Quadra

Connecting Technology and Business.

Now customers can perform a risk assessment on Office 365 services

Microsoft wants to ensure that its Office 365customers have access to the information that is relevant for them to perform a risk assessment on Office 365 services—on demand. Access to this information should be seamless.

 

To achieve these goals, they have released the Service Assurance Dashboard as part of the Office 365 Security and Compliance Center, which provides you immediate access to:

  • Details on how Office 365 implements security, privacy and compliance controls including details of how third-party independent auditors perform audits to test these controls.

  • Third-party independent audit reports including: SSAE 16 / SOC 1, SOC 2 / AT 101, ISO 27001 and ISO 27018.

  • Deep insights into how we implement encryption, incident management, tenant isolation and data resiliency.

  • Information on how you can leverage Office 365 security controls and configurations to protect your data.

While there are many detailed insights provided through Service Assurance, initial customer feedback indicates that Audited Controls are particularly helpful. The Audited Controls feature in Service Assurance helps you to understand how Office 365 protects customers' data by detailing:

  • Test status—Status of the Office 365 controls.

  • Control implementation details—Explanation of how Office 365 implements a control.

  • Testing performed to evaluate control effectiveness—How independent auditors test the effectiveness of our security, compliance and privacy controls.

  • Test date—When a control was validated.

  • Office 365 controls—How the Office 365 internal controls map to standard controls.

- Azure blog

Loading