| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1123 - Audit Review, Analysis, And Reporting | Audit Level Adjustment | ||
| Id | 03996055-37a4-45a5-8b70-3f1caa45f87d | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Audit and Accountability control | ||
| Additional metadata |
Name/Id: ACF1123 / Microsoft Managed Control 1123 Category: Audit and Accountability Title: Audit Review, Analysis, And Reporting | Audit Level Adjustment Ownership: Customer, Microsoft Description: The organization adjusts the level of audit review, analysis, and reporting within the information system when there is a change in risk based on law enforcement information, intelligence information, or other credible sources of information. Requirements: Azure Security receives alerts from vendor websites, other third-party services such as Internet Security Systems, US-CERT advisories and alerts, and Microsoft-published bulletins and adjusts the level of auditing in two ways - first, Azure notifies Azure service teams if a change in the level of monitoring is necessary due to indications of increased risk, and service teams adjust monitoring accordingly. Second, Azure tailors detections to look for specific threats based on the nature of the risk to Azure operations and assets. When circumstances dictate a review of the auditing procedures, such as a change in risk level based on law enforcement information, intelligence information, or other credible sources of information as provided, the C+AI Security team may make the decision to modify the audit procedures, including stakeholders from the Security Response Team, Security Governance Platform, Compliance, Risk, Architecture, Threat, and Strategy, Security Architecture, and Security Engineering. C+AI Security may also make updates whenever a change occurs in the threat environment as defined by authoritative sources. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|