InformationRestrict group creation to administrators only.
Self-service group management enables users to create and manage security groups or Office 365 groups in Azure Active Directory (Azure AD). Unless a business requires this day-to-day delegation for some users, self-service group management should be disabled.
Enabling this setting could create a number of request that would need to me managed by administrators.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
SolutionFrom Azure Console
Go to Azure Active Directory
Go to Groups
Go to General in setting
Ensure that Restrict user ability to access groups features in the Access Pane is set to No
By default, Restrict user ability to access groups features in the Access Pane is set to No.