Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
Is there any updated documentation on the ISO/IEC 27001:2022 Azure regulatory compliance initiative?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(99.2, 56.00000000000001%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELK%3C/text%3E%3C/svg%3E)
Lucas Kuiper
5
Reputation points
The ISO/IEC 27001:2022 initiative is now (finally) included in Azure but it contains some weird required parameters at assigning the initiative that really need some explanation.
Furthermore, what I noticed was that the 2013 version contains 452 policies, whereas the newer 2022 version only has 63 policies. Or should we see this as an add-on to the set of policies in the 2013 version? When searching for an explanation in the documentation at ISO/IEC 27001 - Azure Compliance | Microsoft Learn the 2022 version is mentioned but everything else is still based on the 2013 version and only links to an overview of the policies in the 2013 initiative.
It would be helpful if someone could elaborate on this!
Also check:
https://learn.microsoft.com/en-us/answers/questions/1414185/azure-initiative-for-iso-27001-2022
Azure Policy
Sign in to answer