| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1145 - Security Assessments | ||
| Id | a0724970-9c75-4a64-a225-a28002953f28 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Security Assessment and Authorization control | ||
| Additional metadata |
Name/Id: ACF1145 / Microsoft Managed Control 1145 Category: Security Assessment and Authorization Title: Security Assessments - Conducting Assessment Ownership: Customer, Microsoft Description: The organization: Assesses the security controls in the information system and its environment of operation Annually to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting established security requirements; Requirements: The assessment utilizes the SAP and the SSP as supporting documents to complete the security assessment and authorization activities in accordance with NIST SP 800-37 Revision 1, which is used to serve as the basis for conducting security assessment and authorization activities for Azure. Azure conducts assessments at least on an annual basis. The assessment procedures are documented in NIST SP 800-53A Revision 4, which also provides the assessment scope and frequency in combination with guidance from regulators. Assessment activities occur on an annual basis against the agreed-upon SAP between Microsoft, the Third Party Assessment Organization (3PAO), and authorizing officials. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|