last sync: 2024-Nov-25 18:54:24 UTC

Microsoft Managed Control 1397 - Controlled Maintenance | Regulatory Compliance - Maintenance

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1397 - Controlled Maintenance
Id 391af4ab-1117-46b9-b2c7-78bbd5cd995b
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Maintenance control
Additional metadata Name/Id: ACF1397 / Microsoft Managed Control 1397
Category: Maintenance
Title: Controlled Maintenance - Approval And Monitoring
Ownership: Customer, Microsoft
Description: The organization: Approves and monitors all maintenance activities, whether performed on site or remotely and whether the equipment is serviced on site or removed to another location;
Requirements: Critical Environment Equipment Datacenter Management consists of Microsoft personnel who serve in the following roles: Datacenter Campus Director, Datacenter Operations Manager (DCOM), IT Operations Manager (ITOM), Critical Environment Operations Manager (CEOM), Senior Electrical Engineer (EE), Senior Mechanical Engineer (ME), Critical Environment Program Manager (CEPM), Instrumentation Engineer (IE), EHS Manager, Energy Marshall, and Datacenter Project Manager (DCPM). The CEOM, CEPM, EE and ME are responsible for work occurring in the DC critical environment. CE maintenance is prescribed in required step by step documents called Methods of Procedure (MOP). MOPs are reviewed and approved by datacenter management prior to any work beginning. MOPs serve as the checklist for the maintenance procedure and the documentation of the work completed. CE maintenance is performed in areas of the datacenter that are controlled and protected by physical security mechanisms, including, but not limited to, approved access, cameras, multifactor authentication, access badges, biometrics, and security patrols. Site Services The DCOM, ITOM and/or SOM are responsible for all Site Services work that occurs in the datacenter or for work that requires the asset to be transferred offsite. Site Services maintenance is performed in areas of the datacenter that are controlled and protected by physical security mechanisms (e.g. approved access, cameras, 2FA: access badges, biometrics, security patrols).
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC