This post has been republished via RSS; it originally appeared at: Financial Services Blog articles.
At Microsoft, we know our financial services customers have been feeling greater pressure from regulatory authorities over the last few years, especially those customers who have moved some or all of their solutions to the cloud. Because we know how critical achieving regulatory compliance is for financial services organizations, we have taken great steps to support you in your compliance journey. Under our shared responsibility model, Microsoft partners with you to meet your security, compliance, and privacy needs, assuming some of the responsibilities to help reduce your compliance burden. We also engage deeply with regulators to educate them about our cloud services and get their feedback to improve our services accordingly.
Because we operate a global cloud infrastructure, we must meet many auditable compliance requirements that result from government and industry mandates, internal policies, and industry best practices. We continuously review our existing offerings and industry trends to ensure that you can access the most relevant information and maintain insights into the operational effectiveness of the service. We also implement a comprehensive compliance program for our major enterprise cloud services, including Microsoft 365. And we adhere to a broad set of controls that are independently certified by international information management security standards.
By adopting a cloud platform strategy with Microsoft 365, you have only one comprehensive, regularly updated solution to assess and audit, versus multiple independent, connected solutions. Microsoft 365 is uniquely positioned to help you maintain regulatory compliance in three key areas:
- Assessing and managing compliance risk. Manage compliance risk through real-time compliance posture assessments with actionable insights to improve data protection.
- Protecting data. Use advanced data governance tools to protect sensitive company, employee, and customer data across devices and apps, no matter where it travels.
- Streamlining processes. Access audit-ready tools to streamline your reporting process for requirements such as notifying authorities of personal data breaches or obtaining appropriate consents for processing data.
For financial services customers, Microsoft offers a range of audit capabilities that can help you demonstrate regulatory compliance, including in-person audits, group audits, self-service audits, and real-time audits. In addition, our Service Trust Portal (STP) is our public site for publishing audit reports and other compliance-related information related to Microsoft cloud services. STP users can download audit reports produced by external auditors and gain insight from Microsoft-authored whitepapers that provide details on how Microsoft builds and operates our cloud services. The STP also hosts the Compliance Manager application, which enables you to see what’s behind third-party audit reports and verify the controls managed by Microsoft are compliant with various global regulatory frameworks and standards.
Finally, Microsoft 365 provides advanced data governance, discovery, encryption, and data protection capabilities that enable you to achieve compliance in areas concerning document retention, immutability, and preservation to help address requirements of ISO/IEC 27001, ISO/IEC 27018, GDPR, MiFID II, FISC, SEC 17a-4, and other regulations and certifications.
Click here to download this free whitepaper “Microsoft 365 supports the compliance journey for financial services organizations”, and learn more about how Microsoft can support your compliance journey.