azure Cognitive Search services should disable public network access (ee980b6d-0eca-4501-8d54-f6290fd512c3) add Policy Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes (d9da03a1-f3c3-412a-9709-947156872263) add Policy Storage accounts should use customer-managed key for encryption (6fac406b-40ca-413b-bf8e-0bf964659c25) add Policy Azure Stack Edge devices should use double-encryption (b4ac1030-89c5-4697-8e00-28b5ba6a8811) add Policy Key Vault keys should have an expiration date (152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0) add Policy Geo-redundant backup should be enabled for Azure Database for MariaDB (0ec47710-77ff-4a3d-9181-6aa50af424d0) add Policy Azure HDInsight clusters should use customer-managed keys to encrypt data at rest (64d314f6-6062-4780-a861-c23e8951bee5) add Policy Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password (86efb160-8de7-451d-bc08-5d475b0aadae) add Policy Storage accounts should restrict network access using virtual network rules (2a1a9cdf-e04d-429a-8416-3bfb72a1b26f) add Policy [Deprecated]: SQL managed instances should use customer-managed keys to encrypt data at rest (048248b0-55cd-46da-b1ff-39efd52db260) add Policy Authentication to Linux machines should require SSH keys (630c64f9-8b6b-4c64-b511-6544ceff6fd6) add Policy Resource logs in Search services should be enabled (b4330a05-a843-4bc8-bf9a-cacce50c67f4) add Policy Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign (617c02be-7f02-4efd-8836-3180d47b6c68) add Policy Function apps should use managed identity (0da106f2-4ca3-48e8-bc85-c638fe6aea8f) add Policy Infrastructure encryption should be enabled for Azure Database for MySQL servers (3a58212a-c829-4f13-9872-6371df2fd0b4) add Policy Azure Defender for Azure SQL Database servers should be enabled (7fe3b40f-802b-4cdd-8bd4-fd799c948cc2) add Policy Certificates should have the specified maximum validity period (0a075868-4c26-42ef-914c-5bc007359560) add Policy [Deprecated]: Azure SignalR Service should use private link (53503636-bcc9-4748-9663-5348217f160f) add Policy [Deprecated]: API apps that use Python should use the latest 'Python version' (74c3584d-afae-46f7-a20a-6f8adba71a16) add Policy Vulnerabilities in container security configurations should be remediated (e8cbc669-f12d-49eb-93e7-9273119e9933) add Policy App Service apps that use Python should use a specified 'Python version' (7008174a-fd10-4ef0-817e-fc820a951d73) add Policy Virtual machines' Guest Configuration extension should be deployed with system-assigned managed identity (d26f7642-7545-4e18-9b75-8c9bbdee3a9a) add Policy [Deprecated]: Log Analytics agent health issues should be resolved on your machines (d62cfe2b-3ab0-4d41-980d-76803b58ca65) add Policy Subscriptions should have a contact email address for security issues (4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7) add Policy Azure Machine Learning workspaces should be encrypted with a customer-managed key (ba769a63-b8cc-4b2d-abf6-ac33c7204be8) add Policy Azure Policy Add-on for Kubernetes service (AKS) should be installed and enabled on your clusters (0a15ec92-a229-4763-bb14-0ea34a568f8d) add Policy [Preview]: All Internet traffic should be routed via your deployed Azure Firewall (fc5e4038-4584-4632-8c85-c0448d374b2c) add Policy Linux machines should meet requirements for the Azure compute security baseline (fc9b3da7-8347-4380-8e70-0a0361d8dedd) add Policy Email notification to subscription owner for high severity alerts should be enabled (0b15565f-aa9e-48ba-8619-45960f2c314d) add Policy Function apps should use latest 'HTTP Version' (e2c1c086-2d84-4019-bff3-c44ccd95113c) add Policy IP Forwarding on your virtual machine should be disabled (bd352bd5-2853-4985-bf0d-73806b4a5744) add Policy [Deprecated]: Diagnostic logs in App Services should be enabled (b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0) add Policy Azure Service Bus namespaces should use private link (1c06e275-d63d-4540-b761-71f364c2111d) add Policy Windows machines should meet requirements of the Azure compute security baseline (72650e9f-97bc-4b2a-ab5f-9781a9fcecbc) add Policy Azure Role-Based Access Control (RBAC) should be used on Kubernetes Services (ac4a19c2-fa67-49b4-8ae5-0b2e78c49457) add Policy App Service apps that use PHP should use a specified 'PHP version' (7261b898-8a84-4db8-9e04-18527132abb3) add Policy Azure Cognitive Search service should use a SKU that supports private link (a049bf77-880b-470f-ba6d-9f21c530cf83) add Policy [Deprecated]: Ensure that 'HTTP Version' is the latest, if used to run the API app (991310cd-e9f3-47bc-b7b6-f57b557d07db) add Policy [Deprecated]: Azure Cache for Redis should reside within a virtual network (7d092e0a-7acd-40d2-a975-dca21cae48c4) add Policy Geo-redundant backup should be enabled for Azure Database for MySQL (82339799-d096-41ae-8538-b108becf0970) add Policy API Management services should use a virtual network (ef619a2c-cc4d-4d03-b2ba-8c94a834d85b) add Policy [Deprecated]: CORS should not allow every resource to access your API App (358c20a6-3f9e-4f0e-97ff-c6ce485e2aac) add Policy Enforce SSL connection should be enabled for PostgreSQL database servers (d158790f-bfb0-486c-8631-2dc6b4e8e6af) add Policy Bot Service should be encrypted with a customer-managed key (51522a96-0869-4791-82f3-981000c2c67f) add Policy Kubernetes clusters should not allow container privilege escalation (1c6e92c9-99f0-4e55-9cf2-0c234dc48f99) add Policy Azure Synapse workspaces should use private link (72d11df1-dd8a-41f7-8925-b05b960ebafc) add Policy Authorized IP ranges should be defined on Kubernetes Services (0e246bcf-5f6f-4f87-bc6f-775d4712c7ea) add Policy Azure Defender for Resource Manager should be enabled (c3d20c29-b36d-48fe-808b-99a87530ad99) add Policy Function apps should require FTPS only (399b2637-a50f-4f95-96f8-3a145476eb15) add Policy Vulnerability assessment should be enabled on your Synapse workspaces (0049a6b3-a662-4f3e-8635-39cf44ace45a) add Policy Event Hub namespaces should use a customer-managed key for encryption (a1ad735a-e96f-45d2-a7b2-9a4932cab7ec) add Policy Private endpoint connections on Azure SQL Database should be enabled (7698e800-9299-47a6-b3b6-5a0fee576eed) add Policy [Deprecated]: Ensure that 'Java version' is the latest, if used as a part of the API app (88999f4c-376a-45c8-bcb3-4058f713cf39) add Policy Public network access should be disabled for MariaDB servers (fdccbe47-f3e3-4213-ad5d-ea459b2fa077) add Policy [Deprecated]: Azure Defender for Kubernetes should be enabled (523b5cd1-3e23-492f-a539-13118b6d1e3a) add Policy [Deprecated]: Azure registry container images should have vulnerabilities resolved (powered by Qualys) (5f0f936f-2f01-4bf5-b6be-d423792fa562) add Policy Azure Container Instance container group should use customer-managed key for encryption (0aa61e00-0a01-4a3c-9945-e93cffedf0e6) add Policy Private endpoint should be enabled for MySQL servers (7595c971-233d-4bcf-bd18-596129188c49) remove Policy Audit Windows machines that have the specified members in the Administrators group (69bf4abd-ca1e-4cf6-8b5a-762d42e61d4f) remove Policy Audit Windows machines missing any of specified members in the Administrators group (30f71ea1-ac77-4f26-9fc5-2d926bbd4ba7) remove Policy [Preview]: Log Analytics Extension should be enabled for listed virtual machine images (32133ab0-ee4b-4b44-98d6-042180979d50) remove Policy Log Analytics extension should be enabled in virtual machine scale sets for listed virtual machine images (5c3bc7b8-a64c-4e08-a9cd-7ff0f31e1138) remove Policy Audit diagnostic setting for selected resource types (7f89b1eb-583c-429a-8828-af049802c1d9) remove Policy Virtual machines should be connected to a specified workspace (f47b5582-33ec-4c5c-87c0-b010a6b2e917)
2021-01-22 09:14:56	add Policy A vulnerability assessment solution should be enabled on your virtual machines (501541f7-f7e7-4cd6-868c-4190fdad3ac9) remove Policy [Deprecated]: Vulnerabilities should be remediated by a Vulnerability Assessment solution (760a85ff-6162-42b3-8d70-698e268f648c)
2020-09-09 11:24:08	add Policy Audit Windows machines that do not have the maximum password age set to specified number of days (4ceb8dc2-559c-478b-a15b-733fbf1e3738) add Policy Audit Windows machines that have the specified members in the Administrators group (69bf4abd-ca1e-4cf6-8b5a-762d42e61d4f) add Policy Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs (331e8ea8-378a-410f-a2e5-ae22f38bb0da) add Policy Windows machines should be configured to use secure communication protocols (5752e6d6-1206-46d8-8ab1-ecc2f71a8112) add Policy Audit Windows machines that do not have the minimum password age set to specified number of days (237b38db-ca4d-4259-9e47-7882441ca2c0) add Policy Audit Windows machines that do not have the password complexity setting enabled (bf16e0bb-31e1-4646-8202-60a235cc7e74) add Policy Audit Linux machines that have accounts without passwords (f6ec09a3-78bf-4f8f-99dc-6c77182d0f99) add Policy Audit Windows machines that do not restrict the minimum password length to specified number of characters (a2d0e922-65d0-40c4-8f87-ea6da2d307a2) add Policy Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities (3cf2ab00-13f1-4d0c-8971-2ac904541a7e) add Policy Audit Windows machines that allow re-use of the passwords after the specified number of unique passwords (5b054a0d-39e2-4d53-bea3-9734cad2c69b) add Policy Audit Linux machines that allow remote connections from accounts without passwords (ea53dbee-c6c9-4f0e-9f9e-de0039b78023) add Policy Audit Windows machines missing any of specified members in the Administrators group (30f71ea1-ac77-4f26-9fc5-2d926bbd4ba7) add Policy Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs (385f5831-96d4-41db-9a3c-cd3af78aaae6) add Policy Audit Windows machines that do not store passwords using reversible encryption (da0f98fe-a24b-4ad5-af69-bd0400233661) add Policy Audit Linux machines that do not have the passwd file permissions set to 0644 (e6955644-301c-44b5-a4c4-528577de6861) add Policy Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity (497dff13-db2a-4c0f-8603-28fa3b331ab6) remove Policy [Deprecated]: Show audit results from Windows VMs that do not have a minimum password age of 1 day (5aa11bbc-5c76-4302-80e5-aba46a4282e7) remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not have a minimum password age of 1 day (16390df4-2f73-4b42-af13-c801066763df) remove Policy [Deprecated]: Show audit results from Windows VMs if the Administrators group contains any of the specified members (bde62c94-ccca-4821-a815-92c1d31a76de) remove Policy [Deprecated]: Deploy prerequisites to audit Linux VMs that have accounts without passwords (3470477a-b35a-49db-aca5-1073d04524fe) remove Policy [Deprecated]: Deploy prerequisites to audit Linux VMs that allow remote connections from accounts without passwords (ec49586f-4939-402d-a29e-6ff502b20592) remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that allow re-use of the previous 24 passwords (726671ac-c4de-4908-8c7d-6043ae62e3b6) remove Policy [Deprecated]: Show audit results from Windows VMs that do not have a maximum password age of 70 days (24dde96d-f0b1-425e-884f-4a1421e2dcdc) remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs if the Administrators group doesn't contain all the specified members (93507a81-10a4-4af0-9ee2-34cf25a96e98) remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not have a maximum password age of 70 days (356a906e-05e5-4625-8729-90771e0ee934) remove Policy [Deprecated]: Show audit results from Windows web servers that are not using secure communication protocols (60ffe3e2-4604-4460-8f22-0f1da058266c) remove Policy [Deprecated]: Show audit results from Linux VMs that do not have the passwd file permissions set to 0644 (b18175dd-c599-4c64-83ba-bb018a06d35b) remove Policy [Deprecated]: Show audit results from Windows VMs that do not have the password complexity setting enabled (f48b2913-1dc5-4834-8c72-ccc1dfd819bb) remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not have the password complexity setting enabled (7ed40801-8a0f-4ceb-85c0-9fd25c1d61a8) remove Policy [Deprecated]: Show audit results from Windows VMs if the Administrators group doesn't contain all of the specified members (f3b44e5d-1456-475f-9c67-c66c4618e85a) remove Policy [Deprecated]: Deploy prerequisites to audit Windows web servers that are not using secure communication protocols (b2fc8f91-866d-4434-9089-5ebfe38d6fd8) remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not restrict the minimum password length to 14 characters (23020aa6-1135-4be2-bae2-149982b06eca) remove Policy [Deprecated]: Show audit results from Linux VMs that have accounts without passwords (c40c9087-1981-4e73-9f53-39743eda9d05) remove Policy [Deprecated]: Show audit results from Windows VMs that do not store passwords using reversible encryption (2d60d3b7-aa10-454c-88a8-de39d99d17c6) remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs if the Administrators group contains any of the specified members (144f1397-32f9-4598-8c88-118decc3ccba) remove Policy [Deprecated]: Show audit results from Windows VMs that do not restrict the minimum password length to 14 characters (5aebc8d1-020d-4037-89a0-02043a7524ec) remove Policy [Deprecated]: Show audit results from Linux VMs that allow remote connections from accounts without passwords (2d67222d-05fd-4526-a171-2ee132ad9e83) remove Policy [Deprecated]: Deploy prerequisites to audit Linux VMs that do not have the passwd file permissions set to 0644 (f19aa1c1-6b91-4c27-ae6a-970279f03db9) remove Policy [Deprecated]: Show audit results from Windows VMs that allow re-use of the previous 24 passwords (cdbf72d9-ac9c-4026-8a3a-491a5ac59293) remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not store passwords using reversible encryption (8ff0b18b-262e-4512-857a-48ad0aeb9a78)
2020-06-16 14:55:25	Name change: '[Preview]: Audit NIST SP 800-53 R4 controls and deploy specific VM Extensions to support audit requirements' to 'NIST SP 800-53 R4' Description change: 'This initiative includes audit and VM Extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, please visit https://aka.ms/nist80053-blueprint.' to 'This initiative includes audit and virtual machine extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist80053-blueprint.'
