Update for SQL policy change

Author: jomolesk

articles/governance/blueprints/samples/iso27001-ase-sql-workload/control-mapping.md

@@ -172,13 +172,13 @@ unencrypted Service Fabric communication.
 - \[Preview\]: Deploy VM extension to audit Windows VM should not store passwords using reversible
   encryption
 - \[Preview\]: Audit Windows VM should not store passwords using reversible encryption
-- \[Preview\]: Monitor unencrypted SQL database in Azure Security Center
 - \[Preview\]: Monitor unencrypted VM Disks in Azure Security Center
 - Audit enablement of encryption of Automation account variables
 - Audit enabling of only secure connections to your Redis Cache
 - Audit secure transfer to storage accounts
 - Audit the setting of ClusterProtectionLevel property to EncryptAndSign in Service Fabric
 - Audit transparent data encryption status
+- Transparent Data Encryption on SQL databases should be enabled
 
 ## A.12.4.1 Event logging
 
@@ -190,9 +190,9 @@ Diagnostic logs provide insight into operations that were performed within Azure
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.4.3 Administrator and operator logs
 
@@ -204,9 +204,9 @@ operations that were performed within Azure resources.
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.4.4 Clock synchronization
 
@@ -218,9 +218,9 @@ internal clocks to create a time-correlated record of events across resources.
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.5.1 Installation of software on operational systems
 

articles/governance/blueprints/samples/iso27001-shared/control-mapping.md

@@ -172,13 +172,13 @@ unencrypted Service Fabric communication.
 - \[Preview\]: Deploy VM extension to audit Windows VM should not store passwords using reversible
   encryption
 - \[Preview\]: Audit Windows VM should not store passwords using reversible encryption
-- \[Preview\]: Monitor unencrypted SQL database in Azure Security Center
 - \[Preview\]: Monitor unencrypted VM Disks in Azure Security Center
 - Audit enablement of encryption of Automation account variables
 - Audit enabling of only secure connections to your Redis Cache
 - Audit secure transfer to storage accounts
 - Audit the setting of ClusterProtectionLevel property to EncryptAndSign in Service Fabric
 - Audit transparent data encryption status
+- Transparent Data Encryption on SQL databases should be enabled
 
 ## A.12.4.1 Event logging
 
@@ -190,9 +190,9 @@ Diagnostic logs provide insight into operations that were performed within Azure
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.4.3 Administrator and operator logs
 
@@ -204,9 +204,9 @@ operations that were performed within Azure resources.
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.4.4 Clock synchronization
 
@@ -218,9 +218,9 @@ internal clocks to create a time-correlated record of events across resources.
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.5.1 Installation of software on operational systems
 

articles/governance/blueprints/samples/iso27001/control-mapping.md

@@ -172,13 +172,13 @@ unencrypted Service Fabric communication.
 - \[Preview\]: Deploy VM extension to audit Windows VM should not store passwords using reversible
   encryption
 - \[Preview\]: Audit Windows VM should not store passwords using reversible encryption
-- \[Preview\]: Monitor unencrypted SQL database in Azure Security Center
 - \[Preview\]: Monitor unencrypted VM Disks in Azure Security Center
 - Audit enablement of encryption of Automation account variables
 - Audit enabling of only secure connections to your Redis Cache
 - Audit secure transfer to storage accounts
 - Audit the setting of ClusterProtectionLevel property to EncryptAndSign in Service Fabric
 - Audit transparent data encryption status
+- Transparent Data Encryption on SQL databases should be enabled
 
 ## A.12.4.1 Event logging
 
@@ -190,9 +190,9 @@ Diagnostic logs provide insight into operations that were performed within Azure
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.4.3 Administrator and operator logs
 
@@ -204,9 +204,9 @@ operations that were performed within Azure resources.
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.4.4 Clock synchronization
 
@@ -218,9 +218,9 @@ internal clocks to create a time-correlated record of events across resources.
 - \[Preview\]: Audit Dependency Agent Deployment in VMSS - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment - VM Image (OS) unlisted
 - \[Preview\]: Audit Log Analytics Agent Deployment in VMSS - VM Image (OS) unlisted
-- \[Preview\]: Monitor unaudited SQL database in Azure Security Center
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
+- Auditing should be enabled on advanced data security settings on SQL Server
 
 ## A.12.5.1 Installation of software on operational systems
 

articles/governance/blueprints/samples/pci-dss-3.2.1/control-mapping.md

@@ -48,7 +48,7 @@ Fabric communication.
 - Function App should only be accessible over HTTPS
 - Web Application should only be accessible over HTTPS
 - API App should only be accessible over HTTPS
-- Monitor unencrypted SQL database in Azure Security Center
+- Transparent Data Encryption on SQL databases should be enabled
 - Disk encryption should be applied on virtual machines
 - Automation account variables should be encrypted
 - Only secure connections to your Redis Cache should be enabled
@@ -156,7 +156,7 @@ Diagnostic logs provide insight into operations that were performed within Azure
 logs rely on synchronized internal clocks to create a time-correlated record of events across
 resources.
 
-- Monitor unaudited SQL servers in Azure Security Center
+- Auditing should be enabled on advanced data security settings on SQL Server
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
 - Deploy Auditing on SQL servers

articles/governance/blueprints/samples/ukofficial/control-mapping.md

@@ -41,7 +41,7 @@ encryption on storage accounts, SQL databases, virtual machine disks, and automa
 variables; audit insecure connections to storage accounts and Redis Cache; audit weak virtual
 machine password encryption; and audit unencrypted Service Fabric communication.
 
-- Monitor unencrypted SQL databases in Azure Security Center
+- Transparent Data Encryption on SQL databases should be enabled
 - Disk encryption should be applied on virtual machines
 - Automation account variables should be encrypted
 - Secure transfer to storage accounts should be enabled
@@ -208,7 +208,7 @@ This blueprint helps you ensure system events are logged by assigning [Azure Pol
 definitions that audit log settings on Azure resources. An assigned policy also audits if virtual
 machines aren't sending logs to a specified log analytics workspace.
 
-- Monitor unaudited SQL servers in Azure Security Center
+- Auditing should be enabled on advanced data security settings on SQL Server
 - Audit diagnostic setting
 - Audit SQL server level Auditing settings
 - \[Preview\]: Deploy Log Analytics Agent for Linux VMs