Microsoft wants to ensure that its Office 365customers have
access to the information that is relevant for them to perform a risk assessment
on Office 365 services—on demand. Access to this information should be
To achieve these goals, they have released
the Service Assurance Dashboard as part of the Office 365 Security and
Compliance Center, which provides you immediate access to:
how Office 365 implements security, privacy and compliance controls including
details of how third-party independent auditors perform audits to test these
independent audit reports including: SSAE 16 / SOC 1, SOC 2 / AT 101, ISO 27001
and ISO 27018.
insights into how we implement encryption, incident management, tenant
isolation and data resiliency.
on how you can leverage Office 365 security controls and configurations to
protect your data.
While there are many detailed insights
provided through Service Assurance, initial customer feedback indicates that
Audited Controls are particularly helpful. The Audited Controls feature in
Service Assurance helps you to understand how Office 365 protects customers' data by
status—Status of the Office 365 controls.
implementation details—Explanation of how Office 365 implements a control.
performed to evaluate control effectiveness—How independent auditors test the
effectiveness of our security, compliance and privacy controls.
date—When a control was validated.
controls—How the Office 365 internal controls map to standard controls.
- Azure blog