2020-02-20 08:25:18	remove Policy [Deprecated]: Web ports should be restricted on Network Security Groups associated to your VM (201ea587-7c90-41c3-910f-c280ae01cfd6)
2019-11-21 16:22:58	add Policy Microsoft Managed Control 1291 - Information System Backup \| Testing For Reliability / Integrity (6d8fd073-9c85-4ee2-a9d0-2e4ec9eb8912) add Policy Microsoft Managed Control 1246 - Contingency Plan (398eb61e-8111-40d5-a0c9-003df28f1753) add Policy Microsoft Managed Control 1479 - Fire Protection \| Automatic Fire Suppression (e327b072-281d-4f75-9c28-4216e5d72f26) add Policy Microsoft Managed Control 1262 - Contingency Plan Testing (831e510e-db41-4c72-888e-a0621ab62265) add Policy Microsoft Managed Control 1133 - Protection Of Audit Information \| Cryptographic Protection (90b60a09-133d-45bc-86ef-b206a6134bbe) add Policy Microsoft Managed Control 1449 - Physical Access Authorizations (f784d3b0-5f2b-49b7-b9f3-00ba8653ced5) add Policy Microsoft Managed Control 1649 - Collaborative Computing Devices (26d292cc-b0b8-4c29-9337-68abc758bf7b) add Policy Microsoft Managed Control 1117 - Audit Review, Analysis, And Reporting \| Process Integration (7fbfe680-6dbb-4037-963c-a621c5635902) add Policy Microsoft Managed Control 1267 - Alternate Storage Site (4e97ba1d-be5d-4953-8da4-0cccf28f4805) add Policy Microsoft Managed Control 1629 - Boundary Protection \| External Telecommunications Services (c171b095-7756-41de-8644-a062a96043f2) add Policy Microsoft Managed Control 1452 - Physical Access Control (82c76455-4d3f-4e09-a654-22e592107e74) add Policy Microsoft Managed Control 1132 - Protection Of Audit Information \| Audit Backup On Separate Physical Systems / Components (05938e10-cdbd-4a54-9b2b-1cbcfc141ad0) add Policy Microsoft Managed Control 1125 - Audit Reduction And Report Generation (c6ce745a-670e-47d3-a6c4-3cfe5ef00c10) add Policy Microsoft Managed Control 1191 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (7f26a61b-a74d-467c-99cf-63644db144f7) add Policy Microsoft Managed Control 1427 - Media Protection Policy And Procedures (bc90e44f-d83f-4bdf-900f-3d5eb4111b31) add Policy Microsoft Managed Control 1168 - Continuous Monitoring \| Independent Assessment (82409f9e-1f32-4775-bf07-b99d53a91b06) add Policy Microsoft Managed Control 1625 - Boundary Protection \| Access Points (b9b66a4d-70a1-4b47-8fa1-289cec68c605) add Policy Microsoft Managed Control 1698 - Information System Monitoring \| Individuals Posing Greater Risk (31b752c1-05a9-432a-8fce-c39b56550119) add Policy Microsoft Managed Control 1483 - Water Damage Protection (5cb81060-3c8a-4968-bcdc-395a1801f6c1) add Policy Microsoft Managed Control 1072 - Wireless Access Restrictions \| Antennas / Transmission Power Levels (1ca29e41-34ec-4e70-aba9-6248aca18c31) add Policy Microsoft Managed Control 1049 - System Use Notification (9adf7ba7-900a-4f35-8d57-9f34aafc405c) add Policy Microsoft Managed Control 1603 - Developer Security Testing And Evaluation (2b909c26-162f-47ce-8e15-0c1f55632eac) add Policy Microsoft Managed Control 1512 - Personnel Screening (5a8324ad-f599-429b-aaed-f9c6e8c987a8) add Policy Microsoft Managed Control 1231 - Configuration Management Plan (244e0c05-cc45-4fe7-bf36-42dcf01f457d) add Policy Microsoft Managed Control 1304 - User Identification And Authentication \| Local Access To Non-Privileged Accounts (6ca71be3-16cb-4d39-8b50-7f8fd5e2f11b) add Policy Microsoft Managed Control 1312 - Identifier Management (4d6a5968-9eef-4c18-8534-376790ab7274) add Policy Microsoft Managed Control 1321 - Authenticator Management (eb627cc6-3a9d-46b5-96b7-5fca49178a37) add Policy Microsoft Managed Control 1218 - Least Functionality \| Prevent Program Execution (4a1d0394-b9f5-493e-9e83-563fd0ac4df8) add Policy Microsoft Managed Control 1521 - Personnel Termination \| Automated Notification (3cbddf9c-a3aa-4330-a0f5-4c0c1f1862e5) add Policy Microsoft Managed Control 1630 - Boundary Protection \| External Telecommunications Services (3643717a-3897-4bfd-8530-c7c96b26b2a0) add Policy Microsoft Managed Control 1601 - Developer Security Testing And Evaluation (0ee79a0c-addf-4ce9-9b3c-d9576ed5e20e) add Policy Microsoft Managed Control 1091 - Security Awareness (b23bd715-5d1c-4e5c-9759-9cbdf79ded9d) add Policy Microsoft Managed Control 1693 - Information System Monitoring \| System-Generated Alerts (a450eba6-2efc-4a00-846a-5804a93c6b77) add Policy Microsoft Managed Control 1217 - Least Functionality \| Periodic Review (edea4f20-b02c-4115-be75-86c080e5c0ed) add Policy Microsoft Managed Control 1224 - Information System Component Inventory \| Updates During Installations / Removals (28cfa30b-7f72-47ce-ba3b-eed26c8d2c82) add Policy Microsoft Managed Control 1380 - Incident Response Plan (b4319b7e-ea8d-42ff-8a67-ccd462972827) add Policy Microsoft Managed Control 1090 - Security Awareness (2fb740e5-cbc7-4d10-8686-d1bf826652b1) add Policy Microsoft Managed Control 1135 - Non-Repudiation (9c308b6b-2429-4b97-86cf-081b8e737b04) add Policy Microsoft Managed Control 1472 - Emergency Shutoff (ef869332-921d-4c28-9402-3be73e6e50c8) add Policy Microsoft Managed Control 1535 - Personnel Sanctions (f9a165d2-967d-4733-8399-1074270dae2e) add Policy Microsoft Managed Control 1265 - Contingency Plan Testing \| Alternate Processing Site (a18adb5b-1db6-4a5b-901a-7d3797d12972) add Policy Microsoft Managed Control 1283 - Telecommunications Services \| Separation Of Primary / Alternate Providers (a9172e76-7f56-46e9-93bf-75d69bdb5491) add Policy Microsoft Managed Control 1156 - Plan Of Action And Milestones (4d52e864-9a3b-41ee-8f03-520815fe5378) add Policy Microsoft Managed Control 1019 - Account Management \| Role-Based Schemes (6a3ee9b2-3977-459c-b8ce-2db583abd9f7) add Policy Microsoft Managed Control 1434 - Media Transport (2c18f06b-a68d-41c3-8863-b8cd3acb5f8f) add Policy Microsoft Managed Control 1459 - Access Control For Transmission Medium (75cc73c7-5cdb-479d-a06f-7b4d0dbb1da0) add Policy Microsoft Managed Control 1305 - User Identification And Authentication \| Group Authentication (9d9166a8-1722-4b8f-847c-2cf3f2618b3d) add Policy Microsoft Managed Control 1369 - Incident Monitoring (18cc35ed-a429-486d-8d59-cb47e87304ed) add Policy Microsoft Managed Control 1080 - Use Of External Information Systems \| Portable Storage Devices (852981b4-a380-4704-aa1e-2e52d63445e5) add Policy Microsoft Managed Control 1163 - Continuous Monitoring (961663a1-8a91-4e59-b6f5-1eee57c0f49c) add Policy Microsoft Managed Control 1643 - Cryptographic Key Establishment And Management (6d8d492c-dd7a-46f7-a723-fa66a425b87c) add Policy Microsoft Managed Control 1225 - Information System Component Inventory \| Automated Maintenance (8d096fe0-f510-4486-8b4d-d17dc230980b) add Policy Microsoft Managed Control 1234 - Software Usage Restrictions (b293f881-361c-47ed-b997-bc4e2296bc0b) add Policy Microsoft Managed Control 1388 - Information Spillage Response (2c7c575a-d4c5-4f6f-bd49-dee97a8cba55) add Policy Microsoft Managed Control 1501 - Rules Of Behavior (88817b58-8472-4f6c-81fa-58ce42b67f51) add Policy Microsoft Managed Control 1513 - Personnel Screening \| Information With Special Protection Measures (c416970d-b12b-49eb-8af4-fb144cd7c290) add Policy Microsoft Managed Control 1099 - Security Training Records (01910bab-8639-4bd0-84ef-cc53b24d79ba) add Policy Microsoft Managed Control 1005 - Account Management (5b626abc-26d4-4e22-9de8-3831818526b1) add Policy Microsoft Managed Control 1222 - Information System Component Inventory (fb39e62f-6bda-4558-8088-ec03d5670914) add Policy Microsoft Managed Control 1641 - Transmission Confidentiality And Integrity \| Cryptographic Or Alternate Physical Protection (d39d4f68-7346-4133-8841-15318a714a24) add Policy Microsoft Managed Control 1258 - Contingency Training (7814506c-382c-4d33-a142-249dd4a0dbff) add Policy Microsoft Managed Control 1332 - Authenticator Management \| Password-Based Authentication (068260be-a5e6-4b0a-a430-cd27071c226a) add Policy Microsoft Managed Control 1101 - Audit And Accountability Policy And Procedures (7327b708-f0e0-457d-9d2a-527fcc9c9a65) add Policy Microsoft Managed Control 1161 - Continuous Monitoring (e2f8f6c6-dde4-436b-a79d-bc50e129eb3a) add Policy Microsoft Managed Control 1705 - Security Alerts & Advisories (f82e3639-fa2b-4e06-a786-932d8379b972) add Policy Microsoft Managed Control 1604 - Developer Security Testing And Evaluation (44dbba23-0b61-478e-89c7-b3084667782f) add Policy Microsoft Managed Control 1618 - Security Function Isolation (f52f89aa-4489-4ec4-950e-8c96a036baa9) add Policy Microsoft Managed Control 1579 - Acquisitions Process \| Use Of Approved Piv Products (4e54c7ef-7457-430b-9a3e-ef8881d4a8e0) add Policy Microsoft Managed Control 1695 - Information System Monitoring \| Wireless Intrusion Detection (13fcf812-ec82-4eda-9b89-498de9efd620) add Policy Microsoft Managed Control 1294 - Information System Backup \| Transfer To Alternate Storage Site (49dbe627-2c1e-438c-979e-dd7a39bbf81d) add Policy Microsoft Managed Control 1460 - Access Control For Output Devices (6f3ce1bb-4f77-4695-8355-70b08d54fdda) add Policy Microsoft Managed Control 1529 - Third-Party Personnel Security (d74fdc92-1cb8-4a34-9978-8556425cd14c) add Policy Microsoft Managed Control 1325 - Authenticator Management (1845796a-7581-49b2-ae20-443121538e19) add Policy Microsoft Managed Control 1482 - Temperature And Humidity Controls \| Monitoring With Alarms / Notifications (9df4277e-8c88-4d5c-9b1a-541d53d15d7b) add Policy Microsoft Managed Control 1058 - Permitted Actions Without Identification Or Authentication (76e85d08-8fbb-4112-a1c1-93521e6a9254) add Policy Microsoft Managed Control 1138 - Audit Generation (9c284fc0-268a-4f29-af44-3c126674edb4) add Policy Microsoft Managed Control 1089 - Security Awareness (ef080e67-0d1a-4f76-a0c5-fb9b0358485e) add Policy Microsoft Managed Control 1110 - Audit Storage Capacity (6182bfa7-0f2a-43f5-834a-a2ddf31c13c7) add Policy Microsoft Managed Control 1426 - Media Protection Policy And Procedures (21f639bc-f42b-46b1-8f40-7a2a389c291a) add Policy Microsoft Managed Control 1251 - Contingency Plan \| Coordinate With Related Plans (5e2b3730-8c14-4081-8893-19dbb5de7348) add Policy Microsoft Managed Control 1536 - Risk Assessment Policy And Procedures (6e40d9de-2ad4-4cb5-8945-23143326a502) add Policy Microsoft Managed Control 1166 - Continuous Monitoring (bb02733d-3cc5-4bb0-a6cd-695ba2c2272e) add Policy Microsoft Managed Control 1609 - Development Process, Standards, And Tools (9e93fa71-42ac-41a7-b177-efbfdc53c69f) add Policy Microsoft Managed Control 1523 - Personnel Transfer (5577a310-2551-49c8-803b-36e0d5e55601) add Policy Microsoft Managed Control 1025 - Account Management \| Account Monitoring / Atypical Usage (adfe020d-0a97-45f4-a39c-696ef99f3a95) add Policy Microsoft Managed Control 1419 - Remote Maintenance \| Cryptographic Protection (b6747bf9-2b97-45b8-b162-3c8becb9937d) add Policy Microsoft Managed Control 1703 - Security Alerts & Advisories (804faf7d-b687-40f7-9f74-79e28adf4205) add Policy Microsoft Managed Control 1547 - Vulnerability Scanning (58abf9b8-c6d4-4b4b-bfb9-fe98fe295f52) add Policy Microsoft Managed Control 1040 - Least Privilege \| Review Of User Privileges (54205576-cec9-463f-ba44-b4b3f5d0a84c) add Policy Microsoft Managed Control 1506 - Personnel Security Policy And Procedures (f7d2ff17-d604-4dd9-b607-9ecf63f28ad2) add Policy Microsoft Managed Control 1612 - Developer Security Architecture And Design (a2037b3d-8b04-4171-8610-e6d4f1d08db5) add Policy Microsoft Managed Control 1486 - Alternate Work Site (cb790345-a51f-43de-934e-98dbfaf9dca5) add Policy Microsoft Managed Control 1114 - Response To Audit Processing Failures \| Real-Time Alerts (4c090801-59bc-4454-bb33-e0455133486a) add Policy Microsoft Managed Control 1619 - Information In Shared Resources (c722e569-cb52-45f3-a643-836547d016e1) add Policy Microsoft Managed Control 1632 - Boundary Protection \| Prevent Split Tunneling For Remote Devices (4ce9073a-77fa-48f0-96b1-87aa8e6091c2) add Policy Microsoft Managed Control 1688 - Information System Monitoring (063c3f09-e0f0-4587-8fd5-f4276fae675f) add Policy Microsoft Managed Control 1652 - Mobile Code (6998e84a-2d29-4e10-8962-76754d4f772d) add Policy Microsoft Managed Control 1340 - Authenticator Management \| No Embedded Unencrypted Static Authenticators (e51ff84b-e5ea-408f-b651-2ecc2933e4c6) add Policy Microsoft Managed Control 1708 - Security Functionality Verification (7a1e2c88-13de-4959-8ee7-47e3d74f1f48) add Policy Microsoft Managed Control 1721 - Spam Protection \| Central Management (d207aaef-7c4d-4f8c-9dce-4d62dfa3d29a) add Policy Microsoft Managed Control 1104 - Audit Events (cdd8d244-18b2-4306-a1d1-df175ae0935f) add Policy Microsoft Managed Control 1481 - Temperature And Humidity Controls (717a1c78-a267-4f56-ac58-ee6c54dc4339) add Policy Microsoft Managed Control 1370 - Incident Monitoring \| Automated Tracking / Data Collection / Analysis (924e1b2d-c502-478f-bfdb-a7e09a0d5c01) add Policy Microsoft Managed Control 1673 - Flaw