Customers have told us about their compliance challenges, such as the lack of in-house capabilities to define and implement controls, the lack of collaboration between compliance and IT teams, and inefficiencies in audit preparation activities. At Microsoft Ignite, we introduced Compliance Manager, a new solution that helps you manage the end-to-end regulation-to-audit compliance process and connect the technology solutions with the regulatory requirements. It provides recommended actions and a control management tool for your organization to improve data protection capabilities and implement controls across teams more seamlessly. Moreover, it enables you to perform real-time risk assessment that helps you to be better prepared for auditing.
We are thrilled to announce that the Compliance Manager Public Preview program is now available for organizations with a paid or trial subscription for Microsoft cloud services (e.g., Office 365, Microsoft Azure, etc.). Sign in to Compliance Manager using your Office 365 or Azure Active Directory user account.[1]
To help you get the most out of the Compliance Manager Preview, watch our short demo and learn more about the solution’s capabilities including:
- A dashboard that summarizes Microsoft’s and your organization’s control implementation progress for Office 365 across various standards and regulations, such as the EU General Data Protection Regulation (GDPR)[2], ISO 27001, and ISO 27018.
- Actionable insights that are designed to improve your data protection and compliance posture.
- Control management and audit-ready reporting tools to streamline your compliance workflow.
Visit our support page for additional information about the Compliance Manager Preview. After trying the Compliance Manager Preview, please provide us with your questions and comments by clicking the Feedback button within Compliance Manager.
As we get closer to general availability in 2018, we will add support for additional products, including Azure and Dynamics 365, along with a Compliance Score feature that reflects your organization’s compliance posture based on your activities in Compliance Manager. We’ll also be adding more regulatory standards like National Institute of Standards and Technology (NIST) Special Publication 800-53, along with additional evidence to support Microsoft’s compliance to the GDPR. We’ll be increasing depth in the recommended actions for your GDPR program as well as the evidence that you can use to demonstrate support for the GDPR when using Microsoft services.
To provide you with access to all of Microsoft’s cloud-related security, compliance, and privacy information, we have also revamped the Service Trust Portal, which provides auditing and assessment reports, technical whitepapers, and various how-to guides.
***Update on Feb 22nd 2018: Compliance Manager is now generally available for Azure, Dynamics 365, and Office 365 Business and Enterprise subscribers in public clouds. Learn more about the official product launch here.***
*Compliance Manager is a dashboard that provides a summary of your data protection and compliance stature and recommendations to improve data protection and compliance. This is a recommendation, it is up to you to evaluate its effectiveness in your regulatory environment prior to implementation. Recommendations from Compliance Manager should not be interpreted as a guarantee of compliance.
[1] Currently, the Compliance Manager preview is not available in Office 365 operated by 21Vianet or Office 365 Germany.
[2] We will add more GDPR-related content between now and May 2018. For now, we are publishing what we have to gain your feedback, and so that you can start reviewing and acting on your organization’s GDPR-related responsibilities.