| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1190 - Configuration Change Control | ||
| Id | c66a3d1e-465b-4f28-9da5-aef701b59892 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Configuration Management control | ||
| Additional metadata |
Name/Id: ACF1190 / Microsoft Managed Control 1190 Category: Configuration Management Title: Configuration Change Control - Coordination And Oversight Ownership: Customer, Microsoft Description: The organization: Coordinates and provides oversight for configuration change control activities through CAB that convenes Monthly, or as needed. Requirements: All changes to the Azure production environment, except pre-approved changes, must go through peer review, oversight committee review, or crossgroup review approval. Each service team has an internal committee with designated roles; these meet at least monthly, or as needed. There are a set of pre-approved changes which do not require additional explicit approval for release. These are standard procedures and common tasks that are documented and are confirmed to be safe to perform without going through the formal change management process. Examples of pre-approved Change Types are Create Certificate and Create Stage XStore Account. For all Azure assets, Azure works with its authorizing officials by participating in regular meetings with the FedRAMP JAB, DISA/DoD authorizing officials, and other regulators and ISSOs as needed to communicate major changes to or developments in the Azure environment. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|