Remediation \| Automated Flaw Remediation Status (dff0b90d-5a6f-491c-b2f8-b90aa402d844) add Policy Microsoft Managed Control 1277 - Alternate Processing Site \| Priority Of Service (dc43e829-3d50-4a0a-aa0f-428d551862aa) add Policy Microsoft Managed Control 1438 - Media Sanitization And Disposal (40fcc635-52a2-4dbc-9523-80a1f4aa1de6) add Policy Microsoft Managed Control 1571 - Acquisitions Process (b11c985b-f2cd-4bd7-85f4-b52426edf905) add Policy Microsoft Managed Control 1011 - Account Management (7e6a54f3-883f-43d5-87c4-172dfd64a1f5) add Policy Microsoft Managed Control 1514 - Personnel Screening \| Information With Special Protection Measures (9ed5ca00-0e43-434e-a018-7aab91461ba7) add Policy Microsoft Managed Control 1404 - Maintenance Tools (13d8f903-0cd6-449f-a172-50f6579c182b) add Policy Microsoft Managed Control 1320 - Authenticator Management (6f54c732-71d4-4f93-a696-4e373eca3a77) add Policy Microsoft Managed Control 1280 - Telecommunications Services \| Priority Of Service Provisions (fa108498-b3a8-4ffb-9e79-1107e76afad3) add Policy Microsoft Managed Control 1583 - Information System Documentation (0882d488-8e80-4466-bc0f-0cd15b6cb66d) add Policy Microsoft Managed Control 1093 - Role-Based Security Training (7a0bdeeb-15f4-47e8-a1da-9f769f845fdf) add Policy Microsoft Managed Control 1384 - Information Spillage Response (79fbc228-461c-4a45-9004-a865ca0728a7) add Policy Microsoft Managed Control 1285 - Telecommunications Services \| Provider Contingency Plan (01f7726b-db54-45c2-bcb5-9bd7a43796ee) add Policy Microsoft Managed Control 1545 - Risk Assessment (3f4b171a-a56b-4328-8112-32cf7f947ee1) add Policy Microsoft Managed Control 1174 - Configuration Management Policy And Procedures (42a9a714-8fbb-43ac-b115-ea12d2bd652f) add Policy Microsoft Managed Control 1281 - Telecommunications Services \| Priority Of Service Provisions (8dc459b3-0e77-45af-8d71-cfd8c9654fe2) add Policy Microsoft Managed Control 1475 - Emergency Lighting (34a63848-30cf-4081-937e-ce1a1c885501) add Policy Microsoft Managed Control 1306 - User Identification And Authentication \| Network Access To Privileged Accounts - Replay... (cafc6c3c-5fc5-4c5e-a99b-a0ccb1d34eff) add Policy Microsoft Managed Control 1503 - Information Security Architecture (c1fa9c2f-d439-4ab9-8b83-81fb1934f81d) add Policy Microsoft Managed Control 1517 - Personnel Termination (8f5ad423-50d6-4617-b058-69908f5586c9) add Policy Microsoft Managed Control 1244 - Contingency Plan (6a13a8f8-c163-4b1b-8554-d63569dab937) add Policy Microsoft Managed Control 1662 - Fail In Known State (165cb91f-7ea8-4ab7-beaf-8636b98c9d15) add Policy Microsoft Managed Control 1613 - Developer Security Architecture And Design (fe2ad78b-8748-4bff-a924-f74dfca93f30) add Policy Microsoft Managed Control 1223 - Information System Component Inventory (05a1bb01-ad5a-49c1-aad3-b0c893b2ec3a) add Policy Microsoft Managed Control 1216 - Least Functionality \| Periodic Review (7894fe6a-f5cb-44c8-ba90-c3f254ff9484) add Policy Microsoft Managed Control 1538 - Security Categorization (1d7658b2-e827-49c3-a2ae-6d2bd0b45874) add Policy Microsoft Managed Control 1635 - Boundary Protection \| Host-Based Protection (87551b5d-1deb-4d0f-86cc-9dc14cb4bf7e) add Policy Microsoft Managed Control 1092 - Security Awareness \| Insider Threat (8a29d47b-8604-4667-84ef-90d203fcb305) add Policy Microsoft Managed Control 1030 - Information Flow Enforcement \| Physical / Logical Separation Of Information Flows (d3531453-b869-4606-9122-29c1cd6e7ed1) add Policy Microsoft Managed Control 1410 - Maintenance Tools \| Prevent Unauthorized Removal (a2596a9f-e59f-420d-9625-6e0b536348be) add Policy Microsoft Managed Control 1144 - Security Assessments (2fa15ff1-a693-4ee4-b094-324818dc9a51) add Policy Microsoft Managed Control 1383 - Incident Response Plan (d4558451-e16a-4d2d-a066-fe12a6282bb9) add Policy Microsoft Managed Control 1551 - Vulnerability Scanning \| Update Tool Capability (5bbda922-0172-4095-89e6-5b4a0bf03af7) add Policy Microsoft Managed Control 1183 - Baseline Configuration \| Configure Systems, Components, Or Devices For High-Risk Areas (5352e3e0-e63a-452e-9e5f-9c1d181cff9c) add Policy Microsoft Managed Control 1441 - Media Sanitization And Disposal \| Equipment Testing (6519d7f3-e8a2-4ff3-a935-9a9497152ad7) add Policy Microsoft Managed Control 1692 - Information System Monitoring \| Inbound And Outbound Communications Traffic (7ecda928-9df4-4dd7-8f44-641a91e470e8) add Policy Microsoft Managed Control 1395 - System Maintenance Policy And Procedures (7207a023-a517-41c5-9df2-09d4c6845a05) add Policy Microsoft Managed Control 1494 - System Security Plan (9ed09d84-3311-4853-8b67-2b55dfa33d09) add Policy Microsoft Managed Control 1119 - Audit Review, Analysis, And Reporting \| Central Review And Analysis (845f6359-b764-4b40-b579-657aefe23c44) add Policy Microsoft Managed Control 1615 - System And Communications Protection Policy And Procedures (f35e02aa-0a55-49f8-8811-8abfa7e6f2c0) add Policy Microsoft Managed Control 1605 - Developer Security Testing And Evaluation \| Static Code Analysis (0062eb8b-dc75-4718-8ea5-9bb4a9606655) add Policy Microsoft Managed Control 1279 - Telecommunications Services (7d00bcd6-963d-4c02-ad8e-b45fa50bf3b0) add Policy Microsoft Managed Control 1522 - Personnel Transfer (38b470cc-f939-4a15-80e0-9f0c74f2e2c9) add Policy Microsoft Managed Control 1701 - Information System Monitoring \| Host-Based Devices (f25bc08f-27cb-43b6-9a23-014d00700426) add Policy Microsoft Managed Control 1377 - Incident Response Assistance \| Coordination With External Providers (68434bd1-e14b-4031-9edb-a4adf5f84a67) add Policy Microsoft Managed Control 1661 - Session Authenticity \| Invalidate Session Identifiers At Logout (4c643c9a-1be7-4016-a5e7-e4bada052920) add Policy Microsoft Managed Control 1443 - Media Use (cd0ec6fa-a2e7-4361-aee4-a8688659a9ed) add Policy Microsoft Managed Control 1572 - Acquisitions Process (04f5fb00-80bb-48a9-a75b-4cb4d4c97c36) add Policy Microsoft Managed Control 1045 - Unsuccessful Logon Attempts (554d2dd6-f3a8-4ad5-b66f-5ce23bd18892) add Policy Microsoft Managed Control 1519 - Personnel Termination (2f13915a-324c-4ab8-b45c-2eefeeefb098) add Policy Microsoft Managed Control 1355 - Incident Response Training (90e01f69-3074-4de8-ade7-0fef3e7d83e0) add Policy Microsoft Managed Control 1428 - Media Access (0a77fcc7-b8d8-451a-ab52-56197913c0c7) add Policy Microsoft Managed Control 1286 - Telecommunications Services \| Provider Contingency Plan (b4f9b47a-2116-4e6f-88db-4edbf22753f1) add Policy Microsoft Managed Control 1061 - Remote Access \| Automated Monitoring / Control (7ac22808-a2e8-41c4-9d46-429b50738914) add Policy Microsoft Managed Control 1668 - Flaw Remediation (8fb0966e-be1d-42c3-baca-60df5c0bcc61) add Policy Microsoft Managed Control 1288 - Information System Backup (8d854c3b-a3e6-4ec9-9f0c-c7274dbaeb2f) add Policy Microsoft Managed Control 1563 - Allocation Of Resources (9afe2edf-232c-4fdf-8e6a-e867a5c525fd) add Policy Microsoft Managed Control 1628 - Boundary Protection \| External Telecommunications Services (67de62b4-a737-4781-8861-3baed3c35069) add Policy Microsoft Managed Control 1194 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (bc34667f-397e-4a65-9b72-d0358f0b6b09) add Policy Microsoft Managed Control 1185 - Configuration Change Control (6420cd73-b939-43b7-9d99-e8688fea053c) add Policy Microsoft Managed Control 1398 - Controlled Maintenance (443e8f3d-b51a-45d8-95a7-18b0e42f4dc4) add Policy Microsoft Managed Control 1532 - Third-Party Personnel Security (a2c66299-9017-4d95-8040-8bdbf7901d52) add Policy Microsoft Managed Control 1505 - Information Security Architecture (813a10a7-3943-4fe3-8678-00dc52db5490) add Policy Microsoft Managed Control 1387 - Information Spillage Response (e3007185-3857-43a9-8237-06ca94f1084c) add Policy Microsoft Managed Control 1562 - Allocation Of Resources (d4142013-7964-4163-a313-a900301c2cef) add Policy Microsoft Managed Control 1056 - Session Termination \| User-Initiated Logouts / Message Displays (ac43352f-df83-4694-8738-cfce549fd08d) add Policy Microsoft Managed Control 1102 - Audit Events (9943c16a-c54c-4b4a-ad28-bfd938cdbf57) add Policy Microsoft Managed Control 1309 - User Identification And Authentication \| Acceptance Of Piv Credentials (f355d62b-39a8-4ba3-abf7-90f71cb3b000) add Policy Microsoft Managed Control 1368 - Incident Handling \| Correlation With External Organizations (465f32da-0ace-4603-8d1b-7be5a3a702de) add Policy Microsoft Managed Control 1220 - Least Functionality \| Authorized Software / Whitelisting (c40f31a7-81e1-4130-99e5-a02ceea2a1d6) add Policy Microsoft Managed Control 1269 - Alternate Storage Site \| Separation From Primary Site (19b9439d-865d-4474-b17d-97d2702fdb66) add Policy Microsoft Managed Control 1392 - Information Spillage Response \| Post-Spill Operations (86dc819f-15e1-43f9-a271-41ae58d4cecc) add Policy Microsoft Managed Control 1242 - Contingency Planning Policy And Procedures (cf3b3293-667a-445e-a722-fa0b0afc0958) add Policy Microsoft Managed Control 1041 - Least Privilege \| Privilege Levels For Code Execution (b3d8d15b-627a-4219-8c96-4d16f788888b) add Policy Microsoft Managed Control 1221 - Least Functionality \| Authorized Software / Whitelisting (22589a07-0007-486a-86ca-95355081ae2a) add Policy Microsoft Managed Control 1540 - Security Categorization (f771f8cb-6642-45cc-9a15-8a41cd5c6977) add Policy Microsoft Managed Control 1655 - Voice Over Internet Protocol (121eab72-390e-4629-a7e2-6d6184f57c6b) add Policy Microsoft Managed Control 1674 - Flaw Remediation \| Time To Remediate Flaws / Benchmarks For Corrective Actions (93e9e233-dd0a-4bde-aea5-1371bce0e002) add Policy Microsoft Managed Control 1308 - User Identification And Authentication \| Remote Access - Separate Device (81817e1c-5347-48dd-965a-40159d008229) add Policy Microsoft Managed Control 1017 - Account Management \| Inactivity Logout (0fc3db37-e59a-48c1-84e9-1780cedb409e) add Policy Microsoft Managed Control 1378 - Incident Response Plan (97fceb70-6983-42d0-9331-18ad8253184d) add Policy Microsoft Managed Control 1445 - Physical And Environmental Protection Policy And Procedures (32d07d59-2716-4972-b37b-214a67ac4a37) add Policy Microsoft Managed Control 1587 - External Information System Services (32820956-9c6d-4376-934c-05cd8525be7c) add Policy Microsoft Managed Control 1684 - Information System Monitoring (16bfdb59-db38-47a5-88a9-2e9371a638cf) add Policy Microsoft Managed Control 1363 - Incident Handling \| Automated Incident Handling Processes (ea3e8156-89a1-45b1-8bd6-938abc79fdfd) add Policy Microsoft Managed Control 1400 - Controlled Maintenance (a96d5098-a604-4cdf-90b1-ef6449a27424) add Policy Microsoft Managed Control 1083 - Publicly Accessible Content (4e319cb6-2ca3-4a58-ad75-e67f484e50ec) add Policy Microsoft Managed Control 1002 - Account Management (632024c2-8079-439d-a7f6-90af1d78cc65) add Policy Microsoft Managed Control 1507 - Personnel Security Policy And Procedures (86ccd1bf-e7ad-4851-93ce-6ec817469c1e) add Policy Microsoft Managed Control 1636 - Boundary Protection \| Isolation Of Security Tools / Mechanisms / Support Components (7b694eed-7081-43c6-867c-41c76c961043) add Policy Microsoft Managed Control 1719 - Spam Protection (c13da9b4-fe14-4fe2-853a-5997c9d4215a) add Policy Microsoft Managed Control 1638 - Boundary Protection \| Dynamic Isolation / Segregation (49b99653-32cd-405d-a135-e7d60a9aae1f) add Policy Microsoft Managed Control 1366 - Incident Handling \| Information Correlation (06c45c30-ae44-4f0f-82be-41331da911cc) add Policy Microsoft Managed Control 1097 - Role-Based Security Training \| Suspicious Communications And Anomalous System Behavior (cf3e4836-f19e-47eb-a8cd-c3ca150452c0) add Policy Microsoft Managed Control 1515 - Personnel Termination (02dd141a-a2b2-49a7-bcbd-ca31142f6211) add Policy Microsoft Managed Control 1430 - Media Labeling (0f559588-5e53-4b14-a7c4-85d28ebc2234) add Policy Microsoft Managed Control 1408 - Maintenance Tools \| Prevent Unauthorized Removal (c5f56ac6-4bb2-4086-bc41-ad76344ba2c2) add Policy Microsoft Managed Control 1198 - Configuration Change Control \| Security Representative (f56be5c3-660b-4c61-9078-f67cf072c356) add Policy Microsoft Managed Control 1431 - Media Storage (a7173c52-2b99-4696-a576-63dd5f970ef4) add Policy Microsoft Managed Control 1078 - Use Of External Information Systems \| Limits On Authorized Use (b25faf85-8a16-4f28-8e15-d05c0072d64d) add Policy Microsoft Managed Control 1077 - Use Of External Information Systems (2dad3668-797a-412e-a798-07d3849a7a79) add Policy Microsoft Managed Control 1509 - Position Categorization (70792197-9bfc-4813-905a-bd33993e327f) add Policy Microsoft Managed Control 1067 - Wireless Access Restrictions (5c5e54f6-0127-44d0-8b61-f31dc8dd6190) add Policy Microsoft Managed Control 1210 - Configuration Settings (3502c968-c490-4570-8167-1476f955e9b8) add Policy Microsoft Managed Control 1273 - Alternate Processing Site (e77fcbf2-a1e8-44f1-860e-ed6583761e65) add