last sync: 2021-Oct-25 16:02:16 UTC

Azure Policy Initiative

NIST SP 800-53 Rev. 4

NameNIST SP 800-53 Rev. 4
Azure Portal
Idcf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f
Version5.1.0
details on versioning
CategoryRegulatory Compliance
Microsoft docs
DescriptionThis initiative includes policies that address a subset of NIST SP 800-53 Rev. 4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative.
TypeBuiltIn
DeprecatedFalse
PreviewFalse
History
Date/Time (UTC ymd) (i) Changes
2021-07-08 14:19:52 add Policy Azure Stack Edge devices should use double-encryption (b4ac1030-89c5-4697-8e00-28b5ba6a8811)
add Policy Role-Based Access Control (RBAC) should be used on Kubernetes Services (ac4a19c2-fa67-49b4-8ae5-0b2e78c49457)
add Policy SQL servers on machines should have vulnerability findings resolved (6ba6d016-e7c3-4842-b8f2-4992ebc0d72d)
add Policy Private endpoint should be enabled for MariaDB servers (0a1302fb-a631-4106-9753-f3d494733990)
add Policy Kubernetes cluster pod hostPath volumes should only use allowed host paths (098fc59e-46c7-4d99-9b16-64990e543d75)
add Policy Azure Data Explorer encryption at rest should use a customer-managed key (81e74cea-30fd-40d5-802f-d72103c2aaaa)
add Policy Resource logs in Search services should be enabled (b4330a05-a843-4bc8-bf9a-cacce50c67f4)
add Policy Azure Event Grid domains should use private link (9830b652-8523-49cc-b1b3-e17dce1127ca)
add Policy Ensure that 'HTTP Version' is the latest, if used to run the Function app (e2c1c086-2d84-4019-bff3-c44ccd95113c)
add Policy Windows machines should meet requirements of the Azure compute security baseline (72650e9f-97bc-4b2a-ab5f-9781a9fcecbc)
add Policy Azure Container Instance container group should use customer-managed key for encryption (0aa61e00-0a01-4a3c-9945-e93cffedf0e6)
add Policy Ensure that 'HTTP Version' is the latest, if used to run the API app (991310cd-e9f3-47bc-b7b6-f57b557d07db)
add Policy Managed identity should be used in your API App (c4d441f8-f9d9-4a9e-9cef-e82117cb3eef)
add Policy Azure Cache for Redis should reside within a virtual network (7d092e0a-7acd-40d2-a975-dca21cae48c4)
add Policy Enforce SSL connection should be enabled for PostgreSQL database servers (d158790f-bfb0-486c-8631-2dc6b4e8e6af)
add Policy Authorized IP ranges should be defined on Kubernetes Services (0e246bcf-5f6f-4f87-bc6f-775d4712c7ea)
add Policy Diagnostic logs in App Services should be enabled (b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0)
add Policy HPC Cache accounts should use customer-managed key for encryption (970f84d8-71b6-4091-9979-ace7e3fb6dbb)
add Policy Managed identity should be used in your Function App (0da106f2-4ca3-48e8-bc85-c638fe6aea8f)
add Policy Azure Synapse workspaces should use customer-managed keys to encrypt data at rest (f7d52b2d-e161-4dfa-a82b-55e564167385)
add Policy [Preview]: Log Analytics extension should be installed on your Windows Azure Arc machines (d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e)
add Policy Managed disks should be double encrypted with both platform-managed and customer-managed keys (ca91455f-eace-4f96-be59-e6e2c35b4816)
add Policy Key vaults should have soft delete enabled (1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d)
add Policy Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption) (ea0dfaed-95fb-448c-934e-d6e713ce393d)
add Policy Email notification to subscription owner for high severity alerts should be enabled (0b15565f-aa9e-48ba-8619-45960f2c314d)
add Policy Public network access should be disabled for MariaDB servers (fdccbe47-f3e3-4213-ad5d-ea459b2fa077)
add Policy Cognitive Services accounts should enable data encryption with a customer-managed key (67121cc7-ff39-4ab8-b7e3-95b84dab487d)
add Policy Azure data factories should be encrypted with a customer-managed key (4ec52d6d-beb7-40c4-9a9e-fe753254690e)
add Policy CORS should not allow every resource to access your API App (358c20a6-3f9e-4f0e-97ff-c6ce485e2aac)
add Policy Private endpoint connections on Azure SQL Database should be enabled (7698e800-9299-47a6-b3b6-5a0fee576eed)
add Policy Internet-facing virtual machines should be protected with network security groups (f6de0be7-9a8a-4b8a-b349-43cf02d22f7c)
add Policy Ensure that 'Python version' is the latest, if used as a part of the Web app (7008174a-fd10-4ef0-817e-fc820a951d73)
add Policy Subnets should be associated with a Network Security Group (e71308d3-144b-4262-b144-efdc3cc90517)
add Policy Ensure that 'Python version' is the latest, if used as a part of the API app (74c3584d-afae-46f7-a20a-6f8adba71a16)
add Policy Azure Backup should be enabled for Virtual Machines (013e242c-8828-4970-87b3-ab247555486d)
add Policy [Preview]: Sensitive data in your SQL databases should be classified (cc9835f2-9f6b-4cc8-ab4a-f8ef615eb349)
add Policy [Preview]: Azure Key Vault should disable public network access (55615ac9-af46-4a59-874e-391cc3dfb490)
add Policy Cognitive Services accounts should restrict network access (037eea7a-bd0a-46c5-9a66-03aea78705d3)
add Policy Ensure that 'Java version' is the latest, if used as a part of the Function app (9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc)
add Policy Azure Defender for Azure SQL Database servers should be enabled (7fe3b40f-802b-4cdd-8bd4-fd799c948cc2)
add Policy Virtual machines' Guest Configuration extension should be deployed with system-assigned managed identity (d26f7642-7545-4e18-9b75-8c9bbdee3a9a)
add Policy Authentication to Linux machines should require SSH keys (630c64f9-8b6b-4c64-b511-6544ceff6fd6)
add Policy Linux machines should meet requirements for the Azure compute security baseline (fc9b3da7-8347-4380-8e70-0a0361d8dedd)
add Policy Service Bus Premium namespaces should use a customer-managed key for encryption (295fc8b1-dc9f-4f53-9c61-3f313ceab40a)
add Policy Resource logs in Service Bus should be enabled (f8d36e2f-389b-4ee4-898d-21aeb69a0f45)
add Policy Network Watcher should be enabled (b6e2945c-0b7b-40f5-9233-7a5323b5cdc6)
add Policy Log Analytics agent health issues should be resolved on your machines (d62cfe2b-3ab0-4d41-980d-76803b58ca65)
add Policy Managed identity should be used in your Web App (2b9ad585-36bc-4615-b300-fd4435808332)
add Policy Cognitive Services accounts should have local authentication methods disabled (71ef260a-8f18-47b7-abcb-62d0673d94dc)
add Policy IP Forwarding on your virtual machine should be disabled (bd352bd5-2853-4985-bf0d-73806b4a5744)
add Policy Container registries should not allow unrestricted network access (d0793b48-0edc-4296-a390-4c75d1bdfd71)
add Policy Geo-redundant backup should be enabled for Azure Database for MySQL (82339799-d096-41ae-8538-b108becf0970)
add Policy Storage accounts should have infrastructure encryption (4733ea7b-a883-42fe-8cac-97454c2a9e4a)
add Policy Azure Synapse workspaces should use private link (72d11df1-dd8a-41f7-8925-b05b960ebafc)
add Policy MySQL servers should use customer-managed keys to encrypt data at rest (83cef61d-dbd1-4b20-a4fc-5fbc7da10833)
add Policy Storage accounts should use private link (6edd7eda-6dd8-40f7-810d-67160c639cd9)
add Policy Log Analytics agent should be installed on your virtual machine for Azure Security Center monitoring (a4fe33eb-e377-4efb-ab31-0784311bc499)
add Policy Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers (24fba194-95d6-48c0-aea7-f65bf859c598)
add Policy [Preview]: Network traffic data collection agent should be installed on Linux virtual machines (04c4380f-3fae-46e8-96c9-30193528f602)
add Policy Kubernetes cluster containers should only use allowed AppArmor profiles (511f5417-5d12-434d-ab2e-816901e72a5e)
add Policy VM Image Builder templates should use private link (2154edb9-244f-4741-9970-660785bccdaa)
add Policy Web Application Firewall (WAF) should be enabled for Azure Front Door Service service (055aa869-bc98-4af8-bafc-23f1ab6ffe2c)
add Policy SQL managed instances should use customer-managed keys to encrypt data at rest (048248b0-55cd-46da-b1ff-39efd52db260)
add Policy Storage accounts should use customer-managed key for encryption (6fac406b-40ca-413b-bf8e-0bf964659c25)
add Policy Ensure that 'Java version' is the latest, if used as a part of the API app (88999f4c-376a-45c8-bcb3-4058f713cf39)
add Policy Public network access should be disabled for PostgreSQL servers (b52376f7-9612-48a1-81cd-1ffe4b61032c)
add Policy Kubernetes cluster containers should only listen on allowed ports (440b515e-a580-421e-abeb-b159a61ddcbc)
add Policy [Preview]: Network traffic data collection agent should be installed on Windows virtual machines (2f2ee1de-44aa-4762-b6bd-0893fc3f306d)
add Policy Log Analytics agent should be installed on your virtual machine scale sets for Azure Security Center monitoring (a3a6ea0c-e018-4933-9ef0-5aaa1501449b)
add Policy Container registries should use private link (e8eef0a8-67cf-4eb4-9386-14b0e78733d4)
add Policy Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest (1f905d99-2ab7-462c-a6b0-f709acca6c8f)
add Policy Key vaults should have purge protection enabled (0b60c0b2-2dc2-4e1c-b5c9-abbed971de53)
add Policy Resource logs in Data Lake Analytics should be enabled (c95c74d9-38fe-4f0d-af86-0c7d626a315c)
add Policy Azure HDInsight clusters should use customer-managed keys to encrypt data at rest (64d314f6-6062-4780-a861-c23e8951bee5)
add Policy Resource logs in Batch accounts should be enabled (428256e6-1fac-4f48-a757-df34c2b3336d)
add Policy Double encryption should be enabled on Azure Data Explorer (ec068d99-e9c7-401f-8cef-5bdde4e6ccf1)
add Policy Storage account encryption scopes should use customer-managed keys to encrypt data at rest (b5ec538c-daa0-4006-8596-35468b9148e8)
add Policy Kubernetes Services should be upgraded to a non-vulnerable Kubernetes version (fb893a29-21bb-418c-a157-e99480ec364c)
add Policy [Preview]: Private endpoint should be configured for Key Vault (5f0bc445-3935-4915-9981-011aa2b46147)
add Policy Public network access should be disabled for MySQL servers (d9844e8a-1437-4aeb-a32c-0c992f056095)
add Policy Azure Defender for Storage should be enabled (308fbb08-4ab8-4e67-9b29-592e93fb94fa)
add Policy Kubernetes cluster pods should only use approved host network and port range (82985f06-dc18-4a48-bc1c-b9f4f0098cfe)
add Policy Azure Defender for App Service should be enabled (2913021d-f2fd-4f3d-b958-22354e2bdbcb)
add Policy Allowlist rules in your adaptive application control policy should be updated (123a3936-f020-408a-ba0c-47873faf1534)
add Policy Kubernetes cluster pods and containers should only run with approved user and group IDs (f06ddb64-5fa3-4b77-b166-acb36f7f6042)
add Policy Azure Defender for servers should be enabled (4da35fc9-c9e7-4960-aec9-797fe7d9051d)
add Policy Container registries should be encrypted with a customer-managed key (5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580)
add Policy Kubernetes cluster should not allow privileged containers (95edb821-ddaf-4404-9732-666045e056b4)
add Policy [Preview]: Azure Arc enabled Kubernetes clusters should have Azure Defender's extension installed (8dfab9c4-fe7b-49ad-85e4-1e9be085358f)
add Policy SQL servers should use customer-managed keys to encrypt data at rest (0d134df8-db83-46fb-ad72-fe0c9428c8dd)
add Policy Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host (41425d9f-d1a5-499a-9932-f8ed8453932c)
add Policy Azure Cache for Redis should use private link (7803067c-7d34-46e3-8c79-0ca68fc4036d)
add Policy Azure Data Box jobs should enable double encryption for data at rest on the device (c349d81b-9985-44ae-a8da-ff98d108ede8)
add Policy Azure Defender for Resource Manager should be enabled (c3d20c29-b36d-48fe-808b-99a87530ad99)
add Policy Azure Defender for Kubernetes should be enabled (523b5cd1-3e23-492f-a539-13118b6d1e3a)
add Policy Azure Cosmos DB accounts should have firewall rules (862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb)
add Policy Long-term geo-redundant backup should be enabled for Azure SQL Databases (d38fc420-0735-4ef3-ac11-c806f651a570)
add Policy Azure Cognitive Search service should use a SKU that supports private link (a049bf77-880b-470f-ba6d-9f21c530cf83)
add Policy App Service Environment should enable internal encryption (fb74e86f-d351-4b8d-b034-93da7391c01f)
add Policy Logic Apps Integration Service Environment should be encrypted with customer-managed keys (1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5)
add Policy Azure Defender for SQL servers on machines should be enabled (6581d072-105e-4418-827f-bd446d56421b)
add Policy Public network access on Azure SQL Database should be disabled (1b8ca024-1d5c-4dec-8995-b1a932b41780)
add Policy Resource logs in Azure Stream Analytics should be enabled (f9be5368-9bf5-4b84-9e0a-7850da98bb46)
add Policy Azure Web PubSub Service should use private link (52630df9-ca7e-442b-853b-c6ce548b31a2)
add Policy Azure HDInsight clusters should use encryption at host to encrypt data at rest (1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6)
add Policy Azure Cognitive Search services should use private link (0fda3595-9f2b-4592-8675-4231d6fa82fe)
add Policy Azure Event Grid topics should use private link (4b90e17e-8448-49db-875e-bd83fb6f804f)
add Policy Azure Defender for DNS should be enabled (bdc59948-5574-49b3-bb91-76b7c986428d)
add Policy Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes (d9da03a1-f3c3-412a-9709-947156872263)
add Policy Resource logs in Logic Apps should be enabled (34f95f76-5386-4de7-b824-0d8478470c9d)
add Policy Email notification for high severity alerts should be enabled (6e2593d9-add6-4083-9c9b-4b7d2188c899)
add Policy Azure Machine Learning workspaces should use private link (40cec1dd-a100-4920-b15b-3024fe8901ab)
add Policy FTPS should be required in your Web App (4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b)
add Policy Azure API for FHIR should use private link (1ee56206-5dd1-42ab-b02d-8aae8b1634ce)
add Policy Kubernetes cluster containers should only use allowed images (febd0533-8e55-448f-b837-bd0e06f16469)
add Policy [Preview]: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK) (47031206-ce96-41f8-861b-6a915f3de284)
add Policy Kubernetes cluster containers should not share host process ID or host IPC namespace (47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8)
add Policy Vulnerability assessment should be enabled on your SQL servers (ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9)
add Policy Resource logs in Virtual Machine Scale Sets should be enabled (7c1b1214-f927-48bf-8882-84f0af6588b1)
add Policy [Preview]: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data (2e94d99a-8a36-4563-bc77-810d8893b671)
add Policy Virtual machines should be migrated to new Azure Resource Manager resources (1d84d5fb-01f6-4d12-ba4f-4a26081d403d)
add Policy CosmosDB accounts should use private link (58440f8a-10c5-4151-bdce-dfbaad4a20b7)
add Policy Ensure that 'Java version' is the latest, if used as a part of the Web app (496223c3-ad65-4ecd-878a-bae78737e9ed)
add Policy Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys (7d7be79c-23ba-4033-84dd-45e2a5ccdd67)
add Policy Ensure WEB app has 'Client Certificates (Incoming client certificates)' set to 'On' (5bb220d9-2698-4ee4-8404-b9c30c9df609)
add Policy Cognitive Services accounts should disable public network access (0725b4dd-7e76-479c-a735-68e7ee23d5ca)
add Policy Resource logs in Event Hub should be enabled (83a214f7-d01a-484b-91a9-ed54470c9a6a)
add Policy Non-internet-facing virtual machines should be protected with network security groups (bb91dfba-c30d-4263-9add-9c2384e659a6)
add Policy Azure Data Factory should use private link (8b0323be-cc25-4b61-935d-002c3798c6ea)
add Policy Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits (e345eecc-fa47-480f-9e88-67dcc122b164)
add Policy Geo-redundant storage should be enabled for Storage Accounts (bf045164-79ba-4215-8f95-f8048dc1780b)
add Policy Guest Configuration extension should be installed on your machines (ae89ebca-1c92-4898-ac2c-9f63decb045c)
add Policy IoT Hub device provisioning service instances should use private link (df39c015-56a4-45de-b4a3-efe77bed320d)
add Policy Latest TLS version should be used in your API App (8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e)
add Policy Windows Defender Exploit Guard should be enabled on your machines (bed48b13-6647-468e-aa2f-1af1d3f4dd40)
add Policy Azure Automation accounts should use customer-managed keys to encrypt data at rest (56a5ee18-2ae6-4810-86f7-18e39ce5629b)
add Policy App Configuration should use private link (ca610c1d-041c-4332-9d88-7ed3094967c7)
add Policy Storage accounts should be migrated to new Azure Resource Manager resources (37e0d2fe-28a5-43d6-a273-67d37d1f5606)
add Policy Geo-redundant backup should be enabled for Azure Database for MariaDB (0ec47710-77ff-4a3d-9181-6aa50af424d0)
add Policy Resource logs in IoT Hub should be enabled (383856f8-de7f-44a2-81fc-e5135b5c2aa4)
add Policy Azure API for FHIR should use a customer-managed key to encrypt data at rest (051cba44-2429-45b9-9649-46cec11c7119)
add Policy Latest TLS version should be used in your Function App (f9d614c5-c173-4d56-95a7-b4437057d193)
add Policy Disk access resources should use private link (f39f5f49-4abf-44de-8c70-0756997bfb51)
add Policy Latest TLS version should be used in your Web App (f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b)
add Policy [Preview]: Log Analytics extension should be installed on your Linux Azure Arc machines (842c54e8-c2f9-4d79-ae8d-38d8b8019373)
add Policy Function apps should have 'Client Certificates (Incoming client certificates)' enabled (eaebaea7-8013-4ceb-9d14-7eb32271373c)
add Policy Auto provisioning of the Log Analytics agent should be enabled on your subscription (475aae12-b88a-4572-8b36-9b712b2b3a17)
add Policy Azure Stream Analytics jobs should use customer-managed keys to encrypt data (87ba29ef-1ab3-4d82-b763-87fcd4f531f7)
add Policy Ensure API app has 'Client Certificates (Incoming client certificates)' set to 'On' (0c192fe8-9cbb-4516-85b3-0ade8bd03886)
add Policy OS and data disks should be encrypted with a customer-managed key (702dd420-7fcc-42c5-afe8-4026edd20fe0)
add Policy Management ports should be closed on your virtual machines (22730e10-96f6-4aac-ad84-9383d35b5917)
add Policy Ensure that 'Python version' is the latest, if used as a part of the Function app (7238174a-fd10-4ef0-817e-fc820a951d73)
add Policy Virtual machines and virtual machine scale sets should have encryption at host enabled (fc4d8e41-e223-45ea-9bf5-eada37891d87)
add Policy Ensure that 'PHP version' is the latest, if used as a part of the API app (1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba)
add Policy Kubernetes cluster containers should run with a read only root file system (df49d893-a74c-421d-bc95-c663042e5b80)
add Policy Kubernetes cluster services should listen only on allowed ports (233a2a17-77ca-4fb1-9b6b-69223d272a44)
add Policy Event Hub namespaces should use private link (b8564268-eb4a-4337-89be-a19db070c59d)
add Policy Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign (617c02be-7f02-4efd-8836-3180d47b6c68)
add Policy Azure Spring Cloud should use network injection (af35e2a4-ef96-44e7-a9ae-853dd97032c4)
add Policy [Preview]: Certificates should have the specified maximum validity period (0a075868-4c26-42ef-914c-5bc007359560)
add Policy FTPS only should be required in your API App (9a1b8c48-453a-4044-86c3-d8bfd823e4f5)
add Policy Vulnerabilities in container security configurations should be remediated (e8cbc669-f12d-49eb-93e7-9273119e9933)
add Policy Private endpoint should be enabled for PostgreSQL servers (0564d078-92f5-4f97-8398-b9f58a51f70b)
add Policy Resource logs in Azure Data Lake Store should be enabled (057ef27e-665e-4328-8ea3-04b3122bd9fb)
add Policy Azure Cognitive Search services should disable public network access (ee980b6d-0eca-4501-8d54-f6290fd512c3)
add Policy Service principals should be used to protect your subscriptions instead of management certificates (6646a0bd-e110-40ca-bb97-84fcee63c414)
add Policy Storage accounts should restrict network access using virtual network rules (2a1a9cdf-e04d-429a-8416-3bfb72a1b26f)
add Policy Kubernetes cluster containers should only use allowed capabilities (c26596ff-4d70-4e6a-9a30-c2506bd2f80c)
add Policy Azure Monitor Logs clusters should be encrypted with customer-managed key (1f68a601-6e6d-4e42-babf-3f643a047ea2)
add Policy [Preview]: All Internet traffic should be routed via your deployed Azure Firewall (fc5e4038-4584-4632-8c85-c0448d374b2c)
add Policy Azure File Sync should use private link (1d320205-c6a1-4ac6-873d-46224024e8e2)
add Policy Azure SignalR Service should use private link (53503636-bcc9-4748-9663-5348217f160f)
add Policy [Preview]: Storage account public access should be disallowed (4fa4b6c0-31ca-4c0d-b10d-24b96f62a751)
add Policy PostgreSQL servers should use customer-managed keys to encrypt data at rest (18adea5e-f416-4d0f-8aa8-d24321e3e274)
add Policy CORS should not allow every resource to access your Function Apps (0820b7b9-23aa-4725-a1ce-ae4558f718e5)
add Policy Azure Defender for Key Vault should be enabled (0e6763cc-5078-4e64-889d-ff4d9a839047)
add Policy Azure Machine Learning workspaces should be encrypted with a customer-managed key (ba769a63-b8cc-4b2d-abf6-ac33c7204be8)
add Policy Disk encryption should be enabled on Azure Data Explorer (f4b53539-8df9-40e4-86c6-6b607703bd4e)
add Policy Cognitive Services should use private link (cddd188c-4b82-4c48-a19d-ddf74ee66a01)
add Policy Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password (86efb160-8de7-451d-bc08-5d475b0aadae)
add Policy Enforce SSL connection should be enabled for MySQL database servers (e802a67a-daf5-4436-9ea6-f6d821dd0c5d)
add Policy Kubernetes clusters should be accessible only over HTTPS (1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d)
add Policy Bot Service should be encrypted with a customer-managed key (51522a96-0869-4791-82f3-981000c2c67f)
add Policy Vulnerabilities in Azure Container Registry images should be remediated (5f0f936f-2f01-4bf5-b6be-d423792fa562)
add Policy Azure Batch account should use customer-managed keys to encrypt data (99e9ccd8-3db9-4592-b0d1-14b1715a4d8a)
add Policy Vulnerability assessment should be enabled on SQL Managed Instance (1b7aa243-30e4-4c9e-bca8-d0d3022b634a)
add Policy Geo-redundant backup should be enabled for Azure Database for PostgreSQL (48af4db5-9b8b-401c-8e74-076be876a430)
add Policy Subscriptions should have a contact email address for security issues (4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7)
add Policy Web Application Firewall (WAF) should be enabled for Application Gateway (564feb30-bf6a-4854-b4bb-0d2d2d1e6c66)
add Policy Azure Policy Add-on for Kubernetes service (AKS) should be installed and enabled on your clusters (0a15ec92-a229-4763-bb14-0ea34a568f8d)
add Policy SQL servers with auditing to storage account destination should be configured with 90 days retention or higher (89099bee-89e0-4b26-a5f4-165451757743)
add Policy Infrastructure encryption should be enabled for Azure Database for MySQL servers (3a58212a-c829-4f13-9872-6371df2fd0b4)
add Policy Vulnerability assessment should be enabled on your Synapse workspaces (0049a6b3-a662-4f3e-8635-39cf44ace45a)
add Policy Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption (fa298e57-9444-42ba-bf04-86e8470e32c7)
add Policy Private endpoint should be enabled for MySQL servers (7595c971-233d-4bcf-bd18-596129188c49)
add Policy Resource logs in Key Vault should be enabled (cf820ca0-f99e-4f3e-84fb-66e913812d21)
add Policy Kubernetes clusters should not allow container privilege escalation (1c6e92c9-99f0-4e55-9cf2-0c234dc48f99)
add Policy Azure Service Bus namespaces should use private link (1c06e275-d63d-4540-b761-71f364c2111d)
add Policy Key Vault keys should have an expiration date (152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0)
add Policy Ensure that 'PHP version' is the latest, if used as a part of the WEB app (7261b898-8a84-4db8-9e04-18527132abb3)
add Policy API Management services should use a virtual network (ef619a2c-cc4d-4d03-b2ba-8c94a834d85b)
add Policy Event Hub namespaces should use a customer-managed key for encryption (a1ad735a-e96f-45d2-a7b2-9a4932cab7ec)
add Policy Automation account variables should be encrypted (3657f5a0-770e-44a3-b44e-9431ba1e9735)
add Policy FTPS only should be required in your Function App (399b2637-a50f-4f95-96f8-3a145476eb15)
add Policy Key Vault secrets should have an expiration date (98728c90-32c7-4049-8429-847dc0f4fe37)
add Policy Azure Defender for container registries should be enabled (c25d9a16-bc35-4e15-a7e5-9db606bf9ed4)
add Policy Ensure that 'HTTP Version' is the latest, if used to run the Web app (8c122334-9d20-4eb8-89ea-ac9a705b74ae)
remove Policy Virtual machines should be connected to a specified workspace (f47b5582-33ec-4c5c-87c0-b010a6b2e917)
remove Policy [Preview]: Log Analytics Extension should be enabled for listed virtual machine images (32133ab0-ee4b-4b44-98d6-042180979d50)
remove Policy Audit diagnostic setting (7f89b1eb-583c-429a-8828-af049802c1d9)
remove Policy Audit Windows machines missing any of specified members in the Administrators group (30f71ea1-ac77-4f26-9fc5-2d926bbd4ba7)
remove Policy Audit Windows machines that have the specified members in the Administrators group (69bf4abd-ca1e-4cf6-8b5a-762d42e61d4f)
remove Policy Log Analytics extension should be enabled in virtual machine scale sets for listed virtual machine images (5c3bc7b8-a64c-4e08-a9cd-7ff0f31e1138)
2021-01-22 09:14:56 add Policy A vulnerability assessment solution should be enabled on your virtual machines (501541f7-f7e7-4cd6-868c-4190fdad3ac9)
remove Policy [Deprecated]: Vulnerabilities should be remediated by a Vulnerability Assessment solution (760a85ff-6162-42b3-8d70-698e268f648c)
2020-09-09 11:24:08 add Policy Audit Windows machines that allow re-use of the previous 24 passwords (5b054a0d-39e2-4d53-bea3-9734cad2c69b)
add Policy Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities (3cf2ab00-13f1-4d0c-8971-2ac904541a7e)
add Policy Windows web servers should be configured to use secure communication protocols (5752e6d6-1206-46d8-8ab1-ecc2f71a8112)
add Policy Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity (497dff13-db2a-4c0f-8603-28fa3b331ab6)
add Policy Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs (385f5831-96d4-41db-9a3c-cd3af78aaae6)
add Policy Audit Linux machines that do not have the passwd file permissions set to 0644 (e6955644-301c-44b5-a4c4-528577de6861)
add Policy Audit Linux machines that have accounts without passwords (f6ec09a3-78bf-4f8f-99dc-6c77182d0f99)
add Policy Audit Windows machines that do not have a minimum password age of 1 day (237b38db-ca4d-4259-9e47-7882441ca2c0)
add Policy Audit Linux machines that allow remote connections from accounts without passwords (ea53dbee-c6c9-4f0e-9f9e-de0039b78023)
add Policy Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs (331e8ea8-378a-410f-a2e5-ae22f38bb0da)
add Policy Audit Windows machines that do not restrict the minimum password length to 14 characters (a2d0e922-65d0-40c4-8f87-ea6da2d307a2)
add Policy Audit Windows machines that do not store passwords using reversible encryption (da0f98fe-a24b-4ad5-af69-bd0400233661)
add Policy Audit Windows machines that have the specified members in the Administrators group (69bf4abd-ca1e-4cf6-8b5a-762d42e61d4f)
add Policy Audit Windows machines that do not have the password complexity setting enabled (bf16e0bb-31e1-4646-8202-60a235cc7e74)
add Policy Audit Windows machines that do not have a maximum password age of 70 days (4ceb8dc2-559c-478b-a15b-733fbf1e3738)
add Policy Audit Windows machines missing any of specified members in the Administrators group (30f71ea1-ac77-4f26-9fc5-2d926bbd4ba7)
remove Policy [Deprecated]: Show audit results from Windows VMs if the Administrators group doesn't contain all of the specified members (f3b44e5d-1456-475f-9c67-c66c4618e85a)
remove Policy [Deprecated]: Show audit results from Windows VMs that do not have the password complexity setting enabled (f48b2913-1dc5-4834-8c72-ccc1dfd819bb)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs if the Administrators group contains any of the specified members (144f1397-32f9-4598-8c88-118decc3ccba)
remove Policy [Deprecated]: Deploy prerequisites to audit Linux VMs that allow remote connections from accounts without passwords (ec49586f-4939-402d-a29e-6ff502b20592)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not have a minimum password age of 1 day (16390df4-2f73-4b42-af13-c801066763df)
remove Policy [Deprecated]: Show audit results from Windows web servers that are not using secure communication protocols (60ffe3e2-4604-4460-8f22-0f1da058266c)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows web servers that are not using secure communication protocols (b2fc8f91-866d-4434-9089-5ebfe38d6fd8)
remove Policy [Deprecated]: Show audit results from Windows VMs that do not have a minimum password age of 1 day (5aa11bbc-5c76-4302-80e5-aba46a4282e7)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that allow re-use of the previous 24 passwords (726671ac-c4de-4908-8c7d-6043ae62e3b6)
remove Policy [Deprecated]: Show audit results from Linux VMs that do not have the passwd file permissions set to 0644 (b18175dd-c599-4c64-83ba-bb018a06d35b)
remove Policy [Deprecated]: Deploy prerequisites to audit Linux VMs that do not have the passwd file permissions set to 0644 (f19aa1c1-6b91-4c27-ae6a-970279f03db9)
remove Policy [Deprecated]: Show audit results from Windows VMs if the Administrators group contains any of the specified members (bde62c94-ccca-4821-a815-92c1d31a76de)
remove Policy [Deprecated]: Deploy prerequisites to audit Linux VMs that have accounts without passwords (3470477a-b35a-49db-aca5-1073d04524fe)
remove Policy [Deprecated]: Show audit results from Windows VMs that do not have a maximum password age of 70 days (24dde96d-f0b1-425e-884f-4a1421e2dcdc)
remove Policy [Deprecated]: Show audit results from Linux VMs that have accounts without passwords (c40c9087-1981-4e73-9f53-39743eda9d05)
remove Policy [Deprecated]: Show audit results from Windows VMs that do not restrict the minimum password length to 14 characters (5aebc8d1-020d-4037-89a0-02043a7524ec)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs if the Administrators group doesn't contain all the specified members (93507a81-10a4-4af0-9ee2-34cf25a96e98)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not store passwords using reversible encryption (8ff0b18b-262e-4512-857a-48ad0aeb9a78)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not have a maximum password age of 70 days (356a906e-05e5-4625-8729-90771e0ee934)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not restrict the minimum password length to 14 characters (23020aa6-1135-4be2-bae2-149982b06eca)
remove Policy [Deprecated]: Show audit results from Windows VMs that do not store passwords using reversible encryption (2d60d3b7-aa10-454c-88a8-de39d99d17c6)
remove Policy [Deprecated]: Show audit results from Windows VMs that allow re-use of the previous 24 passwords (cdbf72d9-ac9c-4026-8a3a-491a5ac59293)
remove Policy [Deprecated]: Show audit results from Linux VMs that allow remote connections from accounts without passwords (2d67222d-05fd-4526-a171-2ee132ad9e83)
remove Policy [Deprecated]: Deploy prerequisites to audit Windows VMs that do not have the password complexity setting enabled (7ed40801-8a0f-4ceb-85c0-9fd25c1d61a8)
2020-06-16 14:55:25 Description change: 'This initiative includes audit and VM Extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, please visit https://aka.ms/nist80053-blueprint.' to 'This initiative includes audit and virtual machine extension deployment policies that address a subset of NIST SP 800-53 R4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist80053-blueprint.'
