Your company holds an Azure subscription that includes enhanced security measures provided by Microsoft Defender for Cloud. Recently, the company has entered into a contract with a United States government agency. To comply with this contract, you are required to ensure that your current Azure subscription adheres to the NIST 800-53 standards, which are a set of controls for securing federal information systems. What initial steps should you take to begin this compliance review?