Simplify compliance with the Microsoft Common Controls Hub
Globalization, regulation, and increasing business complexity make regulatory compliance a constant challenge. To help the compliance professionals in your organization better understand—and meet—your compliance obligations, we have licensed the Unified Compliance Framework (UCF), which Microsoft customers can access through the Microsoft Common Controls Hub.
The UCF provides a library of more than 200,000 individual compliance mandates from more than 800 laws and standards; the Microsoft Common Controls Hub is a subset of these. It provides a frequently updated list of many of the major compliance frameworks that Microsoft complies with, including the EU Model Clauses, Payment Card Industry Data Security Standards (PCI DSS), US Federal Risk and Authorization Management Program (FedRAMP), US Health Insurance Portability and Accountability Act (HIPAA), ISO/IEC 27001, and SOC 1 and 2 reports.
When you sign up for a free starter account, you can use this list to research control objectives and guidance across these frameworks, explore the control requirements of a specific framework, and use the Hub to compare your own compliance mandates with Microsoft attestations or any other document in the UCF library.
How to sign up for free access to the Microsoft Common Controls Hub
- Go to the Create An Account page, and follow the instructions on your screen to sign up for a Common Controls Hub account. (The data you enter is not shared with Microsoft.) You will get an email message from the Common Controls Hub verifying your account.
- In the verification email, click the link provided to log in, and then click TRY IT FREE.
- You will be prompted to create a profile, which you can do now, or skip (and do it later) to continue to the Dashboard.
Note: If you have questions about the signup process for this starter account, contact email@example.com.
How to use the Microsoft Common Controls Hub
- Go to the Log in to your starter account.
- On the Dashboard page, click Workspace.
- On the Workspace page, click the View Saved Lists dropdown menu, and then click Microsoft Customer CCH.
- Under Authority Documents, click Show Selected Documents as a List. This will switch the display to Show Selected Documents in a Hierarchy.
- On the left, you’ll see a list of the Authority Documents that Microsoft has entered in the Common Controls Hub. On the right is a list of related Mandated, Implied, and Implementation controls.
- Click an arrow next to any Control Name to expand the hierarchy. As you expose more layers of the hierarchy, the Common Controls will be more detailed.
- Click an button to the right of any Authority Document name to see in-depth information about that document.
- Click an button to the right of any Mandated Common Control (in bold) to see every mandate from all selected Authority Documents for that individual control.
Note: If you have questions or need help, contact firstname.lastname@example.org.
Frequently asked questions
Authority Documents are those that contain rules—in the form of regulations, principles, standards, guidelines, best practices, policies, and procedures—that are not of our own creation and may result in penalties if we are out of compliance. When we say that we are complying, we mean that we are adhering to those rules. Learn more about Authority Documents.
Get step-by-step instructions. (With the Microsoft starter account, you can compare up to five documents at a time.)
The compliance professionals in your organization may spend significant time and resources researching which mandates your company or organization must follow, and struggle to keep up with ever-increasing requirements. They may find it difficult to understand how new mandates are connected to the organizational controls already in place. Consequently, often each mandate is managed separately, even though many regulatory demands are the same across multiple compliance domains. The result? Missed requirements, wasted time, and escalating costs.
The Microsoft Common Controls Hub is built on the UCF, which provides a library of more than 200,000 compliance mandates from more than 800 laws and standards. The framework identifies overlapping compliance requirements across these different regulations, so organizations can comply once and demonstrate compliance with many requirements simultaneously. Customized controls sets across specific geographic and vertical requirements can be created in minutes, and new mandates can easily be integrated with existing controls. The UCF can help make it easier for organizations to scope, define, and maintain their compliance requirements to improve the efficiency and effectiveness of their governance, risk management, and compliance program. (Note that with the Microsoft starter account, you can work with up to five documents at a time.)