Name change: '[Preview]: Audit NIST SP 800-53 R4 controls and deploy specific VM Extensions to support audit requirements' to 'NIST SP 800-53 R4'
2020-02-20 08:25:18 remove Policy [Deprecated]: Web ports should be restricted on Network Security Groups associated to your VM (201ea587-7c90-41c3-910f-c280ae01cfd6)
2019-11-21 16:22:58 add Policy Microsoft Managed Control 1343 - Authenticator Management | Expiration Of Cached Authenticators (2c251a55-31eb-4e53-99c6-e9c43c393ac2)
add Policy Microsoft Managed Control 1192 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes (4ebd97f7-b105-4f50-8daf-c51465991240)
add Policy Microsoft Managed Control 1639 - Boundary Protection | Isolation Of Information System Components (78e8e649-50f6-4fe3-99ac-fedc2e63b03f)
add Policy Microsoft Managed Control 1021 - Account Management | Restrictions On Use Of Shared / Group Accounts (9a3eb0a3-428d-4669-baff-20a14eb4b551)
add Policy Microsoft Managed Control 1502 - Rules Of Behavior | Social Media And Networking Restrictions (e901375c-8f01-4ac8-9183-d5312f47fe63)
add Policy Microsoft Managed Control 1664 - Protection Of Information At Rest | Cryptographic Protection (a2cdf6b8-9505-4619-b579-309ba72037ac)
add Policy Microsoft Managed Control 1179 - Baseline Configuration | Reviews And Updates (3f9ce557-c8ab-4e6c-bb2c-9b8ed002c46c)
add Policy Microsoft Managed Control 1576 - Acquisition Process | Design / Implementation Information For Security Controls (5f18c885-ade3-48c5-80b1-8f9216019c18)
add Policy Microsoft Managed Control 1698 - Information System Monitoring | Individuals Posing Greater Risk (31b752c1-05a9-432a-8fce-c39b56550119)
add Policy Microsoft Managed Control 1705 - Security Alerts, Advisories, And Directives (f82e3639-fa2b-4e06-a786-932d8379b972)
add Policy Microsoft Managed Control 1099 - Security Training Records (01910bab-8639-4bd0-84ef-cc53b24d79ba)
add Policy Microsoft Managed Control 1332 - Authenticator Management | Password-Based Authentication (068260be-a5e6-4b0a-a430-cd27071c226a)
add Policy Microsoft Managed Control 1595 - Developer Configuration Management (1e0414e7-6ef5-4182-8076-aa82fbb53341)
add Policy Microsoft Managed Control 1222 - Information System Component Inventory (fb39e62f-6bda-4558-8088-ec03d5670914)
add Policy Microsoft Managed Control 1052 - Session Lock (027cae1c-ec3e-4492-9036-4168d540c42a)
add Policy Microsoft Managed Control 1547 - Vulnerability Scanning (58abf9b8-c6d4-4b4b-bfb9-fe98fe295f52)
add Policy Microsoft Managed Control 1125 - Audit Reduction And Report Generation (c6ce745a-670e-47d3-a6c4-3cfe5ef00c10)
add Policy Microsoft Managed Control 1168 - Continuous Monitoring | Independent Assessment (82409f9e-1f32-4775-bf07-b99d53a91b06)
add Policy Microsoft Managed Control 1706 - Security Alerts, Advisories, And Directives (f475ee0e-f560-4c9b-876b-04a77460a404)
add Policy Microsoft Managed Control 1494 - System Security Plan (9ed09d84-3311-4853-8b67-2b55dfa33d09)
add Policy Microsoft Managed Control 1475 - Emergency Lighting (34a63848-30cf-4081-937e-ce1a1c885501)
add Policy Microsoft Managed Control 1434 - Media Transport (2c18f06b-a68d-41c3-8863-b8cd3acb5f8f)
add Policy Microsoft Managed Control 1019 - Account Management | Role-Based Schemes (6a3ee9b2-3977-459c-b8ce-2db583abd9f7)
add Policy Microsoft Managed Control 1156 - Plan Of Action And Milestones (4d52e864-9a3b-41ee-8f03-520815fe5378)
add Policy Microsoft Managed Control 1283 - Telecommunications Services | Separation Of Primary / Alternate Providers (a9172e76-7f56-46e9-93bf-75d69bdb5491)
add Policy Microsoft Managed Control 1265 - Contingency Plan Testing | Alternate Processing Site (a18adb5b-1db6-4a5b-901a-7d3797d12972)
add Policy Microsoft Managed Control 1618 - Security Function Isolation (f52f89aa-4489-4ec4-950e-8c96a036baa9)
add Policy Microsoft Managed Control 1642 - Network Disconnect (53397227-5ee3-4b23-9e5e-c8a767ce6928)
add Policy Microsoft Managed Control 1276 - Alternate Processing Site | Accessibility (e214e563-1206-4a43-a56b-ac5880c9c571)
add Policy Microsoft Managed Control 1023 - Account Management | Usage Conditions (e55698b6-3dea-4aa9-99b9-d8218c6ab6e5)
add Policy Microsoft Managed Control 1033 - Separation Of Duties (48540f01-fc11-411a-b160-42807c68896e)
add Policy Microsoft Managed Control 1543 - Risk Assessment (fd00b778-b5b5-49c0-a994-734ea7bd3624)
add Policy Microsoft Managed Control 1626 - Boundary Protection | External Telecommunications Services (e8f6bddd-6d67-439a-88d4-c5fe39a79341)
add Policy Microsoft Managed Control 1463 - Monitoring Physical Access (59721f87-ae25-4db0-a2a4-77cc5b25d495)
add Policy Microsoft Managed Control 1219 - Least Functionality | Authorized Software / Whitelisting (2a39ac75-622b-4c88-9a3f-45b7373f7ef7)
add Policy Microsoft Managed Control 1256 - Contingency Plan | Identify Critical Assets (232ab24b-810b-4640-9019-74a7d0d6a980)
add Policy Microsoft Managed Control 1465 - Monitoring Physical Access | Monitoring Physical Access To Information Systems (e6e41554-86b5-4537-9f7f-4fc41a1d1640)
add Policy Microsoft Managed Control 1338 - Authenticator Management | Automated Support For Password Strength Determination (6c59a207-6aed-41dc-83a2-e1ff66e4a4db)
add Policy Microsoft Managed Control 1511 - Personnel Screening (a9eae324-d327-4539-9293-b48e122465f8)
add Policy Microsoft Managed Control 1510 - Position Risk Designation (79da5b09-0e7e-499e-adda-141b069c7998)
add Policy Microsoft Managed Control 1271 - Alternate Storage Site | Accessibility (da3bfb53-9c46-4010-b3db-a7ba1296dada)
add Policy Microsoft Managed Control 1139 - Audit Generation (4ed62522-de00-4dda-9810-5205733d2f34)
add Policy Microsoft Managed Control 1442 - Media Sanitization | Nondestructive Techniques (4f26049b-2c5a-4841-9ff3-d48a26aae475)
add Policy Microsoft Managed Control 1175 - Configuration Management Policy And Procedures (6dab4254-c30d-4bb7-ae99-1d21586c063c)
add Policy Microsoft Managed Control 1493 - System Security Plan (22b469b3-fccf-42da-aa3b-a28e6fb113ce)
add Policy Microsoft Managed Control 1359 - Incident Response Testing | Coordination With Related Plans (47bc7ea0-7d13-4f7c-a154-b903f7194253)
add Policy Microsoft Managed Control 1086 - Publicly Accessible Content (fb321e6f-16a0-4be3-878f-500956e309c5)
add Policy Microsoft Managed Control 1709 - Security Function Verification (025992d6-7fee-4137-9bbf-2ffc39c0686c)
add Policy Microsoft Managed Control 1360 - Incident Handling (be5b05e7-0b82-4ebc-9eda-25e447b1a41e)
add Policy Microsoft Managed Control 1389 - Information Spillage Response (c39e6fda-ae70-4891-a739-be7bba6d1062)
add Policy Microsoft Managed Control 1645 - Cryptographic Key Establishment And Management | Symmetric Keys (afbd0baf-ff1a-4447-a86f-088a97347c0c)
add Policy Microsoft Managed Control 1333 - Authenticator Management | Pki-Based Authentication (3298d6bf-4bc6-4278-a95d-f7ef3ac6e594)
add Policy Microsoft Managed Control 1004 - Account Management (c17822dc-736f-4eb4-a97d-e6be662ff835)
add Policy Microsoft Managed Control 1608 - Supply Chain Protection (b73b7b3b-677c-4a2a-b949-ad4dc4acd89f)
add Policy Microsoft Managed Control 1340 - Authenticator Management | No Embedded Unencrypted Static Authenticators (e51ff84b-e5ea-408f-b651-2ecc2933e4c6)
add Policy Microsoft Managed Control 1612 - Developer Security Architecture And Design (a2037b3d-8b04-4171-8610-e6d4f1d08db5)
add Policy Microsoft Managed Control 1696 - Information System Monitoring | Correlate Monitoring Information (69d2a238-20ab-4206-a6dc-f302bf88b1b8)
add Policy Microsoft Managed Control 1135 - Non-Repudiation (9c308b6b-2429-4b97-86cf-081b8e737b04)
add Policy Microsoft Managed Control 1090 - Security Awareness Training (2fb740e5-cbc7-4d10-8686-d1bf826652b1)
add Policy Microsoft Managed Control 1380 - Incident Response Plan (b4319b7e-ea8d-42ff-8a67-ccd462972827)
add Policy Microsoft Managed Control 1224 - Information System Component Inventory | Updates During Installations / Removals (28cfa30b-7f72-47ce-ba3b-eed26c8d2c82)
add Policy Microsoft Managed Control 1384 - Information Spillage Response (79fbc228-461c-4a45-9004-a865ca0728a7)
add Policy Microsoft Managed Control 1428 - Media Access (0a77fcc7-b8d8-451a-ab52-56197913c0c7)
add Policy Microsoft Managed Control 1719 - Spam Protection (c13da9b4-fe14-4fe2-853a-5997c9d4215a)
add Policy Microsoft Managed Control 1083 - Publicly Accessible Content (4e319cb6-2ca3-4a58-ad75-e67f484e50ec)
add Policy Microsoft Managed Control 1363 - Incident Handling | Automated Incident Handling Processes (ea3e8156-89a1-45b1-8bd6-938abc79fdfd)
add Policy Microsoft Managed Control 1684 - Information System Monitoring (16bfdb59-db38-47a5-88a9-2e9371a638cf)
add Policy Microsoft Managed Control 1378 - Incident Response Plan (97fceb70-6983-42d0-9331-18ad8253184d)
add Policy Microsoft Managed Control 1366 - Incident Handling | Information Correlation (06c45c30-ae44-4f0f-82be-41331da911cc)
add Policy Microsoft Managed Control 1700 - Information System Monitoring | Unauthorized Network Services (7831b4ba-c3f4-4cb1-8c11-ef8d59438cd5)
add Policy Microsoft Managed Control 1601 - Developer Security Testing And Evaluation (0ee79a0c-addf-4ce9-9b3c-d9576ed5e20e)
add Policy Microsoft Managed Control 1692 - Information System Monitoring | Inbound And Outbound Communications Traffic (7ecda928-9df4-4dd7-8f44-641a91e470e8)
add Policy Microsoft Managed Control 1521 - Personnel Termination | Automated Notification (3cbddf9c-a3aa-4330-a0f5-4c0c1f1862e5)
add Policy Microsoft Managed Control 1312 - Identifier Management (4d6a5968-9eef-4c18-8534-376790ab7274)
add Policy Microsoft Managed Control 1492 - System Security Plan (7ad5f307-e045-46f7-8214-5bdb7e973737)
add Policy Microsoft Managed Control 1013 - Account Management | Automated System Account Management (8fd7b917-d83b-4379-af60-51e14e316c61)
add Policy Microsoft Managed Control 1239 - User-Installed Software (0be51298-f643-4556-88af-d7db90794879)
add Policy Microsoft Managed Control 1287 - Information System Backup (819dc6da-289d-476e-8500-7e341ef8677d)
add Policy Microsoft Managed Control 1682 - Malicious Code Protection | Nonsignature-Based Detection (62b638c5-29d7-404b-8d93-f21e4b1ce198)
add Policy Microsoft Managed Control 1525 - Personnel Transfer (9be2f688-7a61-45e3-8230-e1ec93893f66)
add Policy Microsoft Managed Control 1686 - Information System Monitoring (e17085c5-0be8-4423-b39b-a52d3d1402e5)
add Policy Microsoft Managed Control 1159 - Security Authorization (0925f098-7877-450b-8ba4-d1e55f2d8795)
add Policy Microsoft Managed Control 1223 - Information System Component Inventory (05a1bb01-ad5a-49c1-aad3-b0c893b2ec3a)
add Policy Microsoft Managed Control 1320 - Authenticator Management (6f54c732-71d4-4f93-a696-4e373eca3a77)
add Policy Microsoft Managed Control 1726 - Information Handling And Retention (baff1279-05e0-4463-9a70-8ba5de4c7aa4)
add Policy Microsoft Managed Control 1514 - Personnel Screening | Information With Special Protection Measures (9ed5ca00-0e43-434e-a018-7aab91461ba7)
add Policy Microsoft Managed Control 1438 - Media Sanitization (40fcc635-52a2-4dbc-9523-80a1f4aa1de6)
add Policy Microsoft Managed Control 1277 - Alternate Processing Site | Priority Of Service (dc43e829-3d50-4a0a-aa0f-428d551862aa)
add Policy Microsoft Managed Control 1077 - Use Of External Information Systems (2dad3668-797a-412e-a798-07d3849a7a79)
add Policy Microsoft Managed Control 1170 - Penetration Testing (8b78b9b3-ee3c-48e0-a243-ed6dba5b7a12)
add Policy Microsoft Managed Control 1288 - Information System Backup (8d854c3b-a3e6-4ec9-9f0c-c7274dbaeb2f)
add Policy Microsoft Managed Control 1194 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes (bc34667f-397e-4a65-9b72-d0358f0b6b09)
add Policy Microsoft Managed Control 1072 - Wireless Access | Antennas / Transmission Power Levels (1ca29e41-34ec-4e70-aba9-6248aca18c31)
add Policy Microsoft Managed Control 1080 - Use Of External Information Systems | Portable Storage Devices (852981b4-a380-4704-aa1e-2e52d63445e5)
add Policy Microsoft Managed Control 1649 - Collaborative Computing Devices (26d292cc-b0b8-4c29-9337-68abc758bf7b)
add Policy Microsoft Managed Control 1133 - Protection Of Audit Information | Cryptographic Protection (90b60a09-133d-45bc-86ef-b206a6134bbe)
add Policy Microsoft Managed Control 1262 - Contingency Plan Testing (831e510e-db41-4c72-888e-a0621ab62265)
add Policy Microsoft Managed Control 1117 - Audit Review, Analysis, And Reporting | Process Integration (7fbfe680-6dbb-4037-963c-a621c5635902)
add Policy Microsoft Managed Control 1217 - Least Functionality | Periodic Review (edea4f20-b02c-4115-be75-86c080e5c0ed)
add Policy Microsoft Managed Control 1091 - Security Awareness Training (b23bd715-5d1c-4e5c-9759-9cbdf79ded9d)
add Policy Microsoft Managed Control 1220 - Least Functionality | Authorized Software / Whitelisting (c40f31a7-81e1-4130-99e5-a02ceea2a1d6)
add Policy Microsoft Managed Control 1368 - Incident Handling | Correlation With External Organizations (465f32da-0ace-4603-8d1b-7be5a3a702de)
add Policy Microsoft Managed Control 1309 - Identification And Authentication (Org. Users) | Acceptance Of Piv Credentials (f355d62b-39a8-4ba3-abf7-90f71cb3b000)
add Policy Microsoft Managed Control 1102 - Audit Events (9943c16a-c54c-4b4a-ad28-bfd938cdbf57)
add Policy Microsoft Managed Control 1643 - Cryptographic Key Establishment And Management (6d8d492c-dd7a-46f7-a723-fa66a425b87c)
add Policy Microsoft Managed Control 1449 - Physical Access Authorizations (f784d3b0-5f2b-49b7-b9f3-00ba8653ced5)
add Policy Microsoft Managed Control 1221 - Least Functionality | Authorized Software / Whitelisting (22589a07-0007-486a-86ca-95355081ae2a)
add Policy Microsoft Managed Control 1056 - Session Termination | User-Initiated Logouts / Message Displays (ac43352f-df83-4694-8738-cfce549fd08d)
add Policy Microsoft Managed Control 1273 - Alternate Processing Site (e77fcbf2-a1e8-44f1-860e-ed6583761e65)
add Policy Microsoft Managed Control 1078 - Use Of External Information Systems | Limits On Authorized Use (b25faf85-8a16-4f28-8e15-d05c0072d64d)
add Policy Microsoft Managed Control 1431 - Media Storage (a7173c52-2b99-4696-a576-63dd5f970ef4)
add Policy Microsoft Managed Control 1198 - Configuration Change Control | Security Representative (f56be5c3-660b-4c61-9078-f67cf072c356)
add Policy Microsoft Managed Control 1408 - Maintenance Tools | Prevent Unauthorized Removal (c5f56ac6-4bb2-4086-bc41-ad76344ba2c2)
add Policy Microsoft Managed Control 1515 - Personnel Termination (02dd141a-a2b2-49a7-bcbd-ca31142f6211)
add Policy Microsoft Managed Control 1308 - Identification And Authentication (Org. Users) | Remote Access - Separate Device (81817e1c-5347-48dd-965a-40159d008229)
add Policy Microsoft Managed Control 1387 - Information Spillage Response (e3007185-3857-43a9-8237-06ca94f1084c)
add Policy Microsoft Managed Control 1505 - Information Security Architecture (813a10a7-3943-4fe3-8678-00dc52db5490)
add Policy Microsoft Managed Control 1532 - Third-Party Personnel Security (a2c66299-9017-4d95-8040-8bdbf7901d52)
add Policy Microsoft Managed Control 1398 - Controlled Maintenance (443e8f3d-b51a-45d8-95a7-18b0e42f4dc4)
add Policy Microsoft Managed Control 1563 - Allocation Of Resources (9afe2edf-232c-4fdf-8e6a-e867a5c525fd)
add Policy Microsoft Managed Control 1479 - Fire Protection | Automatic Fire Suppression (e327b072-281d-4f75-9c28-4216e5d72f26)
add Policy Microsoft Managed Control 1426 - Media Protection Policy And Procedures (21f639bc-f42b-46b1-8f40-7a2a389c291a)
add Policy Microsoft Managed Control 1551 - Vulnerability Scanning | Update Tool Capability (5bbda922-0172-4095-89e6-5b4a0bf03af7)
add Policy Microsoft Managed Control 1619 - Information In Shared Resources (c722e569-cb52-45f3-a643-836547d016e1)
add Policy Microsoft Managed Control 1087 - Security Awareness And Training Policy And Procedures (100c82ba-42e9-4d44-a2ba-94b209248583)
add Policy Microsoft Managed Control 1059 - Remote Access (a29b5d9f-4953-4afe-b560-203a6410b6b4)
add Policy Microsoft Managed Control 1245 - Contingency Plan (a0e45314-57b8-4623-80cd-bbb561f59516)
add Policy Microsoft Managed Control 1486 - Alternate Work Site (cb790345-a51f-43de-934e-98dbfaf9dca5)
add Policy Microsoft Managed Control 1326 - Authenticator Management (8605fc00-1bf5-4fb3-984e-c95cec4f231d)
add Policy Microsoft Managed Control 1487 - Alternate Work Site (e9c3371d-c30c-4f58-abd9-30b8a8199571)
add Policy Microsoft Managed Control 1132 - Protection Of Audit Information | Audit Backup On Separate Physical Systems / Components (05938e10-cdbd-4a54-9b2b-1cbcfc141ad0)
add Policy Microsoft Managed Control 1596 - Developer Configuration Management (21e25e01-0ae0-41be-919e-04ce92b8e8b8)
add Policy Microsoft Managed Control 1629 - Boundary Protection | External Telecommunications Services (c171b095-7756-41de-8644-a062a96043f2)
add Policy Microsoft Managed Control 1681 - Malicious Code Protection | Automatic Updates (12623e7e-4736-4b2e-b776-c1600f35f93a)
add Policy Microsoft Managed Control 1621 - Resource Availability (3cb9f731-744a-4691-a481-ca77b0411538)
add Policy Microsoft Managed Control 1552 - Vulnerability Scanning | Update By Frequency / Prior To New Scan / When Identified (43684572-e4f1-4642-af35-6b933bc506da)
add Policy Microsoft Managed Control 1042 - Least Privilege | Auditing Use Of Privileged Functions (319dc4f0-0fed-4ac9-8fc3-7aeddee82c07)
add Policy Microsoft Managed Control 1506 - Personnel Security Policy And Procedures (f7d2ff17-d604-4dd9-b607-9ecf63f28ad2)
add Policy Microsoft Managed Control 1410 - Maintenance Tools | Prevent Unauthorized Removal (a2596a9f-e59f-420d-9625-6e0b536348be)
add Policy Microsoft Managed Control 1096 - Role-Based Security Training | Practical Exercises (420c1477-aa43-49d0-bd7e-c4abdd9addff)
add Policy Microsoft Managed Control 1180 - Baseline Configuration | Automation Support For Accuracy / Currency (874e7880-a067-42a7-bcbe-1a340f54c8cc)
add Policy Microsoft Managed Control 1526 - Access Agreements (953e6261-a05a-44fd-8246-000e1a3edbb9)
add Policy Microsoft Managed Control 1381 - Incident Response Plan (e5368258-9684-4567-8126-269f34e65eab)
add Policy Microsoft Managed Control 1190 - Configuration Change Control (c66a3d1e-465b-4f28-9da5-aef701b59892)
add Policy Microsoft Managed Control 1685 - Information System Monitoring (36b0ef30-366f-4b1b-8652-a3511df11f53)
add Policy Microsoft Managed Control 1201 - Security Impact Analysis | Separate Test Environments (7daef997-fdd3-461b-8807-a608a6dd70f1)
add Policy Microsoft Managed Control 1345 - Cryptographic Module Authentication (f86aa129-7c07-4aa4-bbf5-792d93ffd9ea)
add Policy Microsoft Managed Control 1228 - Information System Component Inventory | Accountability Information (39c54140-5902-4079-8bb5-ad31936fe764)
add Policy Microsoft Managed Control 1240 - User-Installed Software (129eb39f-d79a-4503-84cd-92f036b5e429)
add Policy Microsoft Managed Control 1225 - Information System Component Inventory | Automated Maintenance (8d096fe0-f510-4486-8b4d-d17dc230980b)
add Policy Microsoft Managed Control 1376 - Incident Response Assistance | Coordination With External Providers (493a95f3-f2e3-47d0-af02-65e6d6decc2f)
add Policy Microsoft Managed Control 1184 - Configuration Change Control (13579d0e-0ab0-4b26-b0fb-d586f6d7ed20)
add Policy Microsoft Managed Control 1413 - Nonlocal Maintenance (aeedddb6-6bc0-42d5-809b-80048033419d)
add Policy Microsoft Managed Control 1236 - Software Usage Restrictions (9ba3ed84-c768-4e18-b87c-34ef1aff1b57)
add Policy Microsoft Managed Control 1447 - Physical Access Authorizations (b9783a99-98fe-4a95-873f-29613309fe9a)
add Policy Microsoft Managed Control 1707 - Security Alerts, Advisories, And Directives | Automated Alerts And Advisories (fd4a2ac8-868a-4702-a345-6c896c3361ce)
add Policy Microsoft Managed Control 1266 - Contingency Plan Testing | Alternate Processing Site (3b4a3eb2-c25d-40bf-ad41-5094b6f59cee)
add Policy Microsoft Managed Control 1351 - Incident Response Policy And Procedures (bcfb6683-05e5-4ce6-9723-c3fbe9896bdd)
add Policy Microsoft Managed Control 1435 - Media Transport (fa8d221b-d130-4637-ba16-501e666628bb)
add Policy Microsoft Managed Control 1209 - Configuration Settings (ce669c31-9103-4552-ae9c-cdef4e03580d)
add Policy Microsoft Managed Control 1443 - Media Use (cd0ec6fa-a2e7-4361-aee4-a8688659a9ed)
add Policy Microsoft Managed Control 1250 - Contingency Plan (8de614d8-a8b7-4f70-a62a-6d37089a002c)
add Policy Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals (bf296b8c-f391-4ea4-9198-be3c9d39dd1f)
add Policy Microsoft Managed Control 1725 - Error Handling (afc234b5-456b-4aa5-b3e2-ce89108124cc)
add Policy Microsoft Managed Control 1549 - Vulnerability Scanning (d6976a08-d969-4df2-bb38-29556c2eb48a)
add Policy Microsoft Managed Control 1167 - Continuous Monitoring (cbb2be76-4891-430b-95a7-ca0b0a3d1300)
add Policy Microsoft Managed Control 1126 - Audit Reduction And Report Generation | Automatic Processing (7f37f71b-420f-49bf-9477-9c0196974ecf)
add Policy Microsoft Managed Control 1098 - Security Training Records (84363adb-dde3-411a-9fc1-36b56737f822)
add Policy Microsoft Managed Control 1712 - Software, Firmware, And Information Integrity (44e543aa-41db-42aa-98eb-8a5eb1db53f0)
add Policy Microsoft Managed Control 1063 - Remote Access | Managed Access Control Points (593ce201-54b2-4dd0-b34f-c308005d7780)
add Policy Microsoft Managed Control 1373 - Incident Reporting | Automated Reporting (4cca950f-c3b7-492a-8e8f-ea39663c14f9)
add Policy Microsoft Managed Control 1355 - Incident Response Training (90e01f69-3074-4de8-ade7-0fef3e7d83e0)
add Policy Microsoft Managed Control 1329 - Authenticator Management | Password-Based Authentication (498f6234-3e20-4b6a-a880-cbd646d973bd)
add Policy Microsoft Managed Control 1130 - Time Stamps | Synchronization With Authoritative Time Source (fd7c4c1d-51ee-4349-9dab-89a7f8c8d102)
add Policy Microsoft Managed Control 1441 - Media Sanitization | Equipment Testing (6519d7f3-e8a2-4ff3-a935-9a9497152ad7)
add Policy Microsoft Managed Control 1045 - Unsuccessful Logon Attempts (554d2dd6-f3a8-4ad5-b66f-5ce23bd18892)
add Policy Microsoft Managed Control 1350 - Identification And Authentication (Non-Org. Users) | Use Of FICAM-Issued Profiles (d77fd943-6ba6-4a21-ba07-22b03e347cc4)
add Policy Microsoft Managed Control 1570 - Acquisition Process (a7fcf38d-bb09-4600-be7d-825046eb162a)
add Policy Microsoft Managed Control 1538 - Security Categorization (1d7658b2-e827-49c3-a2ae-6d2bd0b45874)
add Policy Microsoft Managed Control 1633 - Boundary Protection | Route Traffic To Authenticated Proxy Servers (07557aa0-e02f-4460-9a81-8ecd2fed601a)
add Policy Microsoft Managed Control 1054 - Session Termination (5807e1b4-ba5e-4718-8689-a0ca05a191b2)
add Policy Microsoft Managed Control 1489 - Location Of Information System Components (9d0a794f-1444-4c96-9534-e35fc8c39c91)
add Policy Microsoft Managed Control 1533 - Third-Party Personnel Security (bba2a036-fb3b-4261-b1be-a13dfb5fbcaa)
add Policy Microsoft Managed Control 1238 - User-Installed Software (a36cedd4-3ffd-4b1f-8b18-aa71d8d87ce1)
add Policy Microsoft Managed Control 1051 - Session Lock (7cac6ee9-b58b-40c8-a5ce-f0efc3d9b339)
add Policy Microsoft Managed Control 1592 - External Information System Services | Consistent Interests Of Consumers And Providers (1d01ba6c-289f-42fd-a408-494b355b6222)
add Policy Microsoft Managed Control 1081 - Information Sharing (3867f2a9-23bb-4729-851f-c3ad98580caf)
add Policy Microsoft Managed Control 1383 - Incident Response Plan (d4558451-e16a-4d2d-a066-fe12a6282bb9)
add Policy Microsoft Managed Control 1030 - Information Flow Enforcement | Physical / Logical Separation Of Information Flows (d3531453-b869-4606-9122-29c1cd6e7ed1)
add Policy Microsoft Managed Control 1635 - Boundary Protection | Host-Based Protection (87551b5d-1deb-4d0f-86cc-9dc14cb4bf7e)
add Policy Microsoft Managed Control 1183 - Baseline Configuration | Configure Systems, Components, Or Devices For High-Risk Areas (5352e3e0-e63a-452e-9e5f-9c1d181cff9c)
add Policy Microsoft Managed Control 1519 - Personnel Termination (2f13915a-324c-4ab8-b45c-2eefeeefb098)
add Policy Microsoft Managed Control 1572 - Acquisition Process (04f5fb00-80bb-48a9-a75b-4cb4d4c97c36)
add Policy Microsoft Managed Control 1377 - Incident Response Assistance | Coordination With External Providers (68434bd1-e14b-4031-9edb-a4adf5f84a67)
add Policy Microsoft Managed Control 1522 - Personnel Transfer (38b470cc-f939-4a15-80e0-9f0c74f2e2c9)
add Policy Microsoft Managed Control 1605 - Developer Security Testing And Evaluation | Static Code Analysis (0062eb8b-dc75-4718-8ea5-9bb4a9606655)
add Policy Microsoft Managed Control 1615 - System And Communications Protection Policy And Procedures (f35e02aa-0a55-49f8-8811-8abfa7e6f2c0)
add Policy Microsoft Managed Control 1246 - Contingency Plan (398eb61e-8111-40d5-a0c9-003df28f1753)
add Policy Microsoft Managed Control 1075 - Access Control For Mobile Devices | Full Device / Container-Based Encryption (fc933d22-04df-48ed-8f87-22a3773d4309)
add Policy Microsoft Managed Control 1727 - Memory Protection (697175a7-9715-4e89-b98b-c6f605888fa3)
add Policy Microsoft Managed Control 1027 - Access Enforcement (a76ca9b0-3f4a-4192-9a38-b25e4f8ae48c)
add Policy Microsoft Managed Control 1331 - Authenticator Management | Password-Based Authentication (05460fe2-301f-4ed1-8174-d62c8bb92ff4)
add Policy Microsoft Managed Control 1337 - Authenticator Management | In-Person Or Trusted Third-Party Registration (463e5220-3f79-4e24-a63f-343e4096cd22)
add Policy Microsoft Managed Control 1152 - System Interconnections (beff0acf-7e67-40b2-b1ca-1a0e8205cf1b)
add Policy Microsoft Managed Control 1313 - Identifier Management (36220f5b-79a1-4cdb-8c74-2d2449f9a510)
add Policy Microsoft Managed Control 1586 - External Information System Services (6e3b2fbd-8f37-4766-a64d-3f37703dcb51)
add Policy Microsoft Managed Control 1582 - Information System Documentation (cd9e2f38-259b-462c-bfad-0ad7ab4e65c5)
add Policy Microsoft Managed Control 1215 - Least Functionality (88fc93e8-4745-4785-b5a5-b44bb92c44ff)
add Policy Microsoft Managed Control 1713 - Software, Firmware, And Information Integrity | Integrity Checks (0d87c70b-5012-48e9-994b-e70dd4b8def0)
add Policy Microsoft Managed Control 1573 - Acquisition Process (58c93053-7b98-4cf0-b99f-1beb985416c2)
add Policy Microsoft Managed Control 1138 - Audit Generation (9c284fc0-268a-4f29-af44-3c126674edb4)
add Policy Microsoft Managed Control 1553 - Vulnerability Scanning | Breadth / Depth Of Coverage (9e5225fe-cdfb-4fce-9aec-0fe20dd53b62)
add Policy Microsoft Managed Control 1483 - Water Damage Protection (5cb81060-3c8a-4968-bcdc-395a1801f6c1)
add Policy Microsoft Managed Control 1294 - Information System Backup | Transfer To Alternate Storage Site (49dbe627-2c1e-438c-979e-dd7a39bbf81d)
add Policy Microsoft Managed Control 1501 - Rules Of Behavior (88817b58-8472-4f6c-81fa-58ce42b67f51)
add Policy Microsoft Managed Control 1121 - Audit Review, Analysis, And Reporting | Correlation With Physical Monitoring (c72b0eb9-1fc2-44e5-a866-e7cb0532f7c1)
add Policy Microsoft Managed Control 1458 - Physical Access Control | Information System Access (8c19ceb7-56e9-4488-8ddb-b1eb3aa6d203)
add Policy Microsoft Managed Control 1299 - Identification And Authentication Policy And Procedures (fd4e54f7-9ab0-4bae-b6cc-457809948a89)
add Policy Microsoft Managed Control 1650 - Public Key Infrastructure Certificates (201d3740-bd16-4baf-b4b8-7cda352228b7)
add Policy Microsoft Managed Control 1455 - Physical Access Control (068a88d4-e520-434e-baf0-9005a8164e6a)
add Policy Microsoft Managed Control 1207 - Access Restrictions For Change | Limit Production / Operational Privileges (8713a0ed-0d1e-4d10-be82-83dffb39830e)
add Policy Microsoft Managed Control 1149 - Security Assessments | Specialized Assessments (2e1b855b-a013-481a-aeeb-2bcb129fd35d)
add Policy Microsoft Managed Control 1134 - Protection Of Audit Information | Access By Subset Of Privileged Users (4e95f70e-181c-4422-9da2-43079710c789)
add Policy Microsoft Managed Control 1632 - Boundary Protection | Prevent Split Tunneling For Remote Devices (4ce9073a-77fa-48f0-96b1-87aa8e6091c2)
add Policy Microsoft Managed Control 1688 - Information System Monitoring (063c3f09-e0f0-4587-8fd5-f4276fae675f)
add Policy Microsoft Managed Control 1652 - Mobile Code (6998e84a-2d29-4e10-8962-76754d4f772d)
add Policy Microsoft Managed Control 1708 - Security Function Verification (7a1e2c88-13de-4959-8ee7-47e3d74f1f48)
add Policy Microsoft Managed Control 1166 - Continuous Monitoring (bb02733d-3cc5-4bb0-a6cd-695ba2c2272e)
add Policy Microsoft Managed Control 1609 - Development Process, Standards, And Tools (9e93fa71-42ac-41a7-b177-efbfdc53c69f)
add Policy Microsoft Managed Control 1025 - Account Management | Account Monitoring / Atypical Usage (adfe020d-0a97-45f4-a39c-696ef99f3a95)
add Policy Microsoft Managed Control 1625 - Boundary Protection | Access Points (b9b66a4d-70a1-4b47-8fa1-289cec68c605)
add Policy Microsoft Managed Control 1427 - Media Protection Policy And Procedures (bc90e44f-d83f-4bdf-900f-3d5eb4111b31)
add Policy Microsoft Managed Control 1040 - Least Privilege | Review Of User Privileges (54205576-cec9-463f-ba44-b4b3f5d0a84c)
add Policy Microsoft Managed Control 1347 - Identification And Authentication (Non-Org. Users) | Acceptance Of PIV Creds. From Other Agys. (131a2706-61e9-4916-a164-00e052056462)
add Policy Microsoft Managed Control 1303 - Identification And Authentication (Org. Users) | Local Access To Privileged Accounts (80ca0a27-918a-4604-af9e-723a27ee51e8)
add Policy Microsoft Managed Control 1655 - Voice Over Internet Protocol (121eab72-390e-4629-a7e2-6d6184f57c6b)
add Policy Microsoft Managed Control 1604 - Developer Security Testing And Evaluation (44dbba23-0b61-478e-89c7-b3084667782f)
add Policy Microsoft Managed Control 1579 - Acquisition Process | Use Of Approved Piv Products (4e54c7ef-7457-430b-9a3e-ef8881d4a8e0)
add Policy Microsoft Managed Control 1482 - Temperature And Humidity Controls | Monitoring With Alarms / Notifications (9df4277e-8c88-4d5c-9b1a-541d53d15d7b)
add Policy Microsoft Managed Control 1161 - Continuous Monitoring (e2f8f6c6-dde4-436b-a79d-bc50e129eb3a)
add Policy Microsoft Managed Control 1513 - Personnel Screening | Information With Special Protection Measures (c416970d-b12b-49eb-8af4-fb144cd7c290)
add Policy Microsoft Managed Control 1388 - Information Spillage Response (2c7c575a-d4c5-4f6f-bd49-dee97a8cba55)
add Policy Microsoft Managed Control 1005 - Account Management (5b626abc-26d4-4e22-9de8-3831818526b1)
add Policy Microsoft Managed Control 1370 - Incident Monitoring | Automated Tracking / Data Collection / Analysis (924e1b2d-c502-478f-bfdb-a7e09a0d5c01)
add Policy Microsoft Managed Control 1571 - Acquisition Process (b11c985b-f2cd-4bd7-85f4-b52426edf905)
add Policy Microsoft Managed Control 1583 - Information System Documentation (0882d488-8e80-4466-bc0f-0cd15b6cb66d)
add Policy Microsoft Managed Control 1255 - Contingency Plan | Continue Essential Missions / Business Functions (f3793f5e-937f-44f7-bfba-40647ef3efa0)
add Policy Microsoft Managed Control 1261 - Contingency Plan Testing (65aeceb5-a59c-4cb1-8d82-9c474be5d431)
add Policy Microsoft Managed Control 1646 - Cryptographic Key Establishment And Management | Asymmetric Keys (506814fa-b930-4b10-894e-a45b98c40e1a)
add Policy Microsoft Managed Control 1423 - Maintenance Personnel | Individuals Without Appropriate Access (7741669e-d4f6-485a-83cb-e70ce7cbbc20)
add Policy Microsoft Managed Control 1531 - Third-Party Personnel Security (f0643e0c-eee5-4113-8684-c608d05c5236)
add Policy Microsoft Managed Control 1421 - Maintenance Personnel (e539caaa-da8c-41b8-9e1e-449851e2f7a6)
add Policy Microsoft Managed Control 1311 - Identifier Management (e7568697-0c9e-4ea3-9cec-9e567d14f3c6)
add Policy Microsoft Managed Control 1560 - System And Services Acquisition Policy And Procedures (e29e0915-5c2f-4d09-8806-048b749ad763)
add Policy Microsoft Managed Control 1142 - Security Assessment And Authorization Policy And Procedures (01524fa8-4555-48ce-ba5f-c3b8dcef5147)
add Policy Microsoft Managed Control 1339 - Authenticator Management | Protection Of Authenticators (367ae386-db7f-4167-b672-984ff86277c0)
add Policy Microsoft Managed Control 1588 - External Information System Services (68ebae26-e0e0-4ecb-8379-aabf633b51e9)
add Policy Microsoft Managed Control 1393 - Information Spillage Response | Exposure To Unauthorized Personnel (731856d8-1598-4b75-92de-7d46235747c0)
add Policy Microsoft Managed Control 1420 - Maintenance Personnel (05ae08cc-a282-413b-90c7-21a2c60b8404)
add Policy Microsoft Managed Control 1468 - Visitor Access Records | Automated Records Maintenance / Review (75603f96-80a1-4757-991d-5a1221765ddd)
add Policy Microsoft Managed Control 1469 - Power Equipment And Cabling (f509c5b6-0de0-4a4e-9b2e-cd9cbf3a58fd)
add Policy Microsoft Managed Control 1062 - Remote Access | Protection Of Confidentiality / Integrity Using Encryption (4708723f-e099-4af1-bbf9-b6df7642e444)
add Policy Microsoft Managed Control 1575 - Acquisition Process | Functional Properties Of Security Controls (93e1bb73-1b08-4dbe-9c62-8e2e92e7ec41)
add Policy Microsoft Managed Control 1103 - Audit Events (16feeb31-6377-437e-bbab-d7f73911896d)
add Policy Microsoft Managed Control 1714 - Software, Firmware, And Information Integrity | Automated Notifications Of Integrity Violations (e12494fa-b81e-4080-af71-7dbacc2da0ec)
add Policy Microsoft Managed Control 1172 - Internal System Connections (b43e946e-a4c8-4b92-8201-4a39331db43c)
add Policy Microsoft Managed Control 1358 - Incident Response Testing (effbaeef-5bf4-400d-895e-ef8cbc0e64c7)
add Policy Microsoft Managed Control 1328 - Authenticator Management | Password-Based Authentication (f5c66fdc-3d02-4034-9db5-ba57802609de)
add Policy Microsoft Managed Control 1678 - Malicious Code Protection (dd533cb0-b416-4be7-8e86-4d154824dfd7)
add Policy Microsoft Managed Control 1634 - Boundary Protection | Prevent Unauthorized Exfiltration (292a7c44-37fa-4c68-af7c-9d836955ded2)
add Policy Microsoft Managed Control 1657 - Secure Name / Address Resolution Service (Authoritative Source) (90f01329-a100-43c2-af31-098996135d2b)
add Policy Microsoft Managed Control 1257 - Contingency Training (b958b241-4245-4bd6-bd2d-b8f0779fb543)
add Policy Microsoft Managed Control 1247 - Contingency Plan (4e666db5-b2ef-4b06-aac6-09bfce49151b)
add Policy Microsoft Managed Control 1456 - Physical Access Control (733ba9e3-9e7c-440a-a7aa-6196a90a2870)
add Policy Microsoft Managed Control 1433 - Media Transport (5b879b41-2728-41c5-ad24-9ee2c37cbe65)
add Policy Microsoft Managed Control 1589 - External Information System Services | Risk Assessments / Organizational Approvals (86ec7f9b-9478-40ff-8cfd-6a0d510081a8)
add Policy Microsoft Managed Control 1188 - Configuration Change Control (bb20548a-c926-4e4d-855c-bcddc6faf95e)
add Policy Microsoft Managed Control 1349 - Identification And Authentication (Non-Org. Users) | Use Of FICAM-Approved Products (17641f70-94cd-4a5d-a613-3d1143e20e34)
add Policy Microsoft Managed Control 1555 - Vulnerability Scanning | Privileged Access (5afa8cab-1ed7-4e40-884c-64e0ac2059cc)
add Policy Microsoft Managed Control 1491 - Security Planning Policy And Procedures (1571dd40-dafc-4ef4-8f55-16eba27efc7b)
add Policy Microsoft Managed Control 1113 - Response To Audit Processing Failures | Audit Storage Capacity (562afd61-56be-4313-8fe4-b9564aa4ba7d)
add Policy Microsoft Managed Control 1669 - Flaw Remediation (48f2f62b-5743-4415-a143-288adc0e078d)
add Policy Microsoft Managed Control 1012 - Account Management (efd7b9ae-1db6-4eb6-b0fe-87e6565f9738)
add Policy Microsoft Managed Control 1073 - Access Control For Mobile Devices (ab55cdb0-c7dd-4bd8-ae22-a7cea7594e9c)
add Policy Microsoft Managed Control 1667 - System And Information Integrity Policy And Procedures (d61880dc-6e38-4f2a-a30c-3406a98f8220)
add Policy Microsoft Managed Control 1109 - Content Of Audit Records | Centralized Management Of Planned Audit Record Content (7d9ffa23-ad92-4d0d-b1f4-7db274cc2aec)
add Policy Microsoft Managed Control 1691 - Information System Monitoring | Automated Tools For Real-Time Analysis (71475fb4-49bd-450b-a1a5-f63894c24725)
add Policy Microsoft Managed Control 1178 - Baseline Configuration | Reviews And Updates (7818b8f4-47c6-441a-90ae-12ce04e99893)
add Policy Microsoft Managed Control 1401 - Controlled Maintenance (b78ee928-e3c1-4569-ad97-9f8c4b629847)
add Policy Microsoft Managed Control 1297 - Information System Recovery And Reconstitution | Restore Within Time Period (93fd8af1-c161-4bae-9ba9-f62731f76439)
add Policy Microsoft Managed Control 1391 - Information Spillage Response | Training (dd6ac1a1-660e-4810-baa8-74e868e2ed47)
add Policy Microsoft Managed Control 1268 - Alternate Storage Site (23f6e984-3053-4dfc-ab48-543b764781f5)
add Policy Microsoft Managed Control 1248 - Contingency Plan (50fc602d-d8e0-444b-a039-ad138ee5deb0)
add Policy Microsoft Managed Control 1600 - Developer Security Testing And Evaluation (c53f3123-d233-44a7-930b-f40d3bfeb7d6)
add Policy Microsoft Managed Control 1574 - Acquisition Process (0f935dab-83d6-47b8-85ef-68b8584161b9)
add Policy Microsoft Managed Control 1627 - Boundary Protection | External Telecommunications Services (fd73310d-76fc-422d-bda4-3a077149f179)
add Policy Microsoft Managed Control 1293 - Information System Backup | Separate Storage For Critical Information (87f7cd82-2e45-4d0f-9e2f-586b0962d142)
add Policy Microsoft Managed Control 1074 - Access Control For Mobile Devices (27a69937-af92-4198-9b86-08d355c7e59a)
add Policy Microsoft Managed Control 1724 - Error Handling (d07594d1-0307-4c08-94db-5d71ff31f0f6)
add Policy Microsoft Managed Control 1105 - Audit Events (5b73f57b-587d-4470-a344-0b0ae805f459)
add Policy Microsoft Managed Control 1006 - Account Management (aae8d54c-4bce-4c04-b3aa-5b65b67caac8)
add Policy Microsoft Managed Control 1567 - System Development Life Cycle (e72edbf6-aa61-436d-a227-0f32b77194b3)
add Policy Microsoft Managed Control 1203 - Access Restrictions For Change | Automated Access Enforcement / Auditing (f9012d14-e3e6-4d7b-b926-9f37b5537066)
add Policy Microsoft Managed Control 1018 - Account Management | Role-Based Schemes (c9121abf-e698-4ee9-b1cf-71ee528ff07f)
add Policy Microsoft Managed Control 1151 - System Interconnections (347e3b69-7fb7-47df-a8ef-71a1a7b44bca)
add Policy Microsoft Managed Control 1559 - System And Services Acquisition Policy And Procedures (45692294-f074-42bd-ac54-16f1a3c07554)
add Policy Microsoft Managed Control 1148 - Security Assessments | Independent Assessors (28e62650-c7c2-4786-bdfa-17edc1673902)
add Policy Microsoft Managed Control 1367 - Incident Handling | Insider Threats - Specific Capabilities (435b2547-6374-4f87-b42d-6e8dbe6ae62a)
add Policy Microsoft Managed Control 1336 - Authenticator Management | Pki-Based Authentication (77f56280-e367-432a-a3b9-8ca2aa636a26)
add Policy Microsoft Managed Control 1617 - Application Partitioning (a631d8f5-eb81-4f9d-9ee1-74431371e4a3)
add Policy Microsoft Managed Control 1402 - Controlled Maintenance | Automated Maintenance Activities (0a560d32-8075-4fec-9615-9f7c853f4ea9)
add Policy Microsoft Managed Control 1607 - Developer Security Testing And Evaluation | Dynamic Code Analysis (976a74cf-b192-4d35-8cab-2068f272addb)
add Policy Microsoft Managed Control 1182 - Baseline Configuration | Configure Systems, Components, Or Devices For High-Risk Areas (4f34f554-da4b-4786-8d66-7915c90893da)
add Policy Microsoft Managed Control 1346 - Identification And Authentication (Non-Organizational Users) (464dc8ce-2200-4720-87a5-dc5952924cc6)
add Policy Microsoft Managed Control 1048 - System Use Notification (483e7ca9-82b3-45a2-be97-b93163a0deb7)
add Policy Microsoft Managed Control 1371 - Incident Reporting (9447f354-2c85-4700-93b3-ecdc6cb6a417)
add Policy Microsoft Managed Control 1171 - Penetration Testing | Independent Penetration Agent Or Team (6d4820bc-8b61-4982-9501-2123cb776c00)
add Policy Microsoft Managed Control 1718 - Software, Firmware, And Information Integrity | Binary Or Machine Executable Code (0dced7ab-9ce5-4137-93aa-14c13e06ab17)
add Policy Microsoft Managed Control 1694 - Information System Monitoring | Analyze Communications Traffic Anomalies (426c4ac9-ff17-49d0-acd7-a13c157081c0)
add Policy Microsoft Managed Control 1039 - Least Privilege | Review Of User Privileges (3a7b9de4-a8a2-4672-914d-c5f6752aa7f9)
add Policy Microsoft Managed Control 1141 - Audit Generation | Changes By Authorized Individuals (6fdefbf4-93e7-4513-bc95-c1858b7093e0)
add Policy Microsoft Managed Control 1656 - Secure Name / Address Resolution Service (Authoritative Source) (1cb067d5-c8b5-4113-a7ee-0a493633924b)
add Policy Microsoft Managed Control 1310 - Device Identification And Authentication (450d7ede-823d-4931-a99d-57f6a38807dc)
add Policy Microsoft Managed Control 1137 - Audit Generation (4344df62-88ab-4637-b97b-bcaf2ec97e7c)
add Policy Microsoft Managed Control 1324 - Authenticator Management (8cfea2b3-7f77-497e-ac20-0752f2ff6eee)
add Policy Microsoft Managed Control 1145 - Security Assessments (a0724970-9c75-4a64-a225-a28002953f28)
add Policy Microsoft Managed Control 1323 - Authenticator Management (abe8f70b-680f-470c-9b86-a7edfb664ecc)
add Policy Microsoft Managed Control 1106 - Audit Events | Reviews And Updates (d2b4feae-61ab-423f-a4c5-0e38ac4464d8)
add Policy Microsoft Managed Control 1690 - Information System Monitoring | System-Wide Intrusion Detection System (a2567a23-d1c3-4783-99f3-d471302a4d6b)
add Policy Microsoft Managed Control 1186 - Configuration Change Control (b95ba3bd-4ded-49ea-9d10-c6f4b680813d)
add Policy Microsoft Managed Control 1123 - Audit Review, Analysis, And Reporting | Audit Level Adjustment (03996055-37a4-45a5-8b70-3f1caa45f87d)
add Policy Microsoft Managed Control 1330 - Authenticator Management | Password-Based Authentication (f75cedb2-5def-4b31-973e-b69e8c7bd031)
add Policy Microsoft Managed Control 1723 - Information Input Validation (e91927a0-ac1d-44a0-95f8-5185f9dfce9f)
add Policy Microsoft Managed Control 1415 - Nonlocal Maintenance (61a1dd98-b259-4840-abd5-fbba7ee0da83)
add Policy Microsoft Managed Control 1155 - System Interconnections | Restrictions On External System Connections (4d33f9f1-12d0-46ad-9fbd-8f8046694977)
add Policy Microsoft Managed Control 1200 - Security Impact Analysis (e98fe9d7-2ed3-44f8-93b7-24dca69783ff)
add Policy Microsoft Managed Control 1548 - Vulnerability Scanning (3afe6c78-6124-4d95-b85c-eb8c0c9539cb)
add Policy Microsoft Managed Control 1397 - Controlled Maintenance (391af4ab-1117-46b9-b2c7-78bbd5cd995b)
add Policy Microsoft Managed Control 1028 - Information Flow Enforcement (f171df5c-921b-41e9-b12b-50801c315475)
add Policy Microsoft Managed Control 1053 - Session Lock | Pattern-Hiding Displays (7582b19c-9dba-438e-aed8-ede59ac35ba3)
add Policy Microsoft Managed Control 1683 - Information System Monitoring (8c79fee4-88dd-44ce-bbd4-4de88948c4f8)
add Policy Microsoft Managed Control 1177 - Baseline Configuration | Reviews And Updates (63dbc7a8-e20b-4d38-b857-a7f6c0cd94bc)
add Policy Microsoft Managed Control 1032 - Separation Of Duties (5aa85661-d618-46b8-a20f-ca40a86f0751)
add Policy Microsoft Managed Control 1189 - Configuration Change Control (ee45e02a-4140-416c-82c4-fecfea660b9d)
add Policy Microsoft Managed Control 1206 - Access Restrictions For Change | Limit Production / Operational Privileges (e0de232d-02a0-4652-872d-88afb4ae5e91)
add Policy Microsoft Managed Control 1317 - Authenticator Management (8877f519-c166-47b7-81b7-8a8eb4ff3775)
add Policy Microsoft Managed Control 1076 - Use Of External Information Systems (98a4bd5f-6436-46d4-ad00-930b5b1dfed4)
add Policy Microsoft Managed Control 1653 - Mobile Code (6b1c00a7-7fd0-42b0-8c5b-c45f6fa1f71b)
add Policy Microsoft Managed Control 1181 - Baseline Configuration | Retention Of Previous Configurations (21839937-d241-4fa5-95c6-b669253d9ab9)
add Policy Microsoft Managed Control 1319 - Authenticator Management (66f7ae57-5560-4fc5-85c9-659f204e7a42)
add Policy Microsoft Managed Control 1561 - Allocation Of Resources (40364c3f-c331-4e29-b1e3-2fbe998ba2f5)
add Policy Microsoft Managed Control 1364 - Incident Handling | Dynamic Reconfiguration (4c615c2a-dc83-4dda-8220-abce7b50c9bc)
add Policy Microsoft Managed Control 1213 - Configuration Settings | Respond To Unauthorized Changes (81f11e32-a293-4a58-82cd-134af52e2318)
add Policy Microsoft Managed Control 1199 - Configuration Change Control | Cryptography Management (a9a08d1c-09b1-48f1-90ea-029bbdf7111e)
add Policy Microsoft Managed Control 1140 - Audit Generation | System-Wide / Time-Correlated Audit Trail (90d8b8ad-8ee3-4db7-913f-2a53fcff5316)
add Policy Microsoft Managed Control 1471 - Emergency Shutoff (7dd0e9ce-1772-41fb-a50a-99977071f916)
add Policy Microsoft Managed Control 1001 - Access Control Policy And Procedures (4e26f8c3-4bf3-4191-b8fc-d888805101b7)
add Policy Microsoft Managed Control 1436 - Media Transport (28aab8b4-74fd-4b7c-9080-5a7be525d574)
add Policy Microsoft Managed Control 1385 - Information Spillage Response (3e495e65-8663-49ca-9b38-9f45e800bc58)
add Policy Microsoft Managed Control 1035 - Least Privilege | Authorize Access To Security Functions (ca94b046-45e2-444f-a862-dc8ce262a516)
add Policy Microsoft Managed Control 1202 - Access Restrictions For Change (40a2a83b-74f2-4c02-ae65-f460a5d2792a)
add Policy Microsoft Managed Control 1394 - System Maintenance Policy And Procedures (4db56f68-3f50-45ab-88f3-ca46f5379a94)
add Policy Microsoft Managed Control 1154 - System Interconnections | Unclassified Non-National Security System Connections (e757ceb9-93b3-45fe-a4f4-f43f64f1ac5a)
add Policy Microsoft Managed Control 1414 - Nonlocal Maintenance (2ce63a52-e47b-4ae2-adbb-6e40d967f9e6)
add Policy Microsoft Managed Control 1129 - Time Stamps | Synchronization With Authoritative Time Source (71bb965d-4047-4623-afd4-b8189a58df5d)
add Policy Microsoft Managed Control 1272 - Alternate Processing Site (ae46cf7a-e3fd-427b-9b91-44bc78e2d9d8)
add Policy Microsoft Managed Control 1212 - Configuration Settings | Automated Central Management / Application / Verification (56d970ee-4efc-49c8-8a4e-5916940d784c)
add Policy Microsoft Managed Control 1711 - Security Function Verification (b083a535-a66a-41ec-ba7f-f9498bf67cde)
add Policy Microsoft Managed Control 1680 - Malicious Code Protection | Central Management (399cd6ee-0e18-41db-9dea-cde3bd712f38)
add Policy Microsoft Managed Control 1218 - Least Functionality | Prevent Program Execution (4a1d0394-b9f5-493e-9e83-563fd0ac4df8)
add Policy Microsoft Managed Control 1008 - Account Management (8356cfc6-507a-4d20-b818-08038011cd07)
add Policy Microsoft Managed Control 1094 - Role-Based Security Training (4b1853e0-8973-446b-b567-09d901d31a09)
add Policy Microsoft Managed Control 1566 - System Development Life Cycle (50ad3724-e2ac-4716-afcc-d8eabd97adb9)
add Policy Microsoft Managed Control 1128 - Time Stamps (ef212163-3bc4-4e86-bcf8-705127086393)
add Policy Microsoft Managed Control 1585 - Security Engineering Principles (d57f8732-5cdc-4cda-8d27-ab148e1f3a55)
add Policy Microsoft Managed Control 1485 - Delivery And Removal (50301354-95d0-4a11-8af5-8039ecf6d38b)
add Policy Microsoft Managed Control 1065 - Remote Access | Privileged Commands / Access (f87b8085-dca9-4cf1-8f7b-9822b997797c)
add Policy Microsoft Managed Control 1450 - Physical Access Authorizations (134d7a13-ba3e-41e2-b236-91bfcfa24e01)
