Microsoft Compliance Manager

By Michael Fiorito, VP of Business Development at MDS

Using Compliance Score you can perform on-going risk assessments:

  • Compliance Manager is a cross-Microsoft Cloud services solution designed to help organizations meet complex compliance obligations, including the EU GDPR, ISO 27001, ISO 27018, NIST 800- 53, NIST 800- 171, and HIPAA
  • Enables your organization to perform on-going risk assessments for what is identified as Microsoft’s responsibilities by evaluating detailed implementation and test details of our internal controls
  • Microsoft also provides you the information and tools to conduct self-assessment for your responsibilities of meeting regulatory requirements. Now with Compliance Score—a new feature for Compliance Manager—you can gain visibility into your organization’s compliance stature with a risk-based score reference
  • The Compliance Score is based on the operating effectiveness of internal controls managed by both Microsoft and you. Failure to implement different controls will have different levels of risk. Microsoft also assigns a weight to each control based on the level of risk involved when you do not implement a control or fail to pass the test of a control
  • Provides you actionable insights from a certification/regulation view

Simplifies your journey to manage compliance activities with the capability to create multiple assessments for each standard and regulation

  • According to the report, Cost of Compliance 2017 from Thomson Reuters, 32 percent of companies spend more than 4 hours per week creating and amending audit reports. It’s very time-consuming to collect evidence and demonstrate effective control implementation for auditing activities
  • Compliance Manager enables you to assign, track, and record your compliance activities, so you can collaborate across teams and manage your documents for creating audit reports more easily
  • By using group functionality, you can now create multiple assessments for any standard or regulation that is available to you in Compliance Manager by time, by teams, or by business units. For example, you can create a GDPR assessment for the 2018 group and another one for the 2019 group. Similarly, you can create an ISO 27001 assessment for your business units located in the U.S. and another one for your business units located in Europe. This functionality gives you a more robust way to manage compliance activities based on your organizational needs for performing risk assessments

For more information or to see where you stand compliance-wise, visit us at MDS Cybersecurity & Regulatory Compliance.


  • MDS offers Microsoft-based solutions that include an overall set of controls and capabilities to help customers meet their GDPR requirements

To learn more, visit The General Data Protection Regulation information site. You can download the GDPR checklist, take the preparedness quiz, and watch our GDPR Webinar.

Take Back Your Day

Learn how the latest technologies can free up your time so you can focus on your business