Hello Guys,

​

Regarding control 3.4.1, I have compiled a comprehensive list of our assets in Jira JSM Assets, which includes details on operating system versions, networking devices, licenses, and user information.

​

As our company is a subsidiary of a larger entity, we do not possess administrative access to Microsoft 365, and consequently, we are unable to utilize the Microsoft 365 security baseline directly.

​

To adhere to control 3.4.2 and ensure compliance, I am in the process of developing a baseline document. However, I am uncertain about the additional components that should be included in this baseline to fully meet the control's requirements.

​

Additionally, I have a backup of our SonicWALL configurations. Would it be necessary to export and include a text file of the backup configuration in this document as well?

​

Could you provide guidance on the specific requirements and components needed to fully comply with control 3.4.2?

​

Thank you for your assistance.

​