add Policy Microsoft Managed Control 1550 - Vulnerability Scanning (902908fb-25a8-4225-a3a5-5603c80066c9)
add Policy Microsoft Managed Control 1557 - Vulnerability Scanning | Review Historic Audit Logs (36fbe499-f2f2-41b6-880e-52d7ea1d94a5)
add Policy Microsoft Managed Control 1264 - Contingency Plan Testing | Coordinate With Related Plans (dd280d4b-50a1-42fb-a479-ece5878acf19)
add Policy Microsoft Managed Control 1689 - Information System Monitoring (de901f2f-a01a-4456-97f0-33cda7966172)
add Policy Microsoft Managed Control 1464 - Monitoring Physical Access | Intrusion Alarms / Surveillance Equipment (41256567-1795-4684-b00b-a1308ce43cac)
add Policy Microsoft Managed Control 1637 - Boundary Protection | Fail Secure (4075bedc-c62a-4635-bede-a01be89807f3)
add Policy Microsoft Managed Control 1165 - Continuous Monitoring (47e10916-6c9e-446b-b0bd-ff5fd439d79d)
add Policy Microsoft Managed Control 1405 - Maintenance Tools | Inspect Tools (fe1a0bf3-409a-4b00-b60d-0b1f917f7e7b)
add Policy Microsoft Managed Control 1448 - Physical Access Authorizations (825d6494-e583-42f2-a3f2-6458e6f0004f)
add Policy Microsoft Managed Control 1169 - Continuous Monitoring | Trend Analyses (e7ba2cb3-5675-4468-8b50-8486bdd998a5)
add Policy Microsoft Managed Control 1176 - Baseline Configuration (c30690a5-7bf3-467f-b0cd-ef5c7c7449cd)
add Policy Microsoft Managed Control 1374 - Incident Response Assistance (cc5c8616-52ef-4e5e-8000-491634ed9249)
add Policy Microsoft Managed Control 1648 - Collaborative Computing Devices (3a9eb14b-495a-4ebb-933c-ce4ef5264e32)
add Policy Microsoft Managed Control 1066 - Remote Access | Disconnect / Disable Access (4455c2e8-c65d-4acf-895e-304916f90b36)
add Policy Microsoft Managed Control 1010 - Account Management (784663a8-1eb0-418a-a98c-24d19bc1bb62)
add Policy Microsoft Managed Control 1227 - Information System Component Inventory | Automated Unauthorized Component Detection (03b78f5e-4877-4303-b0f4-eb6583f25768)
add Policy Microsoft Managed Control 1544 - Risk Assessment (43ced7c9-cd53-456b-b0da-2522649a4271)
add Policy Microsoft Managed Control 1289 - Information System Backup (7a724864-956a-496c-b778-637cb1d762cf)
add Policy Microsoft Managed Control 1298 - Identification And Authentication Policy And Procedures (1dc784b5-4895-4d27-9d40-a06b032bd1ee)
add Policy Microsoft Managed Control 1490 - Security Planning Policy And Procedures (9e61da80-0957-4892-b70c-609d5eaafb6b)
add Policy Microsoft Managed Control 1478 - Fire Protection | Suppression Devices / Systems (f997df46-cfbb-4cc8-aac8-3fecdaf6a183)
add Policy Microsoft Managed Control 1676 - Malicious Code Protection (c10fb58b-56a8-489e-9ce3-7ffe24e78e4b)
add Policy Microsoft Managed Control 1613 - Developer Security Architecture And Design (fe2ad78b-8748-4bff-a924-f74dfca93f30)
add Policy Microsoft Managed Control 1244 - Contingency Plan (6a13a8f8-c163-4b1b-8554-d63569dab937)
add Policy Microsoft Managed Control 1503 - Information Security Architecture (c1fa9c2f-d439-4ab9-8b83-81fb1934f81d)
add Policy Microsoft Managed Control 1306 - Identification And Authentication (Org. Users) | Net. Access To Priv. Accts. - Replay (cafc6c3c-5fc5-4c5e-a99b-a0ccb1d34eff)
add Policy Microsoft Managed Control 1280 - Telecommunications Services | Priority Of Service Provisions (fa108498-b3a8-4ffb-9e79-1107e76afad3)
add Policy Microsoft Managed Control 1675 - Flaw Remediation | Time To Remediate Flaws / Benchmarks For Corrective Actions (facb66e0-1c48-478a-bed5-747a312323e1)
add Policy Microsoft Managed Control 1473 - Emergency Power (d7047705-d719-46a7-8bb0-76ad233eba71)
add Policy Microsoft Managed Control 1143 - Security Assessment And Authorization Policy And Procedures (7c6de11b-5f51-4f7c-8d83-d2467c8a816e)
add Policy Microsoft Managed Control 1304 - Identification And Authentication (Org. Users) | Local Access To Non-Privileged Accounts (6ca71be3-16cb-4d39-8b50-7f8fd5e2f11b)
add Policy Microsoft Managed Control 1231 - Configuration Management Plan (244e0c05-cc45-4fe7-bf36-42dcf01f457d)
add Policy Microsoft Managed Control 1512 - Personnel Screening (5a8324ad-f599-429b-aaed-f9c6e8c987a8)
add Policy Microsoft Managed Control 1603 - Developer Security Testing And Evaluation (2b909c26-162f-47ce-8e15-0c1f55632eac)
add Policy Microsoft Managed Control 1281 - Telecommunications Services | Priority Of Service Provisions (8dc459b3-0e77-45af-8d71-cfd8c9654fe2)
add Policy Microsoft Managed Control 1107 - Content Of Audit Records (b29ed931-8e21-4779-8458-27916122a904)
add Policy Microsoft Managed Control 1467 - Visitor Access Records (5350cbf9-8bdd-4904-b22a-e88be84ca49d)
add Policy Microsoft Managed Control 1477 - Fire Protection | Detection Devices / Systems (4862a63c-6c74-4a9d-a221-89af3c374503)
add Policy Microsoft Managed Control 1679 - Malicious Code Protection (2cf42a28-193e-41c5-98df-7688e7ef0a88)
add Policy Microsoft Managed Control 1534 - Personnel Sanctions (8b2b263e-cd05-4488-bcbf-4debec7a17d9)
add Policy Microsoft Managed Control 1226 - Information System Component Inventory | Automated Unauthorized Component Detection (c158eb1c-ae7e-4081-8057-d527140c4e0c)
add Policy Microsoft Managed Control 1260 - Contingency Training | Simulated Events (42254fc4-2738-4128-9613-72aaa4f0d9c3)
add Policy Microsoft Managed Control 1365 - Incident Handling | Continuity Of Operations (4116891d-72f7-46ee-911c-8056cc8dcbd5)
add Policy Microsoft Managed Control 1095 - Role-Based Security Training (bc3f6f7a-057b-433e-9834-e8c97b0194f6)
add Policy Microsoft Managed Control 1356 - Incident Response Training | Simulated Events (8829f8f5-e8be-441e-85c9-85b72a5d0ef3)
add Policy Microsoft Managed Control 1127 - Time Stamps (3ce328db-aef3-48ed-9f81-2ab7cf839c66)
add Policy Microsoft Managed Control 1466 - Visitor Access Records (0d943a9c-a6f1-401f-a792-740cdb09c451)
add Policy Microsoft Managed Control 1720 - Spam Protection (44b9a7cd-f36a-491a-a48b-6d04ae7c4221)
add Policy Microsoft Managed Control 1524 - Personnel Transfer (72f1cb4e-2439-4fe8-88ea-b8671ce3c268)
add Policy Microsoft Managed Control 1644 - Cryptographic Key Establishment And Management | Availability (a7211477-c970-446b-b4af-062f37461147)
add Policy Microsoft Managed Control 1162 - Continuous Monitoring (5770f3d6-8c2b-4f6f-bf0e-c8c8fc36d592)
add Policy Microsoft Managed Control 1453 - Physical Access Control (9693b564-3008-42bc-9d5d-9c7fe198c011)
add Policy Microsoft Managed Control 1000 - Access Control Policy And Procedures (2ef3cc79-733e-48ed-ab6f-7bf439e9b406)
add Policy Microsoft Managed Control 1651 - Mobile Code (6db63528-c9ba-491c-8a80-83e1e6977a50)
add Policy Microsoft Managed Control 1403 - Controlled Maintenance | Automated Maintenance Activities (57149289-d52b-4f40-9fe6-5233c1ef80f7)
add Policy Microsoft Managed Control 1624 - Boundary Protection (37d079e3-d6aa-4263-a069-dd7ac6dd9684)
add Policy Microsoft Managed Control 1558 - Vulnerability Scanning | Correlate Scanning Information (65592b16-4367-42c5-a26e-d371be450e17)
add Policy Microsoft Managed Control 1390 - Information Spillage Response | Responsible Personnel (c3b65b63-09ec-4cb5-8028-7dd324d10eb0)
add Policy Microsoft Managed Control 1031 - Separation Of Duties (6b93a801-fe25-4574-a60d-cb22acffae00)
add Policy Microsoft Managed Control 1282 - Telecommunications Services | Single Points Of Failure (34042a97-ec6d-4263-93d2-8c1c46823b2a)
add Policy Microsoft Managed Control 1278 - Alternate Processing Site | Preparation For Use (8e5ef485-9e16-4c53-a475-fbb8107eac59)
add Policy Microsoft Managed Control 1084 - Publicly Accessible Content (d0eb15db-dd1c-4d1d-b200-b12dd6cd060c)
add Policy Microsoft Managed Control 1399 - Controlled Maintenance (2256e638-eb23-480f-9e15-6cf1af0a76b3)
add Policy Microsoft Managed Control 1717 - Software, Firmware, And Information Integrity | Binary Or Machine Executable Code (967773fc-d9ab-4a4e-8ff6-f5e9e3f5dbef)
add Policy Microsoft Managed Control 1375 - Incident Response Assistance | Automation Support For Availability Of Information / Support (00379355-8932-4b52-b63a-3bc6daf3451a)
add Policy Microsoft Managed Control 1461 - Monitoring Physical Access (aafef03e-fea8-470b-88fa-54bd1fcd7064)
add Policy Microsoft Managed Control 1322 - Authenticator Management (9d1d971e-467e-4278-9633-c74c3d4fecc4)
add Policy Microsoft Managed Control 1396 - Controlled Maintenance (276af98f-4ff9-4e69-99fb-c9b2452fb85f)
add Policy Microsoft Managed Control 1290 - Information System Backup (92f85ce9-17b7-49ea-85ee-ea7271ea6b82)
add Policy Microsoft Managed Control 1704 - Security Alerts, Advisories, And Directives (2d44b6fa-1134-4ea6-ad4e-9edb68f65429)
add Policy Microsoft Managed Control 1564 - System Development Life Cycle (157f0ef9-143f-496d-b8f9-f8c8eeaad801)
add Policy Microsoft Managed Control 1296 - Information System Recovery And Reconstitution | Transaction Recovery (e57b98a0-a011-4956-a79d-5d17ed8b8e48)
add Policy Microsoft Managed Control 1034 - Least Privilege (02a5ed00-6d2e-4e97-9a98-46c32c057329)
add Policy Microsoft Managed Control 1120 - Audit Review, Analysis, And Reporting | Integration / Scanning And Monitoring Capabilities (c69b870e-857b-458b-af02-bb234f7a00d3)
add Policy Microsoft Managed Control 1702 - Information System Monitoring | Indicators Of Compromise (4dfc0855-92c4-4641-b155-a55ddd962362)
add Policy Microsoft Managed Control 1362 - Incident Handling (5d169442-d6ef-439b-8dca-46c2c3248214)
add Policy Microsoft Managed Control 1665 - Process Isolation (5df3a55c-8456-44d4-941e-175f79332512)
add Policy Microsoft Managed Control 1029 - Information Flow Enforcement | Security Policy Filters (53ac8f8e-c2b5-4d44-8a2d-058e9ced9b69)
add Policy Microsoft Managed Control 1504 - Information Security Architecture (9e7c35d0-12d4-4e0c-80a2-8a352537aefd)
add Policy Microsoft Managed Control 1418 - Nonlocal Maintenance | Comparable Security / Sanitization (28e633fd-284e-4ea7-88b4-02ca157ed713)
add Policy Microsoft Managed Control 1284 - Telecommunications Services | Provider Contingency Plan (942b3e97-6ae3-410e-a794-c9c999b97c0b)
add Policy Microsoft Managed Control 1158 - Security Authorization (fff50cf2-28eb-45b4-b378-c99412688907)
add Policy Microsoft Managed Control 1444 - Media Use | Prohibit Use Without Owner (666143df-f5e0-45bd-b554-135f0f93e44e)
add Policy Microsoft Managed Control 1116 - Audit Review, Analysis, And Reporting (5e47bc51-35d1-44b8-92af-e2f2d8b67635)
add Policy Microsoft Managed Control 1496 - System Security Plan (0ca96127-2f87-46ab-a4fc-0d2a786df1c8)
add Policy Microsoft Managed Control 1474 - Emergency Power | Long-Term Alternate Power Supply - Minimal Operational Capability (03ad326e-d7a1-44b1-9a76-e17492efc9e4)
add Policy Microsoft Managed Control 1454 - Physical Access Control (ad58985d-ab32-4f99-8bd3-b7e134c90229)
add Policy Microsoft Managed Control 1386 - Information Spillage Response (5120193e-91fd-4f9d-bc6d-194f94734065)
add Policy Microsoft Managed Control 1050 - Concurrent Session Control (bd20184c-b4ec-4ce5-8db6-6e86352d183f)
add Policy Microsoft Managed Control 1591 - External Information System Services | Ident. Of Functions / Ports / Protocols / Services (f751cdb7-fbee-406b-969b-815d367cb9b3)
add Policy Microsoft Managed Control 1301 - Identification And Authentication (Org. Users) | Network Access To Privileged Accounts (b6a8e0cc-ac23-468b-abe4-a8a1cc6d7a08)
add Policy Microsoft Managed Control 1044 - Unsuccessful Logon Attempts (0abbac52-57cf-450d-8408-1208d0dd9e90)
add Policy Microsoft Managed Control 1357 - Incident Response Training | Automated Training Environments (e4213689-05e8-4241-9d4e-8dd1cdafd105)
add Policy Microsoft Managed Control 1556 - Vulnerability Scanning | Automated Trend Analyses (391ff8b3-afed-405e-9f7d-ef2f8168d5da)
add Policy Microsoft Managed Control 1417 - Nonlocal Maintenance | Comparable Security / Sanitization (7522ed84-70d5-4181-afc0-21e50b1b6d0e)
add Policy Microsoft Managed Control 1597 - Developer Configuration Management (68b250ec-2e4f-4eee-898a-117a9fda7016)
add Policy Microsoft Managed Control 1620 - Denial Of Service Protection (d17c826b-1dec-43e1-a984-7b71c446649c)
add Policy Microsoft Managed Control 1581 - Information System Documentation (742b549b-7a25-465f-b83c-ea1ffb4f4e0e)
add Policy Microsoft Managed Control 1584 - Information System Documentation (5864522b-ff1d-4979-a9f8-58bee1fb174c)
add Policy Microsoft Managed Control 1055 - Session Termination| User-Initiated Logouts / Message Displays (769efd9b-3587-4e22-90ce-65ddcd5bd969)
add Policy Microsoft Managed Control 1230 - Configuration Management Plan (11158848-f679-4e9b-aa7b-9fb07d945071)
add Policy Microsoft Managed Control 1354 - Incident Response Training (9fd92c17-163a-4511-bb96-bbb476449796)
add Policy Microsoft Managed Control 1462 - Monitoring Physical Access (9b1f3a9a-13a1-4b40-8420-36bca6fd8c02)
add Policy Microsoft Managed Control 1677 - Malicious Code Protection (4a248e1e-040f-43e5-bff2-afc3a57a3923)
add Policy Microsoft Managed Control 1275 - Alternate Processing Site | Separation From Primary Site (a23d9d53-ad2e-45ef-afd5-e6d10900a737)
add Policy Microsoft Managed Control 1232 - Configuration Management Plan (396ba986-eac1-4d6d-85c4-d3fda6b78272)
add Policy Microsoft Managed Control 1341 - Authenticator Management | Multiple Information System Accounts (34cb7e92-fe4c-4826-b51e-8cd203fa5d35)
add Policy Microsoft Managed Control 1204 - Access Restrictions For Change | Review System Changes (0f4f6750-d1ab-4a4c-8dfd-af3237682665)
add Policy Microsoft Managed Control 1411 - Nonlocal Maintenance (898d4fe8-f743-4333-86b7-0c9245d93e7d)
add Policy Microsoft Managed Control 1451 - Physical Access Control (e3f1e5a3-25c1-4476-8cb6-3955031f8e65)
add Policy Microsoft Managed Control 1229 - Information System Component Inventory | No Duplicate Accounting Of Components (03752212-103c-4ab8-a306-7e813022ca9d)
add Policy Microsoft Managed Control 1610 - Development Process, Standards, And Tools (b9f3fb54-4222-46a1-a308-4874061f8491)
add Policy Microsoft Managed Control 1085 - Publicly Accessible Content (13d117e0-38b0-4bbb-aaab-563be5dd10ba)
add Policy Microsoft Managed Control 1003 - Account Management (3b68b179-3704-4ff7-b51d-7d65374d165d)
add Policy Microsoft Managed Control 1353 - Incident Response Training (c785ad59-f78f-44ad-9a7f-d1202318c748)
add Policy Microsoft Managed Control 1699 - Information System Monitoring | Privileged Users (69c7bee8-bc19-4129-a51e-65a7b39d3e7c)
add Policy Microsoft Managed Control 1616 - System And Communications Protection Policy And Procedures (2006457a-48b3-4f7b-8d2e-1532287f9929)
add Policy Microsoft Managed Control 1079 - Use Of External Information Systems | Limits On Authorized Use (85c32733-7d23-4948-88da-058e2c56b60f)
add Policy Microsoft Managed Control 1614 - Developer Security Architecture And Design (8154e3b3-cc52-40be-9407-7756581d71f6)
add Policy Microsoft Managed Control 1602 - Developer Security Testing And Evaluation (ddae2e97-a449-499f-a1c8-aea4a7e52ec9)
add Policy Microsoft Managed Control 1437 - Media Transport | Cryptographic Protection (6d1eb6ed-bf13-4046-b993-b9e2aef0f76c)
add Policy Microsoft Managed Control 1254 - Contingency Plan | Resume All Missions / Business Functions (704e136a-4fe0-427c-b829-cd69957f5d2b)
add Policy Microsoft Managed Control 1472 - Emergency Shutoff (ef869332-921d-4c28-9402-3be73e6e50c8)
add Policy Microsoft Managed Control 1693 - Information System Monitoring | System-Generated Alerts (a450eba6-2efc-4a00-846a-5804a93c6b77)
add Policy Microsoft Managed Control 1242 - Contingency Planning Policy And Procedures (cf3b3293-667a-445e-a722-fa0b0afc0958)
add Policy Microsoft Managed Control 1508 - Position Risk Designation (76f500cc-4bca-4583-bda1-6d084dc21086)
add Policy Microsoft Managed Control 1432 - Media Storage (1140e542-b80d-4048-af45-3f7245be274b)
add Policy Microsoft Managed Control 1305 - Identification And Authentication (Org. Users) | Group Authentication (9d9166a8-1722-4b8f-847c-2cf3f2618b3d)
add Policy Microsoft Managed Control 1144 - Security Assessments (2fa15ff1-a693-4ee4-b094-324818dc9a51)
add Policy Microsoft Managed Control 1092 - Security Awareness Training | Insider Threat (8a29d47b-8604-4667-84ef-90d203fcb305)
add Policy Microsoft Managed Control 1497 - System Security Plan | Plan / Coordinate With Other Organizational Entities (2e3c5583-1729-4d36-8771-59c32f090a22)
add Policy Microsoft Managed Control 1439 - Media Sanitization (dce72873-c5f1-47c3-9b4f-6b8207fd5a45)
add Policy Microsoft Managed Control 1024 - Account Management | Account Monitoring / Atypical Usage (84914fb4-12da-4c53-a341-a9fd463bed10)
add Policy Microsoft Managed Control 1568 - Acquisition Process (b6a8eae8-9854-495a-ac82-d2cd3eac02a6)
add Policy Microsoft Managed Control 1160 - Security Authorization (3e797ca6-2aa8-4333-b335-7036f1110c05)
add Policy Microsoft Managed Control 1535 - Personnel Sanctions (f9a165d2-967d-4733-8399-1074270dae2e)
add Policy Microsoft Managed Control 1136 - Audit Record Retention (97ed5bac-a92f-4f6d-a8ed-dc094723597c)
add Policy Microsoft Managed Control 1611 - Developer-Provided Training (fdda8a0c-ac32-43f6-b2f4-7dc1df03f43f)
add Policy Microsoft Managed Control 1274 - Alternate Processing Site (2aee175f-cd16-4825-939a-a85349d96210)
add Policy Microsoft Managed Control 1064 - Remote Access | Privileged Commands / Access (eb4d9508-cbf0-4a3c-bb5c-6c95b159f3fb)
add Policy Microsoft Managed Control 1259 - Contingency Training (9d9e18f7-bad9-4d30-8806-a0c9d5e26208)
add Policy Microsoft Managed Control 1429 - Media Marking (b07c9b24-729e-4e85-95fc-f224d2d08a80)
add Policy Microsoft Managed Control 1043 - Least Privilege | Prohibit Non-Privileged Users From Executing Privileged Functions (361a77f6-0f9c-4748-8eec-bc13aaaa2455)
add Policy Microsoft Managed Control 1348 - Identification And Authentication (Non-Org. Users) | Acceptance Of Third-Party Credentials (855ced56-417b-4d74-9d5f-dd1bc81e22d6)
add Policy Microsoft Managed Control 1197 - Configuration Change Control | Test / Validate / Document Changes (a20d2eaa-88e2-4907-96a2-8f3a05797e5c)
add Policy Microsoft Managed Control 1516 - Personnel Termination (da3cd269-156f-435b-b472-c3af34c032ed)
add Policy Microsoft Managed Control 1114 - Response To Audit Processing Failures | Real-Time Alerts (4c090801-59bc-4454-bb33-e0455133486a)
add Policy Microsoft Managed Control 1536 - Risk Assessment Policy And Procedures (6e40d9de-2ad4-4cb5-8945-23143326a502)
add Policy Microsoft Managed Control 1539 - Security Categorization (aabb155f-e7a5-4896-a767-e918bfae2ee0)
add Policy Microsoft Managed Control 1208 - Configuration Settings (5ea87673-d06b-456f-a324-8abcee5c159f)
add Policy Microsoft Managed Control 1131 - Protection Of Audit Information (b472a17e-c2bc-493f-b50b-42d55a346962)
add Policy Microsoft Managed Control 1459 - Access Control For Transmission Medium (75cc73c7-5cdb-479d-a06f-7b4d0dbb1da0)
add Policy Microsoft Managed Control 1068 - Wireless Access (2d045bca-a0fd-452e-9f41-4ec33769717c)
add Policy Microsoft Managed Control 1292 - Information System Backup | Test Restoration Using Sampling (d03516cf-0293-489f-9b32-a18f2a79f836)
add Policy Microsoft Managed Control 1518 - Personnel Termination (0d58f734-c052-40e9-8b2f-a1c2bff0b815)
add Policy Microsoft Managed Control 1097 - Role-Based Security Training | Suspicious Communications And Anomalous System Behavior (cf3e4836-f19e-47eb-a8cd-c3ca150452c0)
add Policy Microsoft Managed Control 1481 - Temperature And Humidity Controls (717a1c78-a267-4f56-ac58-ee6c54dc4339)
add Policy Microsoft Managed Control 1104 - Audit Events (cdd8d244-18b2-4306-a1d1-df175ae0935f)
add Policy Microsoft Managed Control 1721 - Spam Protection | Central Management (d207aaef-7c4d-4f8c-9dce-4d62dfa3d29a)
add Policy Microsoft Managed Control 1722 - Spam Protection | Automatic Updates (e1da06bd-25b6-4127-a301-c313d6873fff)
add Policy Microsoft Managed Control 1352 - Incident Response Policy And Procedures (518cb545-bfa8-43f8-a108-3b7d5037469a)
add Policy Microsoft Managed Control 1630 - Boundary Protection | External Telecommunications Services (3643717a-3897-4bfd-8530-c7c96b26b2a0)
add Policy Microsoft Managed Control 1007 - Account Management (17200329-bf6c-46d8-ac6d-abf4641c2add)
add Policy Microsoft Managed Control 1269 - Alternate Storage Site | Separation From Primary Site (19b9439d-865d-4474-b17d-97d2702fdb66)
add Policy Microsoft Managed Control 1009 - Account Management (b26f8610-e615-47c2-abd6-c00b2b0b503a)
add Policy Microsoft Managed Control 1372 - Incident Reporting (25b96717-c912-4c00-9143-4e487f411726)
add Policy Microsoft Managed Control 1594 - Developer Configuration Management (042ba2a1-8bb8-45f4-b080-c78cf62b90e9)
add Policy Microsoft Managed Control 1049 - System Use Notification (9adf7ba7-900a-4f35-8d57-9f34aafc405c)
add Policy Microsoft Managed Control 1041 - Least Privilege | Privilege Levels For Code Execution (b3d8d15b-627a-4219-8c96-4d16f788888b)
add Policy Microsoft Managed Control 1545 - Risk Assessment (3f4b171a-a56b-4328-8112-32cf7f947ee1)
add Policy Microsoft Managed Control 1119 - Audit Review, Analysis, And Reporting | Central Review And Analysis (845f6359-b764-4b40-b579-657aefe23c44)
add Policy Microsoft Managed Control 1622 - Boundary Protection (ecf56554-164d-499a-8d00-206b07c27bed)
add Policy Microsoft Managed Control 1321 - Authenticator Management (eb627cc6-3a9d-46b5-96b7-5fca49178a37)
add Policy Microsoft Managed Control 1112 - Response To Audit Processing Failures (d530aad8-4ee2-45f4-b234-c061dae683c0)
add Policy Microsoft Managed Control 1392 - Information Spillage Response | Post-Spill Operations (86dc819f-15e1-43f9-a271-41ae58d4cecc)
add Policy Microsoft Managed Control 1146 - Security Assessments (dd83410c-ecb6-4547-8f14-748c3cbdc7ac)
add Policy Microsoft Managed Control 1249 - Contingency Plan (d3bf4251-0818-42db-950b-afd5b25a51c2)
add Policy Microsoft Managed Control 1509 - Position Risk Designation (70792197-9bfc-4813-905a-bd33993e327f)
add Policy Microsoft Managed Control 1361 - Incident Handling (03ed3be1-7276-4452-9a5d-e4168565ac67)
add Policy Microsoft Managed Control 1070 - Wireless Access | Disable Wireless Networking (68f837d0-8942-4b1e-9b31-be78b247bda8)
add Policy Microsoft Managed Control 1163 - Continuous Monitoring (961663a1-8a91-4e59-b6f5-1eee57c0f49c)
add Policy Microsoft Managed Control 1369 - Incident Monitoring (18cc35ed-a429-486d-8d59-cb47e87304ed)
add Policy Microsoft Managed Control 1267 - Alternate Storage Site (4e97ba1d-be5d-4953-8da4-0cccf28f4805)
add Policy Microsoft Managed Control 1258 - Contingency Training (7814506c-382c-4d33-a142-249dd4a0dbff)
add Policy Microsoft Managed Control 1015 - Account Management | Disable Inactive Accounts (544a208a-9c3f-40bc-b1d1-d7e144495c14)
add Policy Microsoft Managed Control 1422 - Maintenance Personnel (ea556850-838d-4a37-8ce5-9d7642f95e11)
add Policy Microsoft Managed Control 1325 - Authenticator Management (1845796a-7581-49b2-ae20-443121538e19)
add Policy Microsoft Managed Control 1529 - Third-Party Personnel Security (d74fdc92-1cb8-4a34-9978-8556425cd14c)
add Policy Microsoft Managed Control 1554 - Vulnerability Scanning | Discoverable Information (10984b4e-c93e-48d7-bf20-9c03b04e9eca)
add Policy Microsoft Managed Control 1476 - Fire Protection (0f3c4ac2-3e35-4906-a80b-473b12a622d7)
add Policy Microsoft Managed Control 1565 - System Development Life Cycle (45ce2396-5c76-4654-9737-f8792ab3d26b)
add Policy Microsoft Managed Control 1670 - Flaw Remediation (c6108469-57ee-4666-af7e-79ba61c7ae0c)
add Policy Microsoft Managed Control 1237 - Software Usage Restrictions | Open Source Software (e80b6812-0bfa-4383-8223-cdd86a46a890)
add Policy Microsoft Managed Control 1214 - Least Functionality (f714a4e2-b580-47b6-ae8c-f2812d3750f3)
add Policy Microsoft Managed Control 1047 - System Use Notification (e1ff6d62-a55c-41ab-90ba-90bb5b7b6f62)
add Policy Microsoft Managed Control 1499 - Rules Of Behavior (e59671ab-9720-4ee2-9c60-170e8c82251e)
add Policy Microsoft Managed Control 1036 - Least Privilege | Non-Privileged Access For Nonsecurity Functions (9a16d673-8cf0-4dcf-b1d5-9b3e114fef71)
add Policy Microsoft Managed Control 1046 - Automatic Account Lock | Purge / Wipe Mobile Device (0b1aa965-7502-41f9-92be-3e2fe7cc392a)
add Policy Microsoft Managed Control 1263 - Contingency Plan Testing (41472613-3b05-49f6-8fe8-525af113ce17)
add Policy Microsoft Managed Control 1191 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes (7f26a61b-a74d-467c-99cf-63644db144f7)
add Policy Microsoft Managed Control 1195 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes (d1e1d65c-1013-4484-bd54-991332e6a0d2)
add Policy Microsoft Managed Control 1663 - Protection Of Information At Rest (60171210-6dde-40af-a144-bf2670518bfa)
add Policy Microsoft Managed Control 1446 - Physical And Environmental Protection Policy And Procedures (bf6850fe-abba-468e-9ef4-d09ec7d983cd)
add Policy Microsoft Managed Control 1593 - External Information System Services | Processing, Storage, And Service Location (2cd0a426-b5f5-4fe0-9539-a6043cdbc6fa)
add Policy Microsoft Managed Control 1058 - Permitted Actions Without Identification Or Authentication (76e85d08-8fbb-4112-a1c1-93521e6a9254)
add Policy Microsoft Managed Control 1523 - Personnel Transfer (5577a310-2551-49c8-803b-36e0d5e55601)
add Policy Microsoft Managed Control 1580 - Information System Documentation (854db8ac-6adf-42a0-bef3-b73f764f40b9)
add Policy Microsoft Managed Control 1460 - Access Control For Output Devices (6f3ce1bb-4f77-4695-8355-70b08d54fdda)
add Policy Microsoft Managed Control 1060 - Remote Access (34a987fd-2003-45de-a120-014956581f2b)
add Policy Microsoft Managed Control 1661 - Session Authenticity | Invalidate Session Identifiers At Logout (4c643c9a-1be7-4016-a5e7-e4bada052920)
add Policy Microsoft Managed Control 1118 - Audit Review, Analysis, And Reporting | Correlate Audit Repositories (a96f743d-a195-420d-983a-08aa06bc441e)
add Policy Microsoft Managed Control 1701 - Information System Monitoring | Host-Based Devices (f25bc08f-27cb-43b6-9a23-014d00700426)
add Policy Microsoft Managed Control 1279 - Telecommunications Services (7d00bcd6-963d-4c02-ad8e-b45fa50bf3b0)
add Policy Microsoft Managed Control 1577 - Acquisition Process | Continuous Monitoring Plan (d922484a-8cfc-4a6b-95a4-77d6a685407f)
add Policy Microsoft Managed Control 1022 - Account Management | Shared / Group Account Credential Termination (411f7e2d-9a0b-4627-a0b9-1700432db47d)
add Policy Microsoft Managed Control 1316 - Identifier Management | Identify User Status (8ce14753-66e5-465d-9841-26ef55c09c0d)
add Policy Microsoft Managed Control 1251 - Contingency Plan | Coordinate With Related Plans (5e2b3730-8c14-4081-8893-19dbb5de7348)
add Policy Microsoft Managed Control 1016 - Account Management | Automated Audit Actions (d8b43277-512e-40c3-ab00-14b3b6e72238)
add Policy Microsoft Managed Control 1193 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes (f5fd629f-3075-4cae-ab53-bad65495a4ac)
add Policy Microsoft Managed Control 1101 - Audit And Accountability Policy And Procedures (7327b708-f0e0-457d-9d2a-527fcc9c9a65)
add Policy Microsoft Managed Control 1234 - Software Usage Restrictions (b293f881-361c-47ed-b997-bc4e2296bc0b)
add Policy Microsoft Managed Control 1038 - Least Privilege | Privileged Accounts (26692e88-71b7-4a5f-a8ac-9f31dd05bd8e)
add Policy Microsoft Managed Control 1318 - Authenticator Management (fced5fda-3bdb-4d73-bfea-0e2c80428b66)
add Policy Microsoft Managed Control 1641 - Transmission Confidentiality And Integrity | Cryptographic Or Alternate Physical Protection (d39d4f68-7346-4133-8841-15318a714a24)
add Policy Microsoft Managed Control 1089 - Security Awareness Training (ef080e67-0d1a-4f76-a0c5-fb9b0358485e)
add Policy Microsoft Managed Control 1110 - Audit Storage Capacity (6182bfa7-0f2a-43f5-834a-a2ddf31c13c7)
add Policy Microsoft Managed Control 1419 - Nonlocal Maintenance | Cryptographic Protection (b6747bf9-2b97-45b8-b162-3c8becb9937d)
add Policy Microsoft Managed Control 1173 - Internal System Connections (c4aff9e7-2e60-46fa-86be-506b79033fc5)
add Policy Microsoft Managed Control 1295 - Information System Recovery And Reconstitution (a895fbdb-204d-4302-9689-0a59dc42b3d9)
add Policy Microsoft Managed Control 1488 - Alternate Work Site (d8ef30eb-a44f-47af-8524-ac19a36d41d2)
add Policy Microsoft Managed Control 1703 - Security Alerts, Advisories, And Directives (804faf7d-b687-40f7-9f74-79e28adf4205)
add Policy Microsoft Managed Control 1122 - Audit Review, Analysis, And Reporting | Permitted Actions (243ec95e-800c-49d4-ba52-1fdd9f6b8b57)
add Policy Microsoft Managed Control 1695 - Information System Monitoring | Wireless Intrusion Detection (13fcf812-ec82-4eda-9b89-498de9efd620)
add Policy Microsoft Managed Control 1406 - Maintenance Tools | Inspect Media (a0f5339c-9292-43aa-a0bc-d27c6b8e30aa)
add Policy Microsoft Managed Control 1470 - Emergency Shutoff (c89ba09f-2e0f-44d0-8095-65b05bd151ef)
add Policy Microsoft Managed Control 1071 - Wireless Access | Restrict Configurations By Users (1a437f5b-9ad6-4f28-8861-de404d511ae4)
add Policy Microsoft Managed Control 1452 - Physical Access Control (82c76455-4d3f-4e09-a654-22e592107e74)
add Policy Microsoft Managed Control 1253 - Contingency Plan | Resume Essential Missions / Business Functions (0afce0b3-dd9f-42bb-af28-1e4284ba8311)
add Policy Microsoft Managed Control 1124 - Audit Reduction And Report Generation (c10152dd-78f8-4335-ae2d-ad92cc028da4)
add Policy Microsoft Managed Control 1647 - Cryptographic Protection (791cfc15-6974-42a0-9f4c-2d4b82f4a78c)
add Policy Microsoft Managed Control 1416 - Nonlocal Maintenance | Document Nonlocal Maintenance (38dfd8a3-5290-4099-88b7-4081f4c4d8ae)
add Policy Microsoft Managed Control 1457 - Physical Access Control (f2d9d3e6-8886-4305-865d-639163e5c305)
add Policy Microsoft Managed Control 1537 - Risk Assessment Policy And Procedures (b19454ca-0d70-42c0-acf5-ea1c1e5726d1)
add Policy Microsoft Managed Control 1546 - Vulnerability Scanning (2ce1ea7e-4038-4e53-82f4-63e8859333c1)
add Policy Microsoft Managed Control 1111 - Response To Audit Processing Failures (21de687c-f15e-4e51-bf8d-f35c8619965b)
add Policy Microsoft Managed Control 1530 - Third-Party Personnel Security (6e8f9566-29f1-49cd-b61f-f8628a3cf993)
add Policy Microsoft Managed Control 1660 - Session Authenticity (63096613-ce83-43e5-96f4-e588e8813554)
add Policy Microsoft Managed Control 1528 - Access Agreements (deb9797c-22f8-40e8-b342-a84003c924e6)
add Policy Microsoft Managed Control 1115 - Audit Review, Analysis, And Reporting (0b653845-2ad9-4e09-a4f3-5a7c1d78353d)
add Policy Microsoft Managed Control 1628 - Boundary Protection | External Telecommunications Services (67de62b4-a737-4781-8861-3baed3c35069)
add Policy Microsoft Managed Control 1412 - Nonlocal Maintenance (3492d949-0dbb-4589-88b3-7b59601cc764)
add Policy Microsoft Managed Control 1147 - Security Assessments (8fef824a-29a8-4a4c-88fc-420a39c0d541)
add Policy Microsoft Managed Control 1379 - Incident Response Plan (9442dd2c-a07f-46cd-b55a-553b66ba47ca)
add Policy Microsoft Managed Control 1578 - Acquisition Process | Functions / Ports / Protocols / Services In Use (45b7b644-5f91-498e-9d89-7402532d3645)
add Policy Microsoft Managed Control 1270 - Alternate Storage Site | Recovery Time / Point Objectives (53c76a39-2097-408a-b237-b279f7b4614d)
add Policy Microsoft Managed Control 1404 - Maintenance Tools (13d8f903-0cd6-449f-a172-50f6579c182b)
add Policy Microsoft Managed Control 1498 - Rules Of Behavior (633988b9-cf2f-4323-8394-f0d2af9cd6e1)
add Policy Microsoft Managed Control 1100 - Audit And Accountability Policy And Procedures (4057863c-ca7d-47eb-b1e0-503580cba8a4)
add Policy Microsoft Managed Control 1187 - Configuration Change Control (9f2b2f9e-4ba6-46c3-907f-66db138b6f85)
add Policy Microsoft Managed Control 1011 - Account Management (7e6a54f3-883f-43d5-87c4-172dfd64a1f5)
add Policy Microsoft Managed Control 1067 - Wireless Access (5c5e54f6-0127-44d0-8b61-f31dc8dd6190)
add Policy Microsoft Managed Control 1673 - Flaw Remediation | Automated Flaw Remediation Status (dff0b90d-5a6f-491c-b2f8-b90aa402d844)
add Policy Microsoft Managed Control 1082 - Information Sharing (24d480ef-11a0-4b1b-8e70-4e023bf2be23)
add Policy Microsoft Managed Control 1093 - Role-Based Security Training (7a0bdeeb-15f4-47e8-a1da-9f769f845fdf)
add Policy Microsoft Managed Control 1517 - Personnel Termination (8f5ad423-50d6-4617-b058-69908f5586c9)
add Policy Microsoft Managed Control 1327 - Authenticator Management | Password-Based Authentication (03188d8f-1ae5-4fe1-974d-2d7d32ef937d)
add Policy Microsoft Managed Control 1334 - Authenticator Management | Pki-Based Authentication (44bfdadc-8c2e-4c30-9c99-f005986fabcd)
add Policy Microsoft Managed Control 1216 - Least Functionality | Periodic Review (7894fe6a-f5cb-44c8-ba90-c3f254ff9484)
add Policy Microsoft Managed Control 1150 - Security Assessments | External Organizations (d630429d-e763-40b1-8fba-d20ba7314afb)
add Policy Microsoft Managed Control 1205 - Access Restrictions For Change | Signed Components (5b070cab-0fb8-4e48-ad29-fc90b4c2797c)
add Policy Microsoft Managed Control 1409 - Maintenance Tools | Prevent Unauthorized Removal (d1880188-e51a-4772-b2ab-68f5e8bd27f6)
add Policy Microsoft Managed Control 1606 - Developer Security Testing And Evaluation | Threat And Vulnerability Analyses (baa8a9a4-5bbe-4c72-98f6-a3a47ae2b1ca)
add Policy Microsoft Managed Control 1307 - Identification And Authentication (Org. Users) | Net. Access To Non-Priv. Accts. - Replay (84e622c8-4bed-417c-84c6-b2fb0dd73682)
add Policy Microsoft Managed Control 1026 - Account Management | Disable Accounts For High-Risk Individuals (55419419-c597-4cd4-b51e-009fd2266783)
add Policy Microsoft Managed Control 1662 - Fail In Known State (165cb91f-7ea8-4ab7-beaf-8636b98c9d15)
add Policy Microsoft Managed Control 1164 - Continuous Monitoring (0fb8d3ce-9e96-481c-9c68-88d4e3019310)
add Policy Microsoft Managed Control 1495 - System Security Plan (f4978d0e-a596-48e7-9f8c-bbf52554ce8d)
add Policy Microsoft Managed Control 1484 - Water Damage Protection | Automation Support (486b006a-3653-45e8-b41c-a052d3e05456)
add Policy Microsoft Managed Control 1020 - Account Management | Role-Based Schemes (0b291ee8-3140-4cad-beb7-568c077c78ce)
add Policy Microsoft Managed Control 1598 - Developer Configuration Management (ae7e1f5e-2d63-4b38-91ef-bce14151cce3)
add Policy Microsoft Managed Control 1069 - Wireless Access | Authentication And Encryption (91c97b44-791e-46e9-bad7-ab7c4949edbb)
add Policy Microsoft Managed Control 1658 - Secure Name / Address Resolution Service (Recursive Or Caching Resolver) (063b540e-4bdc-4e7a-a569-3a42ddf22098)
add Policy Microsoft Managed Control 1233 - Configuration Management Plan (9d79001f-95fe-45d0-8736-f217e78c1f57)
add Policy Microsoft Managed Control 1424 - Maintenance Personnel | Individuals Without Appropriate Access (cf55fc87-48e1-4676-a2f8-d9a8cf993283)
add Policy Microsoft Managed Control 1037 - Least Privilege | Network Access To Privileged Commands (fa4c2a3d-1294-41a3-9ada-0e540471e9fb)
add Policy Microsoft Managed Control 1302 - Identification And Authentication (Org. Users) | Network Access To Non-Privileged Accounts (09828c65-e323-422b-9774-9d5c646124da)
add Policy Microsoft Managed Control 1196 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes (4e7f4ea4-dd62-44f6-8886-ac6137cf52b0)
add Policy Microsoft Managed Control 1541 - Risk Assessment (70f6af82-7be6-44aa-9b15-8b9231b2e434)
add Policy Microsoft Managed Control 1157 - Plan Of Action And Milestones (15495367-cf68-464c-bbc3-f53ca5227b7a)
add Policy Microsoft Managed Control 1300 - Identification And Authentication (Organizational Users) (99deec7d-5526-472e-b07c-3645a792026a)
add Policy Microsoft Managed Control 1672 - Flaw Remediation | Central Management (b45fe972-904e-45a4-ac20-673ba027a301)
add Policy Microsoft Managed Control 1153 - System Interconnections (61cf3125-142c-4754-8a16-41ab4d529635)
add Policy Microsoft Managed Control 1014 - Account Management | Removal Of Temporary / Emergency Accounts (5dee936c-8037-4df1-ab35-6635733da48c)
add Policy Microsoft Managed Control 1654 - Voice Over Internet Protocol (0a2ee16e-ab1f-414a-800b-d1608835862b)
add Policy Microsoft Managed Control 1569 - Acquisition Process (ad2f8e61-a564-4dfd-8eaa-816f5be8cb34)
add Policy Microsoft Managed Control 1666 - System And Information Integrity Policy And Procedures (12e30ee3-61e6-4509-8302-a871e8ebb91e)
add Policy Microsoft Managed Control 1480 - Temperature And Humidity Controls (18a767cc-1947-4338-a240-bc058c81164f)
add Policy Microsoft Managed Control 1407 - Maintenance Tools | Prevent Unauthorized Removal (ff9fbd83-1d8d-4b41-aac2-94cb44b33976)
add Policy Microsoft Managed Control 1716 - Software, Firmware, And Information Integrity | Integration Of Detection And Response (e54c325e-42a0-4dcf-b105-046e0f6f590f)
add Policy Microsoft Managed Control 1710 - Security Function Verification (af2a93c8-e6dd-4c94-acdd-4a2eedfc478e)
add Policy Microsoft Managed Control 1623 - Boundary Protection (02ce1b22-412a-4528-8630-c42146f917ed)
add Policy Microsoft Managed Control 1697 - Information System Monitoring | Analyze Traffic / Covert Exfiltration (f9873db2-18ad-46b3-a11a-1a1f8cbf0335)
add Policy Microsoft Managed Control 1088 - Security Awareness And Training Policy And Procedures (1d50f99d-1356-49c0-934a-45f742ba7783)
add Policy Microsoft Managed Control 1520 - Personnel Termination (7f2c513b-eb16-463b-b469-c10e5fa94f0a)
add Policy Microsoft Managed Control 1315 - Identifier Management (3aa87116-f1a1-4edb-bfbf-14e036f8d454)
add Policy Microsoft Managed Control 1500 - Rules Of Behavior (9dd5b241-03cb-47d3-a5cd-4b89f9c53c92)
add Policy Microsoft Managed Control 1638 - Boundary Protection | Dynamic Isolation / Segregation (49b99653-32cd-405d-a135-e7d60a9aae1f)
add Policy Microsoft Managed Control 1314 - Identifier Management (ef0c8530-efd9-45b8-b753-f03083d06295)
add Policy Microsoft Managed Control 1286 - Telecommunications Services | Provider Contingency Plan (b4f9b47a-2116-4e6f-88db-4edbf22753f1)
add Policy Microsoft Managed Control 1210 - Configuration Settings (3502c968-c490-4570-8167-1476f955e9b8)
add Policy Microsoft Managed Control 1640 - Transmission Confidentiality And Integrity (05a289ce-6a20-4b75-a0f3-dc8601b6acd0)
add Policy Microsoft Managed Control 1285 - Telecommunications Services | Provider Contingency Plan (01f7726b-db54-45c2-bcb5-9bd7a43796ee)
add Policy Microsoft Managed Control 1430 - Media Marking (0f559588-5e53-4b14-a7c4-85d28ebc2234)
add Policy Microsoft Managed Control 1241 - User-Installed Software | Alerts For Unauthorized Installations (eca4d7b2-65e2-4e04-95d4-c68606b063c3)
add Policy Microsoft Managed Control 1017 - Account Management | Inactivity Logout (0fc3db37-e59a-48c1-84e9-1780cedb409e)
add Policy Microsoft Managed Control 1344 - Authenticator Feedback (2c895fe7-2d8e-43a2-838c-3a533a5b355e)
add Policy Microsoft Managed Control 1674 - Flaw Remediation | Time To Remediate Flaws / Benchmarks For Corrective Actions (93e9e233-dd0a-4bde-aea5-1371bce0e002)
add Policy Microsoft Managed Control 1235 - Software Usage Restrictions (c49c610b-ece4-44b3-988c-2172b70d6e46)
add Policy Microsoft Managed Control 1562 - Allocation Of Resources (d4142013-7964-4163-a313-a900301c2cef)
add Policy Microsoft Managed Control 1335 - Authenticator Management | Pki-Based Authentication (382016f3-d4ba-4e15-9716-55077ec4dc2a)
add Policy Microsoft Managed Control 1185 - Configuration Change Control (6420cd73-b939-43b7-9d99-e8688fea053c)
add Policy Microsoft Managed Control 1108 - Content Of Audit Records | Additional Audit Information (f9ad559e-c12d-415e-9a78-e50fdd7da7ba)
add Policy Microsoft Managed Control 1668 - Flaw Remediation (8fb0966e-be1d-42c3-baca-60df5c0bcc61)
add Policy Microsoft Managed Control 1061 - Remote Access | Automated Monitoring / Control (7ac22808-a2e8-41c4-9d46-429b50738914)
add Policy Microsoft Managed Control 1540 - Security Categorization (f771f8cb-6642-45cc-9a15-8a41cd5c6977)
add Policy Microsoft Managed Control 1057 - Permitted Actions Without Identification Or Authentication (78255758-6d45-4bf0-a005-7016bc03b13c)
add Policy Microsoft Managed Control 1671 - Flaw Remediation (5c5bbef7-a316-415b-9b38-29753ce8e698)
add Policy Microsoft Managed Control 1425 - Timely Maintenance (5983d99c-f39b-4c32-a3dc-170f19f6941b)
add Policy Microsoft Managed Control 1291 - Information System Backup | Testing For Reliability / Integrity (6d8fd073-9c85-4ee2-a9d0-2e4ec9eb8912)
add Policy Microsoft Managed Control 1631 - Boundary Protection | Deny By Default / Allow By Exception (74ae9b8e-e7bb-4c9c-992f-c535282f7a2c)
add Policy Microsoft Managed Control 1382 - Incident Response Plan (841392b3-40da-4473-b328-4cde49db67b3)
add Policy Microsoft Managed Control 1252 - Contingency Plan | Capacity Planning (a328fd72-8ff5-4f96-8c9c-b30ed95db4ab)
add Policy Microsoft Managed Control 1599 - Developer Configuration Management | Software / Firmware Integrity Verification (0004bbf0-5099-4179-869e-e9ffe5fb0945)
add Policy Microsoft Managed Control 1687 - Information System Monitoring (7a87fc7f-301e-49f3-ba2a-4d74f424fa97)
add Policy Microsoft Managed Control 1395 - System Maintenance Policy And Procedures (7207a023-a517-41c5-9df2-09d4c6845a05)
add Policy Microsoft Managed Control 1211 - Configuration Settings (6a8b9dc8-6b00-4701-aa96-bba3277ebf50)
add Policy Microsoft Managed Control 1243 - Contingency Planning Policy And Procedures (ca9a4469-d6df-4ab2-a42f-1213c396f0ec)
add Policy Microsoft Managed Control 1542 - Risk Assessment (eab340d0-3d55-4826-a0e5-feebfeb0131d)
add Policy Microsoft Managed Control 1174 - Configuration Management Policy And Procedures (42a9a714-8fbb-43ac-b115-ea12d2bd652f)
add Policy Microsoft Managed Control 1659 - Architecture And Provisioning For Name / Address Resolution Service (35a4102f-a778-4a2e-98c2-971056288df8)
add Policy Microsoft Managed Control 1636 - Boundary Protection | Isolation Of Security Tools / Mechanisms / Support Components (7b694eed-7081-43c6-867c-41c76c961043)
add Policy Microsoft Managed Control 1440 - Media Sanitization | Review / Approve / Track / Document / Verify (881299bf-2a5b-4686-a1b2-321d33679953)
add Policy Microsoft Managed Control 1507 - Personnel Security Policy And Procedures (86ccd1bf-e7ad-4851-93ce-6ec817469c1e)
add Policy Microsoft Managed Control 1715 - Software, Firmware, And Information Integrity | Automated Response To Integrity Violations (dd469ae0-71a8-4adc-aafc-de6949ca3339)
add Policy Microsoft Managed Control 1002 - Account Management (632024c2-8079-439d-a7f6-90af1d78cc65)
add Policy Microsoft Managed Control 1342 - Authenticator Management | Hardware Token-Based Authentication (283a4e29-69d5-4c94-b99e-29acf003c899)
add Policy Microsoft Managed Control 1445 - Physical And Environmental Protection Policy And Procedures (32d07d59-2716-4972-b37b-214a67ac4a37)
add Policy Microsoft Managed Control 1527 - Access Agreements (2823de66-332f-4bfd-94a3-3eb036cd3b67)
add Policy Microsoft Managed Control 1400 - Controlled Maintenance (a96d5098-a604-4cdf-90b1-ef6449a27424)
add Policy Microsoft Managed Control 1587 - External Information System Services (32820956-9c6d-4376-934c-05cd8525be7c)
Policy count Total Policies: 991
Builtin Policies: 263
Static Policies: 728
Policy used
Policy DisplayName Policy Id Category Effect State
[Preview]: All Internet traffic should be routed via your deployed Azure Firewall fc5e4038-4584-4632-8c85-c0448d374b2c Network Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Preview
[Preview]: Azure Arc enabled Kubernetes clusters should have Azure Defender's extension installed 8dfab9c4-fe7b-49ad-85e4-1e9be085358f Kubernetes Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Preview
[Preview]: Azure Key Vault should disable public network access 55615ac9-af46-4a59-874e-391cc3dfb490 Key Vault Default: Audit
Allowed: (Audit, Deny, Disabled)
Preview
[Preview]: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data 2e94d99a-8a36-4563-bc77-810d8893b671 Backup Default: Audit
Allowed: (Audit, Deny, Disabled)
Preview
[Preview]: Certificates should have the specified maximum validity period 0a075868-4c26-42ef-914c-5bc007359560 Key Vault Default: audit
Allowed: (audit, deny, disabled)
Preview
[Preview]: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK) 47031206-ce96-41f8-861b-6a915f3de284 Internet of Things Default: Audit
Allowed: (Audit, Deny, Disabled)
Preview
[Preview]: Log Analytics extension should be installed on your Linux Azure Arc machines 842c54e8-c2f9-4d79-ae8d-38d8b8019373 Monitoring Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Preview
[Preview]: Log Analytics extension should be installed on your Windows Azure Arc machines d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e Monitoring Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Preview
[Preview]: Network traffic data collection agent should be installed on Linux virtual machines 04c4380f-3fae-46e8-96c9-30193528f602 Monitoring Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Preview
[Preview]: Network traffic data collection agent should be installed on Windows virtual machines 2f2ee1de-44aa-4762-b6bd-0893fc3f306d Monitoring Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Preview
[Preview]: Private endpoint should be configured for Key Vault 5f0bc445-3935-4915-9981-011aa2b46147 Key Vault Default: Audit
Allowed: (Audit, Deny, Disabled)
Preview
[Preview]: Sensitive data in your SQL databases should be classified cc9835f2-9f6b-4cc8-ab4a-f8ef615eb349 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
Preview
[Preview]: Storage account public access should be disallowed 4fa4b6c0-31ca-4c0d-b10d-24b96f62a751 Storage Default: audit
Allowed: (audit, deny, disabled)
Preview
A maximum of 3 owners should be designated for your subscription 4f11b553-d42e-4e3a-89be-32ca364cad4c Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
A vulnerability assessment solution should be enabled on your virtual machines 501541f7-f7e7-4cd6-868c-4190fdad3ac9 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Adaptive application controls for defining safe applications should be enabled on your machines 47a6b606-51aa-4496-8bb7-64b11cf66adc Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Adaptive network hardening recommendations should be applied on internet facing virtual machines 08e6af2d-db70-460a-bfe9-d5bd474ba9d6 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Add system-assigned managed identity to enable Guest Configuration assignments on virtual machines with no identities 3cf2ab00-13f1-4d0c-8971-2ac904541a7e Guest Configuration Fixed: modify GA
Add system-assigned managed identity to enable Guest Configuration assignments on VMs with a user-assigned identity 497dff13-db2a-4c0f-8603-28fa3b331ab6 Guest Configuration Fixed: modify GA
All network ports should be restricted on network security groups associated to your virtual machine 9daedab3-fb2d-461e-b861-71790eead4f6 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Allowlist rules in your adaptive application control policy should be updated 123a3936-f020-408a-ba0c-47873faf1534 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
An Azure Active Directory administrator should be provisioned for SQL servers 1f314764-cb73-4fc9-b863-8eca98ac36e9 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
API App should only be accessible over HTTPS b7ddfbdc-1260-477d-91fd-98bd9be789a6 App Service Default: Audit
Allowed: (Audit, Disabled)
GA
