The AI job boom continues: Build the skills that move business forward
Discover new AI powered business Certifications to validate the skills that matter most. Gretchen LaBelle: Copilot + Agents Learning Portfolio Manager, Global Skilling Tarek Saleh Eldin: Content Publishing Manager, Global Skilling In Part 1 of this series, The AI job boom is here. Are you ready to showcase your skills?, we explored how Microsoft Certifications across AI, cloud, and security are evolving to keep pace with a rapidly changing job market. AI is no longer a niche capability. It’s becoming foundational across roles, reshaping how work gets done, and redefining how professionals create impact. This post picks up that thread. As organizations move from experimenting with AI to operationalizing it at scale, big changes are happening in business solutions roles. These shifts demand the ability to apply AI in real business contexts, redesign processes, build intelligent apps and agents, and lead transformation responsibly across the organization. Earlier this year, Microsoft introduced four new AI business solutions Certifications: Microsoft Certified: Agentic AI Business Solutions Architect (Exam AB‑100) Microsoft 365 Certified: Copilot and Agent Administration Fundamentals (Exam AB‑900) Microsoft Certified: AI Business Professional (Exam AB‑730) Microsoft Certified: AI Transformation Leader (Exam AB‑731) Together, these Certifications map to the critical roles in an AI‑driven workplace, from business practitioners and IT administrators to solution architects and transformation leaders. Building on that foundation, we’re launching new Certifications to help amplify human skills for AI-powered roles in the business landscape. New AI business solutions credentials: April 2026 and beyond Additional new Certification exams begin rolling out in beta starting in April 2026, with more releases over the following months, and going live later this year. The Microsoft Certified: AI Agent Builder Associate Certification is designed for tech pros, including developers, AI engineers, and architects, who are pushing AI agents beyond out‑of‑the‑box scenarios to implement production‑ready Microsoft Copilot Studio agents and multi‑agent solutions capable of sophisticated processes, workflow automation, and enterprise integration. Exam AB-620 beta and training available in April 2026; exam expected to go live in June 2026. The Microsoft Certified: Dynamics 365 Contact Center AI Engineer Associate Certification is designed for contact center engineers and solutions pros who design and run modern contact center as a service (CCaaS) solutions with Dynamics 365 Contact Center and service‑oriented autonomous agents. This Certification goes beyond routing and channels, focusing on how AI, Microsoft Copilot, and agents deliver scalable, always‑on service across voice and digital channels. Exam AB-250 beta and training available in June 2026; exam expected to go live in August 2026. The Microsoft Certified: Dynamics 365 Sales AI Consultant Associate Certification is for modern sellers who design and operationalize AI‑powered sales solutions across the lead‑to‑cash lifecycle, emphasizing Copilot-driven productivity and insights, AI-powered opportunity research and qualification, agent configuration and lifecycle management, and secure, scalable automation aligned with governance and responsible AI. Exam AB‑210 beta and training available in May 2026; exam expected to go live in June 2026. The Microsoft Certified: Intelligent Applications Builder Associate Certification equips Microsoft Power Platform pros to build for an AI-first world, where apps, agents, automation, and models work as one. It validates the skills to use Copilot and natural language to design intelligent solutions, embed agents across experiences, and ship responsibly with strong governance and application lifecycle management. Exam AB-410 beta and training available in April 2026; exam expected to go live in June 2026. The Microsoft Applied Skills: Build an agent-first app credential validates learners’ ability to build an app that surfaces a Copilot Studio agent and to craft prompts that make the agent genuinely effective, not just functional. This credential is part of the broader Microsoft Certified: Intelligent Applications Builder Associate (Exam AB-410) Certification journey, serving as a fast, accessible entry point for those looking to get started with agent-first development before pursuing the full Certification. Credential and training expected to go live in June 2026. Refresh: The Microsoft Certified: Power Platform Fundamentals Certification (Exam PL-900) is being updated with a streamlined, one-day instructor-led course and a new training program. These improvements are designed to align with the AI-powered Microsoft Power Platform and