| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1562 - Allocation Of Resources | ||
| Id | d4142013-7964-4163-a313-a900301c2cef | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this System and Services Acquisition control | ||
| Additional metadata |
Name/Id: ACF1562 / Microsoft Managed Control 1562 Category: System and Services Acquisition Title: Allocation of Resources - Determine And Allocate Resources for Protection Ownership: Customer, Microsoft Description: The organization: Determines, documents, and allocates the resources required to protect the information system or information system service as part of its capital planning and investment control process; and Requirements: Microsoft annually budgets funding necessary to support all systems and the corporate security posture across the entire company. Microsoft has determined, documented, and allocated the resources required to protect the information system as part of its capital budgeting process. The information security control requirements are documented in this SSP. In addition, as part of the budgeting process, C+AI Security conducts capacity planning which includes the determination of the overall size, performance and resilience of the system. These elements are important to the overall security functionality of the system in terms of how security controls impact Azure’s performance, as well as, how the resiliency of the system supports data availability and continuity objectives. Capacity planning depends largely upon the proposed usage of the system. Processing and storage requirements for Azure are defined before development in order to ensure adequate resources are available. Azure capacity planning includes operating requirements, projected trends, new business requirements, and resistance to denial-of-service attacks in order to avoid preventable system deficiencies. The capacity planning process is through C+AI Security and part of the budget allocation. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|