Compliance is the framework and execution to interpret, define, and apply regulatory requirements, standards and policies in operation through processes and technology in order to demonstrate performance to the requirements and manage risk where there is non-compliance. Organizations are challenged by the complexity of establishing, implementing and managing security policies while monitoring to ensure data and systems are protected at a level that reflects acceptable risk. Governments and agencies responsible for setting standards and leading the adoption, implementation, and execution of such frameworks face the added burden and complexity of applying such frameworks across people, process, and technology.
Microsoft’s published best practices and standards accompanied by tools, guidance, and resources extend the value of the Microsoft platform to help organizations simplify and automate the IT compliance and risk management processes. Microsoft’s solutions are designed to facilitate compliance activities conducted by an organization’s IT experts, auditors, accountants, attorneys and other compliance professionals. The selection, application, and management of objectives, citations, controls, and settings is at the discretion of the organization through automated, integrated features, tools, and reporting across platforms and products.
Execute the technical and operational implementation of policies and regulations
Understand risk exposure to make informed decisions to mitigate, transfer or accept risk
Determine the existence of vulnerabilities and how they can be addressed
Centrally manage, automate, monitor and report the status of security governance and compliance