to make it easier than ever for learners to start building confidently. Training and courseware updates are scheduled for June 2026, with minor exam changes planned at the same time to reflect these enhancements. Retiring Certifications: What you need to know We’re committed to keeping our Certifications portfolio aligned with latest technology. As we launch new Certifications, we also retire some older credentials to keep the portfolio mapped to evolving roles. The following table itemizes what’s changing and provides key dates for Certification and training retirements in 2026. If your Certification is eligible for renewal, please renew it before the retirement date. Retiring Microsoft Credential Credential and exam retirement date Planned training retirement date Related new Credential Microsoft Certified: Dynamics 365 Customer Experience Analyst Associate (Exam MB-280) July 31, 2026 July 31, 2026 Microsoft Certified: Dynamics 365 Sales AI Consultant Associate (Exam AB-210) Microsoft Certified: Power Platform Functional Consultant Associate (Exam PL-200) August 31, 2026 August 31, 2026 Microsoft Certified: Intelligent Applications Builder Associate (Exam AB-410) Microsoft Certified: Dynamics 365: Finance and Operations Apps Solution Architect Expert (Exam MB-700) June 30, 2026 June 30, 2026 No new Certification is planned. To stay up to date with these technologies please refer to the Microsoft technical documentation. Microsoft Certified: Power Platform Solution Architect Expert (Exam PL-600) June 30, 2026 June 30, 2026 Microsoft Certified: Dynamics 365 Supply Chain Management Functional Consultant Associate (Exam MB-335) June 30, 2026 June 30, 2026 Microsoft Certified: Dynamics 365 Field Service Functional Consultant Associate (Exam MB-240) June 30, 2026 June 30, 2026 Microsoft Certified: Power Automate RPA Developer Associate (Exam PL-500) June 30, 2026 June 30, 2026 Microsoft Applied Skills: Create and manage model-driven apps with Power Apps and Dataverse June 30, 2026 June 30, 2026 Microsoft Applied Skills: Build an agent-first app Note: The recently released Microsoft Certified: Agentic AI Business Solutions Architect Certification (Exam AB‑100), although not a direct replacement for the retiring Certifications listed here, is the flagship expert‑level Certification, spanning a significantly broader scope and covering agentic architectures, AI‑driven solution design, and end‑to‑end business impact. If you currently hold one of the retiring expert-level Certifications (associated with Exam MB‑700, Exam PL‑600, Exam MB-335, Exam MB-240, or Exam PL-500), consider pursuing the Microsoft Certified: Agentic AI Business Solutions Architect Certification (Exam AB‑100) as your next step. Navigating the transition: FAQs The following questions and answers can help you determine how these retirements and expanded portfolio could impact your learning journey: Q. Why is Microsoft implementing these updates? A. Microsoft Credentials are valuable, as is the time you spend earning them. With the ongoing evolutions in technology, it’s essential that we keep the credentials up to date so we can help you stay aligned with latest skills and trends. We’re implementing these updates to provide a valuable path forward to keep up with the latest skills. Q. I’ve already earned one of the retiring Certifications. What happens now? A. If you’ve already earned any of the retiring Certifications, your credential remains valid until it expires. Retirement does not revoke or invalidate Certifications that were earned while the exam was active. They show your continued dedication to staying up to date and learning new skills in this ever-changing technical landscape. Q. What if a Certification that’s retiring is part of the prerequisites for an expert-level Certification? A. If a retiring Certification is required for an expert-level Certification, the requirements for that expert-level Certification will be updated as needed. The retiring Certification will be removed from the requirements and replaced (as appropriate) with a new associate-level Certification. If you’ve earned an expert-level Certification by earning an associate-level Certification that’s now retiring, you’ll continue to hold the expert-level Certification as long as you renew the expert-level Certification when it’s eligible. After you’ve earned a Certification, and if you renew it when it’s eligible, you hold it until it expires. If you’ve earned an associate-level Certification that’s a requirement for an expert-level Certification and that associate-level Certification hasn't expired, it can still satisfy the expert-level requirement. Be sure to meet all the requirements for the expert-level Certification before the associate-level Certification expires. Expired Certifications cannot be used to meet the requirements for an expert-level Certification. Q. Can I renew a soon-to-retire Certification? A. Yes, as long as it’s eligible for renewal and you renew it before the Certification officially retires, you can renew a soon-to-retire Certification. Please note that Fundamentals Certifications don’t expire. Q. Is there a direct transition path from a retiring Certification that I’ve already earned to the related new Certification, or do I need to pass the new exam? A. To earn the new Certification, you need to pass the new exam, since the new exam and the old one don’t measure the same skill sets. Q. I’m preparing for an exam that’s retiring. What should I do? A. The time you spend preparing for an exam and earning a Certification never goes to waste. If you’re actively preparing for an exam that’s retiring and a replacement exam has been announced: If you’ve already registered for the exam, you can continue preparing for it and take it while it’s still available. Keep in mind that after the exam retires, you won’t be able to retake it if you don’t pass, and you won’t be able to renew it. Exam registration ends on the same day that the exam retires. If you haven’t registered for the exam and there’s a related new exam, we strongly recommend that you prepare for and take the new exam instead, as noted in the following table. If you’re not close to testing for this exam Prepare for and take this exam instead Learning path and instructor-led training expected to be available in Exam MB-280 Exam AB-210 April 2026 Exam PL-200 Exam AB-410 April 2026 If you’re preparing for Exam PL-900 to earn the Microsoft Certified: Power Platform Fundamentals Certification, the new Course PL-900 will be available at the end of June 2026. If you’re preparing for Exam MB-335 to earn the Microsoft Certified: Dynamics 365 Supply Chain Management Functional Consultant Associate Certification, Exam MB-700 to earn the Microsoft Certified: Dynamics 365: Finance and Operations Apps Solution Architect Expert Certification, or Exam PL-600 to earn the Microsoft Certified: Power Platform Solution Architect Expert Certification, consider preparing for and taking Exam AB-100 to earn the Microsoft Certified: Agentic AI Business Solutions Architect Certification, the new flagship expert‑level Certification for solutions architects, available now. Note that to earn the Certification, you must pass Exam AB-100 and you must also have a current associate-level Certification. Q. How might these updates impact partner competency requirements? A. To track whether and how these updates might impact partner competency requirements, go to Solutions Partner for Business Applications in the Partner Center. The bigger picture AI is transforming not only what technology can do but also who does the work and how. Whether you’re building agents, designing intelligent apps, transforming sales, or leading enterprise AI strategy, there’s now a Certification that reflects the real skills your role demands. These Certifications can help ensure that you’re not only ready for AI-driven work but you’re also leading it. We’ll share updates for the new AI business solutions Certifications, including beta exams and go-live dates, on The Skills Hub Blog. Stay tuned! Explore more Microsoft Credentials on AI Skills Navigator.ACE Your Microsoft Associate Certification and FREE Certification Voucher for registered students
Ready to take your Microsoft Fundamentals knowledge to the next level or you are journey to attain professional Microsoft Certifications? You’ve come to the right place! The normal journey with certifications is to start off with the basics i.e. your Fundamentals certifications and work your way up the ladder.Microsoft Learn Cloud Skills Challenge
Complete a challenge for a chance to win a VIP event pass for the next Microsoft Ignite or Microsoft Build! We’re running a sweepstakes for 5 lucky winners to receive a full event pass for the next Microsoft Ignite or Microsoft Build that includes bonus experiences, exclusive access, meet and greets with Microsoft personalities and the opportunity to be showcased by Microsoft Learn. All participants will receive a Microsoft Learn Cloud Skills Challenge badge upon completion of their first challenge. Champion your advantage To celebrate the launch of Microsoft Applied Skills, this Cloud Skills Challenge will feature a selection of challenges designed to help you prepare - and pass - your assessment and earn your new credential. Get the credentials you need to demonstrate proficiency in a specific skillset so you can make a bigger impact on your projects, your organization—and your career. Challenge details The challenge ends on January 15, 2024, at 4:00 PM UTC (16:00). Make sure you have completed your challenge before time runs out. View the list of eligible challenges here. Get started!
Microsoft Purview - Compliance Score (Part 5) - GDPR
Before we start, please not that if you want to see a table of contents for all the sections of this blog and their various Purview topics, you can locate the in the following link: Microsoft Purview - Compliance Score (Part 1) - Overview Disclaimer This document is not meant to replace any official documentation, including those found at docs.microsoft.com. Those documents are continually updated and maintained by Microsoft Corporation. If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed. Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix. All of the following steps should be done with test data, and where possible, testing should be performed in a test environment. Testing should never be performed against production data. Target Audience This blog series is aimed at Security and Compliance officers who need to understand how the Microsoft Purview Compliance Manager assessments can help them meet their regulatory and certification needs. Document Scope This document will only be discussing the assessment specific to General Data Protection Regulation (GDPR) and which Purview components are needed to meet those requirements in the assessment and its associated regulation. Out-of-Scope This document does not cover any other aspect of Microsoft E5 Purview, including: Compliance Manager (configuration) Data Classification Information Protection Data Protection Loss (DLP) for Exchange, OneDrive, Devices Data Lifecycle Management (retention and disposal) Records Management (retention and disposal) eDiscovery Insider Risk Management (IRM) Priva Advanced Audit Microsoft Cloud App Security (MCAS) Information Barriers Communications Compliance Licensing For details on licensing (ie. which components and functions of Purview are in E3 vs E5) you will need to contact your Microsoft Security Specialist, Account Manager, or certified partner. We will not be walking through the General Data Protection Regulation (GDPR) assessment step-by-step. For more information on running an assessment in Compliance Manager, you should reference the corresponding documentation listed in the Appendix and Links section below. Overview of Document We will be walking through how the General Data Protection Regulation (GDPR) assessment can be leveraged to meet GDPR and provide quantifiable results for meeting that regulation. What is the General Data Protection Regulation (GDPR)? What is the Compliance Manager General Data Protection Regulation (GDPR) assessment? Process of taking assessment information and score and narrowing to Purview related solutions GDPR assessment details (control Family, Purview relevant solutions breakdown and Purview Compliance Score) Use Case Looking at a General Data Protection Regulation (GDPR) assessment at a high level Definitions Actions– the things that need to be done to mark a Control as completed and Assessments – these help you implement data protection controls specified by compliance, security, privacy, and data protection standards, regulations, and laws. Assessments include actions that have been taken by Microsoft to protect your data, and they're completed when you take action to implement the controls included in the assessment. Assessment Templates – these templates track compliance with over 300 industry and government regulations around the world. Compliance Score - Compliance Manager awards you points for completing improvement actions taken to comply with a regulation, standard, or policy, and combines those points into an overall compliance score. Each action has a different impact on your score depending on the potential risks involved. Your compliance score can help prioritize which action to focus on to improve your overall compliance posture. You receive an initial score based on the Microsoft 365 data protection baseline. This baseline is a set of controls that includes key regulations and standards for data protection and general data governance. Controls – the various requirements in your tenant that must be met to meet a part of an assessment Control Family – a grouping of Controls Microsoft Actions – These are actions that Microsoft has performed inside of your tenant to help it meet a specific assessment. Progress – each assessment has a progress chart to help you visualize the progress you are making to meet the requirements of the assessment Your Improvement Actions – These are actions that you and your organization must perform to meet a specific assessment. Notes It is highly recommended that you run your own General Data Protection Regulation (GDPR) assessment to see the following information in your own Tenant. Pre-requisites It is highly recommended that you run your own General Data Protection Regulation (GDPR) assessment to see the following information in your own Tenant. What is General Data Protection Regulation (GDPR)? Here is the definition listed in Microsoft Purview Compliance Manager. “The General Data Protection Regulation (GDPR) is a European Union (EU) regulation that mandates how an organization should handle personal data. GDPR is applicable if your organization sells to, provides services to, or employs citizens of the EU.” You can also find more information at the General Data Protection Regulation (GDPR) official website, listed in the Appendix and Links section below. What is the Compliance Manager General Data Protection Regulation (GDPR) assessment? This is the official Microsoft tool that scans your tenant and compares it to the GDPR. It then provides a report and workflow on how to meet this regulation. Narrowing General Data Protection Regulation (GDPR) to applicable Purview tools We