| Source | Azure Portal | ||||||||||||||||||||||
| Display name | Microsoft Managed Control 1538 - Security Categorization | ||||||||||||||||||||||
| Id | 1d7658b2-e827-49c3-a2ae-6d2bd0b45874 | ||||||||||||||||||||||
| Version | 1.0.0 Details on versioning |
||||||||||||||||||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||||||||||||||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||||||||||||||||||
| Description | Microsoft implements this Risk Assessment control | ||||||||||||||||||||||
| Additional metadata |
Name/Id: ACF1538 / Microsoft Managed Control 1538 Category: Risk Assessment Title: Security Categorization - Categorize in Accordance with Federal Laws/Policies Ownership: Customer, Microsoft Description: The organization: Categorizes information and the information system in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance; Requirements: Microsoft has completed a system categorization of the Azure information and information system in accordance Federal Information Processing Standards (FIPS) 199, Standards for Security Categorization of Federal Information and Information Systems, National Institute of Standards and Technology (NIST) Special Publication (SP) 800-60 Rev. 1, Guide for Mapping Types of Information and Information Systems to Security Categories, Committee on National Security Systems Instruction (CNSSI) 1253, and Intelligence Community Directive (ICD) 503. Azure completed a Security Authorization package that undergoes the process for a Provisional Authorization to operate at a High/High/High impact level with appropriate security control overlays. Security categorization is a function of the data and the system. Azure is categorized as a FedRAMP High and DoD IL2 system. |
||||||||||||||||||||||
| Mode | Indexed | ||||||||||||||||||||||
| Type | Static | ||||||||||||||||||||||
| Preview | False | ||||||||||||||||||||||
| Deprecated | False | ||||||||||||||||||||||
| Effect | Fixed audit |
||||||||||||||||||||||
| RBAC role(s) | none | ||||||||||||||||||||||
| Rule aliases | none | ||||||||||||||||||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||||||||||||||||||||||
| Compliance |
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1538 - Security Categorization' (1d7658b2-e827-49c3-a2ae-6d2bd0b45874)
| ||||||||||||||||||||||
| Initiatives usage |
|
||||||||||||||||||||||
| History | none | ||||||||||||||||||||||
| JSON compare | n/a | ||||||||||||||||||||||
| JSON |
|