Your company has an Azure subscription that utilizes Microsoft Defender for Cloud to enhance security posture. Recently, the company entered into a contract with the United States government, necessitating compliance with the National Institute of Standards and Technology (NIST) Special Publication 800-53, which outlines security and privacy controls for federal information systems and organizations. In light of this new requirement, you need to evaluate your current Azure subscription to ensure it meets NIST 800-53 standards. What is the first step you should take in this compliance review process?