narrow the scope of All General Data Protection Regulation (GDPR) Control Families (5x) the Assessment runs to just the Compliance applicable GDPR Control Families (6x). Then we can take those tactical Control Families and leverage the applicable Microsoft Purview tools that, when applied, can help you meet these Control Families. Here is one way to view this All Control Families (5x) -> Compliance applicable Control Families (5x) -> applicable Microsoft Purview tools This graphic shows another way to visualize this. General Data Protection Regulation (GDPR) Assessment details Let us look at the details of the General Data Protection Regulation (GDPR) assessment as they related to Microsoft Compliance Purview solutions and your Compliance Score for your Microsoft tenant. All Control Families (5x) The General Data Protection Regulation (GDPR) assessment will report back on ALL the Control Families that are part of the GDPR. Compliance applicable All Control Families (5x) From a Purview perspective, here are the 5 Control Families that are applicable to General Data Protection Regulation (GDPR) workloads. Relevant Purview Solutions (12x) Now that you know which Control Families are relevant to General Data Protection Regulation (GDPR), here are the Purview solutions that are part will help you meet those regulatory needs. Purview Compliance Score Let us look at a diagram the General Data Protection Regulation (GDPR) assessment’s points that it applies 1) GDPR Controls overall, 2) points that can specifically be addressed by Purview related tools, and 3) then the percentage of the GDPR assessment points covered by implementing the Purview tools. Appendix and Links General Data Protection Regulation (GDPR) – Official Legal Text (gdpr-info.eu) Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Docs Microsoft Purview- Paint By Numbers Series (Part 0) - Overview - Microsoft Tech Community Compliance score calculation - Microsoft Purview (compliance) | Microsoft Learn Working with improvement actions in Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Learn Note: This solution is a sample and may be used with Microsoft Compliance tools for dissemination of reference information only. This solution is not intended or made available for use as a replacement for professional and individualized technical advice from Microsoft or a Microsoft certified partner when it comes to the implementation of a compliance and/or advanced eDiscovery solution and no license or right is granted by Microsoft to use this solution for such purposes. This solution is not designed or intended to be a substitute for professional technical advice from Microsoft or a Microsoft certified partner when it comes to the design or implementation of a compliance and/or advanced eDiscovery solution and should not be used as such. Customer bears the sole risk and responsibility for any use. Microsoft does not warrant that the solution or any materials provided in connection therewith will be sufficient for any business purposes or meet the business requirements of any person or organization.Microsoft Purview - Compliance Score (Part 1) - Overview
Blog Series Part 1 - Microsoft Purview - Compliance Score (Part 1) - Overview Part 2 - Microsoft Purview - Compliance Score (Part 2) - Sample Assessment Scoring Part 3 - Microsoft Purview - Compliance Score (Part 3) - HITRUST Part 4 - Microsoft Purview - Compliance Score (Part 4) - HIPAA / HITECH Part 5 - Microsoft Purview - Compliance Score (Part 5) - GDPR Part 6 - Microsoft Purview - Compliance Score (Part 6) - CCPA Part 7 - Microsoft Purview - Compliance Score (Part 7) - Data Protection Baseline Part 8 - Microsoft Purview - Compliance Score (Part 😎 - ARMA GARP Part 9 - Microsoft Purview - Compliance Score (Part 9) - NIST Privacy Framework Part 10 - Microsoft Purview - Compliance Score (Part 10) - ISO 15489 Disclaimer This document is not meant to replace any official documentation, including those found at docs.microsoft.com. Those documents are continually updated and maintained by Microsoft Corporation. If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed. Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix. All of the following steps should be done with test data, and where possible, testing should be performed in a test environment. Testing should never be performed against production data. Target Audience This blog series is aimed at Security and Compliance officers who need to understand how the Microsoft Purview Compliance Manager assessments can help them meet their regulatory and certification needs. Document Scope This document will be covering: the goal of this blog series discussing Compliance Manager assessment at a high level and how to leverage them to meet a business need such as HIPAA, GDPR, CCPA, NIST, etc Out-of-Scope This document does not cover any other aspect of Microsoft E5 Purview, including: Compliance Manager (configuration) Data Classification Information Protection Data Protection Loss (DLP) for Exchange, OneDrive, Devices Data Lifecycle Management (retention and disposal) Records Management (retention and disposal) eDiscovery Insider Risk Management (IRM) Priva Advanced Audit Microsoft Cloud App Security (MCAS) Information Barriers Communications Compliance Licensing For details on licensing (ie. which components and functions of Purview are in E3 vs E5) you will need to contact your Microsoft Security Specialist, Account Manager, or certified partner. We will not be walking through the HITRUST assessment step-by-step. For more information on running an assessment in Compliance Manager, you should reference the corresponding documentation listed in the Appendix and Links section below. You can also find a blog series covering how to do this and how to run other Purview functions at the following link: Microsoft Purview- Paint By Numbers Series (Part 0) - Overview - Microsoft Tech Community Overview of Document We will be walking through: the goal of this blog series Compliance Manager and What it does Compliance Score Compliance Manager – finding applicable Microsoft Solutions Use Case Using Compliance Manager assessments to meeting government regulations or industry certifications. Definitions Actions– the things that need to be done to mark a Control as completed and Assessments – these help you implement data protection controls specified by compliance, security, privacy, and data protection standards, regulations, and laws. Assessments include actions that have been taken by Microsoft to protect your data, and they're completed when you take action to implement the controls included in the assessment. Assessment Templates – these templates track compliance with over 300 industry and government regulations around the world. Compliance Score - Compliance Manager awards you points for completing improvement actions taken to comply with a regulation, standard, or policy, and combines those points into an overall compliance score. Each action has a different impact on your score depending on the potential risks involved. Your compliance score can help prioritize which action to focus on to improve your overall compliance posture. You receive an initial score based on the Microsoft 365 data protection baseline. This baseline is a set of controls that includes key regulations and standards for data protection and general data governance. Controls – the various requirements in your tenant that must be met to meet a part of an assessment Control Family – a grouping of Controls Microsoft Actions – These are actions that Microsoft has performed in side of your tenant to help it meet a specific assessment. Progress – each assessment has a progress chart to help you visualize the progress you are making to meet the requirements of the assessment Your Improvement Actions – These are actions that you and your organization must perform to meet a specific assessment. Regulations – the regulations or standards pertaining to the action (Microsoft) Solutions – the solution where you can go to perform the action Action Types – indicates whether the improvement action is technical, meaning it can be implemented within a solution or product, or non-technical, which would be implemented outside of a technical solution Group - the group to which you assigned the action Categories – the related data protection category (such as, protect information, manage devices, etc.) Notes None Pre-requisites You should have a basic understanding of Compliance Manager and how it works. You can find this information in the blog named “Paint By Numbers” and the official Microsoft documentation found at docs.microsoft.com. You an find links to these in the section below labeled Appendix and Links. Overview of this blog series This blog will review specific Microsoft Compliance Manager Assessments and how they relate to Microsoft Purview solutions. Here is a list of the specific assessments: HITRUST for Microsoft 365 HIPAA/HITECH for Microsoft 365 GDPR for Microsoft 365 California Consumer Privacy Act (CCPA) for Microsoft 365 Data Protection Baseline for Microsoft 365 This is not meant to be an exhaustive list as there are 700+ assessments in Compliance Manager as of the writing of this blog. Overview of Compliance Manager and What it does Here is the official answer as listed in docs.microsoft.com “Microsoft Purview Compliance Manager is a feature in the Microsoft Purview compliance portal that helps you manage your organization’s compliance requirements with greater ease and convenience. Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors.” Compliance Manager – What does it scan and track? Each assessment in Microsoft Purview Compliance Manager tracks all the regulatory/certification requirements relative to your Microsoft 365/Office 365 environment. Here is a visualization on how this scanning and tracking works. Compliance Score Here is the official definition as found in docs.microsoft.com. The URL can be found in t Appendix and Links section below. “Compliance Manager awards you points for completing improvement actions taken to comply with a regulation, standard, or policy, and combines those points into an overall compliance score. Each action has a different impact on your score depending on the potential risks involved. Your compliance score can help prioritize which action to focus on to improve your overall compliance posture. Compliance Manager gives you an initial score based on the Microsoft 365 data protection baseline. This baseline is a set of controls that includes key regulations and standards for data protection and general data governance.” Compliance Manager – Finding Applicable Microsoft Solutions Built into Compliance Manager is a way to review which Microsoft Solutions will be applicable to each certification/regulation along with the Compliance Score that each of these solutions will bring to your organization. Go to Compliance Manager -> Solutions Here you will see all the Microsoft solutions that are applicable to the assessments you have run. On the right hands side, click Filters You can filter these solutions based on various criteria: Regulations – the regulations or standards pertaining to the action (Microsoft) Solutions – the solution where you can go to perform the action Action Types – indicates whether the improvement action is technical, meaning it can be