| Source | Azure Portal | ||||||||||||||||||||||
| Display name | Microsoft Managed Control 1541 - Risk Assessment | ||||||||||||||||||||||
| Id | 70f6af82-7be6-44aa-9b15-8b9231b2e434 | ||||||||||||||||||||||
| Version | 1.0.0 Details on versioning |
||||||||||||||||||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||||||||||||||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||||||||||||||||||
| Description | Microsoft implements this Risk Assessment control | ||||||||||||||||||||||
| Additional metadata |
Name/Id: ACF1541 / Microsoft Managed Control 1541 Category: Risk Assessment Title: Risk Assessment - Conduct Risk Assessment Ownership: Customer, Microsoft Description: The organization: Conducts an assessment of risk, including the likelihood and magnitude of harm, from the unauthorized access, use, disclosure, disruption, modification, or destruction of the information system and the information it processes, stores, or transmits; Requirements: Microsoft conducts assessments of the risk including the likelihood and magnitude of harm that could result from the unauthorized access, use, disclosure, disruption, modification, or destruction of Azure and the information it processes, stores, or transmits. The Security Assessment for Azure was completed in agreement with NIST SP 800-30 Rev. 1, Guide for Conducting Risk Assessments, and NIST 800-53A Rev. 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans. Periodic risk assessments are performed for Azure to review the effectiveness of existing information security controls and safeguards, as well as to identify new risks. These assessments ensure all policies and supporting procedures properly address the environment in light of changing regulatory, contractual, business, technical, and operational requirements. Risk assessments take place annually, or more frequently as circumstances necessitate. |
||||||||||||||||||||||
| Mode | Indexed | ||||||||||||||||||||||
| Type | Static | ||||||||||||||||||||||
| Preview | False | ||||||||||||||||||||||
| Deprecated | False | ||||||||||||||||||||||
| Effect | Fixed audit |
||||||||||||||||||||||
| RBAC role(s) | none | ||||||||||||||||||||||
| Rule aliases | none | ||||||||||||||||||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||||||||||||||||||||||
| Compliance |
The following 1 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1541 - Risk Assessment' (70f6af82-7be6-44aa-9b15-8b9231b2e434)
| ||||||||||||||||||||||
| Initiatives usage |
|
||||||||||||||||||||||
| History | none | ||||||||||||||||||||||
| JSON compare | n/a | ||||||||||||||||||||||
| JSON |
|