Yes. Organizations with Office 365 and Microsoft 365 licenses, and US Government Community (GCC) Moderate, GCC High, and Department of Defense (DoD) customers, have access to Compliance Manager. However, the assessments available to your organization and how you manage assessment templates depends on your licensing agreement. Visit the licensing guidance for details.
Yes. Learn more about multicloud support in Compliance Manager.
Organizations at the E5/A5/G5 levels have greater flexibility in which regulatory templates they can use for free as part of their licensing agreement. These organizations can choose up to three premium regulatory templates for free instead of having a predetermined set of included templates. The Microsoft Data Protection Baseline is also included by default as part of your subscription.
For customers using any of the templates that were included before the December 2022 change (NIST 800-53, ISO 27001, GDPR), continued use of those templates will count against the allotted three free premium templates. Customers who have already purchased one or more premium templates can use three more premium templates for free.
Also new in December 2022: Templates that belong to the same regulation family now count as one template. For example, the templates for CMMC Levels 1 through 5, are now considered a single template so that you don't need to purchase multiple versions. When you purchase a template license for a regulation, the license applies for all levels and versions of that regulation. Review the licensing details.
No. Your compliance score measures your progress in completing recommended actions that help reduce risks around data protection and regulatory standards. It doesn't express an absolute measure of organizational compliance with regard to a particular standard or regulation. Compliance Manager, and your compliance score, shouldn't be interpreted as a guarantee in any way.