Are there any good whitepapers or articles about security and compliance for Microsoft PPM? Below are a few security/compliance related questions:
Because it is a service of SharePoint (and sits in a site collection), are the workspace documents/items included in document deletion/retetion policies configured in the compliance center? What about the project data (schedule, project fields, business drivers, etc.)?
Is there a way to get to the audit data for Project Online?
Can project data be discovered through eDiscovery or content search?
Does DLP work for project data (schedule, project fields, business drivers, etc.)?
DLP and eDiscovery work for the project sites the same way as for any other SharePoint list and document data. Project data (schedule, project fields, business drivers, etc.) is not covered by this. Integrating project data using the Business Connectivity Services will render data available via the SharePoint Search, but it is not easy to impose data trimming on that and also it is not available for eDiscovery. To enable auditing of project data you need to setup a custom solution that tracks and archives information. It depends on your auditing needs if this is a simple report or something complex.