| 💼 5.1 Security Defaults (Per-User MFA) | 4 | | 4 | | no data |
|  💼 5.1.1 Ensure that 'security defaults' is Enabled in Microsoft Entra ID (Automated) | | | 1 | | no data |
|  💼 5.1.2 Ensure that 'Require Multifactor Authentication to register or join devices with Microsoft Entra' is set to 'Yes' (Manual) | | | 1 | | no data |
|  💼 5.1.3 Ensure that 'multifactor authentication' is 'enabled' For All Users (Automated) | | | 1 | | no data |
|  💼 5.1.4 Ensure that 'Allow users to remember multifactor authentication on devices they trust' is Disabled (Manual) | | | 1 | | no data |
| 💼 5.2 Conditional Access (reference) | | | | | no data |
| 💼 5.3 Periodic Identity Reviews | 7 | | 7 | | no data |
|  💼 5.3.1 Ensure that Azure Admin Accounts Are Not Used for Daily Operations (Manual) | | | 1 | | no data |
|  💼 5.3.2 Ensure that Guest Users are Reviewed on a Regular Basis (Manual) | | | 1 | | no data |
|  💼 5.3.3 Ensure That Use of the 'User Access Administrator' Role is Restricted (Automated) | | | 1 | | no data |
|  💼 5.3.4 Ensure that All 'Privileged' Role Assignments are Periodically Reviewed (Manual) | | | 1 | | no data |
|  💼 5.3.5 Ensure Disabled User Accounts do not Have Read, Write, or Owner Permissions (Manual) | | | 1 | | no data |
|  💼 5.3.6 Ensure 'Tenant Creator' Role Assignments are Periodically Reviewed (Manual) | | | 1 | | no data |
|  💼 5.3.7 Ensure All Non-privileged Role Assignments are Periodically Reviewed (Manual) | | | 1 | | no data |
| 💼 5.4 Ensure that No Custom Subscription Administrator Roles Exist (Automated) | | | 1 | | no data |
| 💼 5.5 Ensure that a Custom Role is Assigned Permissions for Administering Resource Locks (Manual) | | | 1 | | no data |
| 💼 5.6 Ensure that 'Subscription leaving Microsoft Entra tenant' and 'Subscription entering Microsoft Entra tenant' is set to 'Permit no one' (Manual) | | | 1 | | no data |
| 💼 5.7 Ensure there are between 2 and 3 Subscription Owners (Automated) | | | 1 | | no data |