CSCv7|13.1

Title

Maintain an Inventory Sensitive Information

Description

Maintain an inventory of all sensitive information stored, processed, or transmitted by the organization's technology systems, including those located onsite or at a remote service provider.

Reference Item Details

Category: Data Protection

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 Ensure the Pre-Installation Planning Checklist Has Been ImplementedUnixCIS Apache HTTP Server 2.4 v2.2.0 L1
1.2.1 (L2) Ensure that only organizationally managed/approved public groups existmicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E5
1.2.1 (L2) Ensure that only organizationally managed/approved public groups existmicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E3
1.3.7 (L2) Ensure 'third-party storage services' are restricted in 'Microsoft 365 on the web'microsoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E5
1.3.7 (L2) Ensure 'third-party storage services' are restricted in 'Microsoft 365 on the web'microsoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E3
1.3.8 (L2) Ensure that Sways cannot be shared with people outside of your organizationmicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E3
1.3.8 (L2) Ensure that Sways cannot be shared with people outside of your organizationmicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E5
1.18 Ensure that all expired SSL/TLS certificates stored in AWS IAM are removedamazon_awsCIS Amazon Web Services Foundations v5.0.0 L1
3.3.1 (L1) Ensure Information Protection sensitivity label policies are publishedmicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L1 E5
3.3.1 (L1) Ensure Information Protection sensitivity label policies are publishedmicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L1 E3
5.1.6.1 (L2) Ensure that collaboration invitations are sent to allowed domains onlymicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E3
5.1.6.1 (L2) Ensure that collaboration invitations are sent to allowed domains onlymicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E5
5.1.6.3 (L2) Ensure guest user invitations are limited to the Guest Inviter rolemicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E3
5.1.6.3 (L2) Ensure guest user invitations are limited to the Guest Inviter rolemicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E5
6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the webmicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E3
6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the webmicrosoft_azureCIS Microsoft 365 Foundations v5.0.0 L2 E5
18.7.1.1 (L2) Ensure 'Turn off notifications network usage' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2
18.7.1.1 (L2) Ensure 'Turn off notifications network usage' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker
CIS Control 13 (13.1) Maintain an Inventory of Sensitive InformationUnixCAS Implementation Group 1 Audit File