Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Compliance and Assurance is designed to help commercial organizations navigate regulatory, compliance, and risk requirements when adopting and operating Microsoft cloud services. Customers get direct access to compliance professionals, curated assurance resources, and proactive risk guidance to support them in their compliance journey.
Ask an Expert
Customers receive on-demand compliance assistance for regulatory, compliance, security, and privacy-related inquiries through Microsoft’s standard support channels.
Risk & Control Mappings & AI Risk Assessments
Customers receive support to align their internal compliance requirements with Microsoft controls, streamlining risk assessment processes. Leveraging Microsoft Purview Compliance Manager, customers can utilize prebuilt, configurable templates to efficiently map and address global regulatory requirements, including the EU AI Act, NIS2, Essential 8, DPDP (India), DORA, and CMMC.
Durable Compliance Assets & Risk Assessment Resources
Customers gain access to a repository of compliance documentation and assurance artifacts including:
- Microsoft’s Digital Operational Resilience Act (DORA) readiness assessments
- Microsoft 365 external third-party penetration testing report
- Subprocessor lists
- Control Artifacts
- Copilot Risk Assessment Quickstart
- Quarterly Business Continuity and Disaster Recovery Plan Validation Report
- Quarterly Compliance Update
- Webcasts on key compliance topics
Compliance AI Advisory Board (Customer Advisory Engagement)
Through the Compliance AI Advisory Board, select customers can engage directly with Microsoft engineering teams to obtain roadmaps of the latest features and influence product development based on compliance and security needs. This closed-loop feedback mechanism ensures that Microsoft AI products evolve in alignment with customer and regulatory expectations. Participation is prioritized for customers based on their Copilot adoption journey to ensure we are delivering the most relevant and impactful support.
Proactive Risk Assurance
Customers receive quarterly regulatory updates, insights into emerging compliance frameworks, and proactive notifications about changes in Microsoft’s compliance landscape.
Global & Regional Summits
Our highest regulated customers have opportunities to engage with a community of 125+ organizations to share insights, best practices, and compliance strategies. Customers can attend:
- Exclusive regional and global summits
- Webcasts on key compliance topics
- Microsoft Compliance and Assurance Advisory Council and Compliance AI Advisory Board meetings
Continuous Improvement & Regulatory Compliance
Insights we gain from customers underpin Microsoft’s Regulated Industry Minimum Bar (RIMB), ensuring that Microsoft Cloud services meet evolving legal, regulatory, and customer-driven compliance requirements. Customer insights, advisory board engagements, and regulatory interpretation help drive product roadmap updates and engineering changes to enhance compliance assurance across Microsoft’s ecosystem.
Learn more
For more information, see Microsoft Compliance Program for Microsoft Cloud (CPMC).
Messaging
To stay informed of upcoming changes, including new and changed features, planned maintenance, or other important announcements, visit the Message center.
Licensing terms
For licensing terms and conditions for products and services purchased through Microsoft Commercial Volume Licensing Programs, see the Product Terms site.
Accessibility
Microsoft remains committed to the security of your data and the accessibility of our services. For more information, see the Microsoft Trust Center and the Office Accessibility Center.