API Management services should use a virtual network ef619a2c-cc4d-4d03-b2ba-8c94a834d85b API Management Default: Audit
Allowed: (Audit, Disabled)
GA
App Configuration should use private link ca610c1d-041c-4332-9d88-7ed3094967c7 App Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
App Service Environment should enable internal encryption fb74e86f-d351-4b8d-b034-93da7391c01f App Service Default: Audit
Allowed: (Audit, Disabled)
GA
Audit Linux machines that allow remote connections from accounts without passwords ea53dbee-c6c9-4f0e-9f9e-de0039b78023 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Audit Linux machines that do not have the passwd file permissions set to 0644 e6955644-301c-44b5-a4c4-528577de6861 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Audit Linux machines that have accounts without passwords f6ec09a3-78bf-4f8f-99dc-6c77182d0f99 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Audit usage of custom RBAC rules a451c1ef-c6ca-483d-87ed-f49761e3ffb5 General Default: Audit
Allowed: (Audit, Disabled)
GA
Audit virtual machines without disaster recovery configured 0015ea4d-51ff-4ce3-8d8c-f3f8f0179a56 Compute Fixed: auditIfNotExists GA
Audit Windows machines that allow re-use of the previous 24 passwords 5b054a0d-39e2-4d53-bea3-9734cad2c69b Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Audit Windows machines that do not have a maximum password age of 70 days 4ceb8dc2-559c-478b-a15b-733fbf1e3738 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Audit Windows machines that do not have a minimum password age of 1 day 237b38db-ca4d-4259-9e47-7882441ca2c0 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Audit Windows machines that do not have the password complexity setting enabled bf16e0bb-31e1-4646-8202-60a235cc7e74 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Audit Windows machines that do not restrict the minimum password length to 14 characters a2d0e922-65d0-40c4-8f87-ea6da2d307a2 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Audit Windows machines that do not store passwords using reversible encryption da0f98fe-a24b-4ad5-af69-bd0400233661 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Auditing on SQL server should be enabled a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Authentication to Linux machines should require SSH keys 630c64f9-8b6b-4c64-b511-6544ceff6fd6 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Authorized IP ranges should be defined on Kubernetes Services 0e246bcf-5f6f-4f87-bc6f-775d4712c7ea Security Center Default: Audit
Allowed: (Audit, Disabled)
GA
Auto provisioning of the Log Analytics agent should be enabled on your subscription 475aae12-b88a-4572-8b36-9b712b2b3a17 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Automation account variables should be encrypted 3657f5a0-770e-44a3-b44e-9431ba1e9735 Automation Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure API for FHIR should use a customer-managed key to encrypt data at rest 051cba44-2429-45b9-9649-46cec11c7119 API for FHIR Default: audit
Allowed: (audit, disabled)
GA
Azure API for FHIR should use private link 1ee56206-5dd1-42ab-b02d-8aae8b1634ce API for FHIR Default: Audit
Allowed: (Audit, Disabled)
GA
Azure Automation accounts should use customer-managed keys to encrypt data at rest 56a5ee18-2ae6-4810-86f7-18e39ce5629b Automation Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Backup should be enabled for Virtual Machines 013e242c-8828-4970-87b3-ab247555486d Backup Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Batch account should use customer-managed keys to encrypt data 99e9ccd8-3db9-4592-b0d1-14b1715a4d8a Batch Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Cache for Redis should reside within a virtual network 7d092e0a-7acd-40d2-a975-dca21cae48c4 Cache Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Cache for Redis should use private link 7803067c-7d34-46e3-8c79-0ca68fc4036d Cache Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Cognitive Search service should use a SKU that supports private link a049bf77-880b-470f-ba6d-9f21c530cf83 Search Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Cognitive Search services should disable public network access ee980b6d-0eca-4501-8d54-f6290fd512c3 Search Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Cognitive Search services should use private link 0fda3595-9f2b-4592-8675-4231d6fa82fe Search Default: Audit
Allowed: (Audit, Disabled)
GA
Azure Container Instance container group should use customer-managed key for encryption 0aa61e00-0a01-4a3c-9945-e93cffedf0e6 Container Instance Default: Audit
Allowed: (Audit, Disabled, Deny)
GA
Azure Cosmos DB accounts should have firewall rules 862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb Cosmos DB Default: Deny
Allowed: (Audit, Deny, Disabled)
GA
Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest 1f905d99-2ab7-462c-a6b0-f709acca6c8f Cosmos DB Default: audit
Allowed: (audit, deny, disabled)
GA
Azure Data Box jobs should enable double encryption for data at rest on the device c349d81b-9985-44ae-a8da-ff98d108ede8 Data Box Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password 86efb160-8de7-451d-bc08-5d475b0aadae Data Box Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Data Explorer encryption at rest should use a customer-managed key 81e74cea-30fd-40d5-802f-d72103c2aaaa Azure Data Explorer Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure data factories should be encrypted with a customer-managed key 4ec52d6d-beb7-40c4-9a9e-fe753254690e Data Factory Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Data Factory should use private link 8b0323be-cc25-4b61-935d-002c3798c6ea Data Factory Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure DDoS Protection Standard should be enabled a7aca53f-2ed4-4466-a25e-0b45ade68efd Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for App Service should be enabled 2913021d-f2fd-4f3d-b958-22354e2bdbcb Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for Azure SQL Database servers should be enabled 7fe3b40f-802b-4cdd-8bd4-fd799c948cc2 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for container registries should be enabled c25d9a16-bc35-4e15-a7e5-9db606bf9ed4 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for DNS should be enabled bdc59948-5574-49b3-bb91-76b7c986428d Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for Key Vault should be enabled 0e6763cc-5078-4e64-889d-ff4d9a839047 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for Kubernetes should be enabled 523b5cd1-3e23-492f-a539-13118b6d1e3a Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for Resource Manager should be enabled c3d20c29-b36d-48fe-808b-99a87530ad99 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for servers should be enabled 4da35fc9-c9e7-4960-aec9-797fe7d9051d Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for SQL servers on machines should be enabled 6581d072-105e-4418-827f-bd446d56421b Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for SQL should be enabled for unprotected Azure SQL servers abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for SQL should be enabled for unprotected SQL Managed Instances abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Defender for Storage should be enabled 308fbb08-4ab8-4e67-9b29-592e93fb94fa Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure Event Grid domains should use private link 9830b652-8523-49cc-b1b3-e17dce1127ca Event Grid Default: Audit
Allowed: (Audit, Disabled)
GA
Azure Event Grid topics should use private link 4b90e17e-8448-49db-875e-bd83fb6f804f Event Grid Default: Audit
Allowed: (Audit, Disabled)
GA
Azure File Sync should use private link 1d320205-c6a1-4ac6-873d-46224024e8e2 Storage Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure HDInsight clusters should use customer-managed keys to encrypt data at rest 64d314f6-6062-4780-a861-c23e8951bee5 HDInsight Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure HDInsight clusters should use encryption at host to encrypt data at rest 1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6 HDInsight Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes d9da03a1-f3c3-412a-9709-947156872263 HDInsight Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Machine Learning workspaces should be encrypted with a customer-managed key ba769a63-b8cc-4b2d-abf6-ac33c7204be8 Machine Learning Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Machine Learning workspaces should use private link 40cec1dd-a100-4920-b15b-3024fe8901ab Machine Learning Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption) ea0dfaed-95fb-448c-934e-d6e713ce393d Monitoring Default: audit
Allowed: (audit, deny, disabled)
GA
Azure Monitor Logs clusters should be encrypted with customer-managed key 1f68a601-6e6d-4e42-babf-3f643a047ea2 Monitoring Default: audit
Allowed: (audit, deny, disabled)
GA
Azure Policy Add-on for Kubernetes service (AKS) should be installed and enabled on your clusters 0a15ec92-a229-4763-bb14-0ea34a568f8d Kubernetes Default: Audit
Allowed: (Audit, Disabled)
GA
Azure Service Bus namespaces should use private link 1c06e275-d63d-4540-b761-71f364c2111d Service Bus Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Azure SignalR Service should use private link 53503636-bcc9-4748-9663-5348217f160f SignalR Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Spring Cloud should use network injection af35e2a4-ef96-44e7-a9ae-853dd97032c4 App Platform Default: Audit
Allowed: (Audit, Disabled, Deny)
GA
Azure Stack Edge devices should use double-encryption b4ac1030-89c5-4697-8e00-28b5ba6a8811 Azure Stack Edge Default: audit
Allowed: (audit, deny, disabled)
GA
Azure Stream Analytics jobs should use customer-managed keys to encrypt data 87ba29ef-1ab3-4d82-b763-87fcd4f531f7 Stream Analytics Default: audit
Allowed: (audit, deny, disabled)
GA
Azure Synapse workspaces should use customer-managed keys to encrypt data at rest f7d52b2d-e161-4dfa-a82b-55e564167385 Synapse Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Azure Synapse workspaces should use private link 72d11df1-dd8a-41f7-8925-b05b960ebafc Synapse Default: Audit
Allowed: (Audit, Disabled)
GA
Azure Web PubSub Service should use private link 52630df9-ca7e-442b-853b-c6ce548b31a2 Web PubSub Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Bot Service should be encrypted with a customer-managed key 51522a96-0869-4791-82f3-981000c2c67f Bot Service Default: audit
Allowed: (audit, deny, disabled)
GA
Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys 7d7be79c-23ba-4033-84dd-45e2a5ccdd67 Kubernetes Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Cognitive Services accounts should disable public network access 0725b4dd-7e76-479c-a735-68e7ee23d5ca Cognitive Services Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Cognitive Services accounts should enable data encryption with a customer-managed key 67121cc7-ff39-4ab8-b7e3-95b84dab487d Cognitive Services Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Cognitive Services accounts should have local authentication methods disabled 71ef260a-8f18-47b7-abcb-62d0673d94dc Cognitive Services Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Cognitive Services accounts should restrict network access 037eea7a-bd0a-46c5-9a66-03aea78705d3 Cognitive Services Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Cognitive Services should use private link cddd188c-4b82-4c48-a19d-ddf74ee66a01 Cognitive Services Default: Audit
Allowed: (Audit, Disabled)
GA
Container registries should be encrypted with a customer-managed key 5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580 Container Registry Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Container registries should not allow unrestricted network access d0793b48-0edc-4296-a390-4c75d1bdfd71 Container Registry Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Container registries should use private link e8eef0a8-67cf-4eb4-9386-14b0e78733d4 Container Registry Default: Audit
Allowed: (Audit, Disabled)
GA
CORS should not allow every resource to access your API App 358c20a6-3f9e-4f0e-97ff-c6ce485e2aac App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
CORS should not allow every resource to access your Function Apps 0820b7b9-23aa-4725-a1ce-ae4558f718e5 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
CORS should not allow every resource to access your Web Applications 5744710e-cc2f-4ee8-8809-3b11e89f4bc9 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
CosmosDB accounts should use private link 58440f8a-10c5-4151-bdce-dfbaad4a20b7 Cosmos DB Default: Audit
Allowed: (Audit, Disabled)
GA
Deploy the Linux Guest Configuration extension to enable Guest Configuration assignments on Linux VMs 331e8ea8-378a-410f-a2e5-ae22f38bb0da Guest Configuration Fixed: deployIfNotExists GA
Deploy the Windows Guest Configuration extension to enable Guest Configuration assignments on Windows VMs 385f5831-96d4-41db-9a3c-cd3af78aaae6 Guest Configuration Fixed: deployIfNotExists GA
Deprecated accounts should be removed from your subscription 6b1cbf55-e8b6-442f-ba4c-7246b6381474 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Deprecated accounts with owner permissions should be removed from your subscription ebb62a0c-3560-49e1-89ed-27e074e9f8ad Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Diagnostic logs in App Services should be enabled b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Disk access resources should use private link f39f5f49-4abf-44de-8c70-0756997bfb51 Compute Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Disk encryption should be enabled on Azure Data Explorer f4b53539-8df9-40e4-86c6-6b607703bd4e Azure Data Explorer Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Double encryption should be enabled on Azure Data Explorer ec068d99-e9c7-401f-8cef-5bdde4e6ccf1 Azure Data Explorer Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Email notification for high severity alerts should be enabled 6e2593d9-add6-4083-9c9b-4b7d2188c899 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Email notification to subscription owner for high severity alerts should be enabled 0b15565f-aa9e-48ba-8619-45960f2c314d Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Endpoint protection solution should be installed on virtual machine scale sets 26a828e1-e88f-464e-bbb3-c134a282b9de Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Enforce SSL connection should be enabled for MySQL database servers e802a67a-daf5-4436-9ea6-f6d821dd0c5d SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Enforce SSL connection should be enabled for PostgreSQL database servers d158790f-bfb0-486c-8631-2dc6b4e8e6af SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Ensure API app has 'Client Certificates (Incoming client certificates)' set to 'On' 0c192fe8-9cbb-4516-85b3-0ade8bd03886 App Service Default: Audit
Allowed: (Audit, Disabled)
GA
Ensure that 'HTTP Version' is the latest, if used to run the API app 991310cd-e9f3-47bc-b7b6-f57b557d07db App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'HTTP Version' is the latest, if used to run the Function app e2c1c086-2d84-4019-bff3-c44ccd95113c App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'HTTP Version' is the latest, if used to run the Web app 8c122334-9d20-4eb8-89ea-ac9a705b74ae App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'Java version' is the latest, if used as a part of the API app 88999f4c-376a-45c8-bcb3-4058f713cf39 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'Java version' is the latest, if used as a part of the Function app 9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'Java version' is the latest, if used as a part of the Web app 496223c3-ad65-4ecd-878a-bae78737e9ed App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'PHP version' is the latest, if used as a part of the API app 1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'PHP version' is the latest, if used as a part of the WEB app 7261b898-8a84-4db8-9e04-18527132abb3 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'Python version' is the latest, if used as a part of the API app 74c3584d-afae-46f7-a20a-6f8adba71a16 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'Python version' is the latest, if used as a part of the Function app 7238174a-fd10-4ef0-817e-fc820a951d73 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure that 'Python version' is the latest, if used as a part of the Web app 7008174a-fd10-4ef0-817e-fc820a951d73 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Ensure WEB app has 'Client Certificates (Incoming client certificates)' set to 'On' 5bb220d9-2698-4ee4-8404-b9c30c9df609 App Service Default: Audit
Allowed: (Audit, Disabled)
GA
Event Hub namespaces should use a customer-managed key for encryption a1ad735a-e96f-45d2-a7b2-9a4932cab7ec Event Hub Default: Audit
Allowed: (Audit, Disabled)
GA
Event Hub namespaces should use private link b8564268-eb4a-4337-89be-a19db070c59d Event Hub Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
External accounts with owner permissions should be removed from your subscription f8456c1c-aa66-4dfb-861a-25d127b775c9 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
External accounts with read permissions should be removed from your subscription 5f76cf89-fbf2-47fd-a3f4-b891fa780b60 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
External accounts with write permissions should be removed from your subscription 5c607a2e-c700-4744-8254-d77e7c9eb5e4 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
FTPS only should be required in your API App 9a1b8c48-453a-4044-86c3-d8bfd823e4f5 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
FTPS only should be required in your Function App 399b2637-a50f-4f95-96f8-3a145476eb15 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
FTPS should be required in your Web App 4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Function App should only be accessible over HTTPS 6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab App Service Default: Audit
Allowed: (Audit, Disabled)
GA
Function apps should have 'Client Certificates (Incoming client certificates)' enabled eaebaea7-8013-4ceb-9d14-7eb32271373c App Service Default: Audit
Allowed: (Audit, Disabled)
GA
Geo-redundant backup should be enabled for Azure Database for MariaDB 0ec47710-77ff-4a3d-9181-6aa50af424d0 SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Geo-redundant backup should be enabled for Azure Database for MySQL 82339799-d096-41ae-8538-b108becf0970 SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Geo-redundant backup should be enabled for Azure Database for PostgreSQL 48af4db5-9b8b-401c-8e74-076be876a430 SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Geo-redundant storage should be enabled for Storage Accounts bf045164-79ba-4215-8f95-f8048dc1780b Storage Default: Audit
Allowed: (Audit, Disabled)
GA
Guest Configuration extension should be installed on your machines ae89ebca-1c92-4898-ac2c-9f63decb045c Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
HPC Cache accounts should use customer-managed key for encryption 970f84d8-71b6-4091-9979-ace7e3fb6dbb Storage Default: Audit
Allowed: (Audit, Disabled, Deny)
GA
Infrastructure encryption should be enabled for Azure Database for MySQL servers 3a58212a-c829-4f13-9872-6371df2fd0b4 SQL Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers 24fba194-95d6-48c0-aea7-f65bf859c598 SQL Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Internet-facing virtual machines should be protected with network security groups f6de0be7-9a8a-4b8a-b349-43cf02d22f7c Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
IoT Hub device provisioning service instances should use private link df39c015-56a4-45de-b4a3-efe77bed320d Internet of Things Default: Audit
Allowed: (Audit, Disabled)
GA
IP Forwarding on your virtual machine should be disabled bd352bd5-2853-4985-bf0d-73806b4a5744 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Key Vault keys should have an expiration date 152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0 Key Vault Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Key Vault secrets should have an expiration date 98728c90-32c7-4049-8429-847dc0f4fe37 Key Vault Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Key vaults should have purge protection enabled 0b60c0b2-2dc2-4e1c-b5c9-abbed971de53 Key Vault Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Key vaults should have soft delete enabled 1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d Key Vault Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits e345eecc-fa47-480f-9e88-67dcc122b164 Kubernetes Default: deny
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster containers should not share host process ID or host IPC namespace 47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8 Kubernetes Default: audit
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster containers should only listen on allowed ports 440b515e-a580-421e-abeb-b159a61ddcbc Kubernetes Default: deny
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster containers should only use allowed AppArmor profiles 511f5417-5d12-434d-ab2e-816901e72a5e Kubernetes Default: audit
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster containers should only use allowed capabilities c26596ff-4d70-4e6a-9a30-c2506bd2f80c Kubernetes Default: audit
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster containers should only use allowed images febd0533-8e55-448f-b837-bd0e06f16469 Kubernetes Default: deny
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster containers should run with a read only root file system df49d893-a74c-421d-bc95-c663042e5b80 Kubernetes Default: audit
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster pod hostPath volumes should only use allowed host paths 098fc59e-46c7-4d99-9b16-64990e543d75 Kubernetes Default: audit
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster pods and containers should only run with approved user and group IDs f06ddb64-5fa3-4b77-b166-acb36f7f6042 Kubernetes Default: audit
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster pods should only use approved host network and port range 82985f06-dc18-4a48-bc1c-b9f4f0098cfe Kubernetes Default: audit
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster services should listen only on allowed ports 233a2a17-77ca-4fb1-9b6b-69223d272a44 Kubernetes Default: deny
Allowed: (audit, deny, disabled)
GA
Kubernetes cluster should not allow privileged containers 95edb821-ddaf-4404-9732-666045e056b4 Kubernetes Default: deny
Allowed: (audit, deny, disabled)
GA
Kubernetes clusters should be accessible only over HTTPS 1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d Kubernetes Default: deny
Allowed: (audit, deny, disabled)
GA
Kubernetes clusters should not allow container privilege escalation 1c6e92c9-99f0-4e55-9cf2-0c234dc48f99 Kubernetes Default: audit
Allowed: (audit, deny, disabled)
GA
Kubernetes Services should be upgraded to a non-vulnerable Kubernetes version fb893a29-21bb-418c-a157-e99480ec364c Security Center Default: Audit
Allowed: (Audit, Disabled)
GA
Latest TLS version should be used in your API App 8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Latest TLS version should be used in your Function App f9d614c5-c173-4d56-95a7-b4437057d193 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Latest TLS version should be used in your Web App f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Linux machines should meet requirements for the Azure compute security baseline fc9b3da7-8347-4380-8e70-0a0361d8dedd Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Log Analytics agent health issues should be resolved on your machines d62cfe2b-3ab0-4d41-980d-76803b58ca65 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Log Analytics agent should be installed on your virtual machine for Azure Security Center monitoring a4fe33eb-e377-4efb-ab31-0784311bc499 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Log Analytics agent should be installed on your virtual machine scale sets for Azure Security Center monitoring a3a6ea0c-e018-4933-9ef0-5aaa1501449b Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Logic Apps Integration Service Environment should be encrypted with customer-managed keys 1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5 Logic Apps Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Long-term geo-redundant backup should be enabled for Azure SQL Databases d38fc420-0735-4ef3-ac11-c806f651a570 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Managed disks should be double encrypted with both platform-managed and customer-managed keys ca91455f-eace-4f96-be59-e6e2c35b4816 Compute Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Managed identity should be used in your API App c4d441f8-f9d9-4a9e-9cef-e82117cb3eef App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Managed identity should be used in your Function App 0da106f2-4ca3-48e8-bc85-c638fe6aea8f App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Managed identity should be used in your Web App 2b9ad585-36bc-4615-b300-fd4435808332 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Management ports of virtual machines should be protected with just-in-time network access control b0f33259-77d7-4c9e-aac6-3aabcfae693c Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Management ports should be closed on your virtual machines 22730e10-96f6-4aac-ad84-9383d35b5917 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
MFA should be enabled accounts with write permissions on your subscription 9297c21d-2ed6-4474-b48f-163f75654ce3 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
MFA should be enabled on accounts with owner permissions on your subscription aa633080-8b72-40c4-a2d7-d00c03e80bed Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
MFA should be enabled on accounts with read permissions on your subscription e3576e28-8b17-4677-84c3-db2990658d64 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Microsoft Managed Control 1000 - Access Control Policy And Procedures 2ef3cc79-733e-48ed-ab6f-7bf439e9b406 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1001 - Access Control Policy And Procedures 4e26f8c3-4bf3-4191-b8fc-d888805101b7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1002 - Account Management 632024c2-8079-439d-a7f6-90af1d78cc65 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1003 - Account Management 3b68b179-3704-4ff7-b51d-7d65374d165d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1004 - Account Management c17822dc-736f-4eb4-a97d-e6be662ff835 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1005 - Account Management 5b626abc-26d4-4e22-9de8-3831818526b1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1006 - Account Management aae8d54c-4bce-4c04-b3aa-5b65b67caac8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1007 - Account Management 17200329-bf6c-46d8-ac6d-abf4641c2add Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1008 - Account Management 8356cfc6-507a-4d20-b818-08038011cd07 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1009 - Account Management b26f8610-e615-47c2-abd6-c00b2b0b503a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1010 - Account Management 784663a8-1eb0-418a-a98c-24d19bc1bb62 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1011 - Account Management 7e6a54f3-883f-43d5-87c4-172dfd64a1f5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1012 - Account Management efd7b9ae-1db6-4eb6-b0fe-87e6565f9738 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1013 - Account Management | Automated System Account Management 8fd7b917-d83b-4379-af60-51e14e316c61 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1014 - Account Management | Removal Of Temporary / Emergency Accounts 5dee936c-8037-4df1-ab35-6635733da48c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1015 - Account Management | Disable Inactive Accounts 544a208a-9c3f-40bc-b1d1-d7e144495c14 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1016 - Account Management | Automated Audit Actions d8b43277-512e-40c3-ab00-14b3b6e72238 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1017 - Account Management | Inactivity Logout 0fc3db37-e59a-48c1-84e9-1780cedb409e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1018 - Account Management | Role-Based Schemes c9121abf-e698-4ee9-b1cf-71ee528ff07f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1019 - Account Management | Role-Based Schemes 6a3ee9b2-3977-459c-b8ce-2db583abd9f7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1020 - Account Management | Role-Based Schemes 0b291ee8-3140-4cad-beb7-568c077c78ce Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1021 - Account Management | Restrictions On Use Of Shared / Group Accounts 9a3eb0a3-428d-4669-baff-20a14eb4b551 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1022 - Account Management | Shared / Group Account Credential Termination 411f7e2d-9a0b-4627-a0b9-1700432db47d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1023 - Account Management | Usage Conditions e55698b6-3dea-4aa9-99b9-d8218c6ab6e5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1024 - Account Management | Account Monitoring / Atypical Usage 84914fb4-12da-4c53-a341-a9fd463bed10 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1025 - Account Management | Account Monitoring / Atypical Usage adfe020d-0a97-45f4-a39c-696ef99f3a95 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1026 - Account Management | Disable Accounts For High-Risk Individuals 55419419-c597-4cd4-b51e-009fd2266783 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1027 - Access Enforcement a76ca9b0-3f4a-4192-9a38-b25e4f8ae48c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1028 - Information Flow Enforcement f171df5c-921b-41e9-b12b-50801c315475 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1029 - Information Flow Enforcement | Security Policy Filters 53ac8f8e-c2b5-4d44-8a2d-058e9ced9b69 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1030 - Information Flow Enforcement | Physical / Logical Separation Of Information Flows d3531453-b869-4606-9122-29c1cd6e7ed1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1031 - Separation Of Duties 6b93a801-fe25-4574-a60d-cb22acffae00 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1032 - Separation Of Duties 5aa85661-d618-46b8-a20f-ca40a86f0751 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1033 - Separation Of Duties 48540f01-fc11-411a-b160-42807c68896e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1034 - Least Privilege 02a5ed00-6d2e-4e97-9a98-46c32c057329 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1035 - Least Privilege | Authorize Access To Security Functions ca94b046-45e2-444f-a862-dc8ce262a516 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1036 - Least Privilege | Non-Privileged Access For Nonsecurity Functions 9a16d673-8cf0-4dcf-b1d5-9b3e114fef71 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1037 - Least Privilege | Network Access To Privileged Commands fa4c2a3d-1294-41a3-9ada-0e540471e9fb Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1038 - Least Privilege | Privileged Accounts 26692e88-71b7-4a5f-a8ac-9f31dd05bd8e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1039 - Least Privilege | Review Of User Privileges 3a7b9de4-a8a2-4672-914d-c5f6752aa7f9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1040 - Least Privilege | Review Of User Privileges 54205576-cec9-463f-ba44-b4b3f5d0a84c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1041 - Least Privilege | Privilege Levels For Code Execution b3d8d15b-627a-4219-8c96-4d16f788888b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1042 - Least Privilege | Auditing Use Of Privileged Functions 319dc4f0-0fed-4ac9-8fc3-7aeddee82c07 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1043 - Least Privilege | Prohibit Non-Privileged Users From Executing Privileged Functions 361a77f6-0f9c-4748-8eec-bc13aaaa2455 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1044 - Unsuccessful Logon Attempts 0abbac52-57cf-450d-8408-1208d0dd9e90 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1045 - Unsuccessful Logon Attempts 554d2dd6-f3a8-4ad5-b66f-5ce23bd18892 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1046 - Automatic Account Lock | Purge / Wipe Mobile Device 0b1aa965-7502-41f9-92be-3e2fe7cc392a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1047 - System Use Notification e1ff6d62-a55c-41ab-90ba-90bb5b7b6f62 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1048 - System Use Notification 483e7ca9-82b3-45a2-be97-b93163a0deb7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1049 - System Use Notification 9adf7ba7-900a-4f35-8d57-9f34aafc405c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1050 - Concurrent Session Control bd20184c-b4ec-4ce5-8db6-6e86352d183f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1051 - Session Lock 7cac6ee9-b58b-40c8-a5ce-f0efc3d9b339 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1052 - Session Lock 027cae1c-ec3e-4492-9036-4168d540c42a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1053 - Session Lock | Pattern-Hiding Displays 7582b19c-9dba-438e-aed8-ede59ac35ba3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1054 - Session Termination 5807e1b4-ba5e-4718-8689-a0ca05a191b2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1055 - Session Termination| User-Initiated Logouts / Message Displays 769efd9b-3587-4e22-90ce-65ddcd5bd969 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1056 - Session Termination | User-Initiated Logouts / Message Displays ac43352f-df83-4694-8738-cfce549fd08d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1057 - Permitted Actions Without Identification Or Authentication 78255758-6d45-4bf0-a005-7016bc03b13c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1058 - Permitted Actions Without Identification Or Authentication 76e85d08-8fbb-4112-a1c1-93521e6a9254 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1059 - Remote Access a29b5d9f-4953-4afe-b560-203a6410b6b4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1060 - Remote Access 34a987fd-2003-45de-a120-014956581f2b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1061 - Remote Access | Automated Monitoring / Control 7ac22808-a2e8-41c4-9d46-429b50738914 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1062 - Remote Access | Protection Of Confidentiality / Integrity Using Encryption 4708723f-e099-4af1-bbf9-b6df7642e444 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1063 - Remote Access | Managed Access Control Points 593ce201-54b2-4dd0-b34f-c308005d7780 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1064 - Remote Access | Privileged Commands / Access eb4d9508-cbf0-4a3c-bb5c-6c95b159f3fb Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1065 - Remote Access | Privileged Commands / Access f87b8085-dca9-4cf1-8f7b-9822b997797c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1066 - Remote Access | Disconnect / Disable Access 4455c2e8-c65d-4acf-895e-304916f90b36 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1067 - Wireless Access 5c5e54f6-0127-44d0-8b61-f31dc8dd6190 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1068 - Wireless Access 2d045bca-a0fd-452e-9f41-4ec33769717c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1069 - Wireless Access | Authentication And Encryption 91c97b44-791e-46e9-bad7-ab7c4949edbb Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1070 - Wireless Access | Disable Wireless Networking 68f837d0-8942-4b1e-9b31-be78b247bda8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1071 - Wireless Access | Restrict Configurations By Users 1a437f5b-9ad6-4f28-8861-de404d511ae4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1072 - Wireless Access | Antennas / Transmission Power Levels 1ca29e41-34ec-4e70-aba9-6248aca18c31 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1073 - Access Control For Mobile Devices ab55cdb0-c7dd-4bd8-ae22-a7cea7594e9c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1074 - Access Control For Mobile Devices 27a69937-af92-4198-9b86-08d355c7e59a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1075 - Access Control For Mobile Devices | Full Device / Container-Based Encryption fc933d22-04df-48ed-8f87-22a3773d4309 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1076 - Use Of External Information Systems 98a4bd5f-6436-46d4-ad00-930b5b1dfed4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1077 - Use Of External Information Systems 2dad3668-797a-412e-a798-07d3849a7a79 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1078 - Use Of External Information Systems | Limits On Authorized Use b25faf85-8a16-4f28-8e15-d05c0072d64d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1079 - Use Of External Information Systems | Limits On Authorized Use 85c32733-7d23-4948-88da-058e2c56b60f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1080 - Use Of External Information Systems | Portable Storage Devices 852981b4-a380-4704-aa1e-2e52d63445e5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1081 - Information Sharing 3867f2a9-23bb-4729-851f-c3ad98580caf Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1082 - Information Sharing 24d480ef-11a0-4b1b-8e70-4e023bf2be23 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1083 - Publicly Accessible Content 4e319cb6-2ca3-4a58-ad75-e67f484e50ec Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1084 - Publicly Accessible Content d0eb15db-dd1c-4d1d-b200-b12dd6cd060c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1085 - Publicly Accessible Content 13d117e0-38b0-4bbb-aaab-563be5dd10ba Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1086 - Publicly Accessible Content fb321e6f-16a0-4be3-878f-500956e309c5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1087 - Security Awareness And Training Policy And Procedures 100c82ba-42e9-4d44-a2ba-94b209248583 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1088 - Security Awareness And Training Policy And Procedures 1d50f99d-1356-49c0-934a-45f742ba7783 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1089 - Security Awareness Training ef080e67-0d1a-4f76-a0c5-fb9b0358485e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1090 - Security Awareness Training 2fb740e5-cbc7-4d10-8686-d1bf826652b1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1091 - Security Awareness Training b23bd715-5d1c-4e5c-9759-9cbdf79ded9d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1092 - Security Awareness Training | Insider Threat 8a29d47b-8604-4667-84ef-90d203fcb305 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1093 - Role-Based Security Training 7a0bdeeb-15f4-47e8-a1da-9f769f845fdf Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1094 - Role-Based Security Training 4b1853e0-8973-446b-b567-09d901d31a09 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1095 - Role-Based Security Training bc3f6f7a-057b-433e-9834-e8c97b0194f6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1096 - Role-Based Security Training | Practical Exercises 420c1477-aa43-49d0-bd7e-c4abdd9addff Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1097 - Role-Based Security Training | Suspicious Communications And Anomalous System Behavior cf3e4836-f19e-47eb-a8cd-c3ca150452c0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1098 - Security Training Records 84363adb-dde3-411a-9fc1-36b56737f822 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1099 - Security Training Records 01910bab-8639-4bd0-84ef-cc53b24d79ba Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1100 - Audit And Accountability Policy And Procedures 4057863c-ca7d-47eb-b1e0-503580cba8a4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1101 - Audit And Accountability Policy And Procedures 7327b708-f0e0-457d-9d2a-527fcc9c9a65 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1102 - Audit Events 9943c16a-c54c-4b4a-ad28-bfd938cdbf57 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1103 - Audit Events 16feeb31-6377-437e-bbab-d7f73911896d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1104 - Audit Events cdd8d244-18b2-4306-a1d1-df175ae0935f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1105 - Audit Events 5b73f57b-587d-4470-a344-0b0ae805f459 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1106 - Audit Events | Reviews And Updates d2b4feae-61ab-423f-a4c5-0e38ac4464d8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1107 - Content Of Audit Records b29ed931-8e21-4779-8458-27916122a904 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1108 - Content Of Audit Records | Additional Audit Information f9ad559e-c12d-415e-9a78-e50fdd7da7ba Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1109 - Content Of Audit Records | Centralized Management Of Planned Audit Record Content 7d9ffa23-ad92-4d0d-b1f4-7db274cc2aec Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1110 - Audit Storage Capacity 6182bfa7-0f2a-43f5-834a-a2ddf31c13c7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1111 - Response To Audit Processing Failures 21de687c-f15e-4e51-bf8d-f35c8619965b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1112 - Response To Audit Processing Failures d530aad8-4ee2-45f4-b234-c061dae683c0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1113 - Response To Audit Processing Failures | Audit Storage Capacity 562afd61-56be-4313-8fe4-b9564aa4ba7d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1114 - Response To Audit Processing Failures | Real-Time Alerts 4c090801-59bc-4454-bb33-e0455133486a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1115 - Audit Review, Analysis, And Reporting 0b653845-2ad9-4e09-a4f3-5a7c1d78353d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1116 - Audit Review, Analysis, And Reporting 5e47bc51-35d1-44b8-92af-e2f2d8b67635 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1117 - Audit Review, Analysis, And Reporting | Process Integration 7fbfe680-6dbb-4037-963c-a621c5635902 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1118 - Audit Review, Analysis, And Reporting | Correlate Audit Repositories a96f743d-a195-420d-983a-08aa06bc441e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1119 - Audit Review, Analysis, And Reporting | Central Review And Analysis 845f6359-b764-4b40-b579-657aefe23c44 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1120 - Audit Review, Analysis, And Reporting | Integration / Scanning And Monitoring Capabilities c69b870e-857b-458b-af02-bb234f7a00d3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1121 - Audit Review, Analysis, And Reporting | Correlation With Physical Monitoring c72b0eb9-1fc2-44e5-a866-e7cb0532f7c1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1122 - Audit Review, Analysis, And Reporting | Permitted Actions 243ec95e-800c-49d4-ba52-1fdd9f6b8b57 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1123 - Audit Review, Analysis, And Reporting | Audit Level Adjustment 03996055-37a4-45a5-8b70-3f1caa45f87d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1124 - Audit Reduction And Report Generation c10152dd-78f8-4335-ae2d-ad92cc028da4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1125 - Audit Reduction And Report Generation c6ce745a-670e-47d3-a6c4-3cfe5ef00c10 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1126 - Audit Reduction And Report Generation | Automatic Processing 7f37f71b-420f-49bf-9477-9c0196974ecf Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1127 - Time Stamps 3ce328db-aef3-48ed-9f81-2ab7cf839c66 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1128 - Time Stamps ef212163-3bc4-4e86-bcf8-705127086393 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1129 - Time Stamps | Synchronization With Authoritative Time Source 71bb965d-4047-4623-afd4-b8189a58df5d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1130 - Time Stamps | Synchronization With Authoritative Time Source fd7c4c1d-51ee-4349-9dab-89a7f8c8d102 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1131 - Protection Of Audit Information b472a17e-c2bc-493f-b50b-42d55a346962 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1132 - Protection Of Audit Information | Audit Backup On Separate Physical Systems / Components 05938e10-cdbd-4a54-9b2b-1cbcfc141ad0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1133 - Protection Of Audit Information | Cryptographic Protection 90b60a09-133d-45bc-86ef-b206a6134bbe Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1134 - Protection Of Audit Information | Access By Subset Of Privileged Users 4e95f70e-181c-4422-9da2-43079710c789 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1135 - Non-Repudiation 9c308b6b-2429-4b97-86cf-081b8e737b04 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1136 - Audit Record Retention 97ed5bac-a92f-4f6d-a8ed-dc094723597c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1137 - Audit Generation 4344df62-88ab-4637-b97b-bcaf2ec97e7c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1138 - Audit Generation 9c284fc0-268a-4f29-af44-3c126674edb4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1139 - Audit Generation 4ed62522-de00-4dda-9810-5205733d2f34 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1140 - Audit Generation | System-Wide / Time-Correlated Audit Trail 90d8b8ad-8ee3-4db7-913f-2a53fcff5316 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1141 - Audit Generation | Changes By Authorized Individuals 6fdefbf4-93e7-4513-bc95-c1858b7093e0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1142 - Security Assessment And Authorization Policy And Procedures 01524fa8-4555-48ce-ba5f-c3b8dcef5147 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1143 - Security Assessment And Authorization Policy And Procedures 7c6de11b-5f51-4f7c-8d83-d2467c8a816e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1144 - Security Assessments 2fa15ff1-a693-4ee4-b094-324818dc9a51 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1145 - Security Assessments a0724970-9c75-4a64-a225-a28002953f28 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1146 - Security Assessments dd83410c-ecb6-4547-8f14-748c3cbdc7ac Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1147 - Security Assessments 8fef824a-29a8-4a4c-88fc-420a39c0d541 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1148 - Security Assessments | Independent Assessors 28e62650-c7c2-4786-bdfa-17edc1673902 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1149 - Security Assessments | Specialized Assessments 2e1b855b-a013-481a-aeeb-2bcb129fd35d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1150 - Security Assessments | External Organizations d630429d-e763-40b1-8fba-d20ba7314afb Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1151 - System Interconnections 347e3b69-7fb7-47df-a8ef-71a1a7b44bca Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1152 - System Interconnections beff0acf-7e67-40b2-b1ca-1a0e8205cf1b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1153 - System Interconnections 61cf3125-142c-4754-8a16-41ab4d529635 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1154 - System Interconnections | Unclassified Non-National Security System Connections e757ceb9-93b3-45fe-a4f4-f43f64f1ac5a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1155 - System Interconnections | Restrictions On External System Connections 4d33f9f1-12d0-46ad-9fbd-8f8046694977 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1156 - Plan Of Action And Milestones 4d52e864-9a3b-41ee-8f03-520815fe5378 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1157 - Plan Of Action And Milestones 15495367-cf68-464c-bbc3-f53ca5227b7a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1158 - Security Authorization fff50cf2-28eb-45b4-b378-c99412688907 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1159 - Security Authorization 0925f098-7877-450b-8ba4-d1e55f2d8795 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1160 - Security Authorization 3e797ca6-2aa8-4333-b335-7036f1110c05 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1161 - Continuous Monitoring e2f8f6c6-dde4-436b-a79d-bc50e129eb3a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1162 - Continuous Monitoring 5770f3d6-8c2b-4f6f-bf0e-c8c8fc36d592 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1163 - Continuous Monitoring 961663a1-8a91-4e59-b6f5-1eee57c0f49c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1164 - Continuous Monitoring 0fb8d3ce-9e96-481c-9c68-88d4e3019310 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1165 - Continuous Monitoring 47e10916-6c9e-446b-b0bd-ff5fd439d79d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1166 - Continuous Monitoring bb02733d-3cc5-4bb0-a6cd-695ba2c2272e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1167 - Continuous Monitoring cbb2be76-4891-430b-95a7-ca0b0a3d1300 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1168 - Continuous Monitoring | Independent Assessment 82409f9e-1f32-4775-bf07-b99d53a91b06 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1169 - Continuous Monitoring | Trend Analyses e7ba2cb3-5675-4468-8b50-8486bdd998a5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1170 - Penetration Testing 8b78b9b3-ee3c-48e0-a243-ed6dba5b7a12 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1171 - Penetration Testing | Independent Penetration Agent Or Team 6d4820bc-8b61-4982-9501-2123cb776c00 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1172 - Internal System Connections b43e946e-a4c8-4b92-8201-4a39331db43c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1173 - Internal System Connections c4aff9e7-2e60-46fa-86be-506b79033fc5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1174 - Configuration Management Policy And Procedures 42a9a714-8fbb-43ac-b115-ea12d2bd652f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1175 - Configuration Management Policy And Procedures 6dab4254-c30d-4bb7-ae99-1d21586c063c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1176 - Baseline Configuration c30690a5-7bf3-467f-b0cd-ef5c7c7449cd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1177 - Baseline Configuration | Reviews And Updates 63dbc7a8-e20b-4d38-b857-a7f6c0cd94bc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1178 - Baseline Configuration | Reviews And Updates 7818b8f4-47c6-441a-90ae-12ce04e99893 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1179 - Baseline Configuration | Reviews And Updates 3f9ce557-c8ab-4e6c-bb2c-9b8ed002c46c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1180 - Baseline Configuration | Automation Support For Accuracy / Currency 874e7880-a067-42a7-bcbe-1a340f54c8cc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1181 - Baseline Configuration | Retention Of Previous Configurations 21839937-d241-4fa5-95c6-b669253d9ab9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1182 - Baseline Configuration | Configure Systems, Components, Or Devices For High-Risk Areas 4f34f554-da4b-4786-8d66-7915c90893da Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1183 - Baseline Configuration | Configure Systems, Components, Or Devices For High-Risk Areas 5352e3e0-e63a-452e-9e5f-9c1d181cff9c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1184 - Configuration Change Control 13579d0e-0ab0-4b26-b0fb-d586f6d7ed20 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1185 - Configuration Change Control 6420cd73-b939-43b7-9d99-e8688fea053c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1186 - Configuration Change Control b95ba3bd-4ded-49ea-9d10-c6f4b680813d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1187 - Configuration Change Control 9f2b2f9e-4ba6-46c3-907f-66db138b6f85 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1188 - Configuration Change Control bb20548a-c926-4e4d-855c-bcddc6faf95e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1189 - Configuration Change Control ee45e02a-4140-416c-82c4-fecfea660b9d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1190 - Configuration Change Control c66a3d1e-465b-4f28-9da5-aef701b59892 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1191 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes 7f26a61b-a74d-467c-99cf-63644db144f7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1192 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes 4ebd97f7-b105-4f50-8daf-c51465991240 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1193 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes f5fd629f-3075-4cae-ab53-bad65495a4ac Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1194 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes bc34667f-397e-4a65-9b72-d0358f0b6b09 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1195 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes d1e1d65c-1013-4484-bd54-991332e6a0d2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1196 - Configuration Change Control | Automated Document / Notification / Prohibition Of Changes 4e7f4ea4-dd62-44f6-8886-ac6137cf52b0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1197 - Configuration Change Control | Test / Validate / Document Changes a20d2eaa-88e2-4907-96a2-8f3a05797e5c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1198 - Configuration Change Control | Security Representative f56be5c3-660b-4c61-9078-f67cf072c356 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1199 - Configuration Change Control | Cryptography Management a9a08d1c-09b1-48f1-90ea-029bbdf7111e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1200 - Security Impact Analysis e98fe9d7-2ed3-44f8-93b7-24dca69783ff Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1201 - Security Impact Analysis | Separate Test Environments 7daef997-fdd3-461b-8807-a608a6dd70f1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1202 - Access Restrictions For Change 40a2a83b-74f2-4c02-ae65-f460a5d2792a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1203 - Access Restrictions For Change | Automated Access Enforcement / Auditing f9012d14-e3e6-4d7b-b926-9f37b5537066 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1204 - Access Restrictions For Change | Review System Changes 0f4f6750-d1ab-4a4c-8dfd-af3237682665 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1205 - Access Restrictions For Change | Signed Components 5b070cab-0fb8-4e48-ad29-fc90b4c2797c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1206 - Access Restrictions For Change | Limit Production / Operational Privileges e0de232d-02a0-4652-872d-88afb4ae5e91 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1207 - Access Restrictions For Change | Limit Production / Operational Privileges 8713a0ed-0d1e-4d10-be82-83dffb39830e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1208 - Configuration Settings 5ea87673-d06b-456f-a324-8abcee5c159f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1209 - Configuration Settings ce669c31-9103-4552-ae9c-cdef4e03580d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1210 - Configuration Settings 3502c968-c490-4570-8167-1476f955e9b8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1211 - Configuration Settings 6a8b9dc8-6b00-4701-aa96-bba3277ebf50 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1212 - Configuration Settings | Automated Central Management / Application / Verification 56d970ee-4efc-49c8-8a4e-5916940d784c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1213 - Configuration Settings | Respond To Unauthorized Changes 81f11e32-a293-4a58-82cd-134af52e2318 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1214 - Least Functionality f714a4e2-b580-47b6-ae8c-f2812d3750f3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1215 - Least Functionality 88fc93e8-4745-4785-b5a5-b44bb92c44ff Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1216 - Least Functionality | Periodic Review 7894fe6a-f5cb-44c8-ba90-c3f254ff9484 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1217 - Least Functionality | Periodic Review edea4f20-b02c-4115-be75-86c080e5c0ed Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1218 - Least Functionality | Prevent Program Execution 4a1d0394-b9f5-493e-9e83-563fd0ac4df8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1219 - Least Functionality | Authorized Software / Whitelisting 2a39ac75-622b-4c88-9a3f-45b7373f7ef7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1220 - Least Functionality | Authorized Software / Whitelisting c40f31a7-81e1-4130-99e5-a02ceea2a1d6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1221 - Least Functionality | Authorized Software / Whitelisting 22589a07-0007-486a-86ca-95355081ae2a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1222 - Information System Component Inventory fb39e62f-6bda-4558-8088-ec03d5670914 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1223 - Information System Component Inventory 05a1bb01-ad5a-49c1-aad3-b0c893b2ec3a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1224 - Information System Component Inventory | Updates During Installations / Removals 28cfa30b-7f72-47ce-ba3b-eed26c8d2c82 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1225 - Information System Component Inventory | Automated Maintenance 8d096fe0-f510-4486-8b4d-d17dc230980b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1226 - Information System Component Inventory | Automated Unauthorized Component Detection c158eb1c-ae7e-4081-8057-d527140c4e0c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1227 - Information System Component Inventory | Automated Unauthorized Component Detection 03b78f5e-4877-4303-b0f4-eb6583f25768 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1228 - Information System Component Inventory | Accountability Information 39c54140-5902-4079-8bb5-ad31936fe764 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1229 - Information System Component Inventory | No Duplicate Accounting Of Components 03752212-103c-4ab8-a306-7e813022ca9d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1230 - Configuration Management Plan 11158848-f679-4e9b-aa7b-9fb07d945071 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1231 - Configuration Management Plan 244e0c05-cc45-4fe7-bf36-42dcf01f457d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1232 - Configuration Management Plan 396ba986-eac1-4d6d-85c4-d3fda6b78272 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1233 - Configuration Management Plan 9d79001f-95fe-45d0-8736-f217e78c1f57 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1234 - Software Usage Restrictions b293f881-361c-47ed-b997-bc4e2296bc0b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1235 - Software Usage Restrictions c49c610b-ece4-44b3-988c-2172b70d6e46 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1236 - Software Usage Restrictions 9ba3ed84-c768-4e18-b87c-34ef1aff1b57 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1237 - Software Usage Restrictions | Open Source Software e80b6812-0bfa-4383-8223-cdd86a46a890 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1238 - User-Installed Software a36cedd4-3ffd-4b1f-8b18-aa71d8d87ce1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1239 - User-Installed Software 0be51298-f643-4556-88af-d7db90794879 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1240 - User-Installed Software 129eb39f-d79a-4503-84cd-92f036b5e429 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1241 - User-Installed Software | Alerts For Unauthorized Installations eca4d7b2-65e2-4e04-95d4-c68606b063c3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1242 - Contingency Planning Policy And Procedures cf3b3293-667a-445e-a722-fa0b0afc0958 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1243 - Contingency Planning Policy And Procedures ca9a4469-d6df-4ab2-a42f-1213c396f0ec Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1244 - Contingency Plan 6a13a8f8-c163-4b1b-8554-d63569dab937 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1245 - Contingency Plan a0e45314-57b8-4623-80cd-bbb561f59516 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1246 - Contingency Plan 398eb61e-8111-40d5-a0c9-003df28f1753 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1247 - Contingency Plan 4e666db5-b2ef-4b06-aac6-09bfce49151b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1248 - Contingency Plan 50fc602d-d8e0-444b-a039-ad138ee5deb0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1249 - Contingency Plan d3bf4251-0818-42db-950b-afd5b25a51c2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1250 - Contingency Plan 8de614d8-a8b7-4f70-a62a-6d37089a002c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1251 - Contingency Plan | Coordinate With Related Plans 5e2b3730-8c14-4081-8893-19dbb5de7348 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1252 - Contingency Plan | Capacity Planning a328fd72-8ff5-4f96-8c9c-b30ed95db4ab Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1253 - Contingency Plan | Resume Essential Missions / Business Functions 0afce0b3-dd9f-42bb-af28-1e4284ba8311 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1254 - Contingency Plan | Resume All Missions / Business Functions 704e136a-4fe0-427c-b829-cd69957f5d2b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1255 - Contingency Plan | Continue Essential Missions / Business Functions f3793f5e-937f-44f7-bfba-40647ef3efa0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1256 - Contingency Plan | Identify Critical Assets 232ab24b-810b-4640-9019-74a7d0d6a980 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1257 - Contingency Training b958b241-4245-4bd6-bd2d-b8f0779fb543 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1258 - Contingency Training 7814506c-382c-4d33-a142-249dd4a0dbff Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1259 - Contingency Training 9d9e18f7-bad9-4d30-8806-a0c9d5e26208 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1260 - Contingency Training | Simulated Events 42254fc4-2738-4128-9613-72aaa4f0d9c3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1261 - Contingency Plan Testing 65aeceb5-a59c-4cb1-8d82-9c474be5d431 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1262 - Contingency Plan Testing 831e510e-db41-4c72-888e-a0621ab62265 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1263 - Contingency Plan Testing 41472613-3b05-49f6-8fe8-525af113ce17 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1264 - Contingency Plan Testing | Coordinate With Related Plans dd280d4b-50a1-42fb-a479-ece5878acf19 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1265 - Contingency Plan Testing | Alternate Processing Site a18adb5b-1db6-4a5b-901a-7d3797d12972 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1266 - Contingency Plan Testing | Alternate Processing Site 3b4a3eb2-c25d-40bf-ad41-5094b6f59cee Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1267 - Alternate Storage Site 4e97ba1d-be5d-4953-8da4-0cccf28f4805 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1268 - Alternate Storage Site 23f6e984-3053-4dfc-ab48-543b764781f5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1269 - Alternate Storage Site | Separation From Primary Site 19b9439d-865d-4474-b17d-97d2702fdb66 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1270 - Alternate Storage Site | Recovery Time / Point Objectives 53c76a39-2097-408a-b237-b279f7b4614d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1271 - Alternate Storage Site | Accessibility da3bfb53-9c46-4010-b3db-a7ba1296dada Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1272 - Alternate Processing Site ae46cf7a-e3fd-427b-9b91-44bc78e2d9d8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1273 - Alternate Processing Site e77fcbf2-a1e8-44f1-860e-ed6583761e65 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1274 - Alternate Processing Site 2aee175f-cd16-4825-939a-a85349d96210 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1275 - Alternate Processing Site | Separation From Primary Site a23d9d53-ad2e-45ef-afd5-e6d10900a737 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1276 - Alternate Processing Site | Accessibility e214e563-1206-4a43-a56b-ac5880c9c571 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1277 - Alternate Processing Site | Priority Of Service dc43e829-3d50-4a0a-aa0f-428d551862aa Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1278 - Alternate Processing Site | Preparation For Use 8e5ef485-9e16-4c53-a475-fbb8107eac59 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1279 - Telecommunications Services 7d00bcd6-963d-4c02-ad8e-b45fa50bf3b0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1280 - Telecommunications Services | Priority Of Service Provisions fa108498-b3a8-4ffb-9e79-1107e76afad3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1281 - Telecommunications Services | Priority Of Service Provisions 8dc459b3-0e77-45af-8d71-cfd8c9654fe2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1282 - Telecommunications Services | Single Points Of Failure 34042a97-ec6d-4263-93d2-8c1c46823b2a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1283 - Telecommunications Services | Separation Of Primary / Alternate Providers a9172e76-7f56-46e9-93bf-75d69bdb5491 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1284 - Telecommunications Services | Provider Contingency Plan 942b3e97-6ae3-410e-a794-c9c999b97c0b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1285 - Telecommunications Services | Provider Contingency Plan 01f7726b-db54-45c2-bcb5-9bd7a43796ee Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1286 - Telecommunications Services | Provider Contingency Plan b4f9b47a-2116-4e6f-88db-4edbf22753f1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1287 - Information System Backup 819dc6da-289d-476e-8500-7e341ef8677d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1288 - Information System Backup 8d854c3b-a3e6-4ec9-9f0c-c7274dbaeb2f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1289 - Information System Backup 7a724864-956a-496c-b778-637cb1d762cf Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1290 - Information System Backup 92f85ce9-17b7-49ea-85ee-ea7271ea6b82 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1291 - Information System Backup | Testing For Reliability / Integrity 6d8fd073-9c85-4ee2-a9d0-2e4ec9eb8912 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1292 - Information System Backup | Test Restoration Using Sampling d03516cf-0293-489f-9b32-a18f2a79f836 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1293 - Information System Backup | Separate Storage For Critical Information 87f7cd82-2e45-4d0f-9e2f-586b0962d142 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1294 - Information System Backup | Transfer To Alternate Storage Site 49dbe627-2c1e-438c-979e-dd7a39bbf81d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1295 - Information System Recovery And Reconstitution a895fbdb-204d-4302-9689-0a59dc42b3d9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1296 - Information System Recovery And Reconstitution | Transaction Recovery e57b98a0-a011-4956-a79d-5d17ed8b8e48 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1297 - Information System Recovery And Reconstitution | Restore Within Time Period 93fd8af1-c161-4bae-9ba9-f62731f76439 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1298 - Identification And Authentication Policy And Procedures 1dc784b5-4895-4d27-9d40-a06b032bd1ee Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1299 - Identification And Authentication Policy And Procedures fd4e54f7-9ab0-4bae-b6cc-457809948a89 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1300 - Identification And Authentication (Organizational Users) 99deec7d-5526-472e-b07c-3645a792026a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1301 - Identification And Authentication (Org. Users) | Network Access To Privileged Accounts b6a8e0cc-ac23-468b-abe4-a8a1cc6d7a08 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1302 - Identification And Authentication (Org. Users) | Network Access To Non-Privileged Accounts 09828c65-e323-422b-9774-9d5c646124da Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1303 - Identification And Authentication (Org. Users) | Local Access To Privileged Accounts 80ca0a27-918a-4604-af9e-723a27ee51e8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1304 - Identification And Authentication (Org. Users) | Local Access To Non-Privileged Accounts 6ca71be3-16cb-4d39-8b50-7f8fd5e2f11b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1305 - Identification And Authentication (Org. Users) | Group Authentication 9d9166a8-1722-4b8f-847c-2cf3f2618b3d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1306 - Identification And Authentication (Org. Users) | Net. Access To Priv. Accts. - Replay cafc6c3c-5fc5-4c5e-a99b-a0ccb1d34eff Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1307 - Identification And Authentication (Org. Users) | Net. Access To Non-Priv. Accts. - Replay 84e622c8-4bed-417c-84c6-b2fb0dd73682 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1308 - Identification And Authentication (Org. Users) | Remote Access - Separate Device 81817e1c-5347-48dd-965a-40159d008229 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1309 - Identification And Authentication (Org. Users) | Acceptance Of Piv Credentials f355d62b-39a8-4ba3-abf7-90f71cb3b000 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1310 - Device Identification And Authentication 450d7ede-823d-4931-a99d-57f6a38807dc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1311 - Identifier Management e7568697-0c9e-4ea3-9cec-9e567d14f3c6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1312 - Identifier Management 4d6a5968-9eef-4c18-8534-376790ab7274 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1313 - Identifier Management 36220f5b-79a1-4cdb-8c74-2d2449f9a510 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1314 - Identifier Management ef0c8530-efd9-45b8-b753-f03083d06295 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1315 - Identifier Management 3aa87116-f1a1-4edb-bfbf-14e036f8d454 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1316 - Identifier Management | Identify User Status 8ce14753-66e5-465d-9841-26ef55c09c0d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1317 - Authenticator Management 8877f519-c166-47b7-81b7-8a8eb4ff3775 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1318 - Authenticator Management fced5fda-3bdb-4d73-bfea-0e2c80428b66 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1319 - Authenticator Management 66f7ae57-5560-4fc5-85c9-659f204e7a42 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1320 - Authenticator Management 6f54c732-71d4-4f93-a696-4e373eca3a77 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1321 - Authenticator Management eb627cc6-3a9d-46b5-96b7-5fca49178a37 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1322 - Authenticator Management 9d1d971e-467e-4278-9633-c74c3d4fecc4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1323 - Authenticator Management abe8f70b-680f-470c-9b86-a7edfb664ecc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1324 - Authenticator Management 8cfea2b3-7f77-497e-ac20-0752f2ff6eee Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1325 - Authenticator Management 1845796a-7581-49b2-ae20-443121538e19 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1326 - Authenticator Management 8605fc00-1bf5-4fb3-984e-c95cec4f231d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1327 - Authenticator Management | Password-Based Authentication 03188d8f-1ae5-4fe1-974d-2d7d32ef937d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1328 - Authenticator Management | Password-Based Authentication f5c66fdc-3d02-4034-9db5-ba57802609de Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1329 - Authenticator Management | Password-Based Authentication 498f6234-3e20-4b6a-a880-cbd646d973bd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1330 - Authenticator Management | Password-Based Authentication f75cedb2-5def-4b31-973e-b69e8c7bd031 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1331 - Authenticator Management | Password-Based Authentication 05460fe2-301f-4ed1-8174-d62c8bb92ff4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1332 - Authenticator Management | Password-Based Authentication 068260be-a5e6-4b0a-a430-cd27071c226a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1333 - Authenticator Management | Pki-Based Authentication 3298d6bf-4bc6-4278-a95d-f7ef3ac6e594 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1334 - Authenticator Management | Pki-Based Authentication 44bfdadc-8c2e-4c30-9c99-f005986fabcd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1335 - Authenticator Management | Pki-Based Authentication 382016f3-d4ba-4e15-9716-55077ec4dc2a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1336 - Authenticator Management | Pki-Based Authentication 77f56280-e367-432a-a3b9-8ca2aa636a26 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1337 - Authenticator Management | In-Person Or Trusted Third-Party Registration 463e5220-3f79-4e24-a63f-343e4096cd22 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1338 - Authenticator Management | Automated Support For Password Strength Determination 6c59a207-6aed-41dc-83a2-e1ff66e4a4db Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1339 - Authenticator Management | Protection Of Authenticators 367ae386-db7f-4167-b672-984ff86277c0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1340 - Authenticator Management | No Embedded Unencrypted Static Authenticators e51ff84b-e5ea-408f-b651-2ecc2933e4c6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1341 - Authenticator Management | Multiple Information System Accounts 34cb7e92-fe4c-4826-b51e-8cd203fa5d35 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1342 - Authenticator Management | Hardware Token-Based Authentication 283a4e29-69d5-4c94-b99e-29acf003c899 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1343 - Authenticator Management | Expiration Of Cached Authenticators 2c251a55-31eb-4e53-99c6-e9c43c393ac2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1344 - Authenticator Feedback 2c895fe7-2d8e-43a2-838c-3a533a5b355e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1345 - Cryptographic Module Authentication f86aa129-7c07-4aa4-bbf5-792d93ffd9ea Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1346 - Identification And Authentication (Non-Organizational Users) 464dc8ce-2200-4720-87a5-dc5952924cc6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1347 - Identification And Authentication (Non-Org. Users) | Acceptance Of PIV Creds. From Other Agys. 131a2706-61e9-4916-a164-00e052056462 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1348 - Identification And Authentication (Non-Org. Users) | Acceptance Of Third-Party Credentials 855ced56-417b-4d74-9d5f-dd1bc81e22d6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1349 - Identification And Authentication (Non-Org. Users) | Use Of FICAM-Approved Products 17641f70-94cd-4a5d-a613-3d1143e20e34 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1350 - Identification And Authentication (Non-Org. Users) | Use Of FICAM-Issued Profiles d77fd943-6ba6-4a21-ba07-22b03e347cc4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1351 - Incident Response Policy And Procedures bcfb6683-05e5-4ce6-9723-c3fbe9896bdd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1352 - Incident Response Policy And Procedures 518cb545-bfa8-43f8-a108-3b7d5037469a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1353 - Incident Response Training c785ad59-f78f-44ad-9a7f-d1202318c748 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1354 - Incident Response Training 9fd92c17-163a-4511-bb96-bbb476449796 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1355 - Incident Response Training 90e01f69-3074-4de8-ade7-0fef3e7d83e0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1356 - Incident Response Training | Simulated Events 8829f8f5-e8be-441e-85c9-85b72a5d0ef3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1357 - Incident Response Training | Automated Training Environments e4213689-05e8-4241-9d4e-8dd1cdafd105 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1358 - Incident Response Testing effbaeef-5bf4-400d-895e-ef8cbc0e64c7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1359 - Incident Response Testing | Coordination With Related Plans 47bc7ea0-7d13-4f7c-a154-b903f7194253 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1360 - Incident Handling be5b05e7-0b82-4ebc-9eda-25e447b1a41e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1361 - Incident Handling 03ed3be1-7276-4452-9a5d-e4168565ac67 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1362 - Incident Handling 5d169442-d6ef-439b-8dca-46c2c3248214 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1363 - Incident Handling | Automated Incident Handling Processes ea3e8156-89a1-45b1-8bd6-938abc79fdfd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1364 - Incident Handling | Dynamic Reconfiguration 4c615c2a-dc83-4dda-8220-abce7b50c9bc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1365 - Incident Handling | Continuity Of Operations 4116891d-72f7-46ee-911c-8056cc8dcbd5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1366 - Incident Handling | Information Correlation 06c45c30-ae44-4f0f-82be-41331da911cc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1367 - Incident Handling | Insider Threats - Specific Capabilities 435b2547-6374-4f87-b42d-6e8dbe6ae62a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1368 - Incident Handling | Correlation With External Organizations 465f32da-0ace-4603-8d1b-7be5a3a702de Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1369 - Incident Monitoring 18cc35ed-a429-486d-8d59-cb47e87304ed Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1370 - Incident Monitoring | Automated Tracking / Data Collection / Analysis 924e1b2d-c502-478f-bfdb-a7e09a0d5c01 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1371 - Incident Reporting 9447f354-2c85-4700-93b3-ecdc6cb6a417 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1372 - Incident Reporting 25b96717-c912-4c00-9143-4e487f411726 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1373 - Incident Reporting | Automated Reporting 4cca950f-c3b7-492a-8e8f-ea39663c14f9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1374 - Incident Response Assistance cc5c8616-52ef-4e5e-8000-491634ed9249 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1375 - Incident Response Assistance | Automation Support For Availability Of Information / Support 00379355-8932-4b52-b63a-3bc6daf3451a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1376 - Incident Response Assistance | Coordination With External Providers 493a95f3-f2e3-47d0-af02-65e6d6decc2f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1377 - Incident Response Assistance | Coordination With External Providers 68434bd1-e14b-4031-9edb-a4adf5f84a67 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1378 - Incident Response Plan 97fceb70-6983-42d0-9331-18ad8253184d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1379 - Incident Response Plan 9442dd2c-a07f-46cd-b55a-553b66ba47ca Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1380 - Incident Response Plan b4319b7e-ea8d-42ff-8a67-ccd462972827 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1381 - Incident Response Plan e5368258-9684-4567-8126-269f34e65eab Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1382 - Incident Response Plan 841392b3-40da-4473-b328-4cde49db67b3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1383 - Incident Response Plan d4558451-e16a-4d2d-a066-fe12a6282bb9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1384 - Information Spillage Response 79fbc228-461c-4a45-9004-a865ca0728a7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1385 - Information Spillage Response 3e495e65-8663-49ca-9b38-9f45e800bc58 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1386 - Information Spillage Response 5120193e-91fd-4f9d-bc6d-194f94734065 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1387 - Information Spillage Response e3007185-3857-43a9-8237-06ca94f1084c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1388 - Information Spillage Response 2c7c575a-d4c5-4f6f-bd49-dee97a8cba55 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1389 - Information Spillage Response c39e6fda-ae70-4891-a739-be7bba6d1062 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1390 - Information Spillage Response | Responsible Personnel c3b65b63-09ec-4cb5-8028-7dd324d10eb0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1391 - Information Spillage Response | Training dd6ac1a1-660e-4810-baa8-74e868e2ed47 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1392 - Information Spillage Response | Post-Spill Operations 86dc819f-15e1-43f9-a271-41ae58d4cecc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1393 - Information Spillage Response | Exposure To Unauthorized Personnel 731856d8-1598-4b75-92de-7d46235747c0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1394 - System Maintenance Policy And Procedures 4db56f68-3f50-45ab-88f3-ca46f5379a94 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1395 - System Maintenance Policy And Procedures 7207a023-a517-41c5-9df2-09d4c6845a05 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1396 - Controlled Maintenance 276af98f-4ff9-4e69-99fb-c9b2452fb85f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1397 - Controlled Maintenance 391af4ab-1117-46b9-b2c7-78bbd5cd995b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1398 - Controlled Maintenance 443e8f3d-b51a-45d8-95a7-18b0e42f4dc4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1399 - Controlled Maintenance 2256e638-eb23-480f-9e15-6cf1af0a76b3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1400 - Controlled Maintenance a96d5098-a604-4cdf-90b1-ef6449a27424 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1401 - Controlled Maintenance b78ee928-e3c1-4569-ad97-9f8c4b629847 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1402 - Controlled Maintenance | Automated Maintenance Activities 0a560d32-8075-4fec-9615-9f7c853f4ea9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1403 - Controlled Maintenance | Automated Maintenance Activities 57149289-d52b-4f40-9fe6-5233c1ef80f7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1404 - Maintenance Tools 13d8f903-0cd6-449f-a172-50f6579c182b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1405 - Maintenance Tools | Inspect Tools fe1a0bf3-409a-4b00-b60d-0b1f917f7e7b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1406 - Maintenance Tools | Inspect Media a0f5339c-9292-43aa-a0bc-d27c6b8e30aa Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1407 - Maintenance Tools | Prevent Unauthorized Removal ff9fbd83-1d8d-4b41-aac2-94cb44b33976 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1408 - Maintenance Tools | Prevent Unauthorized Removal c5f56ac6-4bb2-4086-bc41-ad76344ba2c2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1409 - Maintenance Tools | Prevent Unauthorized Removal d1880188-e51a-4772-b2ab-68f5e8bd27f6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1410 - Maintenance Tools | Prevent Unauthorized Removal a2596a9f-e59f-420d-9625-6e0b536348be Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1411 - Nonlocal Maintenance 898d4fe8-f743-4333-86b7-0c9245d93e7d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1412 - Nonlocal Maintenance 3492d949-0dbb-4589-88b3-7b59601cc764 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1413 - Nonlocal Maintenance aeedddb6-6bc0-42d5-809b-80048033419d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1414 - Nonlocal Maintenance 2ce63a52-e47b-4ae2-adbb-6e40d967f9e6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1415 - Nonlocal Maintenance 61a1dd98-b259-4840-abd5-fbba7ee0da83 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1416 - Nonlocal Maintenance | Document Nonlocal Maintenance 38dfd8a3-5290-4099-88b7-4081f4c4d8ae Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1417 - Nonlocal Maintenance | Comparable Security / Sanitization 7522ed84-70d5-4181-afc0-21e50b1b6d0e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1418 - Nonlocal Maintenance | Comparable Security / Sanitization 28e633fd-284e-4ea7-88b4-02ca157ed713 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1419 - Nonlocal Maintenance | Cryptographic Protection b6747bf9-2b97-45b8-b162-3c8becb9937d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1420 - Maintenance Personnel 05ae08cc-a282-413b-90c7-21a2c60b8404 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1421 - Maintenance Personnel e539caaa-da8c-41b8-9e1e-449851e2f7a6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1422 - Maintenance Personnel ea556850-838d-4a37-8ce5-9d7642f95e11 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1423 - Maintenance Personnel | Individuals Without Appropriate Access 7741669e-d4f6-485a-83cb-e70ce7cbbc20 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1424 - Maintenance Personnel | Individuals Without Appropriate Access cf55fc87-48e1-4676-a2f8-d9a8cf993283 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1425 - Timely Maintenance 5983d99c-f39b-4c32-a3dc-170f19f6941b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1426 - Media Protection Policy And Procedures 21f639bc-f42b-46b1-8f40-7a2a389c291a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1427 - Media Protection Policy And Procedures bc90e44f-d83f-4bdf-900f-3d5eb4111b31 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1428 - Media Access 0a77fcc7-b8d8-451a-ab52-56197913c0c7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1429 - Media Marking b07c9b24-729e-4e85-95fc-f224d2d08a80 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1430 - Media Marking 0f559588-5e53-4b14-a7c4-85d28ebc2234 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1431 - Media Storage a7173c52-2b99-4696-a576-63dd5f970ef4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1432 - Media Storage 1140e542-b80d-4048-af45-3f7245be274b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1433 - Media Transport 5b879b41-2728-41c5-ad24-9ee2c37cbe65 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1434 - Media Transport 2c18f06b-a68d-41c3-8863-b8cd3acb5f8f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1435 - Media Transport fa8d221b-d130-4637-ba16-501e666628bb Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1436 - Media Transport 28aab8b4-74fd-4b7c-9080-5a7be525d574 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1437 - Media Transport | Cryptographic Protection 6d1eb6ed-bf13-4046-b993-b9e2aef0f76c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1438 - Media Sanitization 40fcc635-52a2-4dbc-9523-80a1f4aa1de6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1439 - Media Sanitization dce72873-c5f1-47c3-9b4f-6b8207fd5a45 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1440 - Media Sanitization | Review / Approve / Track / Document / Verify 881299bf-2a5b-4686-a1b2-321d33679953 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1441 - Media Sanitization | Equipment Testing 6519d7f3-e8a2-4ff3-a935-9a9497152ad7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1442 - Media Sanitization | Nondestructive Techniques 4f26049b-2c5a-4841-9ff3-d48a26aae475 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1443 - Media Use cd0ec6fa-a2e7-4361-aee4-a8688659a9ed Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1444 - Media Use | Prohibit Use Without Owner 666143df-f5e0-45bd-b554-135f0f93e44e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1445 - Physical And Environmental Protection Policy And Procedures 32d07d59-2716-4972-b37b-214a67ac4a37 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1446 - Physical And Environmental Protection Policy And Procedures bf6850fe-abba-468e-9ef4-d09ec7d983cd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1447 - Physical Access Authorizations b9783a99-98fe-4a95-873f-29613309fe9a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1448 - Physical Access Authorizations 825d6494-e583-42f2-a3f2-6458e6f0004f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1449 - Physical Access Authorizations f784d3b0-5f2b-49b7-b9f3-00ba8653ced5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1450 - Physical Access Authorizations 134d7a13-ba3e-41e2-b236-91bfcfa24e01 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1451 - Physical Access Control e3f1e5a3-25c1-4476-8cb6-3955031f8e65 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1452 - Physical Access Control 82c76455-4d3f-4e09-a654-22e592107e74 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1453 - Physical Access Control 9693b564-3008-42bc-9d5d-9c7fe198c011 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1454 - Physical Access Control ad58985d-ab32-4f99-8bd3-b7e134c90229 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1455 - Physical Access Control 068a88d4-e520-434e-baf0-9005a8164e6a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1456 - Physical Access Control 733ba9e3-9e7c-440a-a7aa-6196a90a2870 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1457 - Physical Access Control f2d9d3e6-8886-4305-865d-639163e5c305 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1458 - Physical Access Control | Information System Access 8c19ceb7-56e9-4488-8ddb-b1eb3aa6d203 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1459 - Access Control For Transmission Medium 75cc73c7-5cdb-479d-a06f-7b4d0dbb1da0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1460 - Access Control For Output Devices 6f3ce1bb-4f77-4695-8355-70b08d54fdda Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1461 - Monitoring Physical Access aafef03e-fea8-470b-88fa-54bd1fcd7064 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1462 - Monitoring Physical Access 9b1f3a9a-13a1-4b40-8420-36bca6fd8c02 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1463 - Monitoring Physical Access 59721f87-ae25-4db0-a2a4-77cc5b25d495 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1464 - Monitoring Physical Access | Intrusion Alarms / Surveillance Equipment 41256567-1795-4684-b00b-a1308ce43cac Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1465 - Monitoring Physical Access | Monitoring Physical Access To Information Systems e6e41554-86b5-4537-9f7f-4fc41a1d1640 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1466 - Visitor Access Records 0d943a9c-a6f1-401f-a792-740cdb09c451 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1467 - Visitor Access Records 5350cbf9-8bdd-4904-b22a-e88be84ca49d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1468 - Visitor Access Records | Automated Records Maintenance / Review 75603f96-80a1-4757-991d-5a1221765ddd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1469 - Power Equipment And Cabling f509c5b6-0de0-4a4e-9b2e-cd9cbf3a58fd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1470 - Emergency Shutoff c89ba09f-2e0f-44d0-8095-65b05bd151ef Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1471 - Emergency Shutoff 7dd0e9ce-1772-41fb-a50a-99977071f916 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1472 - Emergency Shutoff ef869332-921d-4c28-9402-3be73e6e50c8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1473 - Emergency Power d7047705-d719-46a7-8bb0-76ad233eba71 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1474 - Emergency Power | Long-Term Alternate Power Supply - Minimal Operational Capability 03ad326e-d7a1-44b1-9a76-e17492efc9e4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1475 - Emergency Lighting 34a63848-30cf-4081-937e-ce1a1c885501 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1476 - Fire Protection 0f3c4ac2-3e35-4906-a80b-473b12a622d7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1477 - Fire Protection | Detection Devices / Systems 4862a63c-6c74-4a9d-a221-89af3c374503 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1478 - Fire Protection | Suppression Devices / Systems f997df46-cfbb-4cc8-aac8-3fecdaf6a183 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1479 - Fire Protection | Automatic Fire Suppression e327b072-281d-4f75-9c28-4216e5d72f26 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1480 - Temperature And Humidity Controls 18a767cc-1947-4338-a240-bc058c81164f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1481 - Temperature And Humidity Controls 717a1c78-a267-4f56-ac58-ee6c54dc4339 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1482 - Temperature And Humidity Controls | Monitoring With Alarms / Notifications 9df4277e-8c88-4d5c-9b1a-541d53d15d7b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1483 - Water Damage Protection 5cb81060-3c8a-4968-bcdc-395a1801f6c1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1484 - Water Damage Protection | Automation Support 486b006a-3653-45e8-b41c-a052d3e05456 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1485 - Delivery And Removal 50301354-95d0-4a11-8af5-8039ecf6d38b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1486 - Alternate Work Site cb790345-a51f-43de-934e-98dbfaf9dca5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1487 - Alternate Work Site e9c3371d-c30c-4f58-abd9-30b8a8199571 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1488 - Alternate Work Site d8ef30eb-a44f-47af-8524-ac19a36d41d2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1489 - Location Of Information System Components 9d0a794f-1444-4c96-9534-e35fc8c39c91 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1490 - Security Planning Policy And Procedures 9e61da80-0957-4892-b70c-609d5eaafb6b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1491 - Security Planning Policy And Procedures 1571dd40-dafc-4ef4-8f55-16eba27efc7b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1492 - System Security Plan 7ad5f307-e045-46f7-8214-5bdb7e973737 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1493 - System Security Plan 22b469b3-fccf-42da-aa3b-a28e6fb113ce Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1494 - System Security Plan 9ed09d84-3311-4853-8b67-2b55dfa33d09 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1495 - System Security Plan f4978d0e-a596-48e7-9f8c-bbf52554ce8d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1496 - System Security Plan 0ca96127-2f87-46ab-a4fc-0d2a786df1c8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1497 - System Security Plan | Plan / Coordinate With Other Organizational Entities 2e3c5583-1729-4d36-8771-59c32f090a22 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1498 - Rules Of Behavior 633988b9-cf2f-4323-8394-f0d2af9cd6e1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1499 - Rules Of Behavior e59671ab-9720-4ee2-9c60-170e8c82251e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1500 - Rules Of Behavior 9dd5b241-03cb-47d3-a5cd-4b89f9c53c92 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1501 - Rules Of Behavior 88817b58-8472-4f6c-81fa-58ce42b67f51 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1502 - Rules Of Behavior | Social Media And Networking Restrictions e901375c-8f01-4ac8-9183-d5312f47fe63 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1503 - Information Security Architecture c1fa9c2f-d439-4ab9-8b83-81fb1934f81d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1504 - Information Security Architecture 9e7c35d0-12d4-4e0c-80a2-8a352537aefd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1505 - Information Security Architecture 813a10a7-3943-4fe3-8678-00dc52db5490 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1506 - Personnel Security Policy And Procedures f7d2ff17-d604-4dd9-b607-9ecf63f28ad2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1507 - Personnel Security Policy And Procedures 86ccd1bf-e7ad-4851-93ce-6ec817469c1e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1508 - Position Risk Designation 76f500cc-4bca-4583-bda1-6d084dc21086 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1509 - Position Risk Designation 70792197-9bfc-4813-905a-bd33993e327f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1510 - Position Risk Designation 79da5b09-0e7e-499e-adda-141b069c7998 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1511 - Personnel Screening a9eae324-d327-4539-9293-b48e122465f8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1512 - Personnel Screening 5a8324ad-f599-429b-aaed-f9c6e8c987a8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1513 - Personnel Screening | Information With Special Protection Measures c416970d-b12b-49eb-8af4-fb144cd7c290 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1514 - Personnel Screening | Information With Special Protection Measures 9ed5ca00-0e43-434e-a018-7aab91461ba7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1515 - Personnel Termination 02dd141a-a2b2-49a7-bcbd-ca31142f6211 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1516 - Personnel Termination da3cd269-156f-435b-b472-c3af34c032ed Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1517 - Personnel Termination 8f5ad423-50d6-4617-b058-69908f5586c9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1518 - Personnel Termination 0d58f734-c052-40e9-8b2f-a1c2bff0b815 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1519 - Personnel Termination 2f13915a-324c-4ab8-b45c-2eefeeefb098 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1520 - Personnel Termination 7f2c513b-eb16-463b-b469-c10e5fa94f0a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1521 - Personnel Termination | Automated Notification 3cbddf9c-a3aa-4330-a0f5-4c0c1f1862e5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1522 - Personnel Transfer 38b470cc-f939-4a15-80e0-9f0c74f2e2c9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1523 - Personnel Transfer 5577a310-2551-49c8-803b-36e0d5e55601 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1524 - Personnel Transfer 72f1cb4e-2439-4fe8-88ea-b8671ce3c268 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1525 - Personnel Transfer 9be2f688-7a61-45e3-8230-e1ec93893f66 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1526 - Access Agreements 953e6261-a05a-44fd-8246-000e1a3edbb9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1527 - Access Agreements 2823de66-332f-4bfd-94a3-3eb036cd3b67 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1528 - Access Agreements deb9797c-22f8-40e8-b342-a84003c924e6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1529 - Third-Party Personnel Security d74fdc92-1cb8-4a34-9978-8556425cd14c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1530 - Third-Party Personnel Security 6e8f9566-29f1-49cd-b61f-f8628a3cf993 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1531 - Third-Party Personnel Security f0643e0c-eee5-4113-8684-c608d05c5236 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1532 - Third-Party Personnel Security a2c66299-9017-4d95-8040-8bdbf7901d52 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1533 - Third-Party Personnel Security bba2a036-fb3b-4261-b1be-a13dfb5fbcaa Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1534 - Personnel Sanctions 8b2b263e-cd05-4488-bcbf-4debec7a17d9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1535 - Personnel Sanctions f9a165d2-967d-4733-8399-1074270dae2e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1536 - Risk Assessment Policy And Procedures 6e40d9de-2ad4-4cb5-8945-23143326a502 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1537 - Risk Assessment Policy And Procedures b19454ca-0d70-42c0-acf5-ea1c1e5726d1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1538 - Security Categorization 1d7658b2-e827-49c3-a2ae-6d2bd0b45874 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1539 - Security Categorization aabb155f-e7a5-4896-a767-e918bfae2ee0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1540 - Security Categorization f771f8cb-6642-45cc-9a15-8a41cd5c6977 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1541 - Risk Assessment 70f6af82-7be6-44aa-9b15-8b9231b2e434 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1542 - Risk Assessment eab340d0-3d55-4826-a0e5-feebfeb0131d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1543 - Risk Assessment fd00b778-b5b5-49c0-a994-734ea7bd3624 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1544 - Risk Assessment 43ced7c9-cd53-456b-b0da-2522649a4271 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1545 - Risk Assessment 3f4b171a-a56b-4328-8112-32cf7f947ee1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1546 - Vulnerability Scanning 2ce1ea7e-4038-4e53-82f4-63e8859333c1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1547 - Vulnerability Scanning 58abf9b8-c6d4-4b4b-bfb9-fe98fe295f52 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1548 - Vulnerability Scanning 3afe6c78-6124-4d95-b85c-eb8c0c9539cb Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1549 - Vulnerability Scanning d6976a08-d969-4df2-bb38-29556c2eb48a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1550 - Vulnerability Scanning 902908fb-25a8-4225-a3a5-5603c80066c9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1551 - Vulnerability Scanning | Update Tool Capability 5bbda922-0172-4095-89e6-5b4a0bf03af7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1552 - Vulnerability Scanning | Update By Frequency / Prior To New Scan / When Identified 43684572-e4f1-4642-af35-6b933bc506da Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1553 - Vulnerability Scanning | Breadth / Depth Of Coverage 9e5225fe-cdfb-4fce-9aec-0fe20dd53b62 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1554 - Vulnerability Scanning | Discoverable Information 10984b4e-c93e-48d7-bf20-9c03b04e9eca Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1555 - Vulnerability Scanning | Privileged Access 5afa8cab-1ed7-4e40-884c-64e0ac2059cc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1556 - Vulnerability Scanning | Automated Trend Analyses 391ff8b3-afed-405e-9f7d-ef2f8168d5da Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1557 - Vulnerability Scanning | Review Historic Audit Logs 36fbe499-f2f2-41b6-880e-52d7ea1d94a5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1558 - Vulnerability Scanning | Correlate Scanning Information 65592b16-4367-42c5-a26e-d371be450e17 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1559 - System And Services Acquisition Policy And Procedures 45692294-f074-42bd-ac54-16f1a3c07554 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1560 - System And Services Acquisition Policy And Procedures e29e0915-5c2f-4d09-8806-048b749ad763 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1561 - Allocation Of Resources 40364c3f-c331-4e29-b1e3-2fbe998ba2f5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1562 - Allocation Of Resources d4142013-7964-4163-a313-a900301c2cef Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1563 - Allocation Of Resources 9afe2edf-232c-4fdf-8e6a-e867a5c525fd Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1564 - System Development Life Cycle 157f0ef9-143f-496d-b8f9-f8c8eeaad801 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1565 - System Development Life Cycle 45ce2396-5c76-4654-9737-f8792ab3d26b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1566 - System Development Life Cycle 50ad3724-e2ac-4716-afcc-d8eabd97adb9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1567 - System Development Life Cycle e72edbf6-aa61-436d-a227-0f32b77194b3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1568 - Acquisition Process b6a8eae8-9854-495a-ac82-d2cd3eac02a6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1569 - Acquisition Process ad2f8e61-a564-4dfd-8eaa-816f5be8cb34 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1570 - Acquisition Process a7fcf38d-bb09-4600-be7d-825046eb162a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1571 - Acquisition Process b11c985b-f2cd-4bd7-85f4-b52426edf905 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1572 - Acquisition Process 04f5fb00-80bb-48a9-a75b-4cb4d4c97c36 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1573 - Acquisition Process 58c93053-7b98-4cf0-b99f-1beb985416c2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1574 - Acquisition Process 0f935dab-83d6-47b8-85ef-68b8584161b9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1575 - Acquisition Process | Functional Properties Of Security Controls 93e1bb73-1b08-4dbe-9c62-8e2e92e7ec41 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1576 - Acquisition Process | Design / Implementation Information For Security Controls 5f18c885-ade3-48c5-80b1-8f9216019c18 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1577 - Acquisition Process | Continuous Monitoring Plan d922484a-8cfc-4a6b-95a4-77d6a685407f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1578 - Acquisition Process | Functions / Ports / Protocols / Services In Use 45b7b644-5f91-498e-9d89-7402532d3645 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1579 - Acquisition Process | Use Of Approved Piv Products 4e54c7ef-7457-430b-9a3e-ef8881d4a8e0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1580 - Information System Documentation 854db8ac-6adf-42a0-bef3-b73f764f40b9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1581 - Information System Documentation 742b549b-7a25-465f-b83c-ea1ffb4f4e0e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1582 - Information System Documentation cd9e2f38-259b-462c-bfad-0ad7ab4e65c5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1583 - Information System Documentation 0882d488-8e80-4466-bc0f-0cd15b6cb66d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1584 - Information System Documentation 5864522b-ff1d-4979-a9f8-58bee1fb174c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1585 - Security Engineering Principles d57f8732-5cdc-4cda-8d27-ab148e1f3a55 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1586 - External Information System Services 6e3b2fbd-8f37-4766-a64d-3f37703dcb51 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1587 - External Information System Services 32820956-9c6d-4376-934c-05cd8525be7c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1588 - External Information System Services 68ebae26-e0e0-4ecb-8379-aabf633b51e9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1589 - External Information System Services | Risk Assessments / Organizational Approvals 86ec7f9b-9478-40ff-8cfd-6a0d510081a8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1590 - External Information System Services | Risk Assessments / Organizational Approvals bf296b8c-f391-4ea4-9198-be3c9d39dd1f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1591 - External Information System Services | Ident. Of Functions / Ports / Protocols / Services f751cdb7-fbee-406b-969b-815d367cb9b3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1592 - External Information System Services | Consistent Interests Of Consumers And Providers 1d01ba6c-289f-42fd-a408-494b355b6222 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1593 - External Information System Services | Processing, Storage, And Service Location 2cd0a426-b5f5-4fe0-9539-a6043cdbc6fa Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1594 - Developer Configuration Management 042ba2a1-8bb8-45f4-b080-c78cf62b90e9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1595 - Developer Configuration Management 1e0414e7-6ef5-4182-8076-aa82fbb53341 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1596 - Developer Configuration Management 21e25e01-0ae0-41be-919e-04ce92b8e8b8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1597 - Developer Configuration Management 68b250ec-2e4f-4eee-898a-117a9fda7016 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1598 - Developer Configuration Management ae7e1f5e-2d63-4b38-91ef-bce14151cce3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1599 - Developer Configuration Management | Software / Firmware Integrity Verification 0004bbf0-5099-4179-869e-e9ffe5fb0945 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1600 - Developer Security Testing And Evaluation c53f3123-d233-44a7-930b-f40d3bfeb7d6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1601 - Developer Security Testing And Evaluation 0ee79a0c-addf-4ce9-9b3c-d9576ed5e20e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1602 - Developer Security Testing And Evaluation ddae2e97-a449-499f-a1c8-aea4a7e52ec9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1603 - Developer Security Testing And Evaluation 2b909c26-162f-47ce-8e15-0c1f55632eac Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1604 - Developer Security Testing And Evaluation 44dbba23-0b61-478e-89c7-b3084667782f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1605 - Developer Security Testing And Evaluation | Static Code Analysis 0062eb8b-dc75-4718-8ea5-9bb4a9606655 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1606 - Developer Security Testing And Evaluation | Threat And Vulnerability Analyses baa8a9a4-5bbe-4c72-98f6-a3a47ae2b1ca Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1607 - Developer Security Testing And Evaluation | Dynamic Code Analysis 976a74cf-b192-4d35-8cab-2068f272addb Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1608 - Supply Chain Protection b73b7b3b-677c-4a2a-b949-ad4dc4acd89f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1609 - Development Process, Standards, And Tools 9e93fa71-42ac-41a7-b177-efbfdc53c69f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1610 - Development Process, Standards, And Tools b9f3fb54-4222-46a1-a308-4874061f8491 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1611 - Developer-Provided Training fdda8a0c-ac32-43f6-b2f4-7dc1df03f43f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1612 - Developer Security Architecture And Design a2037b3d-8b04-4171-8610-e6d4f1d08db5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1613 - Developer Security Architecture And Design fe2ad78b-8748-4bff-a924-f74dfca93f30 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1614 - Developer Security Architecture And Design 8154e3b3-cc52-40be-9407-7756581d71f6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1615 - System And Communications Protection Policy And Procedures f35e02aa-0a55-49f8-8811-8abfa7e6f2c0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1616 - System And Communications Protection Policy And Procedures 2006457a-48b3-4f7b-8d2e-1532287f9929 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1617 - Application Partitioning a631d8f5-eb81-4f9d-9ee1-74431371e4a3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1618 - Security Function Isolation f52f89aa-4489-4ec4-950e-8c96a036baa9 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1619 - Information In Shared Resources c722e569-cb52-45f3-a643-836547d016e1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1620 - Denial Of Service Protection d17c826b-1dec-43e1-a984-7b71c446649c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1621 - Resource Availability 3cb9f731-744a-4691-a481-ca77b0411538 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1622 - Boundary Protection ecf56554-164d-499a-8d00-206b07c27bed Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1623 - Boundary Protection 02ce1b22-412a-4528-8630-c42146f917ed Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1624 - Boundary Protection 37d079e3-d6aa-4263-a069-dd7ac6dd9684 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1625 - Boundary Protection | Access Points b9b66a4d-70a1-4b47-8fa1-289cec68c605 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1626 - Boundary Protection | External Telecommunications Services e8f6bddd-6d67-439a-88d4-c5fe39a79341 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1627 - Boundary Protection | External Telecommunications Services fd73310d-76fc-422d-bda4-3a077149f179 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1628 - Boundary Protection | External Telecommunications Services 67de62b4-a737-4781-8861-3baed3c35069 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1629 - Boundary Protection | External Telecommunications Services c171b095-7756-41de-8644-a062a96043f2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1630 - Boundary Protection | External Telecommunications Services 3643717a-3897-4bfd-8530-c7c96b26b2a0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1631 - Boundary Protection | Deny By Default / Allow By Exception 74ae9b8e-e7bb-4c9c-992f-c535282f7a2c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1632 - Boundary Protection | Prevent Split Tunneling For Remote Devices 4ce9073a-77fa-48f0-96b1-87aa8e6091c2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1633 - Boundary Protection | Route Traffic To Authenticated Proxy Servers 07557aa0-e02f-4460-9a81-8ecd2fed601a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1634 - Boundary Protection | Prevent Unauthorized Exfiltration 292a7c44-37fa-4c68-af7c-9d836955ded2 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1635 - Boundary Protection | Host-Based Protection 87551b5d-1deb-4d0f-86cc-9dc14cb4bf7e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1636 - Boundary Protection | Isolation Of Security Tools / Mechanisms / Support Components 7b694eed-7081-43c6-867c-41c76c961043 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1637 - Boundary Protection | Fail Secure 4075bedc-c62a-4635-bede-a01be89807f3 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1638 - Boundary Protection | Dynamic Isolation / Segregation 49b99653-32cd-405d-a135-e7d60a9aae1f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1639 - Boundary Protection | Isolation Of Information System Components 78e8e649-50f6-4fe3-99ac-fedc2e63b03f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1640 - Transmission Confidentiality And Integrity 05a289ce-6a20-4b75-a0f3-dc8601b6acd0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1641 - Transmission Confidentiality And Integrity | Cryptographic Or Alternate Physical Protection d39d4f68-7346-4133-8841-15318a714a24 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1642 - Network Disconnect 53397227-5ee3-4b23-9e5e-c8a767ce6928 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1643 - Cryptographic Key Establishment And Management 6d8d492c-dd7a-46f7-a723-fa66a425b87c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1644 - Cryptographic Key Establishment And Management | Availability a7211477-c970-446b-b4af-062f37461147 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1645 - Cryptographic Key Establishment And Management | Symmetric Keys afbd0baf-ff1a-4447-a86f-088a97347c0c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1646 - Cryptographic Key Establishment And Management | Asymmetric Keys 506814fa-b930-4b10-894e-a45b98c40e1a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1647 - Cryptographic Protection 791cfc15-6974-42a0-9f4c-2d4b82f4a78c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1648 - Collaborative Computing Devices 3a9eb14b-495a-4ebb-933c-ce4ef5264e32 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1649 - Collaborative Computing Devices 26d292cc-b0b8-4c29-9337-68abc758bf7b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1650 - Public Key Infrastructure Certificates 201d3740-bd16-4baf-b4b8-7cda352228b7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1651 - Mobile Code 6db63528-c9ba-491c-8a80-83e1e6977a50 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1652 - Mobile Code 6998e84a-2d29-4e10-8962-76754d4f772d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1653 - Mobile Code 6b1c00a7-7fd0-42b0-8c5b-c45f6fa1f71b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1654 - Voice Over Internet Protocol 0a2ee16e-ab1f-414a-800b-d1608835862b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1655 - Voice Over Internet Protocol 121eab72-390e-4629-a7e2-6d6184f57c6b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1656 - Secure Name / Address Resolution Service (Authoritative Source) 1cb067d5-c8b5-4113-a7ee-0a493633924b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1657 - Secure Name / Address Resolution Service (Authoritative Source) 90f01329-a100-43c2-af31-098996135d2b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1658 - Secure Name / Address Resolution Service (Recursive Or Caching Resolver) 063b540e-4bdc-4e7a-a569-3a42ddf22098 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1659 - Architecture And Provisioning For Name / Address Resolution Service 35a4102f-a778-4a2e-98c2-971056288df8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1660 - Session Authenticity 63096613-ce83-43e5-96f4-e588e8813554 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1661 - Session Authenticity | Invalidate Session Identifiers At Logout 4c643c9a-1be7-4016-a5e7-e4bada052920 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1662 - Fail In Known State 165cb91f-7ea8-4ab7-beaf-8636b98c9d15 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1663 - Protection Of Information At Rest 60171210-6dde-40af-a144-bf2670518bfa Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1664 - Protection Of Information At Rest | Cryptographic Protection a2cdf6b8-9505-4619-b579-309ba72037ac Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1665 - Process Isolation 5df3a55c-8456-44d4-941e-175f79332512 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1666 - System And Information Integrity Policy And Procedures 12e30ee3-61e6-4509-8302-a871e8ebb91e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1667 - System And Information Integrity Policy And Procedures d61880dc-6e38-4f2a-a30c-3406a98f8220 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1668 - Flaw Remediation 8fb0966e-be1d-42c3-baca-60df5c0bcc61 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1669 - Flaw Remediation 48f2f62b-5743-4415-a143-288adc0e078d Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1670 - Flaw Remediation c6108469-57ee-4666-af7e-79ba61c7ae0c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1671 - Flaw Remediation 5c5bbef7-a316-415b-9b38-29753ce8e698 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1672 - Flaw Remediation | Central Management b45fe972-904e-45a4-ac20-673ba027a301 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1673 - Flaw Remediation | Automated Flaw Remediation Status dff0b90d-5a6f-491c-b2f8-b90aa402d844 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1674 - Flaw Remediation | Time To Remediate Flaws / Benchmarks For Corrective Actions 93e9e233-dd0a-4bde-aea5-1371bce0e002 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1675 - Flaw Remediation | Time To Remediate Flaws / Benchmarks For Corrective Actions facb66e0-1c48-478a-bed5-747a312323e1 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1676 - Malicious Code Protection c10fb58b-56a8-489e-9ce3-7ffe24e78e4b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1677 - Malicious Code Protection 4a248e1e-040f-43e5-bff2-afc3a57a3923 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1678 - Malicious Code Protection dd533cb0-b416-4be7-8e86-4d154824dfd7 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1679 - Malicious Code Protection 2cf42a28-193e-41c5-98df-7688e7ef0a88 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1680 - Malicious Code Protection | Central Management 399cd6ee-0e18-41db-9dea-cde3bd712f38 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1681 - Malicious Code Protection | Automatic Updates 12623e7e-4736-4b2e-b776-c1600f35f93a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1682 - Malicious Code Protection | Nonsignature-Based Detection 62b638c5-29d7-404b-8d93-f21e4b1ce198 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1683 - Information System Monitoring 8c79fee4-88dd-44ce-bbd4-4de88948c4f8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1684 - Information System Monitoring 16bfdb59-db38-47a5-88a9-2e9371a638cf Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1685 - Information System Monitoring 36b0ef30-366f-4b1b-8652-a3511df11f53 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1686 - Information System Monitoring e17085c5-0be8-4423-b39b-a52d3d1402e5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1687 - Information System Monitoring 7a87fc7f-301e-49f3-ba2a-4d74f424fa97 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1688 - Information System Monitoring 063c3f09-e0f0-4587-8fd5-f4276fae675f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1689 - Information System Monitoring de901f2f-a01a-4456-97f0-33cda7966172 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1690 - Information System Monitoring | System-Wide Intrusion Detection System a2567a23-d1c3-4783-99f3-d471302a4d6b Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1691 - Information System Monitoring | Automated Tools For Real-Time Analysis 71475fb4-49bd-450b-a1a5-f63894c24725 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1692 - Information System Monitoring | Inbound And Outbound Communications Traffic 7ecda928-9df4-4dd7-8f44-641a91e470e8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1693 - Information System Monitoring | System-Generated Alerts a450eba6-2efc-4a00-846a-5804a93c6b77 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1694 - Information System Monitoring | Analyze Communications Traffic Anomalies 426c4ac9-ff17-49d0-acd7-a13c157081c0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1695 - Information System Monitoring | Wireless Intrusion Detection 13fcf812-ec82-4eda-9b89-498de9efd620 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1696 - Information System Monitoring | Correlate Monitoring Information 69d2a238-20ab-4206-a6dc-f302bf88b1b8 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1697 - Information System Monitoring | Analyze Traffic / Covert Exfiltration f9873db2-18ad-46b3-a11a-1a1f8cbf0335 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1698 - Information System Monitoring | Individuals Posing Greater Risk 31b752c1-05a9-432a-8fce-c39b56550119 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1699 - Information System Monitoring | Privileged Users 69c7bee8-bc19-4129-a51e-65a7b39d3e7c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1700 - Information System Monitoring | Unauthorized Network Services 7831b4ba-c3f4-4cb1-8c11-ef8d59438cd5 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1701 - Information System Monitoring | Host-Based Devices f25bc08f-27cb-43b6-9a23-014d00700426 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1702 - Information System Monitoring | Indicators Of Compromise 4dfc0855-92c4-4641-b155-a55ddd962362 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1703 - Security Alerts, Advisories, And Directives 804faf7d-b687-40f7-9f74-79e28adf4205 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1704 - Security Alerts, Advisories, And Directives 2d44b6fa-1134-4ea6-ad4e-9edb68f65429 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1705 - Security Alerts, Advisories, And Directives f82e3639-fa2b-4e06-a786-932d8379b972 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1706 - Security Alerts, Advisories, And Directives f475ee0e-f560-4c9b-876b-04a77460a404 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1707 - Security Alerts, Advisories, And Directives | Automated Alerts And Advisories fd4a2ac8-868a-4702-a345-6c896c3361ce Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1708 - Security Function Verification 7a1e2c88-13de-4959-8ee7-47e3d74f1f48 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1709 - Security Function Verification 025992d6-7fee-4137-9bbf-2ffc39c0686c Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1710 - Security Function Verification af2a93c8-e6dd-4c94-acdd-4a2eedfc478e Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1711 - Security Function Verification b083a535-a66a-41ec-ba7f-f9498bf67cde Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1712 - Software, Firmware, And Information Integrity 44e543aa-41db-42aa-98eb-8a5eb1db53f0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1713 - Software, Firmware, And Information Integrity | Integrity Checks 0d87c70b-5012-48e9-994b-e70dd4b8def0 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1714 - Software, Firmware, And Information Integrity | Automated Notifications Of Integrity Violations e12494fa-b81e-4080-af71-7dbacc2da0ec Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1715 - Software, Firmware, And Information Integrity | Automated Response To Integrity Violations dd469ae0-71a8-4adc-aafc-de6949ca3339 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1716 - Software, Firmware, And Information Integrity | Integration Of Detection And Response e54c325e-42a0-4dcf-b105-046e0f6f590f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1717 - Software, Firmware, And Information Integrity | Binary Or Machine Executable Code 967773fc-d9ab-4a4e-8ff6-f5e9e3f5dbef Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1718 - Software, Firmware, And Information Integrity | Binary Or Machine Executable Code 0dced7ab-9ce5-4137-93aa-14c13e06ab17 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1719 - Spam Protection c13da9b4-fe14-4fe2-853a-5997c9d4215a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1720 - Spam Protection 44b9a7cd-f36a-491a-a48b-6d04ae7c4221 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1721 - Spam Protection | Central Management d207aaef-7c4d-4f8c-9dce-4d62dfa3d29a Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1722 - Spam Protection | Automatic Updates e1da06bd-25b6-4127-a301-c313d6873fff Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1723 - Information Input Validation e91927a0-ac1d-44a0-95f8-5185f9dfce9f Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1724 - Error Handling d07594d1-0307-4c08-94db-5d71ff31f0f6 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1725 - Error Handling afc234b5-456b-4aa5-b3e2-ce89108124cc Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1726 - Information Handling And Retention baff1279-05e0-4463-9a70-8ba5de4c7aa4 Regulatory Compliance Fixed: audit GA
Microsoft Managed Control 1727 - Memory Protection 697175a7-9715-4e89-b98b-c6f605888fa3 Regulatory Compliance Fixed: audit GA
Monitor missing Endpoint Protection in Azure Security Center af6cd1bd-1635-48cb-bde7-5b15693900b9 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
MySQL servers should use customer-managed keys to encrypt data at rest 83cef61d-dbd1-4b20-a4fc-5fbc7da10833 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Network Watcher should be enabled b6e2945c-0b7b-40f5-9233-7a5323b5cdc6 Network Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Non-internet-facing virtual machines should be protected with network security groups bb91dfba-c30d-4263-9add-9c2384e659a6 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Only secure connections to your Azure Cache for Redis should be enabled 22bee202-a82f-4305-9a2a-6d7f44d4dedb Cache Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
OS and data disks should be encrypted with a customer-managed key 702dd420-7fcc-42c5-afe8-4026edd20fe0 Compute Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
PostgreSQL servers should use customer-managed keys to encrypt data at rest 18adea5e-f416-4d0f-8aa8-d24321e3e274 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Private endpoint connections on Azure SQL Database should be enabled 7698e800-9299-47a6-b3b6-5a0fee576eed SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Private endpoint should be enabled for MariaDB servers 0a1302fb-a631-4106-9753-f3d494733990 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Private endpoint should be enabled for MySQL servers 7595c971-233d-4bcf-bd18-596129188c49 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Private endpoint should be enabled for PostgreSQL servers 0564d078-92f5-4f97-8398-b9f58a51f70b SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Public network access on Azure SQL Database should be disabled 1b8ca024-1d5c-4dec-8995-b1a932b41780 SQL Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Public network access should be disabled for MariaDB servers fdccbe47-f3e3-4213-ad5d-ea459b2fa077 SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Public network access should be disabled for MySQL servers d9844e8a-1437-4aeb-a32c-0c992f056095 SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Public network access should be disabled for PostgreSQL servers b52376f7-9612-48a1-81cd-1ffe4b61032c SQL Default: Audit
Allowed: (Audit, Disabled)
GA
Remote debugging should be turned off for API Apps e9c8d085-d9cc-4b17-9cdc-059f1f01f19e App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Remote debugging should be turned off for Function Apps 0e60b895-3786-45da-8377-9c6b4b6ac5f9 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Remote debugging should be turned off for Web Applications cb510bfd-1cba-4d9f-a230-cb0976f4bb71 App Service Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Azure Data Lake Store should be enabled 057ef27e-665e-4328-8ea3-04b3122bd9fb Data Lake Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Azure Stream Analytics should be enabled f9be5368-9bf5-4b84-9e0a-7850da98bb46 Stream Analytics Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Batch accounts should be enabled 428256e6-1fac-4f48-a757-df34c2b3336d Batch Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Data Lake Analytics should be enabled c95c74d9-38fe-4f0d-af86-0c7d626a315c Data Lake Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Event Hub should be enabled 83a214f7-d01a-484b-91a9-ed54470c9a6a Event Hub Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in IoT Hub should be enabled 383856f8-de7f-44a2-81fc-e5135b5c2aa4 Internet of Things Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Key Vault should be enabled cf820ca0-f99e-4f3e-84fb-66e913812d21 Key Vault Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Logic Apps should be enabled 34f95f76-5386-4de7-b824-0d8478470c9d Logic Apps Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Search services should be enabled b4330a05-a843-4bc8-bf9a-cacce50c67f4 Search Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Service Bus should be enabled f8d36e2f-389b-4ee4-898d-21aeb69a0f45 Service Bus Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Resource logs in Virtual Machine Scale Sets should be enabled 7c1b1214-f927-48bf-8882-84f0af6588b1 Compute Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Role-Based Access Control (RBAC) should be used on Kubernetes Services ac4a19c2-fa67-49b4-8ae5-0b2e78c49457 Security Center Default: Audit
Allowed: (Audit, Disabled)
GA
Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption fa298e57-9444-42ba-bf04-86e8470e32c7 Monitoring Default: audit
Allowed: (audit, deny, disabled)
GA
Secure transfer to storage accounts should be enabled 404c3081-a854-4457-ae30-26a93ef643f9 Storage Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Service Bus Premium namespaces should use a customer-managed key for encryption 295fc8b1-dc9f-4f53-9c61-3f313ceab40a Service Bus Default: Audit
Allowed: (Audit, Disabled)
GA
Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign 617c02be-7f02-4efd-8836-3180d47b6c68 Service Fabric Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Service Fabric clusters should only use Azure Active Directory for client authentication b54ed75b-3e1a-44ac-a333-05ba39b99ff0 Service Fabric Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Service principals should be used to protect your subscriptions instead of management certificates 6646a0bd-e110-40ca-bb97-84fcee63c414 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
SQL databases should have vulnerability findings resolved feedbf84-6b99-488c-acc2-71c829aa5ffc Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
SQL managed instances should use customer-managed keys to encrypt data at rest 048248b0-55cd-46da-b1ff-39efd52db260 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
SQL servers on machines should have vulnerability findings resolved 6ba6d016-e7c3-4842-b8f2-4992ebc0d72d Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
SQL servers should use customer-managed keys to encrypt data at rest 0d134df8-db83-46fb-ad72-fe0c9428c8dd SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
SQL servers with auditing to storage account destination should be configured with 90 days retention or higher 89099bee-89e0-4b26-a5f4-165451757743 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Storage account encryption scopes should use customer-managed keys to encrypt data at rest b5ec538c-daa0-4006-8596-35468b9148e8 Storage Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Storage accounts should be migrated to new Azure Resource Manager resources 37e0d2fe-28a5-43d6-a273-67d37d1f5606 Storage Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Storage accounts should have infrastructure encryption 4733ea7b-a883-42fe-8cac-97454c2a9e4a Storage Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Storage accounts should restrict network access 34c877ad-507e-4c82-993e-3452a6e0ad3c Storage Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Storage accounts should restrict network access using virtual network rules 2a1a9cdf-e04d-429a-8416-3bfb72a1b26f Storage Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Storage accounts should use customer-managed key for encryption 6fac406b-40ca-413b-bf8e-0bf964659c25 Storage Default: Audit
Allowed: (Audit, Disabled)
GA
Storage accounts should use private link 6edd7eda-6dd8-40f7-810d-67160c639cd9 Storage Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Subnets should be associated with a Network Security Group e71308d3-144b-4262-b144-efdc3cc90517 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Subscriptions should have a contact email address for security issues 4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
System updates on virtual machine scale sets should be installed c3f317a7-a95c-4547-b7e7-11017ebdf2fe Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
System updates should be installed on your machines 86b3d65f-7626-441e-b690-81a8b71cff60 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host 41425d9f-d1a5-499a-9932-f8ed8453932c Kubernetes Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
There should be more than one owner assigned to your subscription 09024ccc-0c5f-475e-9457-b7c0d9ed487b Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Transparent Data Encryption on SQL databases should be enabled 17k78e20-9358-41c9-923c-fb736d382a12 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Virtual machines and virtual machine scale sets should have encryption at host enabled fc4d8e41-e223-45ea-9bf5-eada37891d87 Compute Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Virtual machines' Guest Configuration extension should be deployed with system-assigned managed identity d26f7642-7545-4e18-9b75-8c9bbdee3a9a Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Virtual machines should be migrated to new Azure Resource Manager resources 1d84d5fb-01f6-4d12-ba4f-4a26081d403d Compute Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Virtual machines should encrypt temp disks, caches, and data flows between Compute and Storage resources 0961003e-5a0a-4549-abde-af6a37f2724d Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
VM Image Builder templates should use private link 2154edb9-244f-4741-9970-660785bccdaa VM Image Builder Default: Audit
Allowed: (Audit, Disabled, Deny)
GA
Vulnerabilities in Azure Container Registry images should be remediated 5f0f936f-2f01-4bf5-b6be-d423792fa562 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Vulnerabilities in container security configurations should be remediated e8cbc669-f12d-49eb-93e7-9273119e9933 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Vulnerabilities in security configuration on your machines should be remediated e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Vulnerabilities in security configuration on your virtual machine scale sets should be remediated 3c735d8a-a4ba-4a3a-b7cf-db7754cf57f4 Security Center Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Vulnerability assessment should be enabled on SQL Managed Instance 1b7aa243-30e4-4c9e-bca8-d0d3022b634a SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Vulnerability assessment should be enabled on your SQL servers ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9 SQL Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Vulnerability assessment should be enabled on your Synapse workspaces 0049a6b3-a662-4f3e-8635-39cf44ace45a Synapse Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Web Application Firewall (WAF) should be enabled for Application Gateway 564feb30-bf6a-4854-b4bb-0d2d2d1e6c66 Network Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Web Application Firewall (WAF) should be enabled for Azure Front Door Service service 055aa869-bc98-4af8-bafc-23f1ab6ffe2c Network Default: Audit
Allowed: (Audit, Deny, Disabled)
GA
Web Application should only be accessible over HTTPS a4af4a39-4135-47fb-b175-47fbdf85311d App Service Default: Audit
Allowed: (Audit, Disabled)
GA
Windows Defender Exploit Guard should be enabled on your machines bed48b13-6647-468e-aa2f-1af1d3f4dd40 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Windows machines should meet requirements of the Azure compute security baseline 72650e9f-97bc-4b2a-ab5f-9781a9fcecbc Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
Windows web servers should be configured to use secure communication protocols 5752e6d6-1206-46d8-8ab1-ecc2f71a8112 Guest Configuration Default: AuditIfNotExists
Allowed: (AuditIfNotExists, Disabled)
GA
JSON
{
  "displayName": "NIST SP 800-53 Rev. 4",
  "policyType": "BuiltIn",
  "description": "This initiative includes policies that address a subset of NIST SP 800-53 Rev. 4 controls. Additional policies will be added in upcoming releases. For more information, visit https://aka.ms/nist800-53r4-initiative.",
  "metadata": {
    "version": "5.1.0",
    "category": "Regulatory Compliance"
  },
  "parameters": {
    "IncludeArcMachines": {
      "type": "String",
      "metadata": {
        "displayName": "Include Arc-connected servers when evaluating guest configuration policies",
        "description": "By selecting 'true,' you agree to be charged monthly per Arc connected machine; for more information, visit https://aka.ms/policy-pricing"
      },
      "allowedValues": [
        "true",
        "false"
      ],
      "defaultValue": "false"
    },
    "NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40": {
      "type": "String",
      "metadata": {
        "displayName": "Status if Windows Defender is not available on machine",
        "description": "Windows Defender Exploit Guard is only available starting with Windows 10/Windows Server with update 1709. Setting this value to 'Non-Compliant' shows machines with older versions on which Windows Defender Exploit Guard is not available (such as Windows Server 2012 R2) as non-compliant. Setting this value to 'Compliant' shows these machines as compliant."
      },
      "allowedValues": [
        "Compliant",
        "Non-Compliant"
      ],
      "defaultValue": "Compliant"
    },
    "MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112": {
      "type": "String",
      "metadata": {
        "displayName": "Minimum TLS version for Windows web servers",
        "description": "Windows web servers with lower TLS versions will be assessed as non-compliant"
      },
      "allowedValues": [
        "1.1",
        "1.2"
      ],
      "defaultValue": "1.2"
    },
    "requiredRetentionDays": {
      "type": "String",
      "metadata": {
        "displayName": "Required retention period (days) for resource logs"
      },
      "defaultValue": "365"
    },
    "effect-febd0533-8e55-448f-b837-bd0e06f16469": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster containers should only use allowed images",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "excludedNamespaces": {
      "type": "Array",
      "metadata": {
        "displayName": "Kubernetes namespaces excluded from evaluation of Kubernetes cluster policies in this initiative",
        "description": "List of Kubernetes namespaces to exclude from policy evaluation"
      },
      "defaultValue": [
        "kube-system",
        "gatekeeper-system",
        "azure-arc"
      ]
    },
    "namespaces": {
      "type": "Array",
      "metadata": {
        "displayName": "Kubernetes namespaces included for evaluation of Kubernetes cluster policies in this initiative",
        "description": "List of Kubernetes namespaces to (only) include for policy evaluation; an empty list will result in policies evaluated on all resources in all namespaces"
      },
      "defaultValue": []
    },
    "labelSelector": {
      "type": "Object",
      "metadata": {
        "displayName": "Kubernetes label selector for resources included for evaluation of Kubernetes cluster policies in this initiative",
        "description": "Label query to select Kubernetes resources to include for policy evaluation; an empty label selector will result in policies evaluated on all Kubernetes resources"
      },
      "defaultValue": {}
    },
    "allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469": {
      "type": "String",
      "metadata": {
        "displayName": "Allowed container images for Kubernetes clusters",
        "description": "Regular expression used to match allowed container images in a Kubernetes cluster; Ex: allow any Azure Container Registry image by matching partial path: ^.+azurecr.io/.+$"
      },
      "defaultValue": "^(.+){0}$"
    },
    "effect-95edb821-ddaf-4404-9732-666045e056b4": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster should not allow privileged containers",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "excludedContainers-95edb821-ddaf-4404-9732-666045e056b4": {
      "type": "Array",
      "metadata": {
        "displayName": "Kubernetes containers excluded from evaluation of policy: Kubernetes cluster should not allow privileged containers",
        "description": "The list of InitContainers and Containers to exclude from policy evaluation. The list should use the container name. Use an empty list to apply this policy to all containers in all namespaces."
      },
      "defaultValue": []
    },
    "effect-440b515e-a580-421e-abeb-b159a61ddcbc": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster containers should only listen on allowed ports",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "allowedContainerPortsList-440b515e-a580-421e-abeb-b159a61ddcbc": {
      "type": "Array",
      "metadata": {
        "displayName": "Allowed listener ports for Kubernetes cluster containers",
        "description": "List of container ports on which Kubernetes cluster containers are allowed to listen"
      },
      "defaultValue": []
    },
    "effect-233a2a17-77ca-4fb1-9b6b-69223d272a44": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster services should listen only on allowed ports",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "allowedServicePortsList-233a2a17-77ca-4fb1-9b6b-69223d272a44": {
      "type": "Array",
      "metadata": {
        "displayName": "Allowed listener ports for Kubernetes cluster services",
        "description": "The list of ports on which Kubernetes cluster services are allowed to listen"
      },
      "defaultValue": []
    },
    "effect-e345eecc-fa47-480f-9e88-67dcc122b164": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster containers CPU and memory resource limits should not exceed the specified limits",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164": {
      "type": "String",
      "metadata": {
        "displayName": "Maximum allowed CPU units for containers in Kubernetes clusters",
        "description": "Ex: 200m; for more information, visit https://aka.ms/k8s-policy-pod-limits"
      },
      "defaultValue": "0"
    },
    "memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164": {
      "type": "String",
      "metadata": {
        "displayName": "Maximum allowed memory (bytes) for a container in Kubernetes clusters",
        "description": "Ex: 1Gi; for more information, visit https://aka.ms/k8s-policy-pod-limits"
      },
      "defaultValue": "0"
    },
    "effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster pods and containers should only run with approved user and group IDs",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "String",
      "metadata": {
        "displayName": "Run as user rule for Kubernetes containers",
        "description": "The 'RunAsUser' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "allowedValues": [
        "MustRunAs",
        "MustRunAsNonRoot",
        "RunAsAny"
      ],
      "defaultValue": "MustRunAsNonRoot"
    },
    "runAsUserRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "Object",
      "metadata": {
        "displayName": "Allowed user ID ranges for Kubernetes containers",
        "description": "User ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": {
        "ranges": []
      }
    },
    "runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "String",
      "metadata": {
        "displayName": "Run as group rule for Kubernetes containers",
        "description": "The 'RunAsGroup' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "allowedValues": [
        "MustRunAs",
        "MayRunAs",
        "RunAsAny"
      ],
      "defaultValue": "RunAsAny"
    },
    "runAsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "Object",
      "metadata": {
        "displayName": "Allowed group ID ranges for Kubernetes containers",
        "description": "Group ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": {
        "ranges": []
      }
    },
    "supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "String",
      "metadata": {
        "displayName": "Supplemental group rule for Kubernetes containers",
        "description": "The 'SupplementalGroups' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "allowedValues": [
        "MustRunAs",
        "MayRunAs",
        "RunAsAny"
      ],
      "defaultValue": "RunAsAny"
    },
    "supplementalGroupsRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "Object",
      "metadata": {
        "displayName": "Allowed supplemental group ID ranges for Kubernetes containers",
        "description": "Supplemental group ID ranges that are allowed for containers to use; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": {
        "ranges": []
      }
    },
    "fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "String",
      "metadata": {
        "displayName": "File system group rule for Kubernetes containers",
        "description": "The 'FSGroup' rule that containers are allowed to run with; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "allowedValues": [
        "MustRunAs",
        "MayRunAs",
        "RunAsAny"
      ],
      "defaultValue": "RunAsAny"
    },
    "fsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042": {
      "type": "Object",
      "metadata": {
        "displayName": "Allowed file system group ID ranges for Kubernetes cluster pods",
        "description": "File system group ranges that are allowed for pods to use; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": {
        "ranges": []
      }
    },
    "effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes clusters should not allow container privilege escalation",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster containers should not share host process ID or host IPC namespace",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-df49d893-a74c-421d-bc95-c663042e5b80": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster containers should run with a read only root file system",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes clusters should be accessible only over HTTPS",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster containers should only use allowed capabilities",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "allowedCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c": {
      "type": "Array",
      "metadata": {
        "displayName": "List of capabilities that are allowed to be added to a Kubernetes cluster container",
        "description": "Use an empty list as input to block everything"
      },
      "defaultValue": []
    },
    "requiredDropCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c": {
      "type": "Array",
      "metadata": {
        "displayName": "The list of capabilities that must be dropped by a Kubernetes cluster container",
        "description": "For more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": []
    },
    "effect-511f5417-5d12-434d-ab2e-816901e72a5e": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster containers should only use allowed AppArmor profiles",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "allowedProfiles-511f5417-5d12-434d-ab2e-816901e72a5e": {
      "type": "Array",
      "metadata": {
        "displayName": "The list of AppArmor profiles that containers are allowed to use",
        "description": "Ex: 'runtime/default;docker/default'; use an empty list as input to block everything; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": []
    },
    "effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster pods should only use approved host network and port range",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "allowHostNetwork-82985f06-dc18-4a48-bc1c-b9f4f0098cfe": {
      "type": "Boolean",
      "metadata": {
        "displayName": "Allow host network usage for Kubernetes cluster pods",
        "description": "Set this value to true if pod is allowed to use host network, otherwise set to false; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": false
    },
    "minPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe": {
      "type": "Integer",
      "metadata": {
        "displayName": "Minimum value in the allowable host port range that Kubernetes cluster pods can use in the host network namespace",
        "description": "For more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": 0
    },
    "maxPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe": {
      "type": "Integer",
      "metadata": {
        "displayName": "Maximum value in the allowable host port range that Kubernetes cluster pods can use in the host network namespace",
        "description": "For more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": 0
    },
    "effect-098fc59e-46c7-4d99-9b16-64990e543d75": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Kubernetes cluster pod hostPath volumes should only use allowed host paths",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "allowedHostPaths-098fc59e-46c7-4d99-9b16-64990e543d75": {
      "type": "Object",
      "metadata": {
        "displayName": "Allowed host paths for pod hostPath volumes to use",
        "description": "Use an empty paths list to block all host paths; for more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": {
        "paths": []
      }
    },
    "resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6": {
      "type": "String",
      "metadata": {
        "displayName": "Name of the resource group for Network Watcher",
        "description": "Name of the resource group where Network Watchers are located, Ex: NetworkWatcherRG"
      },
      "defaultValue": "NetworkWatcherRG"
    },
    "includeAKSClusters-7c1b1214-f927-48bf-8882-84f0af6588b1": {
      "type": "Boolean",
      "metadata": {
        "displayName": "Include AKS clusters when auditing if virtual machine scale set diagnostic logs are enabled",
        "description": "For more information, visit https://aka.ms/kubepolicydoc"
      },
      "defaultValue": false
    },
    "setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9": {
      "type": "String",
      "metadata": {
        "displayName": "Required auditing setting for SQL servers"
      },
      "allowedValues": [
        "enabled",
        "disabled"
      ],
      "defaultValue": "enabled"
    },
    "evaluatedSkuNames-ef619a2c-cc4d-4d03-b2ba-8c94a834d85b": {
      "type": "Array",
      "metadata": {
        "displayName": "API Management SKUs that should use a virtual network",
        "description": "List of API Management SKUs against which this policy will be evaluated"
      },
      "allowedValues": [
        "Developer",
        "Basic",
        "Standard",
        "Premium",
        "Consumption"
      ],
      "defaultValue": [
        "Developer",
        "Premium"
      ]
    },
    "effect-b54ed75b-3e1a-44ac-a333-05ba39b99ff0": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Service Fabric clusters should only use Azure Active Directory for client authentication",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-71ef260a-8f18-47b7-abcb-62d0673d94dc": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Cognitive Services accounts should have local authentication methods disabled",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Web Application Firewall (WAF) should be enabled for Azure Front Door Service service",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Web Application Firewall (WAF) should be enabled for Application Gateway",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Cosmos DB accounts should have firewall rules",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-d9da03a1-f3c3-412a-9709-947156872263": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure HDInsight clusters should use encryption in transit to encrypt communication between Azure HDInsight cluster nodes",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-617c02be-7f02-4efd-8836-3180d47b6c68": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Service Fabric clusters should have the ClusterProtectionLevel property set to EncryptAndSign",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Key vaults should have purge protection enabled",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Key vaults should have soft delete enabled",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "maximumValidityInMonths-0a075868-4c26-42ef-914c-5bc007359560": {
      "type": "Integer",
      "metadata": {
        "displayName": "Maximum validity (months) for Key Vault certificates",
        "description": "The limit for how long a Key Vault certificate may be valid; Azure best practices recommend against certificates with lengthy validity periods"
      },
      "defaultValue": 12
    },
    "effect-0a075868-4c26-42ef-914c-5bc007359560": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Certificates should have the specified maximum validity period",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-98728c90-32c7-4049-8429-847dc0f4fe37": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Key Vault secrets should have an expiration date",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Key Vault keys should have an expiration date",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Double encryption should be enabled on Azure Data Explorer",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-c349d81b-9985-44ae-a8da-ff98d108ede8": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Data Box jobs should enable double encryption for data at rest on the device",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "supportedSKUs-c349d81b-9985-44ae-a8da-ff98d108ede8": {
      "type": "Array",
      "metadata": {
        "displayName": "Azure Data Box SKUs that support software-based double encryption",
        "description": "The list of Azure Data Box SKUs that support software-based double encryption"
      },
      "allowedValues": [
        "DataBox",
        "DataBoxHeavy"
      ],
      "defaultValue": [
        "DataBox",
        "DataBoxHeavy"
      ]
    },
    "effect-3657f5a0-770e-44a3-b44e-9431ba1e9735": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Automation account variables should be encrypted",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Stack Edge devices should use double-encryption",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-ea0dfaed-95fb-448c-934e-d6e713ce393d": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Monitor Logs clusters should be created with infrastructure-encryption enabled (double encryption)",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-3a58212a-c829-4f13-9872-6371df2fd0b4": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Infrastructure encryption should be enabled for Azure Database for MySQL servers",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-24fba194-95d6-48c0-aea7-f65bf859c598": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Infrastructure encryption should be enabled for Azure Database for PostgreSQL servers",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Storage accounts should have infrastructure encryption",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-f4b53539-8df9-40e4-86c6-6b607703bd4e": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Disk encryption should be enabled on Azure Data Explorer",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-41425d9f-d1a5-499a-9932-f8ed8453932c": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Temp disks and cache for agent node pools in Azure Kubernetes Service clusters should be encrypted at host",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-fc4d8e41-e223-45ea-9bf5-eada37891d87": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Virtual machines and virtual machine scale sets should have encryption at host enabled",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-86efb160-8de7-451d-bc08-5d475b0aadae": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Data Box jobs should use a customer-managed key to encrypt the device unlock password",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "supportedSKUs-86efb160-8de7-451d-bc08-5d475b0aadae": {
      "type": "Array",
      "metadata": {
        "displayName": "Azure Data Box SKUs that support customer-managed key encryption key",
        "description": "The list of Azure Data Box SKUs that support customer-managed key encryption key"
      },
      "allowedValues": [
        "DataBox",
        "DataBoxHeavy"
      ],
      "defaultValue": [
        "DataBox",
        "DataBoxHeavy"
      ]
    },
    "effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure data factories should be encrypted with a customer-managed key",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-64d314f6-6062-4780-a861-c23e8951bee5": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure HDInsight clusters should use customer-managed keys to encrypt data at rest",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure HDInsight clusters should use encryption at host to encrypt data at rest",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-fa298e57-9444-42ba-bf04-86e8470e32c7": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Saved-queries in Azure Monitor should be saved in customer storage account for logs encryption",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Cognitive Services accounts should enable data encryption with a customer-managed key",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Cosmos DB accounts should use customer-managed keys to encrypt data at rest",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Container registries should be encrypted with a customer-managed key",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Machine Learning workspaces should be encrypted with a customer-managed key",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-81e74cea-30fd-40d5-802f-d72103c2aaaa": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Data Explorer encryption at rest should use a customer-managed key",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Container Instance container group should use customer-managed key for encryption",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Disabled",
        "Deny"
      ],
      "defaultValue": "Audit"
    },
    "effect-47031206-ce96-41f8-861b-6a915f3de284": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: IoT Hub device provisioning service data should be encrypted using customer-managed keys (CMK)",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Stream Analytics jobs should use customer-managed keys to encrypt data",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-51522a96-0869-4791-82f3-981000c2c67f": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Bot Service should be encrypted with a customer-managed key",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-b5ec538c-daa0-4006-8596-35468b9148e8": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Storage account encryption scopes should use customer-managed keys to encrypt data at rest",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-970f84d8-71b6-4091-9979-ace7e3fb6dbb": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: HPC Cache accounts should use customer-managed key for encryption",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Disabled",
        "Deny"
      ],
      "defaultValue": "Audit"
    },
    "effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Automation accounts should use customer-managed keys to encrypt data at rest",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-2e94d99a-8a36-4563-bc77-810d8893b671": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Recovery Services vaults should use customer-managed keys for encrypting backup data",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "enableDoubleEncryption-2e94d99a-8a36-4563-bc77-810d8893b671": {
      "type": "Boolean",
      "metadata": {
        "displayName": "Require that double encryption is enabled on Recovery Services vaults for Backup",
        "description": "Check if double encryption is enabled on Recovery Services vaults for Backup; for more information, visit https://aka.ms/ab-infraencryption"
      },
      "allowedValues": [
        true,
        false
      ],
      "defaultValue": true
    },
    "effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Logic Apps Integration Service Environment should be encrypted with customer-managed keys",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Batch account should use customer-managed keys to encrypt data",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-1f68a601-6e6d-4e42-babf-3f643a047ea2": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Monitor Logs clusters should be encrypted with customer-managed key",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-f7d52b2d-e161-4dfa-a82b-55e564167385": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Synapse workspaces should use customer-managed keys to encrypt data at rest",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Both operating systems and data disks in Azure Kubernetes Service clusters should be encrypted by customer-managed keys",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-ca91455f-eace-4f96-be59-e6e2c35b4816": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Managed disks should be double encrypted with both platform-managed and customer-managed keys",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-702dd420-7fcc-42c5-afe8-4026edd20fe0": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: OS and data disks should be encrypted with a customer-managed key",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Only secure connections to your Azure Cache for Redis should be enabled",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-404c3081-a854-4457-ae30-26a93ef643f9": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Secure transfer to storage accounts should be enabled",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-d0793b48-0edc-4296-a390-4c75d1bdfd71": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Container registries should not allow unrestricted network access",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-7d092e0a-7acd-40d2-a975-dca21cae48c4": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Cache for Redis should reside within a virtual network",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Storage accounts should restrict network access using virtual network rules",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-34c877ad-507e-4c82-993e-3452a6e0ad3c": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Storage accounts should restrict network access",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-55615ac9-af46-4a59-874e-391cc3dfb490": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Key Vault should disable public network access",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-1b8ca024-1d5c-4dec-8995-b1a932b41780": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Public network access on Azure SQL Database should be disabled",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-037eea7a-bd0a-46c5-9a66-03aea78705d3": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Cognitive Services accounts should restrict network access",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-53503636-bcc9-4748-9663-5348217f160f": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure SignalR Service should use private link",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-40cec1dd-a100-4920-b15b-3024fe8901ab": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Machine Learning workspaces should use private link",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-2154edb9-244f-4741-9970-660785bccdaa": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: VM Image Builder templates should use private link",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Disabled",
        "Deny"
      ],
      "defaultValue": "Audit"
    },
    "effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Cognitive Services accounts should disable public network access",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-5f0bc445-3935-4915-9981-011aa2b46147": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Private endpoint should be configured for Key Vault",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-af35e2a4-ef96-44e7-a9ae-853dd97032c4": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Spring Cloud should use network injection",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Disabled",
        "Deny"
      ],
      "defaultValue": "Audit"
    },
    "evaluatedSkuNames-af35e2a4-ef96-44e7-a9ae-853dd97032c4": {
      "type": "Array",
      "metadata": {
        "displayName": "Azure Spring Cloud SKUs that should use network injection",
        "description": "List of Azure Spring Cloud SKUs against which this policy will be evaluated"
      },
      "allowedValues": [
        "Standard"
      ],
      "defaultValue": [
        "Standard"
      ]
    },
    "effect-a049bf77-880b-470f-ba6d-9f21c530cf83": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Cognitive Search service should use a SKU that supports private link",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-52630df9-ca7e-442b-853b-c6ce548b31a2": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Web PubSub Service should use private link",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-4fa4b6c0-31ca-4c0d-b10d-24b96f62a751": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Storage account public access should be disallowed",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "audit",
        "deny",
        "disabled"
      ],
      "defaultValue": "audit"
    },
    "effect-ee980b6d-0eca-4501-8d54-f6290fd512c3": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Azure Cognitive Search services should disable public network access",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Virtual machines should be migrated to new Azure Resource Manager resources",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606": {
      "type": "String",
      "metadata": {
        "displayName": "Effect for policy: Storage accounts should be migrated to new Azure Resource Manager resources",
        "description": "The effect determines what happens when the policy rule is evaluated to match; for more information about effects, visit https://aka.ms/policyeffects"
      },
      "allowedValues": [
        "Audit",
        "Deny",
        "Disabled"
      ],
      "defaultValue": "Audit"
    },
    "logAnalyticsWorkspaceIdforVMReporting": {
      "type": "String",
      "metadata": {
        "displayName": "[Deprecated]: Log Analytics workspace ID for VM agent reporting",
        "deprecated": true
      },
      "defaultValue": ""
    },
    "listOfResourceTypesWithDiagnosticLogsEnabled": {
      "type": "Array",
      "metadata": {
        "displayName": "[Deprecated]: List of resource types that should have resource logs enabled",
        "deprecated": true
      },
      "allowedValues": [
        "Microsoft.AnalysisServices/servers",
        "Microsoft.ApiManagement/service",
        "Microsoft.Network/applicationGateways",
        "Microsoft.Automation/automationAccounts",
        "Microsoft.ContainerInstance/containerGroups",
        "Microsoft.ContainerRegistry/registries",
        "Microsoft.ContainerService/managedClusters",
        "Microsoft.Batch/batchAccounts",
        "Microsoft.Cdn/profiles/endpoints",
        "Microsoft.CognitiveServices/accounts",
        "Microsoft.DocumentDB/databaseAccounts",
        "Microsoft.DataFactory/factories",
        "Microsoft.DataLakeAnalytics/accounts",
        "Microsoft.DataLakeStore/accounts",
        "Microsoft.EventGrid/eventSubscriptions",
        "Microsoft.EventGrid/topics",
        "Microsoft.EventHub/namespaces",
        "Microsoft.Network/expressRouteCircuits",
        "Microsoft.Network/azureFirewalls",
        "Microsoft.HDInsight/clusters",
        "Microsoft.Devices/IotHubs",
        "Microsoft.KeyVault/vaults",
        "Microsoft.Network/loadBalancers",
        "Microsoft.Logic/integrationAccounts",
        "Microsoft.Logic/workflows",
        "Microsoft.DBforMySQL/servers",
        "Microsoft.Network/networkInterfaces",
        "Microsoft.Network/networkSecurityGroups",
        "Microsoft.DBforPostgreSQL/servers",
        "Microsoft.PowerBIDedicated/capacities",
        "Microsoft.Network/publicIPAddresses",
        "Microsoft.RecoveryServices/vaults",
        "Microsoft.Cache/redis",
        "Microsoft.Relay/namespaces",
        "Microsoft.Search/searchServices",
        "Microsoft.ServiceBus/namespaces",
        "Microsoft.SignalRService/SignalR",
        "Microsoft.Sql/servers/databases",
        "Microsoft.Sql/servers/elasticPools",
        "Microsoft.StreamAnalytics/streamingjobs",
        "Microsoft.TimeSeriesInsights/environments",
        "Microsoft.Network/trafficManagerProfiles",
        "Microsoft.Compute/virtualMachines",
        "Microsoft.Compute/virtualMachineScaleSets",
        "Microsoft.Network/virtualNetworks",
        "Microsoft.Network/virtualNetworkGateways"
      ],
      "defaultValue": []
    },
    "listOfMembersToExcludeFromWindowsVMAdministratorsGroup": {
      "type": "String",
      "metadata": {
        "displayName": "[Deprecated]: List of users excluded from Windows VM Administrators group",
        "deprecated": true
      },
      "defaultValue": ""
    },
    "listOfMembersToIncludeInWindowsVMAdministratorsGroup": {
      "type": "String",
      "metadata": {
        "displayName": "[Deprecated]: List of users that must be included in Windows VM Administrators group",
        "deprecated": true
      },
      "defaultValue": ""
    }
  },
  "policyDefinitions": [
    {
      "policyDefinitionReferenceId": "72650e9f-97bc-4b2a-ab5f-9781a9fcecbc",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/72650e9f-97bc-4b2a-ab5f-9781a9fcecbc",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "fc9b3da7-8347-4380-8e70-0a0361d8dedd",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fc9b3da7-8347-4380-8e70-0a0361d8dedd",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "bed48b13-6647-468e-aa2f-1af1d3f4dd40",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bed48b13-6647-468e-aa2f-1af1d3f4dd40",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        },
        "NotAvailableMachineState": {
          "value": "[parameters('NotAvailableMachineState-bed48b13-6647-468e-aa2f-1af1d3f4dd40')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-3",
        "NIST_SP_800-53_R4_SI-3",
        "NIST_SP_800-53_R4_SI-3(1)",
        "NIST_SP_800-53_R4_SI-16"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatLinuxVMsHaveThePasswdFilePermissionsSeTTo0644",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e6955644-301c-44b5-a4c4-528577de6861",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5",
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatWindowsVMsCannotreUseThePrevious24Passwords",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5b054a0d-39e2-4d53-bea3-9734cad2c69b",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatWindowsVMsStorePasswordsUsingReversibleEncryption",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/da0f98fe-a24b-4ad5-af69-bd0400233661",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5",
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatWindowsVMsHaveAMaximumPasswordAgeOf70days",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4ceb8dc2-559c-478b-a15b-733fbf1e3738",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditThatWindowsWebServersAreUsingScureCommunicationProtocols",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5752e6d6-1206-46d8-8ab1-ecc2f71a8112",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        },
        "MinimumTLSVersion": {
          "value": "[parameters('MinimumTLSVersion-5752e6d6-1206-46d8-8ab1-ecc2f71a8112')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "630c64f9-8b6b-4c64-b511-6544ceff6fd6",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/630c64f9-8b6b-4c64-b511-6544ceff6fd6",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatWindowsVMsHaveAMinimumPasswordAgeOf1Day",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/237b38db-ca4d-4259-9e47-7882441ca2c0",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatLinuxVMsDoNotAllowRemoteConnectionsFromAccountsWithoutPasswords",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ea53dbee-c6c9-4f0e-9f9e-de0039b78023",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatWindowsVMsHaveThePasswordComplexitySettingEnabled",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bf16e0bb-31e1-4646-8202-60a235cc7e74",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatWindowsVMsRestrictTheMinimumPasswordLengthTo14Characters",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a2d0e922-65d0-40c4-8f87-ea6da2d307a2",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditThatLinuxVMsDoNotHaveAccountsWithoutPasswords",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f6ec09a3-78bf-4f8f-99dc-6c77182d0f99",
      "parameters": {
        "IncludeArcMachines": {
          "value": "[parameters('IncludeArcMachines')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "383856f8-de7f-44a2-81fc-e5135b5c2aa4",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/383856f8-de7f-44a2-81fc-e5135b5c2aa4",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "f9be5368-9bf5-4b84-9e0a-7850da98bb46",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f9be5368-9bf5-4b84-9e0a-7850da98bb46",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "f8d36e2f-389b-4ee4-898d-21aeb69a0f45",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f8d36e2f-389b-4ee4-898d-21aeb69a0f45",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "b4330a05-a843-4bc8-bf9a-cacce50c67f4",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b4330a05-a843-4bc8-bf9a-cacce50c67f4",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "34f95f76-5386-4de7-b824-0d8478470c9d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/34f95f76-5386-4de7-b824-0d8478470c9d",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "cf820ca0-f99e-4f3e-84fb-66e913812d21",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cf820ca0-f99e-4f3e-84fb-66e913812d21",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "83a214f7-d01a-484b-91a9-ed54470c9a6a",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/83a214f7-d01a-484b-91a9-ed54470c9a6a",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "057ef27e-665e-4328-8ea3-04b3122bd9fb",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/057ef27e-665e-4328-8ea3-04b3122bd9fb",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "c95c74d9-38fe-4f0d-af86-0c7d626a315c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c95c74d9-38fe-4f0d-af86-0c7d626a315c",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "428256e6-1fac-4f48-a757-df34c2b3336d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/428256e6-1fac-4f48-a757-df34c2b3336d",
      "parameters": {
        "requiredRetentionDays": {
          "value": "[parameters('requiredRetentionDays')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "febd0533-8e55-448f-b837-bd0e06f16469",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/febd0533-8e55-448f-b837-bd0e06f16469",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-febd0533-8e55-448f-b837-bd0e06f16469')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "allowedContainerImagesRegex": {
          "value": "[parameters('allowedContainerImagesRegex-febd0533-8e55-448f-b837-bd0e06f16469')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "95edb821-ddaf-4404-9732-666045e056b4",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/95edb821-ddaf-4404-9732-666045e056b4",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-95edb821-ddaf-4404-9732-666045e056b4')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "excludedContainers": {
          "value": "[parameters('excludedContainers-95edb821-ddaf-4404-9732-666045e056b4')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "440b515e-a580-421e-abeb-b159a61ddcbc",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/440b515e-a580-421e-abeb-b159a61ddcbc",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-440b515e-a580-421e-abeb-b159a61ddcbc')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "allowedContainerPortsList": {
          "value": "[parameters('allowedContainerPortsList-440b515e-a580-421e-abeb-b159a61ddcbc')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "233a2a17-77ca-4fb1-9b6b-69223d272a44",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/233a2a17-77ca-4fb1-9b6b-69223d272a44",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-233a2a17-77ca-4fb1-9b6b-69223d272a44')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "allowedServicePortsList": {
          "value": "[parameters('allowedServicePortsList-233a2a17-77ca-4fb1-9b6b-69223d272a44')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "e345eecc-fa47-480f-9e88-67dcc122b164",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e345eecc-fa47-480f-9e88-67dcc122b164",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-e345eecc-fa47-480f-9e88-67dcc122b164')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "cpuLimit": {
          "value": "[parameters('cpuLimit-e345eecc-fa47-480f-9e88-67dcc122b164')]"
        },
        "memoryLimit": {
          "value": "[parameters('memoryLimit-e345eecc-fa47-480f-9e88-67dcc122b164')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "f06ddb64-5fa3-4b77-b166-acb36f7f6042",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f06ddb64-5fa3-4b77-b166-acb36f7f6042",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "runAsUserRule": {
          "value": "[parameters('runAsUserRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        },
        "runAsUserRanges": {
          "value": "[parameters('runAsUserRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        },
        "runAsGroupRule": {
          "value": "[parameters('runAsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        },
        "runAsGroupRanges": {
          "value": "[parameters('runAsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        },
        "supplementalGroupsRule": {
          "value": "[parameters('supplementalGroupsRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        },
        "supplementalGroupsRanges": {
          "value": "[parameters('supplementalGroupsRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        },
        "fsGroupRule": {
          "value": "[parameters('fsGroupRule-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        },
        "fsGroupRanges": {
          "value": "[parameters('fsGroupRanges-f06ddb64-5fa3-4b77-b166-acb36f7f6042')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "1c6e92c9-99f0-4e55-9cf2-0c234dc48f99",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1c6e92c9-99f0-4e55-9cf2-0c234dc48f99",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1c6e92c9-99f0-4e55-9cf2-0c234dc48f99')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-47a1ee2f-2a2a-4576-bf2a-e0e36709c2b8')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "df49d893-a74c-421d-bc95-c663042e5b80",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/df49d893-a74c-421d-bc95-c663042e5b80",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-df49d893-a74c-421d-bc95-c663042e5b80')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1a5b4dca-0b6f-4cf5-907c-56316bc1bf3d')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "c26596ff-4d70-4e6a-9a30-c2506bd2f80c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c26596ff-4d70-4e6a-9a30-c2506bd2f80c",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-c26596ff-4d70-4e6a-9a30-c2506bd2f80c')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "allowedCapabilities": {
          "value": "[parameters('allowedCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c')]"
        },
        "requiredDropCapabilities": {
          "value": "[parameters('requiredDropCapabilities-c26596ff-4d70-4e6a-9a30-c2506bd2f80c')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "511f5417-5d12-434d-ab2e-816901e72a5e",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/511f5417-5d12-434d-ab2e-816901e72a5e",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-511f5417-5d12-434d-ab2e-816901e72a5e')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "allowedProfiles": {
          "value": "[parameters('allowedProfiles-511f5417-5d12-434d-ab2e-816901e72a5e')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "82985f06-dc18-4a48-bc1c-b9f4f0098cfe",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/82985f06-dc18-4a48-bc1c-b9f4f0098cfe",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-82985f06-dc18-4a48-bc1c-b9f4f0098cfe')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "allowHostNetwork": {
          "value": "[parameters('allowHostNetwork-82985f06-dc18-4a48-bc1c-b9f4f0098cfe')]"
        },
        "minPort": {
          "value": "[parameters('minPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe')]"
        },
        "maxPort": {
          "value": "[parameters('maxPort-82985f06-dc18-4a48-bc1c-b9f4f0098cfe')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "098fc59e-46c7-4d99-9b16-64990e543d75",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/098fc59e-46c7-4d99-9b16-64990e543d75",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-098fc59e-46c7-4d99-9b16-64990e543d75')]"
        },
        "excludedNamespaces": {
          "value": "[parameters('excludedNamespaces')]"
        },
        "namespaces": {
          "value": "[parameters('namespaces')]"
        },
        "labelSelector": {
          "value": "[parameters('labelSelector')]"
        },
        "allowedHostPaths": {
          "value": "[parameters('allowedHostPaths-098fc59e-46c7-4d99-9b16-64990e543d75')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "b6e2945c-0b7b-40f5-9233-7a5323b5cdc6",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b6e2945c-0b7b-40f5-9233-7a5323b5cdc6",
      "parameters": {
        "resourceGroupName": {
          "value": "[parameters('resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "7c1b1214-f927-48bf-8882-84f0af6588b1",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7c1b1214-f927-48bf-8882-84f0af6588b1",
      "parameters": {
        "includeAKSClusters": {
          "value": "[parameters('includeAKSClusters-7c1b1214-f927-48bf-8882-84f0af6588b1')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditSQLServerLevelAuditingSettings",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9",
      "parameters": {
        "setting": {
          "value": "[parameters('setting-a6fb4358-5bf4-4ad7-ba82-2cd2f41ce5e9')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ef619a2c-cc4d-4d03-b2ba-8c94a834d85b",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ef619a2c-cc4d-4d03-b2ba-8c94a834d85b",
      "parameters": {
        "evaluatedSkuNames": {
          "value": "[parameters('evaluatedSkuNames-ef619a2c-cc4d-4d03-b2ba-8c94a834d85b')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditUsageOfAzureActiveDirectoryForClientAuthenticationInServiceFabric",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b54ed75b-3e1a-44ac-a333-05ba39b99ff0",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-b54ed75b-3e1a-44ac-a333-05ba39b99ff0')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2",
        "NIST_SP_800-53_R4_AC-2(1)",
        "NIST_SP_800-53_R4_AC-2(7)",
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "71ef260a-8f18-47b7-abcb-62d0673d94dc",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/71ef260a-8f18-47b7-abcb-62d0673d94dc",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-71ef260a-8f18-47b7-abcb-62d0673d94dc')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2",
        "NIST_SP_800-53_R4_AC-2(1)",
        "NIST_SP_800-53_R4_AC-2(7)",
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "055aa869-bc98-4af8-bafc-23f1ab6ffe2c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/055aa869-bc98-4af8-bafc-23f1ab6ffe2c",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-055aa869-bc98-4af8-bafc-23f1ab6ffe2c')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-5",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "564feb30-bf6a-4854-b4bb-0d2d2d1e6c66",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/564feb30-bf6a-4854-b4bb-0d2d2d1e6c66",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-564feb30-bf6a-4854-b4bb-0d2d2d1e6c66')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-5",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-862e97cf-49fc-4a5c-9de4-40d4e2e7c8eb')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "d9da03a1-f3c3-412a-9709-947156872263",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d9da03a1-f3c3-412a-9709-947156872263",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-d9da03a1-f3c3-412a-9709-947156872263')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "617c02be-7f02-4efd-8836-3180d47b6c68",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/617c02be-7f02-4efd-8836-3180d47b6c68",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-617c02be-7f02-4efd-8836-3180d47b6c68')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0b60c0b2-2dc2-4e1c-b5c9-abbed971de53",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0b60c0b2-2dc2-4e1c-b5c9-abbed971de53",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-0b60c0b2-2dc2-4e1c-b5c9-abbed971de53')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1e66c121-a66a-4b1f-9b83-0fd99bf0fc2d')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "0a075868-4c26-42ef-914c-5bc007359560",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0a075868-4c26-42ef-914c-5bc007359560",
      "parameters": {
        "maximumValidityInMonths": {
          "value": "[parameters('maximumValidityInMonths-0a075868-4c26-42ef-914c-5bc007359560')]"
        },
        "effect": {
          "value": "[parameters('effect-0a075868-4c26-42ef-914c-5bc007359560')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "98728c90-32c7-4049-8429-847dc0f4fe37",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/98728c90-32c7-4049-8429-847dc0f4fe37",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-98728c90-32c7-4049-8429-847dc0f4fe37')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-152b15f7-8e1f-4c1f-ab71-8c010ba5dbc0')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ec068d99-e9c7-401f-8cef-5bdde4e6ccf1",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ec068d99-e9c7-401f-8cef-5bdde4e6ccf1",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-ec068d99-e9c7-401f-8cef-5bdde4e6ccf1')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "c349d81b-9985-44ae-a8da-ff98d108ede8",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c349d81b-9985-44ae-a8da-ff98d108ede8",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-c349d81b-9985-44ae-a8da-ff98d108ede8')]"
        },
        "supportedSKUs": {
          "value": "[parameters('supportedSKUs-c349d81b-9985-44ae-a8da-ff98d108ede8')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "3657f5a0-770e-44a3-b44e-9431ba1e9735",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3657f5a0-770e-44a3-b44e-9431ba1e9735",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-3657f5a0-770e-44a3-b44e-9431ba1e9735')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "b4ac1030-89c5-4697-8e00-28b5ba6a8811",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b4ac1030-89c5-4697-8e00-28b5ba6a8811",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-b4ac1030-89c5-4697-8e00-28b5ba6a8811')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ea0dfaed-95fb-448c-934e-d6e713ce393d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ea0dfaed-95fb-448c-934e-d6e713ce393d",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-ea0dfaed-95fb-448c-934e-d6e713ce393d')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "3a58212a-c829-4f13-9872-6371df2fd0b4",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3a58212a-c829-4f13-9872-6371df2fd0b4",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-3a58212a-c829-4f13-9872-6371df2fd0b4')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "24fba194-95d6-48c0-aea7-f65bf859c598",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/24fba194-95d6-48c0-aea7-f65bf859c598",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-24fba194-95d6-48c0-aea7-f65bf859c598')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "4733ea7b-a883-42fe-8cac-97454c2a9e4a",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4733ea7b-a883-42fe-8cac-97454c2a9e4a",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-4733ea7b-a883-42fe-8cac-97454c2a9e4a')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "f4b53539-8df9-40e4-86c6-6b607703bd4e",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f4b53539-8df9-40e4-86c6-6b607703bd4e",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-f4b53539-8df9-40e4-86c6-6b607703bd4e')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "41425d9f-d1a5-499a-9932-f8ed8453932c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/41425d9f-d1a5-499a-9932-f8ed8453932c",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-41425d9f-d1a5-499a-9932-f8ed8453932c')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "fc4d8e41-e223-45ea-9bf5-eada37891d87",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fc4d8e41-e223-45ea-9bf5-eada37891d87",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-fc4d8e41-e223-45ea-9bf5-eada37891d87')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "86efb160-8de7-451d-bc08-5d475b0aadae",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86efb160-8de7-451d-bc08-5d475b0aadae",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-86efb160-8de7-451d-bc08-5d475b0aadae')]"
        },
        "supportedSKUs": {
          "value": "[parameters('supportedSKUs-86efb160-8de7-451d-bc08-5d475b0aadae')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "4ec52d6d-beb7-40c4-9a9e-fe753254690e",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4ec52d6d-beb7-40c4-9a9e-fe753254690e",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-4ec52d6d-beb7-40c4-9a9e-fe753254690e')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "64d314f6-6062-4780-a861-c23e8951bee5",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/64d314f6-6062-4780-a861-c23e8951bee5",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-64d314f6-6062-4780-a861-c23e8951bee5')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1fd32ebd-e4c3-4e13-a54a-d7422d4d95f6')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "fa298e57-9444-42ba-bf04-86e8470e32c7",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fa298e57-9444-42ba-bf04-86e8470e32c7",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-fa298e57-9444-42ba-bf04-86e8470e32c7')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "67121cc7-ff39-4ab8-b7e3-95b84dab487d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/67121cc7-ff39-4ab8-b7e3-95b84dab487d",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-67121cc7-ff39-4ab8-b7e3-95b84dab487d')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "1f905d99-2ab7-462c-a6b0-f709acca6c8f",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1f905d99-2ab7-462c-a6b0-f709acca6c8f",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1f905d99-2ab7-462c-a6b0-f709acca6c8f')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-5b9159ae-1701-4a6f-9a7a-aa9c8ddd0580')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "ba769a63-b8cc-4b2d-abf6-ac33c7204be8",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ba769a63-b8cc-4b2d-abf6-ac33c7204be8",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-ba769a63-b8cc-4b2d-abf6-ac33c7204be8')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "81e74cea-30fd-40d5-802f-d72103c2aaaa",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/81e74cea-30fd-40d5-802f-d72103c2aaaa",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-81e74cea-30fd-40d5-802f-d72103c2aaaa')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "0aa61e00-0a01-4a3c-9945-e93cffedf0e6",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0aa61e00-0a01-4a3c-9945-e93cffedf0e6",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-0aa61e00-0a01-4a3c-9945-e93cffedf0e6')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "47031206-ce96-41f8-861b-6a915f3de284",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47031206-ce96-41f8-861b-6a915f3de284",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-47031206-ce96-41f8-861b-6a915f3de284')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "87ba29ef-1ab3-4d82-b763-87fcd4f531f7",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/87ba29ef-1ab3-4d82-b763-87fcd4f531f7",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-87ba29ef-1ab3-4d82-b763-87fcd4f531f7')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "51522a96-0869-4791-82f3-981000c2c67f",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/51522a96-0869-4791-82f3-981000c2c67f",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-51522a96-0869-4791-82f3-981000c2c67f')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "b5ec538c-daa0-4006-8596-35468b9148e8",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b5ec538c-daa0-4006-8596-35468b9148e8",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-b5ec538c-daa0-4006-8596-35468b9148e8')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "970f84d8-71b6-4091-9979-ace7e3fb6dbb",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/970f84d8-71b6-4091-9979-ace7e3fb6dbb",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-970f84d8-71b6-4091-9979-ace7e3fb6dbb')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "56a5ee18-2ae6-4810-86f7-18e39ce5629b",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/56a5ee18-2ae6-4810-86f7-18e39ce5629b",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-56a5ee18-2ae6-4810-86f7-18e39ce5629b')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "2e94d99a-8a36-4563-bc77-810d8893b671",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2e94d99a-8a36-4563-bc77-810d8893b671",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-2e94d99a-8a36-4563-bc77-810d8893b671')]"
        },
        "enableDoubleEncryption": {
          "value": "[parameters('enableDoubleEncryption-2e94d99a-8a36-4563-bc77-810d8893b671')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1fafeaf6-7927-4059-a50a-8eb2a7a6f2b5')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "99e9ccd8-3db9-4592-b0d1-14b1715a4d8a",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/99e9ccd8-3db9-4592-b0d1-14b1715a4d8a",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-99e9ccd8-3db9-4592-b0d1-14b1715a4d8a')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "1f68a601-6e6d-4e42-babf-3f643a047ea2",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1f68a601-6e6d-4e42-babf-3f643a047ea2",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1f68a601-6e6d-4e42-babf-3f643a047ea2')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "f7d52b2d-e161-4dfa-a82b-55e564167385",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f7d52b2d-e161-4dfa-a82b-55e564167385",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-f7d52b2d-e161-4dfa-a82b-55e564167385')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "7d7be79c-23ba-4033-84dd-45e2a5ccdd67",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7d7be79c-23ba-4033-84dd-45e2a5ccdd67",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-7d7be79c-23ba-4033-84dd-45e2a5ccdd67')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "ca91455f-eace-4f96-be59-e6e2c35b4816",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ca91455f-eace-4f96-be59-e6e2c35b4816",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-ca91455f-eace-4f96-be59-e6e2c35b4816')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "702dd420-7fcc-42c5-afe8-4026edd20fe0",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/702dd420-7fcc-42c5-afe8-4026edd20fe0",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-702dd420-7fcc-42c5-afe8-4026edd20fe0')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditEnablingOfOnlySecureConnectionsToYourRedisCache",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22bee202-a82f-4305-9a2a-6d7f44d4dedb",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-22bee202-a82f-4305-9a2a-6d7f44d4dedb')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditSecureTransferToStorageAccounts",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/404c3081-a854-4457-ae30-26a93ef643f9",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-404c3081-a854-4457-ae30-26a93ef643f9')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "d0793b48-0edc-4296-a390-4c75d1bdfd71",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d0793b48-0edc-4296-a390-4c75d1bdfd71",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-d0793b48-0edc-4296-a390-4c75d1bdfd71')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "7d092e0a-7acd-40d2-a975-dca21cae48c4",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7d092e0a-7acd-40d2-a975-dca21cae48c4",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-7d092e0a-7acd-40d2-a975-dca21cae48c4')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "2a1a9cdf-e04d-429a-8416-3bfb72a1b26f",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2a1a9cdf-e04d-429a-8416-3bfb72a1b26f",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-2a1a9cdf-e04d-429a-8416-3bfb72a1b26f')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditUnrestrictedNetworkAccessToStorageAccounts",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/34c877ad-507e-4c82-993e-3452a6e0ad3c",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-34c877ad-507e-4c82-993e-3452a6e0ad3c')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "55615ac9-af46-4a59-874e-391cc3dfb490",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/55615ac9-af46-4a59-874e-391cc3dfb490",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-55615ac9-af46-4a59-874e-391cc3dfb490')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "1b8ca024-1d5c-4dec-8995-b1a932b41780",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1b8ca024-1d5c-4dec-8995-b1a932b41780",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1b8ca024-1d5c-4dec-8995-b1a932b41780')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "037eea7a-bd0a-46c5-9a66-03aea78705d3",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/037eea7a-bd0a-46c5-9a66-03aea78705d3",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-037eea7a-bd0a-46c5-9a66-03aea78705d3')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "53503636-bcc9-4748-9663-5348217f160f",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/53503636-bcc9-4748-9663-5348217f160f",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-53503636-bcc9-4748-9663-5348217f160f')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "40cec1dd-a100-4920-b15b-3024fe8901ab",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/40cec1dd-a100-4920-b15b-3024fe8901ab",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-40cec1dd-a100-4920-b15b-3024fe8901ab')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "2154edb9-244f-4741-9970-660785bccdaa",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2154edb9-244f-4741-9970-660785bccdaa",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-2154edb9-244f-4741-9970-660785bccdaa')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0725b4dd-7e76-479c-a735-68e7ee23d5ca",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0725b4dd-7e76-479c-a735-68e7ee23d5ca",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-0725b4dd-7e76-479c-a735-68e7ee23d5ca')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "5f0bc445-3935-4915-9981-011aa2b46147",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5f0bc445-3935-4915-9981-011aa2b46147",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-5f0bc445-3935-4915-9981-011aa2b46147')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "af35e2a4-ef96-44e7-a9ae-853dd97032c4",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af35e2a4-ef96-44e7-a9ae-853dd97032c4",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-af35e2a4-ef96-44e7-a9ae-853dd97032c4')]"
        },
        "evaluatedSkuNames": {
          "value": "[parameters('evaluatedSkuNames-af35e2a4-ef96-44e7-a9ae-853dd97032c4')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "a049bf77-880b-470f-ba6d-9f21c530cf83",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a049bf77-880b-470f-ba6d-9f21c530cf83",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-a049bf77-880b-470f-ba6d-9f21c530cf83')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "52630df9-ca7e-442b-853b-c6ce548b31a2",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/52630df9-ca7e-442b-853b-c6ce548b31a2",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-52630df9-ca7e-442b-853b-c6ce548b31a2')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "4fa4b6c0-31ca-4c0d-b10d-24b96f62a751",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4fa4b6c0-31ca-4c0d-b10d-24b96f62a751",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-4fa4b6c0-31ca-4c0d-b10d-24b96f62a751')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ee980b6d-0eca-4501-8d54-f6290fd512c3",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ee980b6d-0eca-4501-8d54-f6290fd512c3",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-ee980b6d-0eca-4501-8d54-f6290fd512c3')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "1d84d5fb-01f6-4d12-ba4f-4a26081d403d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1d84d5fb-01f6-4d12-ba4f-4a26081d403d",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-1d84d5fb-01f6-4d12-ba4f-4a26081d403d')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "37e0d2fe-28a5-43d6-a273-67d37d1f5606",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/37e0d2fe-28a5-43d6-a273-67d37d1f5606",
      "parameters": {
        "effect": {
          "value": "[parameters('effect-37e0d2fe-28a5-43d6-a273-67d37d1f5606')]"
        }
      },
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "b52376f7-9612-48a1-81cd-1ffe4b61032c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b52376f7-9612-48a1-81cd-1ffe4b61032c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditDeprecatedAccountsOnASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6b1cbf55-e8b6-442f-ba4c-7246b6381474",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditProvisioningOfAnAzureActiveDirectoryAdministratorForSQLServer",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1f314764-cb73-4fc9-b863-8eca98ac36e9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2",
        "NIST_SP_800-53_R4_AC-2(1)",
        "NIST_SP_800-53_R4_AC-2(7)",
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ac4a19c2-fa67-49b4-8ae5-0b2e78c49457",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ac4a19c2-fa67-49b4-8ae5-0b2e78c49457",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditCORSResourceAccessRestrictionsForAWebApplication",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5744710e-cc2f-4ee8-8809-3b11e89f4bc9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorInternetFacingVirtualMachinesForNetworkSecurityGroupTrafficHardeningRecommendations",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/08e6af2d-db70-460a-bfe9-d5bd474ba9d6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-4(3)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditMinimumNumberOfOwnersForSubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/09024ccc-0c5f-475e-9457-b7c0d9ed487b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditMaximumNumberOfOwnersForASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4f11b553-d42e-4e3a-89be-32ca364cad4c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2",
        "NIST_SP_800-53_R4_AC-6",
        "NIST_SP_800-53_R4_AC-6(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditSQLManagedInstancesWithoutAdvancedDataSecurity",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/abfb7388-5bf4-4ad7-ba99-2cd2f41cebb9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AC-16",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditRemoteDebuggingStateForAFunctionApp",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0e60b895-3786-45da-8377-9c6b4b6ac5f9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditSQLServersWithoutAdvancedDataSecurity",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/abfb4388-5bf4-4ad7-ba82-2cd2f41ceae9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-16",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "89099bee-89e0-4b26-a5f4-165451757743",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/89099bee-89e0-4b26-a5f4-165451757743",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "4da35fc9-c9e7-4960-aec9-797fe7d9051d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4da35fc9-c9e7-4960-aec9-797fe7d9051d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_CM-7",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SC-3",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-3",
        "NIST_SP_800-53_R4_SI-3(1)",
        "NIST_SP_800-53_R4_SI-4",
        "NIST_SP_800-53_R4_SI-16"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorPossibleAppWhitelistingInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7",
        "NIST_SP_800-53_R4_CM-7(2)",
        "NIST_SP_800-53_R4_CM-7(5)",
        "NIST_SP_800-53_R4_CM-10",
        "NIST_SP_800-53_R4_CM-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "0ec47710-77ff-4a3d-9181-6aa50af424d0",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0ec47710-77ff-4a3d-9181-6aa50af424d0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6",
        "NIST_SP_800-53_R4_CP-6(1)",
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditVirtualMachinesWithoutDisasterRecoveryConfigured",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0015ea4d-51ff-4ce3-8d8c-f3f8f0179a56",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "013e242c-8828-4970-87b3-ab247555486d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/013e242c-8828-4970-87b3-ab247555486d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditAccountsWithOwnerPermissionsWhoAreNotMfaEnabledOnASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/aa633080-8b72-40c4-a2d7-d00c03e80bed",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditAccountsWithReadPermissionsWhoAreNotMfaEnabledOnASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e3576e28-8b17-4677-84c3-db2990658d64",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-2(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "6646a0bd-e110-40ca-bb97-84fcee63c414",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6646a0bd-e110-40ca-bb97-84fcee63c414",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(7)",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "Prerequisite_AddSystemIdentityWhenNone",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3cf2ab00-13f1-4d0c-8971-2ac904541a7e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_IA-5",
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4f4f78b8-e367-4b10-a341-d9a4ad5cf1c7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_IR-6(2)",
        "NIST_SP_800-53_R4_SI-4(12)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditOSVulnerabilitiesOnYourVirtualMachineScaleSetsInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3c735d8a-a4ba-4a3a-b7cf-db7754cf57f4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditStandardTierOfDDoSProtectionIsEnabledForAVirtualNetwork",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a7aca53f-2ed4-4466-a25e-0b45ade68efd",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditHttpsOnlyAccessForAFunctionApp",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6d555dd1-86f2-4f1c-8ed7-5abae7c6cbab",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0d134df8-db83-46fb-ad72-fe0c9428c8dd",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0d134df8-db83-46fb-ad72-fe0c9428c8dd",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorUnencryptedVMDisksInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditAnyMissingSystemUpdatesOnVirtualMachineScaleSetsInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c3f317a7-a95c-4547-b7e7-11017ebdf2fe",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditTheEndpointProtectionSolutionOnVirtualMachineScaleSetsInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-3",
        "NIST_SP_800-53_R4_SI-3",
        "NIST_SP_800-53_R4_SI-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditDeprecatedAccountsWithOwnerPermissionsOnASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ebb62a0c-3560-49e1-89ed-27e074e9f8ad",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorPossibleNetworkJustInTimeJITAccessInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-4(3)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditUsageOfCustomRBACRules",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a451c1ef-c6ca-483d-87ed-f49761e3ffb5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2",
        "NIST_SP_800-53_R4_AC-2(7)",
        "NIST_SP_800-53_R4_AC-6",
        "NIST_SP_800-53_R4_AC-6(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditRemoteDebuggingStateForAWebApplication",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cb510bfd-1cba-4d9f-a230-cb0976f4bb71",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "123a3936-f020-408a-ba0c-47873faf1534",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/123a3936-f020-408a-ba0c-47873faf1534",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7",
        "NIST_SP_800-53_R4_CM-7(2)",
        "NIST_SP_800-53_R4_CM-7(5)",
        "NIST_SP_800-53_R4_CM-10",
        "NIST_SP_800-53_R4_CM-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "48af4db5-9b8b-401c-8e74-076be876a430",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/48af4db5-9b8b-401c-8e74-076be876a430",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6",
        "NIST_SP_800-53_R4_CP-6(1)",
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditAccountsWithWritePermissionsWhoAreNotMfaEnabledOnASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9297c21d-2ed6-4474-b48f-163f75654ce3",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0da106f2-4ca3-48e8-bc85-c638fe6aea8f",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0da106f2-4ca3-48e8-bc85-c638fe6aea8f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2",
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "Prerequisite_AddSystemIdentityWhenUser",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/497dff13-db2a-4c0f-8603-28fa3b331ab6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_IA-5",
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "6e2593d9-add6-4083-9c9b-4b7d2188c899",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6e2593d9-add6-4083-9c9b-4b7d2188c899",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_IR-6(2)",
        "NIST_SP_800-53_R4_SI-4(12)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorOSVulnerabilitiesInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorUnprotectedNetworkEndpointsInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9daedab3-fb2d-461e-b861-71790eead4f6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditHttpsOnlyAccessForAWebApplication",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a4af4a39-4135-47fb-b175-47fbdf85311d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "048248b0-55cd-46da-b1ff-39efd52db260",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/048248b0-55cd-46da-b1ff-39efd52db260",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "AuditTransparentDataEncryptionStatus",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/17k78e20-9358-41c9-923c-fb736d382a12",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorMissingEndpointProtectionInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-3",
        "NIST_SP_800-53_R4_SI-3",
        "NIST_SP_800-53_R4_SI-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditExternalAccountsWithOwnerPermissionsOnASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f8456c1c-aa66-4dfb-861a-25d127b775c9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditRemoteDebuggingStateForAnAPIApp",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e9c8d085-d9cc-4b17-9cdc-059f1f01f19e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "0e6763cc-5078-4e64-889d-ff4d9a839047",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0e6763cc-5078-4e64-889d-ff4d9a839047",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "358c20a6-3f9e-4f0e-97ff-c6ce485e2aac",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/358c20a6-3f9e-4f0e-97ff-c6ce485e2aac",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "82339799-d096-41ae-8538-b108becf0970",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/82339799-d096-41ae-8538-b108becf0970",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6",
        "NIST_SP_800-53_R4_CP-6(1)",
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "2b9ad585-36bc-4615-b300-fd4435808332",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2b9ad585-36bc-4615-b300-fd4435808332",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2",
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "Prerequisite_DeployExtensionWindows",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/385f5831-96d4-41db-9a3c-cd3af78aaae6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_IA-5",
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0b15565f-aa9e-48ba-8619-45960f2c314d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0b15565f-aa9e-48ba-8619-45960f2c314d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_IR-6(2)",
        "NIST_SP_800-53_R4_SI-4(12)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorSQLVulnerabilityAssessmentResultsInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/feedbf84-6b99-488c-acc2-71c829aa5ffc",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditHttpsOnlyAccessForAnApiApp",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b7ddfbdc-1260-477d-91fd-98bd9be789a6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "cc9835f2-9f6b-4cc8-ab4a-f8ef615eb349",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cc9835f2-9f6b-4cc8-ab4a-f8ef615eb349",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorMissingSystemUpdatesInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "fc5e4038-4584-4632-8c85-c0448d374b2c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fc5e4038-4584-4632-8c85-c0448d374b2c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditExternalAccountsWithReadPermissionsOnASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5f76cf89-fbf2-47fd-a3f4-b891fa780b60",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "e71308d3-144b-4262-b144-efdc3cc90517",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e71308d3-144b-4262-b144-efdc3cc90517",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "7fe3b40f-802b-4cdd-8bd4-fd799c948cc2",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7fe3b40f-802b-4cdd-8bd4-fd799c948cc2",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "d62cfe2b-3ab0-4d41-980d-76803b58ca65",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d62cfe2b-3ab0-4d41-980d-76803b58ca65",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "0820b7b9-23aa-4725-a1ce-ae4558f718e5",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0820b7b9-23aa-4725-a1ce-ae4558f718e5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "c4d441f8-f9d9-4a9e-9cef-e82117cb3eef",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c4d441f8-f9d9-4a9e-9cef-e82117cb3eef",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2",
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_IA-2",
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "Prerequisite_DeployExtensionLinux",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/331e8ea8-378a-410f-a2e5-ae22f38bb0da",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_IA-5",
