| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1112 - Response To Audit Processing Failures | ||
| Id | d530aad8-4ee2-45f4-b234-c061dae683c0 | ||
| Version | 1.0.0 Details on versioning |
||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Audit and Accountability control | ||
| Additional metadata |
Name/Id: ACF1112 / Microsoft Managed Control 1112 Category: Audit and Accountability Title: Response to Audit Processing Failures - Additional Actions Ownership: Customer, Microsoft Description: The information system: Takes the following additional actions: Immediate notification and investigation; overwrite oldest audit records if needed; shut down if necessary. Requirements: In the event of an audit failure or audit storage capacity being reached, monitoring tools alert the C+AI Security Engineering team in near real time, who are assigned to address the processing failure. Alerts for audit processing failures are investigated immediately following the incident management process and appropriate actions are taken in accordance with the incident management process. In addition, if the failure is that the storage repository is full, Azure is configured to overwrite the oldest data to preserve the most recent information for after-the-fact investigations. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|