| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1141 - Audit Generation | Changes By Authorized Individuals | ||
| Id | 6fdefbf4-93e7-4513-bc95-c1858b7093e0 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Audit and Accountability control | ||
| Additional metadata |
Name/Id: ACF1141 / Microsoft Managed Control 1141 Category: Audit and Accountability Title: Audit Generation | Changes By Authorized Individuals Ownership: Customer, Microsoft Description: The information system provides the capability for Azure Security or service team members with audit configuration responsibilities, Security Incident Monitoring Team to change the auditing to be performed on all network, data storage, and computing devices based on changes to the threat environment; risk-based assessment within risk-based assessment; Annually or whenever a change occurs in the threat environment as defined by authoritative sources. Requirements: The Azure Security Logging and Monitoring (SLAM) team and the Security Response Team have developed sets of auditable events for Azure assets based on ongoing risk assessments of the system which incorporate government and industry baselines and requirements, identified vulnerabilities, business requirements, and Azure and C+AI Security Standards. The event sets are reviewed by the SLAM and Security Response Team when a significant change to the system is made to ensure any vulnerabilities exposed are being addressed by the set of auditable events. New events are incorporated when a new asset class is brought online or when a vulnerability or threat is identified through security assessments, security bulletins, and more. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|