AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Employ automated training environment | Regulatory Compliance - Operational

Azure BuiltIn Policy definition

Source Azure Portal
Display name Employ automated training environment
Id c8aa992d-76b7-7ca0-07b3-31a58d773fa9
Version 1.1.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.1.0
Built-in Versioning [Preview]
Category Regulatory Compliance
Microsoft Learn
Description CMA_C1357 - Employ automated training environment
Additional metadata Name/Id: CMA_C1357 / CMA_C1357
Category: Operational
Title: Employ automated training environment
Ownership: Customer
Description: The customer is responsible for providing incident response training, which employs automated mechanisms, to users of customer-deployed resources in accordance with assigned roles and responsibilities.
Requirements: The customer is responsible for implementing this recommendation.
Mode All
Type BuiltIn
Preview False
Deprecated False
Effect Default
Manual
Allowed
Manual, Disabled
RBAC role(s) none
Rule aliases none
Rule resource types IF (1)
Microsoft.Resources/subscriptions
Compliance
The following 11 compliance controls are associated with this Policy definition 'Employ automated training environment' (c8aa992d-76b7-7ca0-07b3-31a58d773fa9)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
FedRAMP_High_R4 IR-2(2) FedRAMP_High_R4_IR-2(2) FedRAMP High IR-2 (2) Incident Response Automated Training Environments Shared n/a The organization employs automated mechanisms to provide a more thorough and realistic incident response training environment. link 1
ISO27001-2013 A.7.2.2 ISO27001-2013_A.7.2.2 ISO 27001:2013 A.7.2.2 Human Resources Security Information security awareness, education and training Shared n/a All employees of the organization and, where relevant, contractors shall receive appropriate awareness training and regular updates in organizational policies and procedures, as relevant for their job function. link 15
mp.eq.3 Protection of portable devices mp.eq.3 Protection of portable devices 404 not found n/a n/a 71
mp.per.1 Job characterization mp.per.1 Job characterization 404 not found n/a n/a 41
mp.per.3 Awareness mp.per.3 Awareness 404 not found n/a n/a 15
mp.per.4 Training mp.per.4 Training 404 not found n/a n/a 14
mp.s.1 E-mail protection mp.s.1 E-mail protection 404 not found n/a n/a 48
mp.s.3 Protection of web browsing mp.s.3 Protection of web browsing 404 not found n/a n/a 51
mp.si.3 Custody mp.si.3 Custody 404 not found n/a n/a 27
NIST_SP_800-53_R4 IR-2(2) NIST_SP_800-53_R4_IR-2(2) NIST SP 800-53 Rev. 4 IR-2 (2) Incident Response Automated Training Environments Shared n/a The organization employs automated mechanisms to provide a more thorough and realistic incident response training environment. link 1
NIST_SP_800-53_R5 IR-2(2) NIST_SP_800-53_R5_IR-2(2) NIST SP 800-53 Rev. 5 IR-2 (2) Incident Response Automated Training Environments Shared n/a Provide an incident response training environment using [Assignment: organization-defined automated mechanisms]. link 1
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
FedRAMP High d5264498-16f4-418a-b659-fa7ef418175f Regulatory Compliance GA BuiltIn
ISO 27001:2013 89c6cddc-1c73-4ac1-b19c-54d1a15a42f2 Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 4 cf25b9c1-bd23-4eb6-bd2c-f4f3ac644a5f Regulatory Compliance GA BuiltIn
NIST SP 800-53 Rev. 5 179d1daa-458f-4e47-8086-2a68d0d6c38f Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-09-27 16:35:32 change Minor (1.0.0 > 1.1.0)
2022-09-19 17:41:40 add c8aa992d-76b7-7ca0-07b3-31a58d773fa9
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC