last sync: 2024-Nov-25 18:54:24 UTC

Microsoft Managed Control 1532 - Third-Party Personnel Security | Regulatory Compliance - Personnel Security

Azure BuiltIn Policy definition

Source Azure Portal
Display name Microsoft Managed Control 1532 - Third-Party Personnel Security
Id a2c66299-9017-4d95-8040-8bdbf7901d52
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description Microsoft implements this Personnel Security control
Additional metadata Name/Id: ACF1532 / Microsoft Managed Control 1532
Category: Personnel Security
Title: Third-Party Personnel Security - Notification of Transfers/Terminations
Ownership: Customer, Microsoft
Description: The organization: Requires third-party providers to notify the third-party provider’s Microsoft FTE managerof any personnel transfers or terminations of third-party personnel who possess organizational credentials and/or badges, or who have information system privileges within terminations: immediately; transfers: within twenty-four (24) hours; and
Requirements: Microsoft documents third-party security requirements in the Microsoft Information Security Policy and associated standards (provided). Specific notification requirements for transfers and terminations of third-party personnel with access to Azure are identical to those for Microsoft personnel.
Mode Indexed
Type Static
Preview False
Deprecated False
Effect Fixed
audit
RBAC role(s) none
Rule aliases none
Rule resource types IF (2)
Microsoft.Resources/subscriptions
Microsoft.Resources/subscriptions/resourceGroups
Compliance Not a Compliance control
Initiatives usage none
History none
JSON compare n/a
JSON
api-version=2021-06-01
EPAC