So from my usage this doesn't actually work. Removing the ASC default from the subscription causes Azure to complain, first it disables all the "Industry & regulatory standards" policies and then applies all the ones you have disabled. It also never seems to actually remove the default ASC it is lingering somewhere in the background. Then if you add it again it it allows you to enable/disable "Industry & regulatory standards" policies and even disable the ASC default (doesn't seem to actually disable) however it then conflicts against your MG policy. I have tried leaving for days and doing a policy trigger.
Another issue I found is there is no way to actually script the settings, so I want to deploy the ASC default with some disabled and other changed to AuditIfNotExist, tried so many different ways without luck. Any ideas on that?