MCSB IR-4: Incident Response
3 Senserva Microsoft 365 security checks provide evidence for Microsoft Cloud Security Benchmark control IR-4 (Incident Response). Each is checked against your tenant, ranked by Severity, with validated remediation.
What MCSB IR-4 covers
The Microsoft Cloud Security Benchmark is Microsoft's own security baseline for Azure and Microsoft 365, organized into control domains. IR-4 sits in the Incident Response domain. Senserva evidences it with the 3 checks below, so you can see, per tenant, whether the control is actually met rather than assumed.
Ask your own AI about this control
Copy this prompt into Claude, ChatGPT, or Copilot. The facts are included, sourced from this page.
The 3 checks that evidence MCSB IR-4
Click any row for why it matters and how to fix it, with a link to the full check page.
| Senserva check | Severity | What it verifies |
|---|---|---|
| Risk Detection Offline | Critical | Risk detection was discovered offline (retroactively). The compromise predates the detection |
| Risk Detection Stale | High | Unresolved risk detection has exceeded the configured stale threshold |
| Ir Update Incident Response Plan And Process | Medium | Update and maintain the incident response plan and process |
Also evidences
The same checks provide evidence for these frameworks, so one fix counts across your obligations:
Every MCSB control and the checks that evidence it: the control reference. The full benchmark crosswalk: MCSB for Microsoft 365.