Policy Microsoft Managed Control 1249 - Contingency Plan (d3bf4251-0818-42db-950b-afd5b25a51c2) add Policy Microsoft Managed Control 1700 - Information System Monitoring \| Unauthorized Network Services (7831b4ba-c3f4-4cb1-8c11-ef8d59438cd5) add Policy Microsoft Managed Control 1580 - Information System Documentation (854db8ac-6adf-42a0-bef3-b73f764f40b9) add Policy Microsoft Managed Control 1159 - Security Authorization (0925f098-7877-450b-8ba4-d1e55f2d8795) add Policy Microsoft Managed Control 1707 - Security Alerts & Advisories \| Automated Alerts And Advisories (fd4a2ac8-868a-4702-a345-6c896c3361ce) add Policy Microsoft Managed Control 1027 - Access Enforcement (a76ca9b0-3f4a-4192-9a38-b25e4f8ae48c) add Policy Microsoft Managed Control 1727 - Memory Protection (697175a7-9715-4e89-b98b-c6f605888fa3) add Policy Microsoft Managed Control 1179 - Baseline Configuration \| Reviews And Updates (3f9ce557-c8ab-4e6c-bb2c-9b8ed002c46c) add Policy Microsoft Managed Control 1075 - Access Control for Portable And Mobile Systems \| Full Device / Container-Based Encryption (fc933d22-04df-48ed-8f87-22a3773d4309) add Policy Microsoft Managed Control 1476 - Fire Protection (0f3c4ac2-3e35-4906-a80b-473b12a622d7) add Policy Microsoft Managed Control 1565 - System Development Life Cycle (45ce2396-5c76-4654-9737-f8792ab3d26b) add Policy Microsoft Managed Control 1236 - Software Usage Restrictions (9ba3ed84-c768-4e18-b87c-34ef1aff1b57) add Policy Microsoft Managed Control 1085 - Publicly Accessible Content (13d117e0-38b0-4bbb-aaab-563be5dd10ba) add Policy Microsoft Managed Control 1003 - Account Management (3b68b179-3704-4ff7-b51d-7d65374d165d) add Policy Microsoft Managed Control 1051 - Session Lock (7cac6ee9-b58b-40c8-a5ce-f0efc3d9b339) add Policy Microsoft Managed Control 1696 - Information System Monitoring \| Correlate Monitoring Information (69d2a238-20ab-4206-a6dc-f302bf88b1b8) add Policy Microsoft Managed Control 1192 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (4ebd97f7-b105-4f50-8daf-c51465991240) add Policy Microsoft Managed Control 1446 - Physical And Environmental Protection Policy And Procedures (bf6850fe-abba-468e-9ef4-d09ec7d983cd) add Policy Microsoft Managed Control 1004 - Account Management (c17822dc-736f-4eb4-a97d-e6be662ff835) add Policy Microsoft Managed Control 1345 - Cryptographic Module Authentication (f86aa129-7c07-4aa4-bbf5-792d93ffd9ea) add Policy Microsoft Managed Control 1664 - Protection Of Information At Rest \| Cryptographic Protection (a2cdf6b8-9505-4619-b579-309ba72037ac) add Policy Microsoft Managed Control 1266 - Contingency Plan Testing \| Alternate Processing Site (3b4a3eb2-c25d-40bf-ad41-5094b6f59cee) add Policy Microsoft Managed Control 1167 - Continuous Monitoring (cbb2be76-4891-430b-95a7-ca0b0a3d1300) add Policy Microsoft Managed Control 1237 - Software Usage Restrictions \| Open Source Software (e80b6812-0bfa-4383-8223-cdd86a46a890) add Policy Microsoft Managed Control 1170 - Penetration Testing (8b78b9b3-ee3c-48e0-a243-ed6dba5b7a12) add Policy Microsoft Managed Control 1215 - Least Functionality (88fc93e8-4745-4785-b5a5-b44bb92c44ff) add Policy Microsoft Managed Control 1197 - Configuration Change Control \| Test / Validate / Document Changes (a20d2eaa-88e2-4907-96a2-8f3a05797e5c) add Policy Microsoft Managed Control 1502 - Rules Of Behavior \| Social Media And Networking Restrictions (e901375c-8f01-4ac8-9183-d5312f47fe63) add Policy Microsoft Managed Control 1516 - Personnel Termination (da3cd269-156f-435b-b472-c3af34c032ed) add Policy Microsoft Managed Control 1348 - Identification And Authentication (Non-Organizational Users) \| Acceptance Of Third-Party... (855ced56-417b-4d74-9d5f-dd1bc81e22d6) add Policy Microsoft Managed Control 1552 - Vulnerability Scanning \| Update By Frequency / Prior To New Scan / When Identified (43684572-e4f1-4642-af35-6b933bc506da) add Policy Microsoft Managed Control 1608 - Supply Chain Protection (b73b7b3b-677c-4a2a-b949-ad4dc4acd89f) add Policy Microsoft Managed Control 1347 - Identification And Authentication (Non-Organizational Users) \| Acceptance Of Piv Credentials... (131a2706-61e9-4916-a164-00e052056462) add Policy Microsoft Managed Control 1122 - Audit Review, Analysis, And Reporting \| Permitted Actions (243ec95e-800c-49d4-ba52-1fdd9f6b8b57) add Policy Microsoft Managed Control 1303 - User Identification And Authentication \| Local Access To Privileged Accounts (80ca0a27-918a-4604-af9e-723a27ee51e8) add Policy Microsoft Managed Control 1663 - Protection Of Information At Rest (60171210-6dde-40af-a144-bf2670518bfa) add Policy Microsoft Managed Control 1553 - Vulnerability Scanning \| Breadth / Depth Of Coverage (9e5225fe-cdfb-4fce-9aec-0fe20dd53b62) add Policy Microsoft Managed Control 1195 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (d1e1d65c-1013-4484-bd54-991332e6a0d2) add Policy Microsoft Managed Control 1052 - Session Lock (027cae1c-ec3e-4492-9036-4168d540c42a) add Policy Microsoft Managed Control 1337 - Authenticator Management \| In-Person Or Trusted Third-Party Registration (463e5220-3f79-4e24-a63f-343e4096cd22) add Policy Microsoft Managed Control 1592 - External Information System Services \| Consistent Interests Of Consumers And Providers (1d01ba6c-289f-42fd-a408-494b355b6222) add Policy Microsoft Managed Control 1021 - Account Management \| Restrictions On Use Of Shared / Group Accounts (9a3eb0a3-428d-4669-baff-20a14eb4b551) add Policy Microsoft Managed Control 1152 - System Interconnections (beff0acf-7e67-40b2-b1ca-1a0e8205cf1b) add Policy Microsoft Managed Control 1157 - Plan Of Action And Milestones (15495367-cf68-464c-bbc3-f53ca5227b7a) add Policy Microsoft Managed Control 1060 - Remote Access (34a987fd-2003-45de-a120-014956581f2b) add Policy Microsoft Managed Control 1331 - Authenticator Management \| Password-Based Authentication (05460fe2-301f-4ed1-8174-d62c8bb92ff4) add Policy Microsoft Managed Control 1439 - Media Sanitization And Disposal (dce72873-c5f1-47c3-9b4f-6b8207fd5a45) add Policy Microsoft Managed Control 1457 - Physical Access Control (f2d9d3e6-8886-4305-865d-639163e5c305) add Policy Microsoft Managed Control 1582 - Information System Documentation (cd9e2f38-259b-462c-bfad-0ad7ab4e65c5) add Policy Microsoft Managed Control 1214 - Least Functionality (f714a4e2-b580-47b6-ae8c-f2812d3750f3) add Policy Microsoft Managed Control 1510 - Position Categorization (79da5b09-0e7e-499e-adda-141b069c7998) add Policy Microsoft Managed Control 1586 - External Information System Services (6e3b2fbd-8f37-4766-a64d-3f37703dcb51) add Policy Microsoft Managed Control 1016 - Account Management \| Automated Audit Actions (d8b43277-512e-40c3-ab00-14b3b6e72238) add Policy Microsoft Managed Control 1313 - Identifier Management (36220f5b-79a1-4cdb-8c74-2d2449f9a510) add Policy Microsoft Managed Control 1023 - Account Management \| Usage Conditions (e55698b6-3dea-4aa9-99b9-d8218c6ab6e5) add Policy Microsoft Managed Control 1276 - Alternate Processing Site \| Accessibility (e214e563-1206-4a43-a56b-ac5880c9c571) add Policy Microsoft Managed Control 1576 - Acquisitions Process \| Design / Implementation Information For Security Controls (5f18c885-ade3-48c5-80b1-8f9216019c18) add Policy Microsoft Managed Control 1081 - Information Sharing (3867f2a9-23bb-4729-851f-c3ad98580caf) add Policy Microsoft Managed Control 1343 - Authenticator Management \| Expiration Of Cached Authenticators (2c251a55-31eb-4e53-99c6-e9c43c393ac2) add Policy Microsoft Managed Control 1416 - Remote Maintenance \| Document Remote Maintenance (38dfd8a3-5290-4099-88b7-4081f4c4d8ae) add Policy Microsoft Managed Control 1046 - Unsuccessful Logon Attempts \| Purge / Wipe Mobile Device (0b1aa965-7502-41f9-92be-3e2fe7cc392a) add Policy Microsoft Managed Control 1376 - Incident Response Assistance \| Coordination With External Providers (493a95f3-f2e3-47d0-af02-65e6d6decc2f) add Policy Microsoft Managed Control 1595 - Developer Configuration Management (1e0414e7-6ef5-4182-8076-aa82fbb53341) add Policy Microsoft Managed Control 1642 - Network Disconnect (53397227-5ee3-4b23-9e5e-c8a767ce6928) add Policy Microsoft Managed Control 1180 - Baseline Configuration \| Automation Support For Accuracy / Currency (874e7880-a067-42a7-bcbe-1a340f54c8cc) add Policy Microsoft Managed Control 1240 - User-Installed Software (129eb39f-d79a-4503-84cd-92f036b5e429) add Policy Microsoft Managed Control 1299 - Identification And Authentication Policy And Procedures (fd4e54f7-9ab0-4bae-b6cc-457809948a89) add Policy Microsoft Managed Control 1573 - Acquisitions Process (58c93053-7b98-4cf0-b99f-1beb985416c2) add Policy Microsoft Managed Control 1639 - Boundary Protection \| Isolation Of Information System Components (78e8e649-50f6-4fe3-99ac-fedc2e63b03f) add Policy Microsoft Managed Control 1253 - Contingency Plan \| Resume Essential Missions / Business Functions (0afce0b3-dd9f-42bb-af28-1e4284ba8311) add Policy Microsoft Managed Control 1238 - User-Installed Software (a36cedd4-3ffd-4b1f-8b18-aa71d8d87ce1) add Policy Microsoft Managed Control 1228 - Information System Component Inventory \| Accountability Information (39c54140-5902-4079-8bb5-ad31936fe764) add Policy Microsoft Managed Control 1713 - Software & Information Integrity \| Integrity Checks (0d87c70b-5012-48e9-994b-e70dd4b8def0) add Policy Microsoft Managed Control 1259 - Contingency Training (9d9e18f7-bad9-4d30-8806-a0c9d5e26208) add Policy Microsoft Managed Control 1599 - Developer Configuration Management \| Software / Firmware Integrity Verification (0004bbf0-5099-4179-869e-e9ffe5fb0945) add Policy Microsoft Managed Control 1433 - Media Transport (5b879b41-2728-41c5-ad24-9ee2c37cbe65) add Policy Microsoft Managed Control 1539 - Security Categorization (aabb155f-e7a5-4896-a767-e918bfae2ee0) add Policy Microsoft Managed Control 1203 - Access Restrictions For Change \| Automated Access Enforcement / Auditing (f9012d14-e3e6-4d7b-b926-9f37b5537066) add Policy Microsoft Managed Control 1567 - System Development Life Cycle (e72edbf6-aa61-436d-a227-0f32b77194b3) add Policy Microsoft Managed Control 1006 - Account Management (aae8d54c-4bce-4c04-b3aa-5b65b67caac8) add Policy Microsoft Managed Control 1024 - Account Management \| Account Monitoring / Atypical Usage (84914fb4-12da-4c53-a341-a9fd463bed10) add Policy Microsoft Managed Control 1208 - Configuration Settings (5ea87673-d06b-456f-a324-8abcee5c159f) add Policy Microsoft Managed Control 1568 - Acquisitions Process (b6a8eae8-9854-495a-ac82-d2cd3eac02a6) add Policy Microsoft Managed Control 1105 - Audit Events (5b73f57b-587d-4470-a344-0b0ae805f459) add Policy Microsoft Managed Control 1724 - Error Handling (d07594d1-0307-4c08-94db-5d71ff31f0f6) add Policy Microsoft Managed Control 1074 - Access Control for Portable And Mobile Systems (27a69937-af92-4198-9b86-08d355c7e59a) add Policy Microsoft Managed Control 1293 - Information System Backup \| Separate Storage For Critical Information (87f7cd82-2e45-4d0f-9e2f-586b0962d142) add Policy Microsoft Managed Control 1142 - Certification, Authorization, Security Assessment Policy And Procedures (01524fa8-4555-48ce-ba5f-c3b8dcef5147) add Policy Microsoft Managed Control 1488 - Alternate Work Site (d8ef30eb-a44f-47af-8524-ac19a36d41d2) add Policy Microsoft Managed Control 1456 - Physical Access Control (733ba9e3-9e7c-440a-a7aa-6196a90a2870) add Policy Microsoft Managed Control 1053 - Session Lock \| Pattern-Hiding Displays (7582b19c-9dba-438e-aed8-ede59ac35ba3) add Policy Microsoft Managed Control 1028 - Information Flow Enforcement (f171df5c-921b-41e9-b12b-50801c315475) add Policy Microsoft Managed Control 1148 - Security Assessments \| Independent Assessors (28e62650-c7c2-4786-bdfa-17edc1673902) add Policy Microsoft Managed Control 1470 - Emergency Shutoff (c89ba09f-2e0f-44d0-8095-65b05bd151ef) add Policy Microsoft Managed Control 1559 - System And Services Acquisition Policy And Procedures (45692294-f074-42bd-ac54-16f1a3c07554) add Policy Microsoft Managed Control 1151 - System Interconnections (347e3b69-7fb7-47df-a8ef-71a1a7b44bca) add Policy Microsoft Managed Control 1018 - Account Management \| Role-Based Schemes (c9121abf-e698-4ee9-b1cf-71ee528ff07f) add Policy Microsoft Managed Control 1257 - Contingency Training (b958b241-4245-4bd6-bd2d-b8f0779fb543) add Policy Microsoft Managed Control 1670 - Flaw Remediation (c6108469-57ee-4666-af7e-79ba61c7ae0c) add Policy Microsoft Managed Control 1036 - Least Privilege \| Non-Privileged Access For Nonsecurity Functions (9a16d673-8cf0-4dcf-b1d5-9b3e114fef71) add Policy Microsoft Managed Control 1611 - Developer-Provided Training (fdda8a0c-ac32-43f6-b2f4-7dc1df03f43f) add Policy Microsoft Managed Control 1131 - Protection Of Audit Information (b472a17e-c2bc-493f-b50b-42d55a346962) add Policy Microsoft Managed Control 1589 - External Information System Services \| Risk Assessments / Organizational Approvals (86ec7f9b-9478-40ff-8cfd-6a0d510081a8) add Policy Microsoft Managed Control 1295 - Information System