Stay ahead of the data protection curve with new enhancements to Compliance Manager
Published Feb 06 2023 09:00 AM 3,488 Views

The regulatory landscape is constantly changing, and organizations are often challenged to meet the requirements of a multitude of standards and frameworks. Keeping up with often overlapping requirements creates a significant burden for most organizations. Additionally, a substantial increase in hybrid work models means an organization’s data now lives outside of the traditional boundaries, making it harder to mitigate risks. Organizations face the difficult task of maintaining their own house in order while trying to meet an ever-changing list of compliance requirements. According to a 2022 KPMG study, over 60% of respondents stated they experienced increasing losses from fraud, compliance breaches, and cyber-attacks. 


Today, we are excited to announce integrated capabilities across Microsoft Purview Compliance Manager and Microsoft Defender for Cloud. Microsoft Purview Compliance Manager helps organizations simplify compliance and reduce risk. It translates complex regulatory requirements into specific controls, allowing organizations to constantly assess, monitor, and improve their compliance posture. As organizations continue their hybrid environment journeys, it’s more important than ever to have visibility into their entire digital estate from one pane of glass.


One pane of glass

This integration, which will go into public preview next month, enables organizations to manage technical controls coming from Defender for Cloud (including Azure, AWS, GCP services) in one central location. By having Compliance Manager and Microsoft Defender for Cloud working together, we are now extending continuous assessment capabilities across clouds, making it seamless for customers to manage their compliance from a unified digital fabric.

Figure 1: GDPR assessment drilldownFigure 1: GDPR assessment drilldown


Expanded automated testing

Continuous assessments help customers automate compliance processes by eliminating a big pain point – blind spots. With the help of automated testing, customers can automatically check whether a technical control has passed or failed. For example, if you set up a control to enable Multi-Factor Authentication, the system will scan your tenant every 24 hours, and alert you if the control has failed. This helps customers maintain a refreshed view of their compliance posture in one single location. 

Figure 2: Automatic testing for multi-cloud serviceFigure 2: Automatic testing for multi-cloud service

Simplified compliance management

Chief Compliance Officers (CCO), Chief Risk Officers (CRO), Chief Information Security Officers (CISO), and IT administrators have different roles, but in the end, they all contribute to mitigating compliance risks and ensuring their organization meets key industry and regional standards.  With these enhancements, compliance, risk, and security personas can rely on Compliance Manager as their compliance management solution across their digital estate. The ability to select services from Microsoft or other 3rd party providers enables organizations to better safeguard their data.

Figure 3: Managing subscriptions to meet a regulatory requirementFigure 3: Managing subscriptions to meet a regulatory requirement

Get started today!

We are committed to helping organizations do more with less by delivering capabilities that make the end-to-end compliance management experience more efficient. Get started with Compliance Manager through the Microsoft Purview portal. If you are a Microsoft 365 E5 customer, try out your free templates today!

Additional resources:

Version history
Last update:
‎Feb 06 2023 03:59 PM
Updated by: