About

Hello, I will need someone to verify that all of the following ISO 27001 compliance requirements have been properly created, implemented, and deployed in Microsoft Intune: - A.9 – Access Control - Conditional Access Policies (Azure AD): require compliant devices, enforce MFA, block legacy authentication, restrict by location/risk/device platform - Role-Based Access Control (RBAC): assign least privilege roles, use Privileged Identity Management (PIM) for Just-In-Time access - A.9.2 – User Access Management - Automate group membership based on role/location - Use dynamic groups for Windows, Android, iOS, Linux - Local Admin Restrictions: deploy LAPS, remove unauthorized users from local admin groups - A.6 – Mobile Device Management - Require enrollment for all platforms (Windows, Android, iOS, Linux) - Use Company Portal or Zero-Touch/Knox Mobile Enrollment - Compliance Policies: enforce password complexity, encryption (BitLocker/FileVault/Android native), block rooted/jailbroken devices, require secure boot and minimum OS versions • A.10 – Cryptographic Controls • Disk Encryption: BitLocker with TPM & Azure AD recovery key. • A.12 – Logging and Monitoring • Enable audit logging (logon, policy change, object access) • Integrate Microsoft Defender for Endpoint with real-time protection, attack surface reduction, and web filtering - A.18 – Compliance Reporting - Track compliance scores via Intune Reports → Device Compliance - Export data to Excel/Power BI - Map each policy to ISO controls for audit documentation - A.8 – Asset Management - Device tagging with PowerShell (asset ID, location, owner) - Store metadata in Intune custom attributes or registry - Enable hardware/software inventory reporting • A.12.6 – Vulnerability Management • Require latest OS patches • Block outdated builds • Use Windows Update for Business or Android Enterprise policies At the end of the job, I will require: - A printed Intune compliance report showing all applied rules Finally, please note that there are still some issues that need to be addressed: - User is unable to open the C: Drive or any other folder/file - Local user admin account is not being created - Unable to retrieve the local admin password for the user’s PC -Allow user PC to be functional even if the PC still not under compliance. -Create an Exception rule for PC that the Intune policies does not need to be apply to. ** Please note if you apply for this job, this is a fixed non negotiable rate. I will allow you access to the platform via Anydesk to my PC so you can complete the assignment and perform the needed test.***