| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1515 - Personnel Termination | ||
| Id | 02dd141a-a2b2-49a7-bcbd-ca31142f6211 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Personnel Security control | ||
| Additional metadata |
Name/Id: ACF1515 / Microsoft Managed Control 1515 Category: Personnel Security Title: Personnel Termination - Disable Access within Defined Time Period Ownership: Customer, Microsoft Description: The organization, upon termination of individual employment: Disables information system access within four (4) hours; Requirements: Microsoft HR and Azure management ensure personnel termination is handled appropriately. For voluntary terminations, on the last day of employment, the individual is terminated from the HR system via a Termination Transaction ticket entered in the Employee/Manager Self Service Tool by the employee, manager, group administrator, or equivalent personnel with work-on-behalf privileges. For involuntary terminations, the request is submitted by the aligned HR Employee Relations Manager to the Central HR Operations team for processing. Once entered, voluntary termination requests are approved by the individual’s manager, group administrator, or equivalent personnel with work-on-behalf privileges. Once the transaction has been entered and approved, Microsoft Accounts and Security teams are notified and access to information systems is disabled. Human Resources is also notified of the termination request. For voluntary terminations, access is disabled on the last day of employment, barring any special considerations such as security concerns or if the employee is leaving for a competitor. For involuntary terminations, an urgent request for access termination is submitted via email from HR and access is disabled within four (4) hours. Terminations are communicated to personnel required to remove information system and physical access to facilities via the Manager Self-Service termination transaction process and/or urgent terminations email template. The supervisor or/and Business Administrators are responsible for ensuring that all local access to Azure physical components is removed. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|