Recovery And Reconstitution (a895fbdb-204d-4302-9689-0a59dc42b3d9) add Policy Microsoft Managed Control 1627 - Boundary Protection \| External Telecommunications Services (fd73310d-76fc-422d-bda4-3a077149f179) add Policy Microsoft Managed Control 1574 - Acquisitions Process (0f935dab-83d6-47b8-85ef-68b8584161b9) add Policy Microsoft Managed Control 1600 - Developer Security Testing And Evaluation (c53f3123-d233-44a7-930b-f40d3bfeb7d6) add Policy Microsoft Managed Control 1333 - Authenticator Management \| Pki-Based Authentication (3298d6bf-4bc6-4278-a95d-f7ef3ac6e594) add Policy Microsoft Managed Control 1271 - Alternate Storage Site \| Accessibility (da3bfb53-9c46-4010-b3db-a7ba1296dada) add Policy Microsoft Managed Control 1530 - Third-Party Personnel Security (6e8f9566-29f1-49cd-b61f-f8628a3cf993) add Policy Microsoft Managed Control 1660 - Session Authenticity (63096613-ce83-43e5-96f4-e588e8813554) add Policy Microsoft Managed Control 1511 - Personnel Screening (a9eae324-d327-4539-9293-b48e122465f8) add Policy Microsoft Managed Control 1338 - Authenticator Management \| Automated Support For Password Strength Determination (6c59a207-6aed-41dc-83a2-e1ff66e4a4db) add Policy Microsoft Managed Control 1528 - Access Agreements (deb9797c-22f8-40e8-b342-a84003c924e6) add Policy Microsoft Managed Control 1193 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (f5fd629f-3075-4cae-ab53-bad65495a4ac) add Policy Microsoft Managed Control 1465 - Monitoring Physical Access \| Monitoring Physical Access To Information Systems (e6e41554-86b5-4537-9f7f-4fc41a1d1640) add Policy Microsoft Managed Control 1256 - Contingency Plan \| Identify Critical Assets (232ab24b-810b-4640-9019-74a7d0d6a980) add Policy Microsoft Managed Control 1219 - Least Functionality \| Authorized Software / Whitelisting (2a39ac75-622b-4c88-9a3f-45b7373f7ef7) add Policy Microsoft Managed Control 1463 - Monitoring Physical Access (59721f87-ae25-4db0-a2a4-77cc5b25d495) add Policy Microsoft Managed Control 1647 - Use of Cryptography (791cfc15-6974-42a0-9f4c-2d4b82f4a78c) add Policy Microsoft Managed Control 1111 - Response To Audit Processing Failures (21de687c-f15e-4e51-bf8d-f35c8619965b) add Policy Microsoft Managed Control 1160 - Security Authorization (3e797ca6-2aa8-4333-b335-7036f1110c05) add Policy Microsoft Managed Control 1136 - Audit Record Retention (97ed5bac-a92f-4f6d-a8ed-dc094723597c) add Policy Microsoft Managed Control 1657 - Secure Name / Address Resolution Service (Authoritative Source) (90f01329-a100-43c2-af31-098996135d2b) add Policy Microsoft Managed Control 1047 - System Use Notification (e1ff6d62-a55c-41ab-90ba-90bb5b7b6f62) add Policy Microsoft Managed Control 1634 - Boundary Protection \| Prevent Unauthorized Exfiltration (292a7c44-37fa-4c68-af7c-9d836955ded2) add Policy Microsoft Managed Control 1678 - Malicious Code Protection (dd533cb0-b416-4be7-8e86-4d154824dfd7) add Policy Microsoft Managed Control 1086 - Publicly Accessible Content (fb321e6f-16a0-4be3-878f-500956e309c5) add Policy Microsoft Managed Control 1359 - Incident Response Testing \| Coordination With Related Plans (47bc7ea0-7d13-4f7c-a154-b903f7194253) add Policy Microsoft Managed Control 1493 - System Security Plan (22b469b3-fccf-42da-aa3b-a28e6fb113ce) add Policy Microsoft Managed Control 1537 - Risk Assessment Policy And Procedures (b19454ca-0d70-42c0-acf5-ea1c1e5726d1) add Policy Microsoft Managed Control 1175 - Configuration Management Policy And Procedures (6dab4254-c30d-4bb7-ae99-1d21586c063c) add Policy Microsoft Managed Control 1442 - Media Sanitization And Disposal \| Nondestructive Techniques (4f26049b-2c5a-4841-9ff3-d48a26aae475) add Policy Microsoft Managed Control 1546 - Vulnerability Scanning (2ce1ea7e-4038-4e53-82f4-63e8859333c1) add Policy Microsoft Managed Control 1139 - Audit Generation (4ed62522-de00-4dda-9810-5205733d2f34) add Policy Microsoft Managed Control 1318 - Authenticator Management (fced5fda-3bdb-4d73-bfea-0e2c80428b66) add Policy Microsoft Managed Control 1339 - Authenticator Management \| Protection Of Authenticators (367ae386-db7f-4167-b672-984ff86277c0) add Policy Microsoft Managed Control 1683 - Information System Monitoring (8c79fee4-88dd-44ce-bbd4-4de88948c4f8) add Policy Microsoft Managed Control 1623 - Boundary Protection (02ce1b22-412a-4528-8630-c42146f917ed) add Policy Microsoft Managed Control 1307 - User Identification And Authentication \| Network Access To Non-Privileged Accounts - Replay... (84e622c8-4bed-417c-84c6-b2fb0dd73682) add Policy Microsoft Managed Control 1178 - Baseline Configuration \| Reviews And Updates (7818b8f4-47c6-441a-90ae-12ce04e99893) add Policy Microsoft Managed Control 1120 - Audit Review, Analysis, And Reporting \| Integration / Scanning And Monitoring Capabilities (c69b870e-857b-458b-af02-bb234f7a00d3) add Policy Microsoft Managed Control 1564 - System Development Life Cycle (157f0ef9-143f-496d-b8f9-f8c8eeaad801) add Policy Microsoft Managed Control 1233 - Configuration Management Plan (9d79001f-95fe-45d0-8736-f217e78c1f57) add Policy Microsoft Managed Control 1282 - Telecommunications Services \| Single Points Of Failure (34042a97-ec6d-4263-93d2-8c1c46823b2a) add Policy Microsoft Managed Control 1484 - Water Damage Protection \| Automation Support (486b006a-3653-45e8-b41c-a052d3e05456) add Policy Microsoft Managed Control 1390 - Information Spillage Response \| Responsible Personnel (c3b65b63-09ec-4cb5-8028-7dd324d10eb0) add Policy Microsoft Managed Control 1558 - Vulnerability Scanning \| Correlate Scanning Information (65592b16-4367-42c5-a26e-d371be450e17) add Policy Microsoft Managed Control 1495 - System Security Plan (f4978d0e-a596-48e7-9f8c-bbf52554ce8d) add Policy Microsoft Managed Control 1598 - Developer Configuration Management (ae7e1f5e-2d63-4b38-91ef-bce14151cce3) add Policy Microsoft Managed Control 1614 - Developer Security Architecture And Design (8154e3b3-cc52-40be-9407-7756581d71f6) add Policy Microsoft Managed Control 1349 - Identification And Authentication (Non-Organizational Users) \| Use Of Ficam-Approved Products (17641f70-94cd-4a5d-a613-3d1143e20e34) add Policy Microsoft Managed Control 1079 - Use Of External Information Systems \| Limits On Authorized Use (85c32733-7d23-4948-88da-058e2c56b60f) add Policy Microsoft Managed Control 1654 - Voice Over Internet Protocol (0a2ee16e-ab1f-414a-800b-d1608835862b) add Policy Microsoft Managed Control 1082 - Information Sharing (24d480ef-11a0-4b1b-8e70-4e023bf2be23) add Policy Microsoft Managed Control 1409 - Maintenance Tools \| Prevent Unauthorized Removal (d1880188-e51a-4772-b2ab-68f5e8bd27f6) add Policy Microsoft Managed Control 1188 - Configuration Change Control (bb20548a-c926-4e4d-855c-bcddc6faf95e) add Policy Microsoft Managed Control 1606 - Developer Security Testing And Evaluation \| Threat And Vulnerability Analyses (baa8a9a4-5bbe-4c72-98f6-a3a47ae2b1ca) add Policy Microsoft Managed Control 1420 - Maintenance Personnel (05ae08cc-a282-413b-90c7-21a2c60b8404) add Policy Microsoft Managed Control 1034 - Least Privilege (02a5ed00-6d2e-4e97-9a98-46c32c057329) add Policy Microsoft Managed Control 1407 - Maintenance Tools \| Prevent Unauthorized Removal (ff9fbd83-1d8d-4b41-aac2-94cb44b33976) add Policy Microsoft Managed Control 1401 - Controlled Maintenance (b78ee928-e3c1-4569-ad97-9f8c4b629847) add Policy Microsoft Managed Control 1447 - Physical Access Authorizations (b9783a99-98fe-4a95-873f-29613309fe9a) add Policy Microsoft Managed Control 1454 - Physical Access Control (ad58985d-ab32-4f99-8bd3-b7e134c90229) add Policy Microsoft Managed Control 1474 - Emergency Power \| Long-Term Alternate Power Supply - Minimal Operational Capability (03ad326e-d7a1-44b1-9a76-e17492efc9e4) add Policy Microsoft Managed Control 1588 - External Information System Services (68ebae26-e0e0-4ecb-8379-aabf633b51e9) add Policy Microsoft Managed Control 1274 - Alternate Processing Site (2aee175f-cd16-4825-939a-a85349d96210) add Policy Microsoft Managed Control 1393 - Information Spillage Response \| Exposure To Unauthorized Personnel (731856d8-1598-4b75-92de-7d46235747c0) add Policy Microsoft Managed Control 1064 - Remote Access \| Privileged Commands / Access (eb4d9508-cbf0-4a3c-bb5c-6c95b159f3fb) add Policy Microsoft Managed Control 1429 - Media Labeling (b07c9b24-729e-4e85-95fc-f224d2d08a80) add Policy Microsoft Managed Control 1043 - Least Privilege \| Prohibit Non-Privileged Users From Executing Privileged Functions (361a77f6-0f9c-4748-8eec-bc13aaaa2455) add Policy Microsoft Managed Control 1032 - Separation Of Duties (5aa85661-d618-46b8-a20f-ca40a86f0751) add Policy Microsoft Managed Control 1177 - Baseline Configuration \| Reviews And Updates (63dbc7a8-e20b-4d38-b857-a7f6c0cd94bc) add Policy Microsoft Managed Control 1296 - Information System Recovery And Reconstitution \| Transaction Recovery (e57b98a0-a011-4956-a79d-5d17ed8b8e48) add Policy Microsoft Managed Control 1716 - Software & Information Integrity \| Integration Of Detection And Response (e54c325e-42a0-4dcf-b105-046e0f6f590f) add Policy Microsoft Managed Control 1624 - Boundary Protection (37d079e3-d6aa-4263-a069-dd7ac6dd9684) add Policy Microsoft Managed Control 1403 - Controlled Maintenance \| Automated Maintenance Activities (57149289-d52b-4f40-9fe6-5233c1ef80f7) add Policy Microsoft Managed Control 1651 - Mobile Code (6db63528-c9ba-491c-8a80-83e1e6977a50) add Policy Microsoft Managed Control 1284 - Telecommunications Services \| Provider Contingency Plan (942b3e97-6ae3-410e-a794-c9c999b97c0b) add Policy Microsoft Managed Control 1444 - Media Use \| Prohibit Use Without Owner (666143df-f5e0-45bd-b554-135f0f93e44e) add Policy Microsoft Managed Control 1610 - Development Process, Standards, And Tools (b9f3fb54-4222-46a1-a308-4874061f8491) add Policy Microsoft Managed Control 1116 - Audit Review, Analysis, And Reporting (5e47bc51-35d1-44b8-92af-e2f2d8b67635) add Policy Microsoft Managed Control 1302 - User Identification And Authentication \| Network Access To Non-Privileged Accounts (09828c65-e323-422b-9774-9d5c646124da) add Policy Microsoft Managed Control 1229 - Information System Component Inventory \| No Duplicate Accounting Of Components (03752212-103c-4ab8-a306-7e813022ca9d) add Policy Microsoft Managed Control 1031 - Separation Of Duties (6b93a801-fe25-4574-a60d-cb22acffae00) add Policy Microsoft Managed Control 1037 - Least Privilege \| Network Access To Privileged Commands (fa4c2a3d-1294-41a3-9ada-0e540471e9fb) add Policy Microsoft Managed Control 1686 - Information System Monitoring (e17085c5-0be8-4423-b39b-a52d3d1402e5) add Policy Microsoft Managed Control 1124 - Audit Reduction And Report Generation (c10152dd-78f8-4335-ae2d-ad92cc028da4) add Policy Microsoft Managed Control 1328 - Authenticator Management \| Password-Based Authentication (f5c66fdc-3d02-4034-9db5-ba57802609de) add Policy Microsoft Managed Control 1048 - System Use Notification (483e7ca9-82b3-45a2-be97-b93163a0deb7) add Policy Microsoft Managed Control 1346 - Identification And Authentication (Non-Organizational Users) (464dc8ce-2200-4720-87a5-dc5952924cc6) add Policy Microsoft Managed Control 1182 - Baseline Configuration \| Configure Systems, Components, Or Devices For High-Risk Areas (4f34f554-da4b-4786-8d66-7915c90893da) add Policy Microsoft Managed Control 1607 - Developer Security Testing And Evaluation \| Dynamic Code Analysis (976a74cf-b192-4d35-8cab-2068f272addb) add Policy Microsoft Managed Control 1371 - Incident Reporting (9447f354-2c85-4700-93b3-ecdc6cb6a417) add Policy Microsoft Managed Control 1699 - Information System Monitoring \| Privileged Users (69c7bee8-bc19-4129-a51e-65a7b39d3e7c) add Policy Microsoft Managed Control 1317 - Authenticator Management (8877f519-c166-47b7-81b7-8a8eb4ff3775) add Policy Microsoft Managed Control 1422 - Maintenance Personnel (ea556850-838d-4a37-8ce5-9d7642f95e11) add Policy Microsoft Managed Control 1189 - Configuration Change Control (ee45e02a-4140-416c-82c4-fecfea660b9d) add Policy Microsoft Managed Control 1115 - Audit Review, Analysis, And Reporting (0b653845-2ad9-4e09-a4f3-5a7c1d78353d) add Policy Microsoft Managed Control 1560 - System And Services Acquisition Policy And Procedures (e29e0915-5c2f-4d09-8806-048b749ad763) add Policy Microsoft Managed Control 1076 - Use Of External Information Systems (98a4bd5f-6436-46d4-ad00-930b5b1dfed4) add Policy Microsoft Managed Control 1171 - Penetration Testing \| Independent Penetration Agent Or Team (6d4820bc-8b61-4982-9501-2123cb776c00) add Policy Microsoft Managed Control 1718 - Software & Information Integrity \| Binary Or Machine Executable Code (0dced7ab-9ce5-4137-93aa-14c13e06ab17) add Policy Microsoft Managed Control 1381 - Incident Response Plan (e5368258-9684-4567-8126-269f34e65eab) add Policy Microsoft Managed Control 1190 - Configuration Change Control (c66a3d1e-465b-4f28-9da5-aef701b59892) add Policy Microsoft Managed Control 1548 - Vulnerability Scanning (3afe6c78-6124-4d95-b85c-eb8c0c9539cb) add Policy Microsoft