| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1121 - Audit Review, Analysis, And Reporting | Correlation With Physical Monitoring | ||
| Id | c72b0eb9-1fc2-44e5-a866-e7cb0532f7c1 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Audit and Accountability control | ||
| Additional metadata |
Name/Id: ACF1121 / Microsoft Managed Control 1121 Category: Audit and Accountability Title: Audit Review, Analysis, And Reporting | Correlation With Physical Monitoring Ownership: Microsoft Description: The organization correlates information from audit records with information obtained from monitoring physical access to further enhance the ability to identify suspicious, inappropriate, unusual, or malevolent activity. Requirements: The Azure Security Response Team combine the analysis of audit records with physical security monitoring data as needed to aid in incident investigations. Any breaches or physical security incidents are reported through the incident reporting process by the physical security team if the physical security incident could potentially impact logical security. The Security Response Team then compares information from such physical security incidents to audit logging records to further identify and investigate suspicious behavior. Furthermore, when a physical incident is reported, the Security Response Team uses the related physical monitoring data and correlates it with audit records to determine if there was any associated logical breach or suspicious behavior in the Azure environment. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|