AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Microsoft Managed Control 1297 - Information System Recovery And Reconstitution | Restore Within Time Period | Regulatory Compliance - Contingency Planning

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Microsoft Managed Control 1297 - Information System Recovery And Reconstitution | Restore Within Time Period

93fd8af1-c161-4bae-9ba9-f62731f76439

Version

1.0.0
Details on versioning

Versioning

Versions supported for Versioning: 0
Built-in Versioning [Preview]

Category

Regulatory Compliance
Microsoft Learn

Description

Microsoft implements this Contingency Planning control

Additional metadata

Name/Id: ACF1297 / Microsoft Managed Control 1297
Category: Contingency Planning
Title: Information System Recovery And Reconstitution | Restore Within Time Period
Ownership: Customer, Microsoft
Description: The organization provides the capability to restore information system components within time period consistent with the restoration time-periods defined in the service provider and organization SLA from configuration-controlled and integrity-protected information representing a known, operational state for the components.
Requirements: If all datacenters for an Azure service experience failure, or if Microsoft were to resume processing at a disrupted site, Microsoft uses the following to recover Azure services in other Azure datacenters to the last known state: * Defined images and current OS, network device, and application baselines * Defined security processes around access control, change management, mandatory configuration settings, and encryption mechanisms Redeployment as part of system restoration follows the same process with the same authentication requirements as initial deployment as part of configuration management. Azure does not establish separate recovery times for individual datacenter components due to the design and function of datacenters. Azure datacenters are designed to be redundant by hosting services in datacenters that are geographically separated from each other. Services are mirrored in geographically redundant datacenters; all sites are active. Therefore, the risk to the security of the Azure environment due to failure of individual components is mitigated through availability of the information system. If necessary to support the resumption of a service according to established disaster recovery plans, individual system components are replaced in support of the service Recovery Time Objective (RTO). The Azure spares policy ensures that spare components are available if replacement is needed.

Mode

Indexed

Type

Static

Preview

False

Deprecated

False

Effect

Fixed
audit

RBAC role(s)

none

Rule aliases

none

Rule resource types

IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups

Compliance

The following 4 compliance controls are associated with this Policy definition 'Microsoft Managed Control 1297 - Information System Recovery And Reconstitution | Restore Within Time Period' (93fd8af1-c161-4bae-9ba9-f62731f76439)

Control	Name	MetadataId	Requirements	Description	Policy#
op.cont.1 Impact analysis	op.cont.1 Impact analysis	404 not found	n/a	n/a	68
op.cont.2 Continuity plan	op.cont.2 Continuity plan	404 not found	n/a	n/a	68
op.cont.3 Periodic tests	op.cont.3 Periodic tests	404 not found	n/a	n/a	91
op.cont.4 Alternative means	op.cont.4 Alternative means	404 not found	n/a	n/a	95

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
Spain ENS	175daf90-21e1-4fec-b745-7b4c909aa94c	Regulatory Compliance	GA	BuiltIn

History

none

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC