Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Regulatory & Industry Compliance Resources
| Topics | Description |
|---|---|
| Microsoft Compliance Hub | Microsoft documentation and resources you need to get started with compliance for your business or organization. |
| General Data Protection Regulation Summary | The General Data Protection Regulation (GDPR) introduces new rules for organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data for EU residents no matter where you or your enterprise are located. This document guides you to information to help you honor rights and fulfill obligations under the GDPR when using Microsoft products and services. A Recommended action plan for GDPR and Accountability Readiness Checklists provide more resources for assessing and implementing GDPR compliance. |
| Microsoft compliance offerings | Learn how Microsoft products and services help your organization meet regulatory compliance standards. |
| Windows FIPS 140-2 Validation | The Federal Information Processing Standard (FIPS) Publication 140 is a U.S. government standard that defines the minimum security requirements for cryptographic modules in IT products. Microsoft maintains an active commitment to meeting the requirements of the FIPS 140 standard, having validated cryptographic modules against FIPS 140-2 since it was first established in 2001. Multiple Microsoft products, including Windows 11, Windows 10, Windows Server, and many cloud services, use these cryptographic modules. |
| Windows Common Criteria Certifications | Common Criteria (CC) is an international standard currently maintained by national governments who participate in the Common Criteria Recognition Arrangement. CC defines a common taxonomy for security functional requirements, security assurance requirements, and an evaluation methodology used to ensure products undergoing evaluation satisfy the functional and assurance requirements. Microsoft ensures that products incorporate the features and functions required by relevant Common Criteria Protection Profiles and completes Common Criteria certifications of Microsoft Windows products. |
| Microsoft Cloud for industries | Learn about the solutions, guidance, and resources available for your industry from Microsoft, including information about the Microsoft Clouds for Healthcare, Financial Services, Retail, Manufacturing, Nonprofit, and Sustainability. |
| Risk Assessment Guide for Microsoft Cloud | The goal of a cloud risk assessment is to ensure that the system and data considered for migration to the cloud don't introduce any new or unidentified risk into the organization. The focus is to ensure confidentiality, integrity, availability, and privacy of information processing and to keep identified risks below the accepted internal risk threshold. |