Event details
In a Microsoft 365 environment, where security controls are distributed across services such as Defender, Intune, and Entra, what governance approaches or integrated reporting methods does Microsoft recommend to consistently map and demonstrate these controls against frameworks like NIST or SOC 2 in an audit context?
EricMoe
Microsoft
MicrosoftRejina Similar to your question around Audit compliance, you should start with the Service Trust Portal, Service Trust Portal Home Page, and check out the link for "Resources for Your Organization." Individual controls like NIST and SOC 2 should also be available through this portal.