AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Respond to complaints, concerns, or questions timely | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Respond to complaints, concerns, or questions timely

6ab47bbf-867e-9113-7998-89b58f77326a

Version

1.1.0
Details on versioning

Versioning

Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]

Category

Regulatory Compliance
Microsoft Learn

Description

CMA_C1853 - Respond to complaints, concerns, or questions timely

Additional metadata

Name/Id: CMA_C1853 / CMA_C1853
Category: Operational
Title: Respond to complaints, concerns, or questions timely
Ownership: Customer
Description: The customer is responsible for responding to complaints, concerns, or questions within the defined time period.
Requirements: The customer is responsible for implementing this recommendation.

Mode

All

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
Manual
Allowed
Manual, Disabled

RBAC role(s)

none

Rule aliases

none

Rule resource types

IF (1)
Microsoft.Resources/subscriptions

Compliance

The following 1 compliance controls are associated with this Policy definition 'Respond to complaints, concerns, or questions timely' (6ab47bbf-867e-9113-7998-89b58f77326a)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
SOC_2	P8.1	SOC_2_P8.1	SOC 2 Type 2 P8.1	Additional Criteria For Privacy	Privacy complaint management and compliance management	Shared	The customer is responsible for implementing this recommendation.	• Communicates to Data Subjects — Data subjects are informed about how to contact the entity with inquiries, complaints, and disputes. • Addresses Inquiries, Complaints, and Disputes — A process is in place to address inquiries, complaints, and disputes. • Documents and Communicates Dispute Resolution and Recourse — Each complaint is addressed and the resolution is documented and communicated to the individual. • Documents and Reports Compliance Review Results — Compliance with objectives related to privacy are reviewed and documented and the results of such reviews are reported to management. If problems are identified, remediation plans are developed and implemented. • Documents and Reports Instances of Noncompliance — Instances of noncompliance with objectives related to privacy are documented and reported and, if needed, corrective and disciplinary measures are taken on a timely basis. • Performs Ongoing Monitoring — Ongoing procedures are performed for monitoring the effectiveness of controls over personal information and for taking timely corrective actions when necessary.		5

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
SOC 2 Type 2	4054785f-702b-4a98-9215-009cbd58b141	Regulatory Compliance	GA	BuiltIn

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-09-27 16:35:32	change	Minor (1.0.0 > 1.1.0)
2022-09-13 16:35:29	add	6ab47bbf-867e-9113-7998-89b58f77326a

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC