AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Implement transaction based recovery | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Implement transaction based recovery
Id ba02d0a0-566a-25dc-73f1-101c726a19c5
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1296 - Implement transaction based recovery
Additional metadata Name/Id: CMA_C1296 / CMA_C1296
Category: Operational
Title: Implement transaction based recovery
Ownership: Customer
Description: The customer is responsible for implementing transaction-based (e.g., transaction rollback, transaction journaling) recovery within customer-deployed resources. Note: if the customer configures Microsoft Azure backup and/or alternate site processing services appropriately, Azure can support the continued operation of customer-deployed resources.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 11 compliance controls are associated with this Policy definition 'Implement transaction based recovery' (ba02d0a0-566a-25dc-73f1-101c726a19c5)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 CP-10(2) FedRAMP_High_R4_CP-10(2) FedRAMP High CP-10 (2) Contingency Planning Transaction Recovery Shared n/a The information system implements transaction recovery for systems that are transaction-based. Supplemental Guidance: Transaction-based information systems include, for example, database management systems and transaction processing systems. Mechanisms supporting transaction recovery include, for example, transaction rollback and transaction journaling. link 1
FedRAMP_Moderate_R4 CP-10(2) FedRAMP_Moderate_R4_CP-10(2) FedRAMP Moderate CP-10 (2) Contingency Planning Transaction Recovery Shared n/a The information system implements transaction recovery for systems that are transaction-based. Supplemental Guidance: Transaction-based information systems include, for example, database management systems and transaction processing systems. Mechanisms supporting transaction recovery include, for example, transaction rollback and transaction journaling. link 1
hipaa 19141.06c1Organizational.7-06.c hipaa-19141.06c1Organizational.7-06.c 19141.06c1Organizational.7-06.c 19 Data Protection & Privacy 19141.06c1Organizational.7-06.c 06.01 Compliance with Legal Requirements Shared n/a Important records, such as contracts, personnel records, financial information, client/customer information, etc., of the organization are protected from loss, destruction and falsification through the implementation of security controls such as access controls, encryption, backups, electronic signatures, locked facilities or containers, etc. 10
ISO27001-2013 A.12.3.1 ISO27001-2013_A.12.3.1 ISO 27001:2013 A.12.3.1 Operations Security Information backup Shared n/a Backup copies of information, software and system images shall be taken and tested regularly in accordance with an agreed backup policy. link 13
ISO27001-2013 A.17.1.2 ISO27001-2013_A.17.1.2 ISO 27001:2013 A.17.1.2 Information Security Aspects Of Business Continuity Management Implementing information security continuity Shared n/a The organization shall establish, document, implement and maintain processes, procedures and controls to ensure the required level of continuity for information security during an adverse situation. link 18
ISO27001-2013 A.18.1.3 ISO27001-2013_A.18.1.3 ISO 27001:2013 A.18.1.3 Compliance Protection of records Shared n/a Records shall be protected from loss, destruction, falsification, unauthorized access and unauthorized release, in accordance with legislative, regulatory, contractual and business requirements. link 15
mp.info.6 Backups mp.info.6 Backups 404 not found n/a n/a 65
mp.si.2 Cryptography mp.si.2 Cryptography 404 not found n/a n/a 32
NIST_SP_800-53_R4 CP-10(2) NIST_SP_800-53_R4_CP-10(2) NIST SP 800-53 Rev. 4 CP-10 (2) Contingency Planning Transaction Recovery Shared n/a The information system implements transaction recovery for systems that are transaction-based. Supplemental Guidance: Transaction-based information systems include, for example, database management systems and transaction processing systems. Mechanisms supporting transaction recovery include, for example, transaction rollback and transaction journaling. link 1
NIST_SP_800-53_R5 CP-10(2) NIST_SP_800-53_R5_CP-10(2) NIST SP 800-53 Rev. 5 CP-10 (2) Contingency Planning Transaction Recovery Shared n/a Implement transaction recovery for systems that are transaction-based. link 1
org.1 Security policy org.1 Security policy 404 not found n/a n/a 94
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
FedRAMP Moderate e95f5a9f-57ad-4d03-bb0b-b1d16db93693 Regulatory Compliance GA BuiltIn
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add ba02d0a0-566a-25dc-73f1-101c726a19c5
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC