Because Microsoft is committed to promoting a positive work environment, we expect our suppliers and their employees, agents, and subcontractors to adhere to the same standards of conduct and behavior that we expect from our own employees while they are on Microsoft property or doing business with or on behalf of Microsoft.

We are committed to our mission of helping people and businesses throughout the world realize the highest levels of productivity and success. Achieving our mission isn’t just about building innovative technology, it’s also about who we are as a company and as individuals, how we manage our business internally, and how we work with customers, partners, governments, communities, and suppliers.


Supplier Code of Conduct compliance

Suppliers and their employees, personnel, agents, and subcontractors (collectively referred to as “Suppliers”) must adhere to this Supplier Code of Conduct while conducting business with or on behalf of Microsoft. Suppliers must require their next-tier suppliers to acknowledge and implement the SCoC in their operations and across their supply chains. Suppliers must promptly inform their Microsoft contact, a member of Microsoft management, or the contacts provided at the end of this document when any situation develops that causes the Supplier to operate in violation of this Code of Conduct.


All Microsoft Suppliers must conduct their employment practices in full compliance with all applicable laws and regulations and in compliance with Microsoft requirements, which may exceed local legal requirements. In all cases in which Microsoft requirements are more stringent than local legal requirements, Suppliers are required to meet the more stringent Microsoft requirements.


While Microsoft Suppliers are expected to self-monitor and demonstrate their compliance with the SCoC, Microsoft may audit Suppliers or inspect Suppliers’ facilities to confirm compliance. Suppliers that behave in a manner that is unlawful or inconsistent with the SCoC, or any Microsoft policy, risk termination of their business relationship with Microsoft. Complying with the SCoC and completing the SCoC training offered by Microsoft are required in addition to meeting any other obligations contained in any agreement a Supplier may have with Microsoft.


If you wish to report questionable behavior or a possible violation of the Supplier Code of Conduct, please report a concern.


Review the July 2019 Microsoft announcement around the SCoC refresh.

Supplier Code of Conduct training program

Microsoft expects Suppliers to act ethically and with integrity. Suppliers demonstrate this commitment by complying with our Supplier Code of Conduct (SCoC) and ensuring that their employees are trained on the SCoC.


Suppliers will establish training measures for their managers, employees, and agents to understand and to comply with the contents of the SCoC, the applicable laws and regulations and generally recognized standards. External Staff workers who are engaged in services for Microsoft, who will bill time to Microsoft, or who otherwise work on Microsoft matters are required to complete the SCoC training and agree to comply with the SCoC. External Staff includes Vendors/Agency Temps (Contractors), Business Guests, and Outsourced Staff.


Microsoft managed onboarding/pre-access policy (established in 2016): External Staff are required to complete the SCoC training before they can obtain Microsoft access credentials. External Staff workers will receive an email notification (from that provides a position number and link to a third-party registration and training site requesting they complete the 30-minute online training. Once the External Staff worker completes the training, the process for granting access to Microsoft's corporate network and/or buildings will proceed. This automated training process will occur for all newly generated position numbers and does not require any action of the requestor or sponsor. The Microsoft managed training link cannot be forwarded/re-used.


Supplier managed training policy (2019 refreshed SCoC): In addition to the onboarding/pre-access training policy managed by Microsoft, Suppliers are accountable to train all employees and agents working on Microsoft matters on an annual basis. A supplier version of the Microsoft SCoC training is available to help the Supplier meet the annual training accountability and to help Suppliers onboard all external staff who do no not require access to the Microsoft corporate network and/or building access per the policy outlined above. The Supplier version of the course does not have tracking, and Suppliers are required to have a process and management system in place for administering and tracking annual training. The supplier training link cannot be used for the Microsoft managed onboarding/pre-access training process.



Global implementations for Microsoft pre-access training policy










United Kingdom

United States

Western Europe****


*APAC countries include: Bangladesh, Brunei Darussalam, Cambodia, Christmas Island, Indonesia, South Korea, Malaysia, Myanmar, Nepal, New Zealand, Philippines, Singapore, Sri Lanka, Thailand, and Vietnam

**GCR countries include: China, Hong Kong, Macau, and Taiwan

***LATAM countries include: Argentina, Bolivia, Brazil, Chile, Colombia, Costa Rica, Curacao, Dominican Republic, Ecuador, El Salvador, Guatemala, Honduras, Jamaica, Mexico, Panama, Paraguay, Peru, Puerto Rico, Trinidad and Tobago, Uruguay, and Venezuela

****Western Europe countries include: Aland Isles, Austria, Belgium, Denmark, Finland, Iceland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain, Sweden, and Switzerland

*****Central and Eastern Europe (CEE) countries include: Albania, Armenia, Azerbaijan, Belarus, Bosnia and Herzegovina, Bulgaria, Croatia, Cyprus, Czechia, Estonia, Georgia, Greece, Hungary, Kazakhstan, Kyrgyzstan, Latvia, Lithuania, Macedonia, Malta, Moldova, Mongolia, Montenegro, Poland, Romania, Russia, Serbia, Slovakia, Slovenia, Turkmenistan and Ukraine

Future implementations of the SCoC onboarding/pre-access training policy will align to the international expansion of the External Staff Access Length Limits Policy.


General information Human rights & fair labor Background screening Supplier travel SCoC training Pre-access training

SCoC training


Microsoft trusts our Suppliers to ensure that any of their employees working with or on behalf of Microsoft, both with and without network/building access, are trained on our Supplier Code of Conduct.


We are empowering our Suppliers to determine the most appropriate and efficient way for that training to be delivered and tracked annually.


Microsoft makes an online version of the training available in 26 different languages, as well as provides a downloadable transcript for Suppliers to use as a standalone resource or to integrate into existing Supplier Training.

Any External Staff* engaged in services for Microsoft, or who will bill time to Microsoft, or who otherwise work on Microsoft matters are required to complete SCoC training and agree to comply with the SCoC. External Staff includes Contractors, Vendors, Business Guests, and Outsourced Staff.


*Individuals who 1) are engaged in providing services for Microsoft, 2) bill time to Microsoft, or 3) otherwise work on Microsoft matters, are required to complete the Supplier Code of Conduct training. 

No. The “Vendor Code of Conduct” or VCC Training Program had been in place for four years. The policy was updated in 2016 to include an automated onboarding process, managed by Microsoft to require training completion prior to External Staff gaining access credentials. It was renamed “Supplier Code of Conduct” training program. The training content and policy was updated July 2019 to include additional Supplier training accountabilities.

Microsoft understands that supplier relationships & situations vary. We are trusting suppliers to track using a method that makes sense for their business. We have provided a supplier version of the Microsoft SCoC training. This version does not offer any completion tracking. Suppliers may use the online training content to integrate into existing training or onboarding managed by the supplier. We do not want to create unnecessary burdens. If audited, providing a list of names, training format (online, classroom, etc.) and training dates for your employees working on behalf of Microsoft will suffice.

A SCORM version is available for use with integrating into a supplier’s LMS. If this is something you need, please reach out to to request this.

The Supplier training obligation is in addition to the Microsoft pre-access training. It is the responsibility of the Supplier to meet the annual training requirement, which can include the completion of the Microsoft pre-access training, as long as such training is tracked in the Supplier's records.  

Suppliers may validate pre-access completions here. This will require either a current position number or an email (one used to register on the training site) for each employee.

Yes, they will still be required as the Microsoft managed SCoC training is an automated step in the onboarding process.  It is a pre-access policy that the SCoC must be completed prior to receiving any access credentials regardless of last SCoC completion. This step/process is required for every new position number created.

They are still required to complete SCoC training. Their employer (Microsoft Supplier) has the responsibility to ensure they are trained annually.

Please direct questions to