| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1463 - Monitoring Physical Access | ||
| Id | 59721f87-ae25-4db0-a2a4-77cc5b25d495 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Physical and Environmental Protection control | ||
| Additional metadata |
Name/Id: ACF1463 / Microsoft Managed Control 1463 Category: Physical and Environmental Protection Title: Monitoring Physical Access - Coordinate Reviews And Investigations with Incident Response Ownership: Microsoft Description: The organization: Coordinates results of reviews and investigations with the organizational incident response capability. Requirements: Security events that occur within the datacenter are documented by the security team in a report called a Significant Event Notification (SEN). SEN reports capture the details of a security event and are required to be documented after an event occurs in order to capture details as accurately as possible. SEN reports also contain the investigative analysis conducted in an After Action Report (AAR). AAR reports document the investigation into a security event and attempts to identify the root cause of the event. Additionally, any remediation actions or lessons learned are also included in the AAR, so that security procedures can be improved across the Azure datacenter security program. In the event an incident impacts Azure assets or services, the Azure Security Response Team has procedures in place to respond to such incidents. For incidents requiring government notification, the Security Response Team coordinates with the service team to notify the government agency customer, US-CERT, and authorizing officials within US-CERT guidelines. Azure Third-Party (Leased) Datacenters At leased datacenter locations, security events are communicated to the DCM team and escalated based on severity. The DCM team determines additional investigation or escalation. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|