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ef2a8f2a-b3d9-49cd-a8a8-9a3aaaf647d9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "bd352bd5-2853-4985-bf0d-73806b4a5744",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bd352bd5-2853-4985-bf0d-73806b4a5744",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-5",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewAuditExternalAccountsWithWritePermissionsOnASubscription",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5c607a2e-c700-4744-8254-d77e7c9eb5e4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "f6de0be7-9a8a-4b8a-b349-43cf02d22f7c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f6de0be7-9a8a-4b8a-b349-43cf02d22f7c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "6581d072-105e-4418-827f-bd446d56421b",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6581d072-105e-4418-827f-bd446d56421b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "a4fe33eb-e377-4efb-ab31-0784311bc499",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a4fe33eb-e377-4efb-ab31-0784311bc499",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "PreviewMonitorVMVulnerabilitiesInAzureSecurityCenter",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/501541f7-f7e7-4cd6-868c-4190fdad3ac9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "6fac406b-40ca-413b-bf8e-0bf964659c25",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6fac406b-40ca-413b-bf8e-0bf964659c25",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "bb91dfba-c30d-4263-9add-9c2384e659a6",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bb91dfba-c30d-4263-9add-9c2384e659a6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "308fbb08-4ab8-4e67-9b29-592e93fb94fa",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/308fbb08-4ab8-4e67-9b29-592e93fb94fa",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "a3a6ea0c-e018-4933-9ef0-5aaa1501449b",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a3a6ea0c-e018-4933-9ef0-5aaa1501449b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "0a15ec92-a229-4763-bb14-0ea34a568f8d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0a15ec92-a229-4763-bb14-0ea34a568f8d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "2913021d-f2fd-4f3d-b958-22354e2bdbcb",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2913021d-f2fd-4f3d-b958-22354e2bdbcb",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ae89ebca-1c92-4898-ac2c-9f63decb045c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ae89ebca-1c92-4898-ac2c-9f63decb045c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8cb6aa8b-9e41-4f4e-aa25-089a7ac2581e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0e246bcf-5f6f-4f87-bc6f-775d4712c7ea",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0e246bcf-5f6f-4f87-bc6f-775d4712c7ea",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "c25d9a16-bc35-4e15-a7e5-9db606bf9ed4",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c25d9a16-bc35-4e15-a7e5-9db606bf9ed4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "d26f7642-7545-4e18-9b75-8c9bbdee3a9a",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d26f7642-7545-4e18-9b75-8c9bbdee3a9a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "e8cbc669-f12d-49eb-93e7-9273119e9933",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e8cbc669-f12d-49eb-93e7-9273119e9933",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "d158790f-bfb0-486c-8631-2dc6b4e8e6af",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d158790f-bfb0-486c-8631-2dc6b4e8e6af",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "83cef61d-dbd1-4b20-a4fc-5fbc7da10833",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/83cef61d-dbd1-4b20-a4fc-5fbc7da10833",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "523b5cd1-3e23-492f-a539-13118b6d1e3a",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/523b5cd1-3e23-492f-a539-13118b6d1e3a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d69b1763-b96d-40b8-a2d9-ca31e9fd0d3e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "6ba6d016-e7c3-4842-b8f2-4992ebc0d72d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6ba6d016-e7c3-4842-b8f2-4992ebc0d72d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "22730e10-96f6-4aac-ad84-9383d35b5917",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "e802a67a-daf5-4436-9ea6-f6d821dd0c5d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e802a67a-daf5-4436-9ea6-f6d821dd0c5d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "18adea5e-f416-4d0f-8aa8-d24321e3e274",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/18adea5e-f416-4d0f-8aa8-d24321e3e274",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "0564d078-92f5-4f97-8398-b9f58a51f70b",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0564d078-92f5-4f97-8398-b9f58a51f70b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "842c54e8-c2f9-4d79-ae8d-38d8b8019373",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/842c54e8-c2f9-4d79-ae8d-38d8b8019373",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "1b7aa243-30e4-4c9e-bca8-d0d3022b634a",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1b7aa243-30e4-4c9e-bca8-d0d3022b634a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f0e6e85b-9b9f-4a4b-b67b-f730d42f1b0b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0a1302fb-a631-4106-9753-f3d494733990",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0a1302fb-a631-4106-9753-f3d494733990",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "8dfab9c4-fe7b-49ad-85e4-1e9be085358f",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8dfab9c4-fe7b-49ad-85e4-1e9be085358f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "475aae12-b88a-4572-8b36-9b712b2b3a17",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/475aae12-b88a-4572-8b36-9b712b2b3a17",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "0049a6b3-a662-4f3e-8635-39cf44ace45a",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0049a6b3-a662-4f3e-8635-39cf44ace45a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "f9d614c5-c173-4d56-95a7-b4437057d193",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f9d614c5-c173-4d56-95a7-b4437057d193",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "7595c971-233d-4bcf-bd18-596129188c49",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7595c971-233d-4bcf-bd18-596129188c49",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "c3d20c29-b36d-48fe-808b-99a87530ad99",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c3d20c29-b36d-48fe-808b-99a87530ad99",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "2f2ee1de-44aa-4762-b6bd-0893fc3f306d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2f2ee1de-44aa-4762-b6bd-0893fc3f306d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "399b2637-a50f-4f95-96f8-3a145476eb15",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/399b2637-a50f-4f95-96f8-3a145476eb15",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "bdc59948-5574-49b3-bb91-76b7c986428d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bdc59948-5574-49b3-bb91-76b7c986428d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)",
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_IR-4",
        "NIST_SP_800-53_R4_IR-5",
        "NIST_SP_800-53_R4_RA-5",
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "04c4380f-3fae-46e8-96c9-30193528f602",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/04c4380f-3fae-46e8-96c9-30193528f602",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6",
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)",
        "NIST_SP_800-53_R4_SI-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4d24b6d4-5e53-4a4f-a7f4-618fa573ee4b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "295fc8b1-dc9f-4f53-9c61-3f313ceab40a",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/295fc8b1-dc9f-4f53-9c61-3f313ceab40a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "fb74e86f-d351-4b8d-b034-93da7391c01f",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fb74e86f-d351-4b8d-b034-93da7391c01f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-28",
        "NIST_SP_800-53_R4_SC-28(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "e8eef0a8-67cf-4eb4-9386-14b0e78733d4",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e8eef0a8-67cf-4eb4-9386-14b0e78733d4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "fdccbe47-f3e3-4213-ad5d-ea459b2fa077",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fdccbe47-f3e3-4213-ad5d-ea459b2fa077",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "9a1b8c48-453a-4044-86c3-d8bfd823e4f5",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9a1b8c48-453a-4044-86c3-d8bfd823e4f5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-8",
        "NIST_SP_800-53_R4_SC-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ca610c1d-041c-4332-9d88-7ed3094967c7",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ca610c1d-041c-4332-9d88-7ed3094967c7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "d9844e8a-1437-4aeb-a32c-0c992f056095",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d9844e8a-1437-4aeb-a32c-0c992f056095",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "9830b652-8523-49cc-b1b3-e17dce1127ca",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9830b652-8523-49cc-b1b3-e17dce1127ca",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "4b90e17e-8448-49db-875e-bd83fb6f804f",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4b90e17e-8448-49db-875e-bd83fb6f804f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "fb893a29-21bb-418c-a157-e99480ec364c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fb893a29-21bb-418c-a157-e99480ec364c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1bc1795e-d44a-4d48-9b3b-6fff0fd5f9ba",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "a1ad735a-e96f-45d2-a7b2-9a4932cab7ec",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a1ad735a-e96f-45d2-a7b2-9a4932cab7ec",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "7261b898-8a84-4db8-9e04-18527132abb3",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7261b898-8a84-4db8-9e04-18527132abb3",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "5bb220d9-2698-4ee4-8404-b9c30c9df609",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5bb220d9-2698-4ee4-8404-b9c30c9df609",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "496223c3-ad65-4ecd-878a-bae78737e9ed",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/496223c3-ad65-4ecd-878a-bae78737e9ed",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "eaebaea7-8013-4ceb-9d14-7eb32271373c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/eaebaea7-8013-4ceb-9d14-7eb32271373c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9d0b6ea4-93e2-4578-bf2f-6bb17d22b4bc",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0c192fe8-9cbb-4516-85b3-0ade8bd03886",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0c192fe8-9cbb-4516-85b3-0ade8bd03886",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "5f0f936f-2f01-4bf5-b6be-d423792fa562",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5f0f936f-2f01-4bf5-b6be-d423792fa562",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_RA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "88999f4c-376a-45c8-bcb3-4058f713cf39",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/88999f4c-376a-45c8-bcb3-4058f713cf39",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "6edd7eda-6dd8-40f7-810d-67160c639cd9",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6edd7eda-6dd8-40f7-810d-67160c639cd9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "7008174a-fd10-4ef0-817e-fc820a951d73",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7008174a-fd10-4ef0-817e-fc820a951d73",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "7698e800-9299-47a6-b3b6-5a0fee576eed",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7698e800-9299-47a6-b3b6-5a0fee576eed",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "7238174a-fd10-4ef0-817e-fc820a951d73",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7238174a-fd10-4ef0-817e-fc820a951d73",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "74c3584d-afae-46f7-a20a-6f8adba71a16",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/74c3584d-afae-46f7-a20a-6f8adba71a16",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "0fda3595-9f2b-4592-8675-4231d6fa82fe",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0fda3595-9f2b-4592-8675-4231d6fa82fe",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "cddd188c-4b82-4c48-a19d-ddf74ee66a01",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cddd188c-4b82-4c48-a19d-ddf74ee66a01",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "051cba44-2429-45b9-9649-46cec11c7119",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/051cba44-2429-45b9-9649-46cec11c7119",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "8b0323be-cc25-4b61-935d-002c3798c6ea",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8b0323be-cc25-4b61-935d-002c3798c6ea",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "f39f5f49-4abf-44de-8c70-0756997bfb51",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f39f5f49-4abf-44de-8c70-0756997bfb51",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "58440f8a-10c5-4151-bdce-dfbaad4a20b7",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/58440f8a-10c5-4151-bdce-dfbaad4a20b7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "7803067c-7d34-46e3-8c79-0ca68fc4036d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7803067c-7d34-46e3-8c79-0ca68fc4036d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "b8564268-eb4a-4337-89be-a19db070c59d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b8564268-eb4a-4337-89be-a19db070c59d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "df39c015-56a4-45de-b4a3-efe77bed320d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/df39c015-56a4-45de-b4a3-efe77bed320d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "1c06e275-d63d-4540-b761-71f364c2111d",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1c06e275-d63d-4540-b761-71f364c2111d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "1d320205-c6a1-4ac6-873d-46224024e8e2",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1d320205-c6a1-4ac6-873d-46224024e8e2",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b607c5de-e7d9-4eee-9e5c-83f1bcee4fa0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)",
        "NIST_SP_800-53_R4_AU-6(5)",
        "NIST_SP_800-53_R4_AU-12",
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "1ee56206-5dd1-42ab-b02d-8aae8b1634ce",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1ee56206-5dd1-42ab-b02d-8aae8b1634ce",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "72d11df1-dd8a-41f7-8925-b05b960ebafc",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/72d11df1-dd8a-41f7-8925-b05b960ebafc",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4",
        "NIST_SP_800-53_R4_AC-17",
        "NIST_SP_800-53_R4_AC-17(1)",
        "NIST_SP_800-53_R4_SC-7",
        "NIST_SP_800-53_R4_SC-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "bf045164-79ba-4215-8f95-f8048dc1780b",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bf045164-79ba-4215-8f95-f8048dc1780b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6",
        "NIST_SP_800-53_R4_CP-6(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "d38fc420-0735-4ef3-ac11-c806f651a570",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d38fc420-0735-4ef3-ac11-c806f651a570",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6",
        "NIST_SP_800-53_R4_CP-6(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "991310cd-e9f3-47bc-b7b6-f57b557d07db",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/991310cd-e9f3-47bc-b7b6-f57b557d07db",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "e2c1c086-2d84-4019-bff3-c44ccd95113c",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e2c1c086-2d84-4019-bff3-c44ccd95113c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "8c122334-9d20-4eb8-89ea-ac9a705b74ae",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8c122334-9d20-4eb8-89ea-ac9a705b74ae",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_SI-2",
        "NIST_SP_800-53_R4_SI-2(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1000",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2ef3cc79-733e-48ed-ab6f-7bf439e9b406",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1001",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4e26f8c3-4bf3-4191-b8fc-d888805101b7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1002",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/632024c2-8079-439d-a7f6-90af1d78cc65",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1003",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3b68b179-3704-4ff7-b51d-7d65374d165d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1004",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c17822dc-736f-4eb4-a97d-e6be662ff835",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1005",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5b626abc-26d4-4e22-9de8-3831818526b1",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1006",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/aae8d54c-4bce-4c04-b3aa-5b65b67caac8",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1007",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/17200329-bf6c-46d8-ac6d-abf4641c2add",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1008",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8356cfc6-507a-4d20-b818-08038011cd07",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1009",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b26f8610-e615-47c2-abd6-c00b2b0b503a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1010",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/784663a8-1eb0-418a-a98c-24d19bc1bb62",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1011",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7e6a54f3-883f-43d5-87c4-172dfd64a1f5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1012",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/efd7b9ae-1db6-4eb6-b0fe-87e6565f9738",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1013",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8fd7b917-d83b-4379-af60-51e14e316c61",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1014",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5dee936c-8037-4df1-ab35-6635733da48c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1015",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/544a208a-9c3f-40bc-b1d1-d7e144495c14",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1016",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d8b43277-512e-40c3-ab00-14b3b6e72238",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1017",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0fc3db37-e59a-48c1-84e9-1780cedb409e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1018",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c9121abf-e698-4ee9-b1cf-71ee528ff07f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1019",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6a3ee9b2-3977-459c-b8ce-2db583abd9f7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1020",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0b291ee8-3140-4cad-beb7-568c077c78ce",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1021",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9a3eb0a3-428d-4669-baff-20a14eb4b551",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(9)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1022",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/411f7e2d-9a0b-4627-a0b9-1700432db47d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(10)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1023",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e55698b6-3dea-4aa9-99b9-d8218c6ab6e5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(11)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1024",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/84914fb4-12da-4c53-a341-a9fd463bed10",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1025",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/adfe020d-0a97-45f4-a39c-696ef99f3a95",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(12)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1026",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/55419419-c597-4cd4-b51e-009fd2266783",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-2(13)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1027",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a76ca9b0-3f4a-4192-9a38-b25e4f8ae48c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1028",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f171df5c-921b-41e9-b12b-50801c315475",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1029",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/53ac8f8e-c2b5-4d44-8a2d-058e9ced9b69",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4(8)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1030",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d3531453-b869-4606-9122-29c1cd6e7ed1",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-4(21)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1031",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6b93a801-fe25-4574-a60d-cb22acffae00",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1032",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5aa85661-d618-46b8-a20f-ca40a86f0751",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1033",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/48540f01-fc11-411a-b160-42807c68896e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1034",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/02a5ed00-6d2e-4e97-9a98-46c32c057329",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1035",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ca94b046-45e2-444f-a862-dc8ce262a516",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1036",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9a16d673-8cf0-4dcf-b1d5-9b3e114fef71",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1037",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fa4c2a3d-1294-41a3-9ada-0e540471e9fb",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1038",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26692e88-71b7-4a5f-a8ac-9f31dd05bd8e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1039",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3a7b9de4-a8a2-4672-914d-c5f6752aa7f9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1040",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/54205576-cec9-463f-ba44-b4b3f5d0a84c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1041",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b3d8d15b-627a-4219-8c96-4d16f788888b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(8)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1042",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/319dc4f0-0fed-4ac9-8fc3-7aeddee82c07",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(9)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1043",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/361a77f6-0f9c-4748-8eec-bc13aaaa2455",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-6(10)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1044",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0abbac52-57cf-450d-8408-1208d0dd9e90",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1045",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/554d2dd6-f3a8-4ad5-b66f-5ce23bd18892",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1046",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0b1aa965-7502-41f9-92be-3e2fe7cc392a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-7(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1047",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1ff6d62-a55c-41ab-90ba-90bb5b7b6f62",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1048",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/483e7ca9-82b3-45a2-be97-b93163a0deb7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1049",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9adf7ba7-900a-4f35-8d57-9f34aafc405c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1050",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bd20184c-b4ec-4ce5-8db6-6e86352d183f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-10"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1051",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7cac6ee9-b58b-40c8-a5ce-f0efc3d9b339",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1052",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/027cae1c-ec3e-4492-9036-4168d540c42a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1053",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7582b19c-9dba-438e-aed8-ede59ac35ba3",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-11(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1054",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5807e1b4-ba5e-4718-8689-a0ca05a191b2",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1055",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/769efd9b-3587-4e22-90ce-65ddcd5bd969",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1056",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ac43352f-df83-4694-8738-cfce549fd08d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1057",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/78255758-6d45-4bf0-a005-7016bc03b13c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-14"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1058",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/76e85d08-8fbb-4112-a1c1-93521e6a9254",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-14"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1059",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a29b5d9f-4953-4afe-b560-203a6410b6b4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1060",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/34a987fd-2003-45de-a120-014956581f2b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1061",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7ac22808-a2e8-41c4-9d46-429b50738914",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1062",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4708723f-e099-4af1-bbf9-b6df7642e444",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1063",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/593ce201-54b2-4dd0-b34f-c308005d7780",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1064",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/eb4d9508-cbf0-4a3c-bb5c-6c95b159f3fb",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1065",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f87b8085-dca9-4cf1-8f7b-9822b997797c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1066",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4455c2e8-c65d-4acf-895e-304916f90b36",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-17(9)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1067",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5c5e54f6-0127-44d0-8b61-f31dc8dd6190",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-18"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1068",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2d045bca-a0fd-452e-9f41-4ec33769717c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-18"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1069",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/91c97b44-791e-46e9-bad7-ab7c4949edbb",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-18(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1070",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/68f837d0-8942-4b1e-9b31-be78b247bda8",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-18(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1071",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1a437f5b-9ad6-4f28-8861-de404d511ae4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-18(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1072",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1ca29e41-34ec-4e70-aba9-6248aca18c31",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-18(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1073",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ab55cdb0-c7dd-4bd8-ae22-a7cea7594e9c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-19"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1074",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/27a69937-af92-4198-9b86-08d355c7e59a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-19"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1075",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fc933d22-04df-48ed-8f87-22a3773d4309",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-19(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1076",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/98a4bd5f-6436-46d4-ad00-930b5b1dfed4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-20"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1077",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2dad3668-797a-412e-a798-07d3849a7a79",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-20"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1078",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b25faf85-8a16-4f28-8e15-d05c0072d64d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-20(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1079",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/85c32733-7d23-4948-88da-058e2c56b60f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-20(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1080",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/852981b4-a380-4704-aa1e-2e52d63445e5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-20(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1081",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3867f2a9-23bb-4729-851f-c3ad98580caf",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-21"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1082",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/24d480ef-11a0-4b1b-8e70-4e023bf2be23",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-21"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1083",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4e319cb6-2ca3-4a58-ad75-e67f484e50ec",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-22"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1084",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d0eb15db-dd1c-4d1d-b200-b12dd6cd060c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-22"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1085",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/13d117e0-38b0-4bbb-aaab-563be5dd10ba",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-22"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1086",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fb321e6f-16a0-4be3-878f-500956e309c5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AC-22"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1087",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/100c82ba-42e9-4d44-a2ba-94b209248583",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1088",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1d50f99d-1356-49c0-934a-45f742ba7783",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1089",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ef080e67-0d1a-4f76-a0c5-fb9b0358485e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1090",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2fb740e5-cbc7-4d10-8686-d1bf826652b1",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1091",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b23bd715-5d1c-4e5c-9759-9cbdf79ded9d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1092",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8a29d47b-8604-4667-84ef-90d203fcb305",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-2(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1093",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7a0bdeeb-15f4-47e8-a1da-9f769f845fdf",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1094",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4b1853e0-8973-446b-b567-09d901d31a09",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1095",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bc3f6f7a-057b-433e-9834-e8c97b0194f6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1096",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/420c1477-aa43-49d0-bd7e-c4abdd9addff",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-3(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1097",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cf3e4836-f19e-47eb-a8cd-c3ca150452c0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-3(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1098",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/84363adb-dde3-411a-9fc1-36b56737f822",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1099",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/01910bab-8639-4bd0-84ef-cc53b24d79ba",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AT-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1100",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4057863c-ca7d-47eb-b1e0-503580cba8a4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1101",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7327b708-f0e0-457d-9d2a-527fcc9c9a65",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1102",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9943c16a-c54c-4b4a-ad28-bfd938cdbf57",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1103",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/16feeb31-6377-437e-bbab-d7f73911896d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1104",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cdd8d244-18b2-4306-a1d1-df175ae0935f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1105",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5b73f57b-587d-4470-a344-0b0ae805f459",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1106",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d2b4feae-61ab-423f-a4c5-0e38ac4464d8",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-2(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1107",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b29ed931-8e21-4779-8458-27916122a904",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1108",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f9ad559e-c12d-415e-9a78-e50fdd7da7ba",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1109",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7d9ffa23-ad92-4d0d-b1f4-7db274cc2aec",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-3(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1110",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6182bfa7-0f2a-43f5-834a-a2ddf31c13c7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1111",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/21de687c-f15e-4e51-bf8d-f35c8619965b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1112",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d530aad8-4ee2-45f4-b234-c061dae683c0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1113",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/562afd61-56be-4313-8fe4-b9564aa4ba7d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1114",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4c090801-59bc-4454-bb33-e0455133486a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-5(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1115",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0b653845-2ad9-4e09-a4f3-5a7c1d78353d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1116",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5e47bc51-35d1-44b8-92af-e2f2d8b67635",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1117",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7fbfe680-6dbb-4037-963c-a621c5635902",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1118",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a96f743d-a195-420d-983a-08aa06bc441e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1119",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/845f6359-b764-4b40-b579-657aefe23c44",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1120",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c69b870e-857b-458b-af02-bb234f7a00d3",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1121",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c72b0eb9-1fc2-44e5-a866-e7cb0532f7c1",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1122",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/243ec95e-800c-49d4-ba52-1fdd9f6b8b57",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1123",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/03996055-37a4-45a5-8b70-3f1caa45f87d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-6(10)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1124",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c10152dd-78f8-4335-ae2d-ad92cc028da4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1125",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c6ce745a-670e-47d3-a6c4-3cfe5ef00c10",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1126",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7f37f71b-420f-49bf-9477-9c0196974ecf",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-7(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1127",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3ce328db-aef3-48ed-9f81-2ab7cf839c66",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1128",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ef212163-3bc4-4e86-bcf8-705127086393",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1129",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/71bb965d-4047-4623-afd4-b8189a58df5d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1130",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fd7c4c1d-51ee-4349-9dab-89a7f8c8d102",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1131",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b472a17e-c2bc-493f-b50b-42d55a346962",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1132",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/05938e10-cdbd-4a54-9b2b-1cbcfc141ad0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-9(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1133",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/90b60a09-133d-45bc-86ef-b206a6134bbe",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-9(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1134",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4e95f70e-181c-4422-9da2-43079710c789",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-9(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1135",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9c308b6b-2429-4b97-86cf-081b8e737b04",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-10"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1136",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/97ed5bac-a92f-4f6d-a8ed-dc094723597c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1137",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4344df62-88ab-4637-b97b-bcaf2ec97e7c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1138",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9c284fc0-268a-4f29-af44-3c126674edb4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1139",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4ed62522-de00-4dda-9810-5205733d2f34",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-12"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1140",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/90d8b8ad-8ee3-4db7-913f-2a53fcff5316",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-12(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1141",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6fdefbf4-93e7-4513-bc95-c1858b7093e0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_AU-12(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1142",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/01524fa8-4555-48ce-ba5f-c3b8dcef5147",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1143",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7c6de11b-5f51-4f7c-8d83-d2467c8a816e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1144",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2fa15ff1-a693-4ee4-b094-324818dc9a51",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1145",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a0724970-9c75-4a64-a225-a28002953f28",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1146",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/dd83410c-ecb6-4547-8f14-748c3cbdc7ac",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1147",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8fef824a-29a8-4a4c-88fc-420a39c0d541",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1148",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/28e62650-c7c2-4786-bdfa-17edc1673902",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1149",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2e1b855b-a013-481a-aeeb-2bcb129fd35d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-2(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1150",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d630429d-e763-40b1-8fba-d20ba7314afb",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-2(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1151",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/347e3b69-7fb7-47df-a8ef-71a1a7b44bca",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1152",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/beff0acf-7e67-40b2-b1ca-1a0e8205cf1b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1153",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/61cf3125-142c-4754-8a16-41ab4d529635",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1154",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e757ceb9-93b3-45fe-a4f4-f43f64f1ac5a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-3(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1155",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4d33f9f1-12d0-46ad-9fbd-8f8046694977",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-3(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1156",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4d52e864-9a3b-41ee-8f03-520815fe5378",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1157",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/15495367-cf68-464c-bbc3-f53ca5227b7a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1158",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fff50cf2-28eb-45b4-b378-c99412688907",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1159",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0925f098-7877-450b-8ba4-d1e55f2d8795",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1160",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3e797ca6-2aa8-4333-b335-7036f1110c05",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1161",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e2f8f6c6-dde4-436b-a79d-bc50e129eb3a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1162",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5770f3d6-8c2b-4f6f-bf0e-c8c8fc36d592",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1163",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/961663a1-8a91-4e59-b6f5-1eee57c0f49c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1164",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0fb8d3ce-9e96-481c-9c68-88d4e3019310",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1165",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47e10916-6c9e-446b-b0bd-ff5fd439d79d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1166",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bb02733d-3cc5-4bb0-a6cd-695ba2c2272e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1167",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cbb2be76-4891-430b-95a7-ca0b0a3d1300",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1168",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/82409f9e-1f32-4775-bf07-b99d53a91b06",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1169",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e7ba2cb3-5675-4468-8b50-8486bdd998a5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1170",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8b78b9b3-ee3c-48e0-a243-ed6dba5b7a12",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1171",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6d4820bc-8b61-4982-9501-2123cb776c00",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1172",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b43e946e-a4c8-4b92-8201-4a39331db43c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1173",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c4aff9e7-2e60-46fa-86be-506b79033fc5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CA-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1174",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/42a9a714-8fbb-43ac-b115-ea12d2bd652f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1175",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6dab4254-c30d-4bb7-ae99-1d21586c063c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1176",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c30690a5-7bf3-467f-b0cd-ef5c7c7449cd",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1177",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/63dbc7a8-e20b-4d38-b857-a7f6c0cd94bc",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1178",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7818b8f4-47c6-441a-90ae-12ce04e99893",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1179",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3f9ce557-c8ab-4e6c-bb2c-9b8ed002c46c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1180",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/874e7880-a067-42a7-bcbe-1a340f54c8cc",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-2(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1181",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/21839937-d241-4fa5-95c6-b669253d9ab9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-2(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1182",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4f34f554-da4b-4786-8d66-7915c90893da",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-2(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1183",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5352e3e0-e63a-452e-9e5f-9c1d181cff9c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-2(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1184",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/13579d0e-0ab0-4b26-b0fb-d586f6d7ed20",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1185",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6420cd73-b939-43b7-9d99-e8688fea053c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1186",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b95ba3bd-4ded-49ea-9d10-c6f4b680813d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1187",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9f2b2f9e-4ba6-46c3-907f-66db138b6f85",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1188",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bb20548a-c926-4e4d-855c-bcddc6faf95e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1189",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ee45e02a-4140-416c-82c4-fecfea660b9d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1190",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c66a3d1e-465b-4f28-9da5-aef701b59892",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1191",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7f26a61b-a74d-467c-99cf-63644db144f7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1192",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4ebd97f7-b105-4f50-8daf-c51465991240",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1193",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f5fd629f-3075-4cae-ab53-bad65495a4ac",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1194",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bc34667f-397e-4a65-9b72-d0358f0b6b09",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1195",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d1e1d65c-1013-4484-bd54-991332e6a0d2",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1196",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4e7f4ea4-dd62-44f6-8886-ac6137cf52b0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1197",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a20d2eaa-88e2-4907-96a2-8f3a05797e5c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1198",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f56be5c3-660b-4c61-9078-f67cf072c356",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1199",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a9a08d1c-09b1-48f1-90ea-029bbdf7111e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-3(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1200",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e98fe9d7-2ed3-44f8-93b7-24dca69783ff",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1201",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7daef997-fdd3-461b-8807-a608a6dd70f1",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-4(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1202",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/40a2a83b-74f2-4c02-ae65-f460a5d2792a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1203",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f9012d14-e3e6-4d7b-b926-9f37b5537066",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1204",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0f4f6750-d1ab-4a4c-8dfd-af3237682665",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-5(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1205",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5b070cab-0fb8-4e48-ad29-fc90b4c2797c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-5(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1206",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e0de232d-02a0-4652-872d-88afb4ae5e91",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-5(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1207",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8713a0ed-0d1e-4d10-be82-83dffb39830e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-5(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1208",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5ea87673-d06b-456f-a324-8abcee5c159f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1209",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ce669c31-9103-4552-ae9c-cdef4e03580d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1210",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3502c968-c490-4570-8167-1476f955e9b8",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1211",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6a8b9dc8-6b00-4701-aa96-bba3277ebf50",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1212",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/56d970ee-4efc-49c8-8a4e-5916940d784c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1213",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/81f11e32-a293-4a58-82cd-134af52e2318",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-6(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1214",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f714a4e2-b580-47b6-ae8c-f2812d3750f3",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1215",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/88fc93e8-4745-4785-b5a5-b44bb92c44ff",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1216",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7894fe6a-f5cb-44c8-ba90-c3f254ff9484",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1217",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/edea4f20-b02c-4115-be75-86c080e5c0ed",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1218",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4a1d0394-b9f5-493e-9e83-563fd0ac4df8",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1219",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2a39ac75-622b-4c88-9a3f-45b7373f7ef7",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1220",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c40f31a7-81e1-4130-99e5-a02ceea2a1d6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1221",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22589a07-0007-486a-86ca-95355081ae2a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-7(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1222",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fb39e62f-6bda-4558-8088-ec03d5670914",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1223",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/05a1bb01-ad5a-49c1-aad3-b0c893b2ec3a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1224",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/28cfa30b-7f72-47ce-ba3b-eed26c8d2c82",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1225",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8d096fe0-f510-4486-8b4d-d17dc230980b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-8(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1226",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c158eb1c-ae7e-4081-8057-d527140c4e0c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-8(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1227",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/03b78f5e-4877-4303-b0f4-eb6583f25768",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-8(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1228",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/39c54140-5902-4079-8bb5-ad31936fe764",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-8(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1229",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/03752212-103c-4ab8-a306-7e813022ca9d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-8(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1230",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/11158848-f679-4e9b-aa7b-9fb07d945071",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1231",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/244e0c05-cc45-4fe7-bf36-42dcf01f457d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1232",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/396ba986-eac1-4d6d-85c4-d3fda6b78272",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1233",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9d79001f-95fe-45d0-8736-f217e78c1f57",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1234",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b293f881-361c-47ed-b997-bc4e2296bc0b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-10"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1235",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/c49c610b-ece4-44b3-988c-2172b70d6e46",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-10"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1236",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9ba3ed84-c768-4e18-b87c-34ef1aff1b57",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-10"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1237",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e80b6812-0bfa-4383-8223-cdd86a46a890",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-10(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1238",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a36cedd4-3ffd-4b1f-8b18-aa71d8d87ce1",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1239",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0be51298-f643-4556-88af-d7db90794879",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1240",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/129eb39f-d79a-4503-84cd-92f036b5e429",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-11"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1241",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/eca4d7b2-65e2-4e04-95d4-c68606b063c3",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CM-11(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1242",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cf3b3293-667a-445e-a722-fa0b0afc0958",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1243",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ca9a4469-d6df-4ab2-a42f-1213c396f0ec",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1244",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6a13a8f8-c163-4b1b-8554-d63569dab937",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1245",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a0e45314-57b8-4623-80cd-bbb561f59516",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1246",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/398eb61e-8111-40d5-a0c9-003df28f1753",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1247",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4e666db5-b2ef-4b06-aac6-09bfce49151b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1248",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/50fc602d-d8e0-444b-a039-ad138ee5deb0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1249",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d3bf4251-0818-42db-950b-afd5b25a51c2",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1250",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8de614d8-a8b7-4f70-a62a-6d37089a002c",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1251",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/5e2b3730-8c14-4081-8893-19dbb5de7348",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1252",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a328fd72-8ff5-4f96-8c9c-b30ed95db4ab",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1253",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0afce0b3-dd9f-42bb-af28-1e4284ba8311",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1254",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/704e136a-4fe0-427c-b829-cd69957f5d2b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1255",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f3793f5e-937f-44f7-bfba-40647ef3efa0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1256",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/232ab24b-810b-4640-9019-74a7d0d6a980",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-2(8)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1257",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b958b241-4245-4bd6-bd2d-b8f0779fb543",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1258",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7814506c-382c-4d33-a142-249dd4a0dbff",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1259",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9d9e18f7-bad9-4d30-8806-a0c9d5e26208",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1260",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/42254fc4-2738-4128-9613-72aaa4f0d9c3",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-3(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1261",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/65aeceb5-a59c-4cb1-8d82-9c474be5d431",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1262",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/831e510e-db41-4c72-888e-a0621ab62265",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1263",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/41472613-3b05-49f6-8fe8-525af113ce17",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1264",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/dd280d4b-50a1-42fb-a479-ece5878acf19",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-4(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1265",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a18adb5b-1db6-4a5b-901a-7d3797d12972",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-4(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1266",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3b4a3eb2-c25d-40bf-ad41-5094b6f59cee",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-4(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1267",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4e97ba1d-be5d-4953-8da4-0cccf28f4805",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1268",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/23f6e984-3053-4dfc-ab48-543b764781f5",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1269",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/19b9439d-865d-4474-b17d-97d2702fdb66",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1270",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/53c76a39-2097-408a-b237-b279f7b4614d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1271",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/da3bfb53-9c46-4010-b3db-a7ba1296dada",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-6(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1272",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ae46cf7a-e3fd-427b-9b91-44bc78e2d9d8",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1273",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e77fcbf2-a1e8-44f1-860e-ed6583761e65",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1274",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2aee175f-cd16-4825-939a-a85349d96210",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1275",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a23d9d53-ad2e-45ef-afd5-e6d10900a737",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-7(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1276",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e214e563-1206-4a43-a56b-ac5880c9c571",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-7(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1277",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/dc43e829-3d50-4a0a-aa0f-428d551862aa",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-7(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1278",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8e5ef485-9e16-4c53-a475-fbb8107eac59",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-7(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1279",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7d00bcd6-963d-4c02-ad8e-b45fa50bf3b0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1280",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fa108498-b3a8-4ffb-9e79-1107e76afad3",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1281",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8dc459b3-0e77-45af-8d71-cfd8c9654fe2",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1282",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/34042a97-ec6d-4263-93d2-8c1c46823b2a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-8(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1283",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a9172e76-7f56-46e9-93bf-75d69bdb5491",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-8(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1284",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/942b3e97-6ae3-410e-a794-c9c999b97c0b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-8(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1285",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/01f7726b-db54-45c2-bcb5-9bd7a43796ee",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-8(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1286",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b4f9b47a-2116-4e6f-88db-4edbf22753f1",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-8(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1287",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/819dc6da-289d-476e-8500-7e341ef8677d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1288",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8d854c3b-a3e6-4ec9-9f0c-c7274dbaeb2f",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1289",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7a724864-956a-496c-b778-637cb1d762cf",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1290",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/92f85ce9-17b7-49ea-85ee-ea7271ea6b82",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1291",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6d8fd073-9c85-4ee2-a9d0-2e4ec9eb8912",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1292",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d03516cf-0293-489f-9b32-a18f2a79f836",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1293",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/87f7cd82-2e45-4d0f-9e2f-586b0962d142",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1294",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/49dbe627-2c1e-438c-979e-dd7a39bbf81d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-9(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1295",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a895fbdb-204d-4302-9689-0a59dc42b3d9",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-10"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1296",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e57b98a0-a011-4956-a79d-5d17ed8b8e48",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-10(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1297",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/93fd8af1-c161-4bae-9ba9-f62731f76439",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_CP-10(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1298",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1dc784b5-4895-4d27-9d40-a06b032bd1ee",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1299",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fd4e54f7-9ab0-4bae-b6cc-457809948a89",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-1"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1300",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/99deec7d-5526-472e-b07c-3645a792026a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1301",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b6a8e0cc-ac23-468b-abe4-a8a1cc6d7a08",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1302",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/09828c65-e323-422b-9774-9d5c646124da",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1303",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/80ca0a27-918a-4604-af9e-723a27ee51e8",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1304",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6ca71be3-16cb-4d39-8b50-7f8fd5e2f11b",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1305",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9d9166a8-1722-4b8f-847c-2cf3f2618b3d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(5)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1306",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/cafc6c3c-5fc5-4c5e-a99b-a0ccb1d34eff",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(8)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1307",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/84e622c8-4bed-417c-84c6-b2fb0dd73682",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(9)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1308",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/81817e1c-5347-48dd-965a-40159d008229",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(11)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1309",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f355d62b-39a8-4ba3-abf7-90f71cb3b000",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-2(12)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1310",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/450d7ede-823d-4931-a99d-57f6a38807dc",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-3"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1311",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e7568697-0c9e-4ea3-9cec-9e567d14f3c6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1312",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/4d6a5968-9eef-4c18-8534-376790ab7274",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1313",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/36220f5b-79a1-4cdb-8c74-2d2449f9a510",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1314",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/ef0c8530-efd9-45b8-b753-f03083d06295",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1315",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3aa87116-f1a1-4edb-bfbf-14e036f8d454",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-4"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1316",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8ce14753-66e5-465d-9841-26ef55c09c0d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-4(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1317",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8877f519-c166-47b7-81b7-8a8eb4ff3775",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1318",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/fced5fda-3bdb-4d73-bfea-0e2c80428b66",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1319",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/66f7ae57-5560-4fc5-85c9-659f204e7a42",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1320",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6f54c732-71d4-4f93-a696-4e373eca3a77",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1321",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/eb627cc6-3a9d-46b5-96b7-5fca49178a37",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1322",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/9d1d971e-467e-4278-9633-c74c3d4fecc4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1323",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/abe8f70b-680f-470c-9b86-a7edfb664ecc",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1324",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8cfea2b3-7f77-497e-ac20-0752f2ff6eee",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1325",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/1845796a-7581-49b2-ae20-443121538e19",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1326",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/8605fc00-1bf5-4fb3-984e-c95cec4f231d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1327",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/03188d8f-1ae5-4fe1-974d-2d7d32ef937d",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1328",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f5c66fdc-3d02-4034-9db5-ba57802609de",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1329",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/498f6234-3e20-4b6a-a880-cbd646d973bd",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1330",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f75cedb2-5def-4b31-973e-b69e8c7bd031",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1331",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/05460fe2-301f-4ed1-8174-d62c8bb92ff4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1332",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/068260be-a5e6-4b0a-a430-cd27071c226a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1333",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/3298d6bf-4bc6-4278-a95d-f7ef3ac6e594",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1334",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44bfdadc-8c2e-4c30-9c99-f005986fabcd",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1335",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/382016f3-d4ba-4e15-9716-55077ec4dc2a",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1336",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/77f56280-e367-432a-a3b9-8ca2aa636a26",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1337",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/463e5220-3f79-4e24-a63f-343e4096cd22",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1338",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/6c59a207-6aed-41dc-83a2-e1ff66e4a4db",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1339",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/367ae386-db7f-4167-b672-984ff86277c0",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(6)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1340",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e51ff84b-e5ea-408f-b651-2ecc2933e4c6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(7)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1341",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/34cb7e92-fe4c-4826-b51e-8cd203fa5d35",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(8)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1342",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/283a4e29-69d5-4c94-b99e-29acf003c899",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(11)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1343",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2c251a55-31eb-4e53-99c6-e9c43c393ac2",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-5(13)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1344",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2c895fe7-2d8e-43a2-838c-3a533a5b355e",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-6"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1345",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/f86aa129-7c07-4aa4-bbf5-792d93ffd9ea",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-7"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1346",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/464dc8ce-2200-4720-87a5-dc5952924cc6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-8"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1347",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/131a2706-61e9-4916-a164-00e052056462",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-8(1)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1348",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/855ced56-417b-4d74-9d5f-dd1bc81e22d6",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-8(2)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1349",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/17641f70-94cd-4a5d-a613-3d1143e20e34",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-8(3)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1350",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/d77fd943-6ba6-4a21-ba07-22b03e347cc4",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IA-8(4)"
      ]
    },
    {
      "policyDefinitionReferenceId": "ACF1351",
      "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/bcfb6683-05e5-4ce6-9723-c3fbe9896bdd",
      "parameters": {},
      "groupNames": [
        "NIST_SP_800-53_R4_IR-1"