Your company currently utilizes an Azure subscription that has enhanced security measures enabled through Microsoft Defender for Cloud. Recently, your company has entered into a contractual agreement with the United States government, which requires adherence to specific regulatory standards. As a result, you need to assess the current Azure subscription for compliance with the NIST 800-53 (National Institute of Standards and Technology Special Publication 800-53) guidelines. What is the initial step you should undertake to perform this compliance review?