Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
5.2.2. Regulatory Compliance Assessment
đź’ˇ First Principle: Compliance assessment maps your security controls to regulatory requirements. Defender for Cloud provides built-in standards and supports custom standards.
Built-in Compliance Standards
| Standard | Available |
|---|---|
| Azure Security Benchmark | Yes (default) |
| PCI DSS 3.2.1 | Yes |
| ISO 27001:2013 | Yes |
| FedRAMP High | Yes |
| NIST SP 800-53 | Yes |
| GDPR | No (custom required) |
⚠️ Exam Trap: Assuming GDPR compliance initiative is available. GDPR is not a built-in standard—you must create custom initiatives for GDPR compliance.
Written byAlvin Varughese
Founder•15 professional certifications