| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1685 - Information System Monitoring | ||
| Id | 36b0ef30-366f-4b1b-8652-a3511df11f53 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Information Integrity control | ||
| Additional metadata |
Name/Id: ACF1685 / Microsoft Managed Control 1685 Category: System and Information Integrity Title: Information System Monitoring - Strategic Device Deployment Ownership: Customer, Microsoft Description: The organization: Deploys monitoring devices: Strategically within the information system to collect organization-determined essential information; and At ad hoc locations within the system to track specific types of transactions of interest to the organization; Requirements: All assets act as monitoring devices and are configured to log all security-relevant events. Suspicious events generate alerts and notifications to service team staff and incident management staff as needed. Azure assets are configured to upload their logs to a central repository managed by C+AI Security. These logs are aggregated and reports are generated by the Security Response Team. Because of the extensive centralizated management of all audit logs, Azure has determined that there is no need for ad-hoc deployment of monitoring devices. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|