Managed Control 1685 - Information System Monitoring (36b0ef30-366f-4b1b-8652-a3511df11f53) add Policy Microsoft Managed Control 1201 - Security Impact Analysis \| Separate Test Environments (7daef997-fdd3-461b-8807-a608a6dd70f1) add Policy Microsoft Managed Control 1272 - Alternate Processing Site (ae46cf7a-e3fd-427b-9b91-44bc78e2d9d8) add Policy Microsoft Managed Control 1397 - Controlled Maintenance (391af4ab-1117-46b9-b2c7-78bbd5cd995b) add Policy Microsoft Managed Control 1129 - Time Stamps \| Synchronization With Authoritative Time Source (71bb965d-4047-4623-afd4-b8189a58df5d) add Policy Microsoft Managed Control 1154 - System Interconnections \| Unclassified Non-National Security System Connections (e757ceb9-93b3-45fe-a4f4-f43f64f1ac5a) add Policy Microsoft Managed Control 1543 - Risk Assessment (fd00b778-b5b5-49c0-a994-734ea7bd3624) add Policy Microsoft Managed Control 1617 - Application Partitioning (a631d8f5-eb81-4f9d-9ee1-74431371e4a3) add Policy Microsoft Managed Control 1402 - Controlled Maintenance \| Automated Maintenance Activities (0a560d32-8075-4fec-9615-9f7c853f4ea9) add Policy Microsoft Managed Control 1694 - Information System Monitoring \| Analyze Communications Traffic Anomalies (426c4ac9-ff17-49d0-acd7-a13c157081c0) add Policy Microsoft Managed Control 1311 - Identifier Management (e7568697-0c9e-4ea3-9cec-9e567d14f3c6) add Policy Microsoft Managed Control 1038 - Least Privilege \| Privileged Accounts (26692e88-71b7-4a5f-a8ac-9f31dd05bd8e) add Policy Microsoft Managed Control 1690 - Information System Monitoring \| System-Wide Intrusion Detection System (a2567a23-d1c3-4783-99f3-d471302a4d6b) add Policy Microsoft Managed Control 1245 - Contingency Plan (a0e45314-57b8-4623-80cd-bbb561f59516) add Policy Microsoft Managed Control 1487 - Alternate Work Site (e9c3371d-c30c-4f58-abd9-30b8a8199571) add Policy Microsoft Managed Control 1596 - Developer Configuration Management (21e25e01-0ae0-41be-919e-04ce92b8e8b8) add Policy Microsoft Managed Control 1681 - Malicious Code Protection \| Automatic Updates (12623e7e-4736-4b2e-b776-c1600f35f93a) add Policy Microsoft Managed Control 1106 - Audit Events \| Reviews And Updates (d2b4feae-61ab-423f-a4c5-0e38ac4464d8) add Policy Microsoft Managed Control 1323 - Authenticator Management (abe8f70b-680f-470c-9b86-a7edfb664ecc) add Policy Microsoft Managed Control 1621 - Resource Availability (3cb9f731-744a-4691-a481-ca77b0411538) add Policy Microsoft Managed Control 1145 - Security Assessments (a0724970-9c75-4a64-a225-a28002953f28) add Policy Microsoft Managed Control 1324 - Authenticator Management (8cfea2b3-7f77-497e-ac20-0752f2ff6eee) add Policy Microsoft Managed Control 1042 - Least Privilege \| Auditing Use Of Privileged Functions (319dc4f0-0fed-4ac9-8fc3-7aeddee82c07) add Policy Microsoft Managed Control 1137 - Audit Generation (4344df62-88ab-4637-b97b-bcaf2ec97e7c) add Policy Microsoft Managed Control 1310 - Device Identification And Authentication (450d7ede-823d-4931-a99d-57f6a38807dc) add Policy Microsoft Managed Control 1059 - Remote Access (a29b5d9f-4953-4afe-b560-203a6410b6b4) add Policy Microsoft Managed Control 1087 - Security Awareness And Training Policy And Procedures (100c82ba-42e9-4d44-a2ba-94b209248583) add Policy Microsoft Managed Control 1123 - Audit Review, Analysis, And Reporting \| Audit Level Adjustment (03996055-37a4-45a5-8b70-3f1caa45f87d) add Policy Microsoft Managed Control 1421 - Maintenance Personnel (e539caaa-da8c-41b8-9e1e-449851e2f7a6) add Policy Microsoft Managed Control 1531 - Third-Party Personnel Security (f0643e0c-eee5-4113-8684-c608d05c5236) add Policy Microsoft Managed Control 1423 - Maintenance Personnel \| Individuals Without Appropriate Access (7741669e-d4f6-485a-83cb-e70ce7cbbc20) add Policy Microsoft Managed Control 1646 - Cryptographic Key Establishment And Management \| Asymmetric Keys (506814fa-b930-4b10-894e-a45b98c40e1a) add Policy Microsoft Managed Control 1039 - Least Privilege \| Review Of User Privileges (3a7b9de4-a8a2-4672-914d-c5f6752aa7f9) add Policy Microsoft Managed Control 1096 - Role-Based Security Training \| Practical Exercises (420c1477-aa43-49d0-bd7e-c4abdd9addff) add Policy Microsoft Managed Control 1141 - Audit Generation \| Changes By Authorized Individuals (6fdefbf4-93e7-4513-bc95-c1858b7093e0) add Policy Microsoft Managed Control 1656 - Secure Name / Address Resolution Service (Authoritative Source) (1cb067d5-c8b5-4113-a7ee-0a493633924b) add Policy Microsoft Managed Control 1415 - Remote Maintenance (61a1dd98-b259-4840-abd5-fbba7ee0da83) add Policy Microsoft Managed Control 1723 - Information Input Validation (e91927a0-ac1d-44a0-95f8-5185f9dfce9f) add Policy Microsoft Managed Control 1330 - Authenticator Management \| Password-Based Authentication (f75cedb2-5def-4b31-973e-b69e8c7bd031) add Policy Microsoft Managed Control 1326 - Authenticator Management (8605fc00-1bf5-4fb3-984e-c95cec4f231d) add Policy Microsoft Managed Control 1186 - Configuration Change Control (b95ba3bd-4ded-49ea-9d10-c6f4b680813d) add Policy Microsoft Managed Control 1526 - Access Agreements (953e6261-a05a-44fd-8246-000e1a3edbb9) add Policy Microsoft Managed Control 1071 - Wireless Access Restrictions \| Restrict Configurations By Users (1a437f5b-9ad6-4f28-8861-de404d511ae4) add Policy Microsoft Managed Control 1645 - Cryptographic Key Establishment And Management \| Symmetric Keys (afbd0baf-ff1a-4447-a86f-088a97347c0c) add Policy Microsoft Managed Control 1389 - Information Spillage Response (c39e6fda-ae70-4891-a739-be7bba6d1062) add Policy Microsoft Managed Control 1709 - Security Functionality Verification (025992d6-7fee-4137-9bbf-2ffc39c0686c) add Policy Microsoft Managed Control 1255 - Contingency Plan \| Continue Essential Missions / Business Functions (f3793f5e-937f-44f7-bfba-40647ef3efa0) add Policy Microsoft Managed Control 1261 - Contingency Plan Testing (65aeceb5-a59c-4cb1-8d82-9c474be5d431) add Policy Microsoft Managed Control 1173 - Internal System Connections (c4aff9e7-2e60-46fa-86be-506b79033fc5) add Policy Microsoft Managed Control 1455 - Physical Access Control (068a88d4-e520-434e-baf0-9005a8164e6a) add Policy Microsoft Managed Control 1202 - Access Restrictions For Change (40a2a83b-74f2-4c02-ae65-f460a5d2792a) add Policy Microsoft Managed Control 1035 - Least Privilege \| Authorize Access To Security Functions (ca94b046-45e2-444f-a862-dc8ce262a516) add Policy Microsoft Managed Control 1489 - Location Of Information System Components (9d0a794f-1444-4c96-9534-e35fc8c39c91) add Policy Microsoft Managed Control 1533 - Third-Party Personnel Security (bba2a036-fb3b-4261-b1be-a13dfb5fbcaa) add Policy Microsoft Managed Control 1367 - Incident Handling \| Insider Threats - Specific Capabilities (435b2547-6374-4f87-b42d-6e8dbe6ae62a) add Policy Microsoft Managed Control 1706 - Security Alerts & Advisories (f475ee0e-f560-4c9b-876b-04a77460a404) add Policy Microsoft Managed Control 1554 - Vulnerability Scanning \| Discoverable Information (10984b4e-c93e-48d7-bf20-9c03b04e9eca) add Policy Microsoft Managed Control 1316 - Identifier Management \| Identify User Status (8ce14753-66e5-465d-9841-26ef55c09c0d) add Policy Microsoft Managed Control 1358 - Incident Response Testing (effbaeef-5bf4-400d-895e-ef8cbc0e64c7) add Policy Microsoft Managed Control 1172 - Internal System Connections (b43e946e-a4c8-4b92-8201-4a39331db43c) add Policy Microsoft Managed Control 1714 - Software & Information Integrity \| Automated Notifications Of Integrity Violations (e12494fa-b81e-4080-af71-7dbacc2da0ec) add Policy Microsoft Managed Control 1103 - Audit Events (16feeb31-6377-437e-bbab-d7f73911896d) add Policy Microsoft Managed Control 1575 - Acquisitions Process \| Functional Properties Of Security Controls (93e1bb73-1b08-4dbe-9c62-8e2e92e7ec41) add Policy Microsoft Managed Control 1469 - Power Equipment And Cabling (f509c5b6-0de0-4a4e-9b2e-cd9cbf3a58fd) add Policy Microsoft Managed Control 1247 - Contingency Plan (4e666db5-b2ef-4b06-aac6-09bfce49151b) add Policy Microsoft Managed Control 1468 - Visitor Access Records \| Automated Records Maintenance / Review (75603f96-80a1-4757-991d-5a1221765ddd) add Policy Microsoft Managed Control 1499 - Rules Of Behavior (e59671ab-9720-4ee2-9c60-170e8c82251e) add Policy Microsoft Managed Control 1566 - System Development Life Cycle (50ad3724-e2ac-4716-afcc-d8eabd97adb9) add Policy Microsoft Managed Control 1391 - Information Spillage Response \| Training (dd6ac1a1-660e-4810-baa8-74e868e2ed47) add Policy Microsoft Managed Control 1263 - Contingency Plan Testing (41472613-3b05-49f6-8fe8-525af113ce17) add Policy Microsoft Managed Control 1094 - Role-Based Security Training (4b1853e0-8973-446b-b567-09d901d31a09) add Policy Microsoft Managed Control 1593 - External Information System Services \| Processing, Storage, And Service Location (2cd0a426-b5f5-4fe0-9539-a6043cdbc6fa) add Policy Microsoft Managed Control 1360 - Incident Handling (be5b05e7-0b82-4ebc-9eda-25e447b1a41e) add Policy Microsoft Managed Control 1385 - Information Spillage Response (3e495e65-8663-49ca-9b38-9f45e800bc58) add Policy Microsoft Managed Control 1496 - System Security Plan (0ca96127-2f87-46ab-a4fc-0d2a786df1c8) add Policy Microsoft Managed Control 1000 - Access Control Policy And Procedures Requirements (2ef3cc79-733e-48ed-ab6f-7bf439e9b406) add Policy Microsoft Managed Control 1204 - Access Restrictions For Change \| Review System Changes (0f4f6750-d1ab-4a4c-8dfd-af3237682665) add Policy Microsoft Managed Control 1268 - Alternate Storage Site (23f6e984-3053-4dfc-ab48-543b764781f5) add Policy Microsoft Managed Control 1206 - Access Restrictions For Change \| Limit Production / Operational Privileges (e0de232d-02a0-4652-872d-88afb4ae5e91) add Policy Microsoft Managed Control 1351 - Incident Response Policy And Procedures (bcfb6683-05e5-4ce6-9723-c3fbe9896bdd) add Policy Microsoft Managed Control 1248 - Contingency Plan (50fc602d-d8e0-444b-a039-ad138ee5deb0) add Policy Microsoft Managed Control 1063 - Remote Access \| Managed Access Control Points (593ce201-54b2-4dd0-b34f-c308005d7780) add Policy Microsoft Managed Control 1155 - System Interconnections \| Restrictions On External System Connections (4d33f9f1-12d0-46ad-9fbd-8f8046694977) add Policy Microsoft Managed Control 1633 - Boundary Protection \| Route Traffic To Authenticated Proxy Servers (07557aa0-e02f-4460-9a81-8ecd2fed601a) add Policy Microsoft Managed Control 1413 - Remote Maintenance (aeedddb6-6bc0-42d5-809b-80048033419d) add Policy Microsoft Managed Control 1184 - Configuration Change Control (13579d0e-0ab0-4b26-b0fb-d586f6d7ed20) add Policy Microsoft Managed Control 1414 - Remote Maintenance (2ce63a52-e47b-4ae2-adbb-6e40d967f9e6) add Policy Microsoft Managed Control 1001 - Access Control Policy And Procedures Requirements (4e26f8c3-4bf3-4191-b8fc-d888805101b7) add Policy Microsoft Managed Control 1471 - Emergency Shutoff (7dd0e9ce-1772-41fb-a50a-99977071f916) add Policy Microsoft Managed Control 1140 - Audit Generation \| System-Wide / Time-Correlated Audit Trail (90d8b8ad-8ee3-4db7-913f-2a53fcff5316) add Policy Microsoft Managed Control 1199 - Configuration Change Control \| Cryptography Management (a9a08d1c-09b1-48f1-90ea-029bbdf7111e) add Policy Microsoft Managed Control 1213 - Configuration Settings \| Respond To Unauthorized Changes (81f11e32-a293-4a58-82cd-134af52e2318) add Policy Microsoft Managed Control 1364 - Incident Handling \| Dynamic Reconfiguration (4c615c2a-dc83-4dda-8220-abce7b50c9bc) add Policy Microsoft Managed Control 1121 - Audit Review, Analysis, And Reporting \| Correlation With Physical Monitoring (c72b0eb9-1fc2-44e5-a866-e7cb0532f7c1) add Policy Microsoft Managed Control 1561 - Allocation Of Resources (40364c3f-c331-4e29-b1e3-2fbe998ba2f5) add Policy Microsoft Managed Control 1458 - Physical Access Control \| Information System Access (8c19ceb7-56e9-4488-8ddb-b1eb3aa6d203) add Policy Microsoft Managed Control 1319 - Authenticator Management (66f7ae57-5560-4fc5-85c9-659f204e7a42) add Policy Microsoft Managed Control 1181 - Baseline Configuration \| Retention Of Previous Configurations (21839937-d241-4fa5-95c6-b669253d9ab9) add Policy Microsoft Managed Control 1653 - Mobile Code (6b1c00a7-7fd0-42b0-8c5b-c45f6fa1f71b) add Policy Microsoft Managed Control 1650 - Public Key Infrastructure Certificates (201d3740-bd16-4baf-b4b8-7cda352228b7) add Policy Microsoft Managed Control 1436 - Media Transport (28aab8b4-74fd-4b7c-9080-5a7be525d574) add Policy Microsoft Managed Control 1394 - System Maintenance Policy And Procedures (4db56f68-3f50-45ab-88f3-ca46f5379a94) add Policy Microsoft Managed Control 1336 - Authenticator Management \| Pki-Based Authentication (77f56280-e367-432a-a3b9-8ca2aa636a26) add Policy Microsoft Managed Control 1054 - Session Termination (5807e1b4-ba5e-4718-8689-a0ca05a191b2) add Policy Microsoft Managed Control 1491 - Security Planning Policy And Procedures (1571dd40-dafc-4ef4-8f55-16eba27efc7b) add Policy Microsoft Managed Control 1555 - Vulnerability Scanning \| Privileged Access (5afa8cab-1ed7-4e40-884c-64e0ac2059cc) add Policy Microsoft Managed Control 1113 - Response To Audit Processing Failures \| Audit Storage Capacity (562afd61-56be-4313-8fe4-b9564aa4ba7d) add Policy Microsoft Managed Control 1411 - Remote Maintenance (898d4fe8-f743-4333-86b7-0c9245d93e7d) add Policy Microsoft Managed Control 1164 - Continuous Monitoring (0fb8d3ce-9e96-481c-9c68-88d4e3019310) add Policy Microsoft Managed Control 1697 - Information System Monitoring \| Analyze Traffic / Covert Exfiltration (f9873db2-18ad-46b3-a11a-1a1f8cbf0335) add Policy Microsoft Managed Control 1640 - Transmission Confidentiality And Integrity (05a289ce-6a20-4b75-a0f3-dc8601b6acd0) add Policy Microsoft Managed Control 1520 - Personnel Termination (7f2c513b-eb16-463b-b469-c10e5fa94f0a) add Policy Microsoft Managed Control 1711 - Security Functionality Verification (b083a535-a66a-41ec-ba7f-f9498bf67cde) add Policy Microsoft Managed Control 1252 - Contingency Plan \| Capacity Planning (a328fd72-8ff5-4f96-8c9c-b30ed95db4ab) add Policy Microsoft Managed Control 1680 - Malicious Code Protection \| Central Management (399cd6ee-0e18-41db-9dea-cde3bd712f38) add Policy Microsoft Managed Control 1418 - Remote Maintenance \| Comparable Security / Sanitization (28e633fd-284e-4ea7-88b4-02ca157ed713) add Policy Microsoft Managed Control 1687 - Information System Monitoring (7a87fc7f-301e-49f3-ba2a-4d74f424fa97) add Policy Microsoft Managed Control 1341 - Authenticator Management \| Multiple Information System Accounts (34cb7e92-fe4c-4826-b51e-8cd203fa5d35) add Policy Microsoft Managed Control 1227 - Information System Component Inventory \| Automated Unauthorized Component Detection (03b78f5e-4877-4303-b0f4-eb6583f25768) add Policy Microsoft Managed Control 1169 - Continuous Monitoring \| Trend Analyses (e7ba2cb3-5675-4468-8b50-8486bdd998a5) add Policy Microsoft Managed Control 1448 - Physical Access Authorizations (825d6494-e583-42f2-a3f2-6458e6f0004f) add Policy Microsoft Managed Control 1405 - Maintenance Tools \| Inspect Tools (fe1a0bf3-409a-4b00-b60d-0b1f917f7e7b) add Policy Microsoft Managed Control 1289 - Information System Backup (7a724864-956a-496c-b778-637cb1d762cf) add Policy Microsoft Managed Control 1100 - Audit And Accountability Policy And Procedures (4057863c-ca7d-47eb-b1e0-503580cba8a4) add Policy Microsoft Managed Control 1334 - Authenticator Management \| Pki-Based Authentication (44bfdadc-8c2e-4c30-9c99-f005986fabcd) add Policy Microsoft Managed Control 1088 - Security Awareness And Training Policy And Procedures (1d50f99d-1356-49c0-934a-45f742ba7783) add Policy Microsoft Managed Control 1165 - Continuous Monitoring (47e10916-6c9e-446b-b0bd-ff5fd439d79d) add Policy Microsoft Managed Control 1464 - Monitoring Physical Access \| Intrusion Alarms / Surveillance Equipment (41256567-1795-4684-b00b-a1308ce43cac) add Policy Microsoft Managed Control 1689 - Information System Monitoring (de901f2f-a01a-4456-97f0-33cda7966172) add Policy Microsoft Managed Control 1498 - Rules Of Behavior (633988b9-cf2f-4323-8394-f0d2af9cd6e1) add Policy Microsoft Managed Control 1544 - Risk Assessment (43ced7c9-cd53-456b-b0da-2522649a4271) add Policy Microsoft Managed Control 1504 - Information Security Architecture (9e7c35d0-12d4-4e0c-80a2-8a352537aefd) add Policy Microsoft Managed Control 1677 - Malicious Code Protection (4a248e1e-040f-43e5-bff2-afc3a57a3923) add Policy Microsoft Managed Control 1462 - Monitoring Physical Access (9b1f3a9a-13a1-4b40-8420-36bca6fd8c02) add Policy Microsoft Managed Control 1354 - Incident Response Training (9fd92c17-163a-4511-bb96-bbb476449796) add Policy Microsoft Managed Control 1435 - Media Transport (fa8d221b-d130-4637-ba16-501e666628bb) add Policy Microsoft Managed Control 1230 - Configuration Management Plan (11158848-f679-4e9b-aa7b-9fb07d945071) add Policy Microsoft Managed Control 1055 - Session Termination\| User-Initiated Logouts / Message Displays (769efd9b-3587-4e22-90ce-65ddcd5bd969) add Policy Microsoft Managed Control 1118 - Audit Review, Analysis, And Reporting \| Correlate Audit Repositories (a96f743d-a195-420d-983a-08aa06bc441e) add Policy Microsoft Managed Control 1584 - Information System Documentation (5864522b-ff1d-4979-a9f8-58bee1fb174c) add Policy Microsoft Managed Control 1211 - Configuration Settings (6a8b9dc8-6b00-4701-aa96-bba3277ebf50) add Policy Microsoft Managed Control 1327 - Authenticator Management \| Password-Based Authentication (03188d8f-1ae5-4fe1-974d-2d7d32ef937d) add Policy Microsoft Managed Control 1557 - Vulnerability Scanning \| Review Historic Audit Logs (36fbe499-f2f2-41b6-880e-52d7ea1d94a5) add Policy Microsoft Managed Control 1243 - Contingency Planning Policy And Procedures (ca9a4469-d6df-4ab2-a42f-1213c396f0ec) add Policy Microsoft Managed Control 1029 - Information Flow Enforcement \| Security Policy Filters (53ac8f8e-c2b5-4d44-8a2d-058e9ced9b69) add Policy Microsoft Managed Control 1665 - Process Isolation (5df3a55c-8456-44d4-941e-175f79332512) add Policy Microsoft Managed Control 1149 - Security Assessments \| Specialized Assessments (2e1b855b-a013-481a-aeeb-2bcb129fd35d) add Policy Microsoft Managed Control 1362 - Incident Handling (5d169442-d6ef-439b-8dca-46c2c3248214) add Policy Microsoft Managed Control 1205 - Access Restrictions For Change \| Signed Components (5b070cab-0fb8-4e48-ad29-fc90b4c2797c) add Policy Microsoft Managed Control 1702 - Information System Monitoring \| Indicators Of Compromise (4dfc0855-92c4-4641-b155-a55ddd962362) add Policy Microsoft Managed Control 1451 - Physical Access Control (e3f1e5a3-25c1-4476-8cb6-3955031f8e65) add Policy Microsoft Managed Control 1150 - Security Assessments \| External Organizations (d630429d-e763-40b1-8fba-d20ba7314afb) add Policy Microsoft Managed Control 1297 - Information System Recovery And Reconstitution \| Restore Within Time Period (93fd8af1-c161-4bae-9ba9-f62731f76439) add Policy Microsoft Managed Control 1264 - Contingency Plan Testing \| Coordinate With Related Plans (dd280d4b-50a1-42fb-a479-ece5878acf19) add Policy Microsoft Managed Control 1550 - Vulnerability Scanning (902908fb-25a8-4225-a3a5-5603c80066c9) add Policy Microsoft Managed Control 1581 - Information System Documentation (742b549b-7a25-465f-b83c-ea1ffb4f4e0e) add Policy Microsoft Managed Control 1176 - Baseline Configuration (c30690a5-7bf3-467f-b0cd-ef5c7c7449cd) add Policy Microsoft Managed Control 1616 - System And Communications Protection Policy And Procedures (2006457a-48b3-4f7b-8d2e-1532287f9929) add Policy Microsoft Managed Control 1112 - Response To Audit Processing Failures (d530aad8-4ee2-45f4-b234-c061dae683c0) add Policy Microsoft Managed Control 1107 - Content Of Audit Records (b29ed931-8e21-4779-8458-27916122a904) add Policy Microsoft Managed Control 1622 - Boundary Protection (ecf56554-164d-499a-8d00-206b07c27bed) add Policy Microsoft Managed Control 1095 - Role-Based Security Training (bc3f6f7a-057b-433e-9834-e8c97b0194f6) add Policy Microsoft Managed Control 1356 - Incident Response Training \| Simulated Events (8829f8f5-e8be-441e-85c9-85b72a5d0ef3) add Policy Microsoft Managed Control 1127 - Time Stamps (3ce328db-aef3-48ed-9f81-2ab7cf839c66) add Policy Microsoft Managed Control 1541 - Risk Assessment (70f6af82-7be6-44aa-9b15-8b9231b2e434) add Policy Microsoft Managed Control 1382 - Incident Response Plan (841392b3-40da-4473-b328-4cde49db67b3) add Policy Microsoft Managed Control 1525 - Personnel Transfer (9be2f688-7a61-45e3-8230-e1ec93893f66) add Policy Microsoft Managed Control 1682 - Malicious Code Protection \| Nonsignature-Based Detection (62b638c5-29d7-404b-8d93-f21e4b1ce198) add Policy Microsoft Managed Control 1287 - Information System Backup (819dc6da-289d-476e-8500-7e341ef8677d) add Policy Microsoft Managed Control 1467 - Visitor Access Records (5350cbf9-8bdd-4904-b22a-e88be84ca49d) add Policy Microsoft Managed Control 1477 - Fire Protection \| Detection Devices / Systems (4862a63c-6c74-4a9d-a221-89af3c374503) add Policy Microsoft Managed Control 1672 - Flaw Remediation \| Central Management (b45fe972-904e-45a4-ac20-673ba027a301) add Policy Microsoft Managed Control 1153 - System Interconnections (61cf3125-142c-4754-8a16-41ab4d529635) add Policy Microsoft Managed Control 1014 - Account Management \| Removal Of Temporary / Emergency Accounts (5dee936c-8037-4df1-ab35-6635733da48c) add Policy Microsoft Managed Control 1666 - System And Information Integrity Policy And Procedures (12e30ee3-61e6-4509-8302-a871e8ebb91e) add Policy Microsoft Managed Control 1480 - Temperature And Humidity Controls (18a767cc-1947-4338-a240-bc058c81164f) add Policy Microsoft Managed Control 1365 - Incident Handling \| Continuity Of Operations (4116891d-72f7-46ee-911c-8056cc8dcbd5) add Policy Microsoft Managed Control 1260 - Contingency Training \| Simulated Events (42254fc4-2738-4128-9613-72aaa4f0d9c3) add Policy Microsoft Managed Control 1710 - Security Functionality Verification (af2a93c8-e6dd-4c94-acdd-4a2eedfc478e) add Policy Microsoft Managed Control 1569 - Acquisitions Process (ad2f8e61-a564-4dfd-8eaa-816f5be8cb34) add Policy Microsoft Managed Control 1226 - Information System Component Inventory \| Automated Unauthorized Component Detection (c158eb1c-ae7e-4081-8057-d527140c4e0c) add Policy Microsoft Managed Control 1254 - Contingency Plan \| Resume All Missions / Business Functions (704e136a-4fe0-427c-b829-cd69957f5d2b) add Policy Microsoft Managed Control 1015 - Account Management \| Disable Inactive Accounts (544a208a-9c3f-40bc-b1d1-d7e144495c14) add Policy Microsoft Managed Control 1602 - Developer Security Testing And Evaluation (ddae2e97-a449-499f-a1c8-aea4a7e52ec9) add Policy Microsoft Managed Control 1534 - Personnel Sanctions (8b2b263e-cd05-4488-bcbf-4debec7a17d9) add Policy Microsoft Managed Control 1679 - Malicious Code Protection (2cf42a28-193e-41c5-98df-7688e7ef0a88) add Policy Microsoft Managed Control 1374 - Incident Response Assistance (cc5c8616-52ef-4e5e-8000-491634ed9249) add Policy Microsoft Managed Control 1239 - User-Installed Software (0be51298-f643-4556-88af-d7db90794879) add Policy Microsoft Managed Control 1466 - Visitor Access Records (0d943a9c-a6f1-401f-a792-740cdb09c451) add Policy Microsoft Managed Control 1143 - Certification, Authorization, Security Assessment Policy And Procedures (7c6de11b-5f51-4f7c-8d83-d2467c8a816e) add Policy Microsoft Managed Control 1033 - Separation Of Duties (48540f01-fc11-411a-b160-42807c68896e) add Policy Microsoft Managed Control 1062 - Remote Access \| Protection Of Confidentiality / Integrity Using Encryption (4708723f-e099-4af1-bbf9-b6df7642e444) add Policy Microsoft Managed Control 1626 - Boundary Protection \| External Telecommunications Services (e8f6bddd-6d67-439a-88d4-c5fe39a79341) add Policy Microsoft Managed Control 1010 - Account Management (784663a8-1eb0-418a-a98c-24d19bc1bb62) add Policy Microsoft Managed Control 1187 - Configuration Change Control (9f2b2f9e-4ba6-46c3-907f-66db138b6f85) add Policy Microsoft Managed Control 1066 - Remote Access \| Disconnect / Disable Access (4455c2e8-c65d-4acf-895e-304916f90b36) add Policy Microsoft Managed Control 1379 - Incident Response Plan (9442dd2c-a07f-46cd-b55a-553b66ba47ca) add Policy Microsoft Managed Control 1578 - Acquisitions Process \| Functions / Ports / Protocols / Services In Use (45b7b644-5f91-498e-9d89-7402532d3645) add Policy Microsoft Managed Control 1270 - Alternate Storage Site \| Recovery Time / Point Objectives (53c76a39-2097-408a-b237-b279f7b4614d) add Policy Microsoft Managed Control 1648 - Collaborative Computing Devices (3a9eb14b-495a-4ebb-933c-ce4ef5264e32) add Policy Microsoft Managed Control 1720 - Spam Protection (44b9a7cd-f36a-491a-a48b-6d04ae7c4221) add Policy Microsoft Managed Control 1524 - Personnel Transfer (72f1cb4e-2439-4fe8-88ea-b8671ce3c268) add Policy Microsoft Managed Control 1676 - Malicious Code Protection (c10fb58b-56a8-489e-9ce3-7ffe24e78e4b) add Policy Microsoft Managed Control 1013 - Account Management \| Automated System Account Management (8fd7b917-d83b-4379-af60-51e14e316c61) add Policy Microsoft Managed Control 1492 - System Security Plan (7ad5f307-e045-46f7-8214-5bdb7e973737) add Policy Microsoft Managed Control 1726 - Information Output Handling And Retention (baff1279-05e0-4463-9a70-8ba5de4c7aa4) add Policy Microsoft Managed Control 1675 - Flaw Remediation \| Time To Remediate Flaws / Benchmarks For Corrective Actions (facb66e0-1c48-478a-bed5-747a312323e1) add Policy Microsoft Managed Control 1542 - Risk Assessment (eab340d0-3d55-4826-a0e5-feebfeb0131d) add Policy Microsoft Managed Control 1353 - Incident Response Training (c785ad59-f78f-44ad-9a7f-d1202318c748) add Policy Microsoft Managed Control 1473 - Emergency Power (d7047705-d719-46a7-8bb0-76ad233eba71) add Policy Microsoft Managed Control 1298 - Identification And Authentication Policy And Procedures (1dc784b5-4895-4d27-9d40-a06b032bd1ee) add Policy Microsoft Managed Control 1437 - Media Transport \| Cryptographic Protection (6d1eb6ed-bf13-4046-b993-b9e2aef0f76c) add Policy Microsoft Managed Control 1069 - Wireless Access Restrictions \| Authentication And Encryption (91c97b44-791e-46e9-bad7-ab7c4949edbb) add Policy Microsoft Managed Control 1478 - Fire Protection \| Suppression Devices / Systems (f997df46-cfbb-4cc8-aac8-3fecdaf6a183) add Policy Microsoft Managed Control 1644 - Cryptographic Key Establishment And Management \| Availability (a7211477-c970-446b-b4af-062f37461147) add Policy Microsoft Managed Control 1196 - Configuration Change Control \| Automated Document / Notification / Prohibition Of Changes (4e7f4ea4-dd62-44f6-8886-ac6137cf52b0) add Policy Microsoft Managed Control 1424 - Maintenance Personnel \| Individuals Without Appropriate Access (cf55fc87-48e1-4676-a2f8-d9a8cf993283) add Policy Microsoft Managed Control 1620 - Denial Of Service Protection (d17c826b-1dec-43e1-a984-7b71c446649c) add Policy Microsoft Managed Control 1717 - Software & Information Integrity \| Binary Or Machine Executable Code (967773fc-d9ab-4a4e-8ff6-f5e9e3f5dbef) add Policy Microsoft Managed Control 1399 - Controlled Maintenance (2256e638-eb23-480f-9e15-6cf1af0a76b3) add Policy Microsoft Managed Control 1659 - Architecture And Provisioning For Name / Address Resolution Service (35a4102f-a778-4a2e-98c2-971056288df8) add Policy Microsoft Managed Control 1372 - Incident Reporting (25b96717-c912-4c00-9143-4e487f411726) add Policy Microsoft Managed Control 1147 - Security Assessments (8fef824a-29a8-4a4c-88fc-420a39c0d541) add Policy Microsoft Managed Control 1009 - Account Management (b26f8610-e615-47c2-abd6-c00b2b0b503a) add Policy Microsoft Managed Control 1070 - Wireless Access Restrictions \| Disable Wireless Networking (68f837d0-8942-4b1e-9b31-be78b247bda8) add Policy Microsoft Managed Control 1361 - Incident Handling (03ed3be1-7276-4452-9a5d-e4168565ac67) add Policy Microsoft Managed Control 1068 - Wireless Access Restrictions (2d045bca-a0fd-452e-9f41-4ec33769717c) add Policy Microsoft Managed Control 1518 - Personnel Termination (0d58f734-c052-40e9-8b2f-a1c2bff0b815) add Policy Microsoft Managed Control 1412 - Remote Maintenance (3492d949-0dbb-4589-88b3-7b59601cc764) add Policy Microsoft Managed Control 1335 - Authenticator Management \| Pki-Based Authentication (382016f3-d4ba-4e15-9716-55077ec4dc2a) add Policy Microsoft Managed Control 1375 - Incident Response Assistance \| Automation Support For Availability Of Information / Support (00379355-8932-4b52-b63a-3bc6daf3451a) add Policy Microsoft Managed Control 1322 - Authenticator Management (9d1d971e-467e-4278-9633-c74c3d4fecc4) add Policy Microsoft Managed Control 1344 - Authenticator Feedback (2c895fe7-2d8e-43a2-838c-3a533a5b355e) add Policy Microsoft Managed Control 1241 - User-Installed Software \| Alerts For Unauthorized Installations (eca4d7b2-65e2-4e04-95d4-c68606b063c3) add Policy Microsoft Managed Control 1406 - Maintenance Tools \| Inspect Media (a0f5339c-9292-43aa-a0bc-d27c6b8e30aa) add Policy Microsoft Managed Control 1207 - Access Restrictions For Change \| Limit Production / Operational Privileges (8713a0ed-0d1e-4d10-be82-83dffb39830e) add Policy Microsoft Managed Control 1008 - Account Management (8356cfc6-507a-4d20-b818-08038011cd07) add Policy Microsoft Managed Control 1057 - Permitted Actions Without Identification Or Authentication (78255758-6d45-4bf0-a005-7016bc03b13c) add Policy Microsoft Managed Control 1134 - Protection Of Audit Information \| Access By Subset Of Privileged Users (4e95f70e-181c-4422-9da2-43079710c789) add Policy Microsoft Managed Control 1704 - Security Alerts & Advisories (2d44b6fa-1134-4ea6-ad4e-9edb68f65429) add Policy Microsoft Managed Control 1290 - Information System Backup (92f85ce9-17b7-49ea-85ee-ea7271ea6b82) add Policy Microsoft Managed Control 1396 - Controlled Maintenance (276af98f-4ff9-4e69-99fb-c9b2452fb85f) add Policy Microsoft Managed Control 1715 - Software & Information Integrity \| Automated Response To Integrity Violations (dd469ae0-71a8-4adc-aafc-de6949ca3339) add Policy Microsoft Managed Control 1461 - Monitoring Physical Access (aafef03e-fea8-470b-88fa-54bd1fcd7064) add Policy Microsoft Managed Control 1500 - Rules Of Behavior (9dd5b241-03cb-47d3-a5cd-4b89f9c53c92) add Policy Microsoft Managed Control 1084 - Publicly Accessible Content (d0eb15db-dd1c-4d1d-b200-b12dd6cd060c) add Policy Microsoft Managed Control 1020 - Account Management \| Role-Based Schemes (0b291ee8-3140-4cad-beb7-568c077c78ce) add Policy Microsoft Managed Control 1658 - Secure Name / Address Resolution Service (Recursive Or Caching Resolver) (063b540e-4bdc-4e7a-a569-3a42ddf22098) add Policy Microsoft Managed Control 1278 - Alternate Processing Site \| Preparation For Use (8e5ef485-9e16-4c53-a475-fbb8107eac59) add Policy Microsoft Managed Control 1300 - User Identification And Authentication (99deec7d-5526-472e-b07c-3645a792026a) add Policy Microsoft Managed Control 1691 - Information System Monitoring \| Automated Tools For Real-Time Analysis (71475fb4-49bd-450b-a1a5-f63894c24725) add Policy Microsoft Managed Control 1109 - Content Of Audit Records \| Centralized Management Of Planned Audit Record Content (7d9ffa23-ad92-4d0d-b1f4-7db274cc2aec) add Policy Microsoft Managed Control 1667 - System And Information Integrity Policy And Procedures (d61880dc-6e38-4f2a-a30c-3406a98f8220) add Policy Microsoft Managed Control 1073 - Access Control for Portable And Mobile Systems (ab55cdb0-c7dd-4bd8-ae22-a7cea7594e9c) add Policy Microsoft Managed Control 1012 - Account Management (efd7b9ae-1db6-4eb6-b0fe-87e6565f9738) add Policy Microsoft Managed Control 1669 - Flaw Remediation (48f2f62b-5743-4415-a143-288adc0e078d) add Policy Microsoft Managed Control 1007 - Account Management (17200329-bf6c-46d8-ac6d-abf4641c2add) add Policy Microsoft Managed Control 1315 - Identifier Management (3aa87116-f1a1-4edb-bfbf-14e036f8d454) add Policy Microsoft Managed Control 1352 - Incident Response Policy And Procedures (518cb545-bfa8-43f8-a108-3b7d5037469a) add Policy Microsoft Managed Control 1314 - Identifier Management (ef0c8530-efd9-45b8-b753-f03083d06295) add Policy Microsoft Managed Control 1425 - Timely Maintenance (5983d99c-f39b-4c32-a3dc-170f19f6941b) add Policy Microsoft Managed Control 1631 - Boundary Protection \| Deny By Default / Allow By Exception (74ae9b8e-e7bb-4c9c-992f-c535282f7a2c) add Policy Microsoft Managed Control 1342 - Authenticator Management \| Hardware Token-Based Authentication (283a4e29-69d5-4c94-b99e-29acf003c899) add Policy Microsoft Managed Control 1527 - Access Agreements (2823de66-332f-4bfd-94a3-3eb036cd3b67) add Policy Microsoft Managed Control 1508 - Position Categorization (76f500cc-4bca-4583-bda1-6d084dc21086) add Policy Microsoft Managed Control 1432 - Media Storage (1140e542-b80d-4048-af45-3f7245be274b) add Policy Microsoft Managed Control 1146 - Security Assessments (dd83410c-ecb6-4547-8f14-748c3cbdc7ac) add Policy Microsoft Managed Control 1440 - Media Sanitization And Disposal \| Review / Approve / Track / Document / Verify (881299bf-2a5b-4686-a1b2-321d33679953) add Policy Microsoft Managed Control 1292 - Information System Backup \| Test Restoration Using Sampling (d03516cf-0293-489f-9b32-a18f2a79f836) add Policy Microsoft Managed Control 1722 - Spam Protection \| Automatic Updates (e1da06bd-25b6-4127-a301-c313d6873fff) add Policy Microsoft Managed Control 1671 - Flaw Remediation (5c5bbef7-a316-415b-9b38-29753ce8e698) add Policy Microsoft Managed Control 1235 - Software Usage Restrictions (c49c610b-ece4-44b3-988c-2172b70d6e46) add Policy Microsoft Managed Control 1497 - System Security Plan \| Plan / Coordinate With Other Organizational Entities (2e3c5583-1729-4d36-8771-59c32f090a22) add Policy Microsoft Managed Control 1450 - Physical Access Authorizations (134d7a13-ba3e-41e2-b236-91bfcfa24e01) add Policy Microsoft Managed Control 1590 - External Information System Services \| Risk Assessments / Organizational Approvals (bf296b8c-f391-4ea4-9198-be3c9d39dd1f) add Policy Microsoft Managed Control 1065 - Remote Access \| Privileged Commands / Access (f87b8085-dca9-4cf1-8f7b-9822b997797c) add Policy Microsoft Managed Control 1485 - Delivery And Removal (50301354-95d0-4a11-8af5-8039ecf6d38b) add Policy Microsoft Managed Control 1585 - Security Engineering Principles (d57f8732-5cdc-4cda-8d27-ab148e1f3a55) add Policy Microsoft Managed Control 1725 - Error Handling (afc234b5-456b-4aa5-b3e2-ce89108124cc) add Policy Microsoft Managed Control 1128 - Time Stamps (ef212163-3bc4-4e86-bcf8-705127086393) add Policy Microsoft Managed Control 1570 - Acquisitions Process (a7fcf38d-bb09-4600-be7d-825046eb162a) add Policy Microsoft Managed Control 1637 - Boundary Protection \| Fail Secure (4075bedc-c62a-4635-bede-a01be89807f3) add Policy Microsoft Managed Control 1209 - Configuration Settings (ce669c31-9103-4552-ae9c-cdef4e03580d) add Policy Microsoft Managed Control 1597 - Developer Configuration Management (68b250ec-2e4f-4eee-898a-117a9fda7016) add Policy Microsoft Managed Control 1577 - Acquisitions Process \| Continuous Monitoring Plan (d922484a-8cfc-4a6b-95a4-77d6a685407f) add Policy Microsoft Managed Control 1417 - Remote Maintenance \| Comparable Security / Sanitization (7522ed84-70d5-4181-afc0-21e50b1b6d0e) add Policy Microsoft Managed Control 1556 - Vulnerability Scanning \| Automated Trend Analyses (391ff8b3-afed-405e-9f7d-ef2f8168d5da) add Policy Microsoft Managed Control 1357 - Incident Response Training \| Automated Training Environments (e4213689-05e8-4241-9d4e-8dd1cdafd105) add Policy Microsoft Managed Control 1022 - Account Management \| Shared / Group Account Credential Termination (411f7e2d-9a0b-4627-a0b9-1700432db47d) add Policy Microsoft Managed Control 1044 - Unsuccessful Logon Attempts (0abbac52-57cf-450d-8408-1208d0dd9e90) add Policy Microsoft Managed Control 1301 - User Identification And Authentication \| Network Access To Privileged Accounts (b6a8e0cc-ac23-468b-abe4-a8a1cc6d7a08) add Policy Microsoft Managed Control 1591 - External Information System Services \| Identification Of Functions / Ports / Protocols... (f751cdb7-fbee-406b-969b-815d367cb9b3) add Policy Microsoft Managed Control 1050 - Concurrent Session Control (bd20184c-b4ec-4ce5-8db6-6e86352d183f) add Policy Microsoft Managed Control 1162 - Continuous Monitoring (5770f3d6-8c2b-4f6f-bf0e-c8c8fc36d592) add Policy Microsoft Managed Control 1275 - Alternate Processing Site \| Separation From Primary Site (a23d9d53-ad2e-45ef-afd5-e6d10900a737) add Policy Microsoft Managed Control 1212 - Configuration Settings \| Automated Central Management / Application / Verification (56d970ee-4efc-49c8-8a4e-5916940d784c) add Policy Microsoft Managed Control 1158 - Security Authorization (fff50cf2-28eb-45b4-b378-c99412688907) add Policy Microsoft Managed Control 1232 - Configuration Management Plan (396ba986-eac1-4d6d-85c4-d3fda6b78272) add Policy Microsoft Managed Control 1329 - Authenticator Management \| Password-Based Authentication (498f6234-3e20-4b6a-a880-cbd646d973bd) add Policy Microsoft Managed Control 1130 - Time Stamps \| Synchronization With Authoritative Time Source (fd7c4c1d-51ee-4349-9dab-89a7f8c8d102) add Policy Microsoft Managed Control 1350 - Identification And Authentication (Non-Organizational Users) \| Use Of Ficam-Issued Profiles (d77fd943-6ba6-4a21-ba07-22b03e347cc4) add Policy Microsoft Managed Control 1250 - Contingency Plan (8de614d8-a8b7-4f70-a62a-6d37089a002c) add Policy Microsoft Managed Control 1386 - Information Spillage Response (5120193e-91fd-4f9d-bc6d-194f94734065) add Policy Microsoft Managed Control 1026 - Account Management \| Disable Accounts For High-Risk Individuals (55419419-c597-4cd4-b51e-009fd2266783) add Policy Microsoft Managed Control 1200 - Security Impact Analysis (e98fe9d7-2ed3-44f8-93b7-24dca69783ff) add Policy Microsoft Managed Control 1594 - Developer Configuration Management (042ba2a1-8bb8-45f4-b080-c78cf62b90e9) add Policy Microsoft Managed Control 1108 - Content Of Audit Records \| Additional Audit Information (f9ad559e-c12d-415e-9a78-e50fdd7da7ba) add Policy Microsoft Managed Control 1490 - Security Planning Policy And Procedures (9e61da80-0957-4892-b70c-609d5eaafb6b) add Policy Microsoft Managed Control 1549 - Vulnerability Scanning (d6976a08-d969-4df2-bb38-29556c2eb48a) add Policy Microsoft Managed Control 1126 - Audit Reduction And Report Generation \| Automatic Processing (7f37f71b-420f-49bf-9477-9c0196974ecf) add Policy Microsoft Managed Control 1098 - Security Training Records (84363adb-dde3-411a-9fc1-36b56737f822) add Policy Microsoft Managed Control 1712 - Software & Information Integrity (44e543aa-41db-42aa-98eb-8a5eb1db53f0) add Policy Microsoft Managed Control 1373 - Incident Reporting \| Automated Reporting (4cca950f-c3b7-492a-8e8f-ea39663c14f9) add Policy Microsoft Managed Control 1453 - Physical Access Control (9693b564-3008-42bc-9d5d-9c7fe198c011)

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC