Summary and knowledge check

Completed

In this module, you learned how Microsoft 365 identifies, assesses, responds to, and manages risks to protect customers and the Microsoft 365 environment.

Now that you have completed this module, you should be able to:

  • Explain how the Microsoft Enterprise Risk Management (ERM) program provides a consistent approach to risk across Microsoft.
  • Describe how Microsoft 365 manages risk.
  • Explain how Microsoft 365 Trust identifies risks using a variety of inputs.
  • Describe how Microsoft 365 Trust analyzes and categorizes risk using impact, likelihood, and mitigating controls.
  • Explain how Microsoft 365 Trust coordinates with service teams to mitigate, monitor, and report on ongoing risks in Microsoft 365 environments.

Check your knowledge

1.

What is the purpose of the Enterprise Risk Management program?

2.

Who is responsible for implementing security controls in Microsoft 365 products and services?

3.

Which factor for calculating risk accounts for the predicted frequency at which a risk will occur?