In an effort to push the envelope for providing our customers transparency and a top grade compliance experience, I’d like to to announce a compliance tool newly available through the Microsoft Trust Center for Azure; the Common Controls Hub powered by Unified Compliance. This customized Microsoft portal lets you compare control frameworks across a number of compliance mandates and privacy regimes including ISO 27001, SOC 1 and 2, PCI, FedRAMP, EU Model Clauses, hundreds of geographic-specific requirements, and many others.
We’ve arranged for any Microsoft customer (Azure, Office 365, CRM, or others) to create a free account to access a Microsoft-curated library of complete standards guidance. You’ll see control descriptions and objectives, have the ability to map requirements from one framework to another, and gain a deeper understanding of any gaps in your own compliance activities.
Best of all, these frameworks are maintained for you! Researchers are constantly revising the source data based on updates to the standards, and ensuring default mappings stay relevant. You can build a custom controls list to help guide your own security and audit efforts, and once you have narrowed down the set of controls that are applicable to your environment, you can track your status against them.
The Microsoft Common Controls Hub is another step in providing the cloud industry’s highest levels of transparency and compliance with international standards. In addition to assessments and attestations against more than 45 different certifications, laws, and regulations, Azure remains committed to enabling our customers to achieve compliance with their own industries’ mandates and regional requirements.