implemented within a solution or product, or non-technical, which would be implemented outside of a technical solution Group - the group to which you assigned the action Categories – the related data protection category (such as, protect information, manage devices, etc.) You can filter any of these criteria, but we will choose Regulation -> Data Protection Baseline for purposes in this blog. This will narrow ALL Microsoft Solutions down to just the ones relevant to a particular Assessment/Regulation/Certification. You can narrow this further by Categories. Here I will select the categories relevant to Purview/Compliance workloads: Discover and Respond, Govern information, Manage compliance, Privacy Management, and Protect information. For now, we will not run any other filters inside the Compliance Manager -> Solutions section. Returning to the Solutions page, we will now look at the two columns relevant to your Compliance Score: Current score contribution and Potential score remaining. These will allow you to know which Microsoft Solutions will provide the most value to meeting your regulation/certification needs. We are now done with looking at the Compliance Manager – Solutions page. Microsoft Managed Scoring Compliance Manager keeps track of both 1) the organizations responsibilities (ie. Your organization) and 2) Microsoft’s responsibilities, as they pertain each assessment, and then maps a score to those responsibilities. Here is an example of where you would find both of these scores in a Compliance Manager assessment that I have already run. I have gone to Compliance Manager -> Assessment -> HITRUST Then go to Progress tab on the right side to find the Your points achieved score and Microsoft managed points achieved score. Thank Yous Before finishing this overview, I want to thank the members of the Microsoft Health Life Sciences Purview Technical Specialist team (HLS Purview TS) team for their assistance in creating, researching and developing this blog series. This includes, but is not limited to: Erfan Setork, Ken Sicinski, and Chad Lightfoot. Appendix and Links Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Docs Working with improvement actions in Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Docs Build and manage assessments in Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Docs About the Microsoft Purview Compliance Manager premium assessment trial - Microsoft Purview (compliance) | Microsoft Docs Microsoft Purview Compliance Manager alerts and alert policies - Microsoft Purview (compliance) | Microsoft Docs Get started with Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Docs Compliance score calculation - Microsoft Purview (compliance) | Microsoft Learn Working with improvement actions in Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Learn Microsoft Purview- Paint By Numbers Series (Part 0) - Overview - Microsoft Tech Community Note: This solution is a sample and may be used with Microsoft Compliance tools for dissemination of reference information only. This solution is not intended or made available for use as a replacement for professional and individualized technical advice from Microsoft or a Microsoft certified partner when it comes to the implementation of a compliance and/or advanced eDiscovery solution and no license or right is granted by Microsoft to use this solution for such purposes. This solution is not designed or intended to be a substitute for professional technical advice from Microsoft or a Microsoft certified partner when it comes to the design or implementation of a compliance and/or advanced eDiscovery solution and should not be used as such. Customer bears the sole risk and responsibility for any use. Microsoft does not warrant that the solution or any materials provided in connection therewith will be sufficient for any business purposes or meet the business requirements of any person or organization.¡Prepárate para la certificación GitHub Foundations!
¡Descubre como puedes obtener un voucher gratuito para esta certificación! GitHub y Microsoft acaban de anunciar una nueva iniciativa para ayudarte a impulsar tu carrera en tecnología mediante el lanzamiento de la serie de charlas y talleres en vivo ‘GitHub Foundations” para ayudarte a prepárate para esta certificación. Desde el 26 de marzo hasta el 16 de abril, comienza y crece tu carrera en tecnología al comprender los temas básicos y fundamentales en GitHub. Aprenderás a como colaborar en un proyecto y con equipos para aumentar tu conocimiento mediante el uso de diferentes herramientas como GitHub Copilot, GitHub Codespaces y más. ¡Comienza a trabajar en proyectos reales utilizando diversas herramientas de GitHub y mucho más!Microsoft Purview - Compliance Score (Part 4) - HIPAA / HITECH
Before we start, please not that if you want to see a table of contents for all the sections of this blog and their various Purview topics, you can locate the in the following link: Microsoft Purview - Compliance Score (Part 1) - Overview Disclaimer This document is not meant to replace any official documentation, including those found at docs.microsoft.com. Those documents are continually updated and maintained by Microsoft Corporation. If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed. Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix. All of the following steps should be done with test data, and where possible, testing should be performed in a test environment. Testing should never be performed against production data. Target Audience This blog series is aimed at Security and Compliance officers who need to understand how the Microsoft Purview Compliance Manager assessments can help them meet their regulatory and certification needs. Document Scope This document will only be discussing the assessment specific to Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) and which Purview components are needed to meet those requirements in the assessment and its associated regulations. Out-of-Scope This document does not cover any other aspect of Microsoft E5 Purview, including: Compliance Manager (configuration) Data Classification Information Protection Data Protection Loss (DLP) for Exchange, OneDrive, Devices Data Lifecycle Management (retention and disposal) Records Management (retention and disposal) eDiscovery Insider Risk Management (IRM) Priva Advanced Audit Microsoft Cloud App Security (MCAS) Information Barriers Communications Compliance Licensing For details on licensing (ie. which components and functions of Purview are in E3 vs E5) you will need to contact your Microsoft Security Specialist, Account Manager, or certified partner. We will not be walking through the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) assessment step-by-step. For more information on running an assessment in Compliance Manager, you should reference the corresponding documentation listed in the Appendix and Links section below. Overview of Document We will be walking through how the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) assessment can be leveraged to meet HIPAA / HITECH regulations and provide quantifiable results for meeting those regulations. What are the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)? What is the Compliance Manager Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) assessment? Process of taking assessment information and score and narrowing to Purview related solutions HIPAA / HITECH assessment details (Control Family, Purview relevant solutions breakdown and Purview Compliance Score) Use Case Looking at a Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) assessment at a high level Definitions Actions– the things that need to be done to mark a Control as completed and Assessments – these help you implement data protection controls specified by compliance, security, privacy, and data protection standards, regulations, and laws. Assessments include actions that have been taken by Microsoft to protect your data, and they're completed when you take action to implement the controls included in the assessment. Assessment Templates – these templates track compliance with over 300 industry and government regulations around the world. Compliance Score - Compliance Manager awards you points for completing improvement actions taken to comply with a regulation, standard, or policy, and combines those points into an overall compliance score. Each action has a different impact on your score depending on the potential risks involved. Your compliance score can help prioritize which action to focus on to improve your overall compliance posture. You receive an initial score based on the Microsoft 365 data protection baseline. This baseline is a set of controls that includes key regulations and standards for data protection and general data governance. Controls – the various requirements in your tenant that must be met to meet a part of an assessment Control Family – a grouping of Controls Microsoft Actions – These are actions that Microsoft has performed inside of your tenant to help it meet a specific assessment. Progress – each assessment has a progress chart to help you visualize the progress you are making to meet the requirements of the assessment Your Improvement Actions – These are actions that you and your organization must perform to meet a specific assessment. Notes It is highly recommended that you run your own Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) assessment to see the following information in your own Tenant. Pre-requisites It is highly recommended that you run your own Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) assessment to see the following information in your own Tenant. What are HIPAA / HITECH? Here is the definition listed in Microsoft Purview Compliance Manager. “The Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH) mandate a set of federal requirements for protecting electronic Protected Health Information (ePHI) for U.S. healthcare institutions." You can also find more information at the HIPAA / HITECH official website, listed in the Appendix and Links section below. What is the Compliance Manager HIPAA / HITECH assessment? This is the official Microsoft tool that scans your tenant and compares it to the HIPAA / HITECH It then provides a report and workflow on how to meet these acts. Narrowing HIPAA / HITECH to applicable Purview tools We narrow the scope of from All HIPAA / HITECH Control Families (9x) the Assessment runs to just the Compliance applicable HIPAA / HITECH Control Families (5x). Then we can take those tactical Control Families and leverage the applicable Microsoft Purview tools that, when applied, can help you meet these Control Families. Here is one way to view this All Control Families (9x) -> Compliance applicable Control Families (5x) -> applicable Microsoft Purview tools This graphic shows another way to visualize this. HIPAA / HITECH Assessment details Let us look at the details of the HIPAA / HITECH assessment as they related to Microsoft Compliance Purview solutions and your Compliance Score for your Microsoft tenant. All Control Families (9x) The HIPAA / HITECH assessment will report back on ALL the Control Families that are part of the HIPAA / HITECH regulations. Compliance applicable All Control Families (5x) From a Purview perspective, here are the 5 Control Families that are applicable to HIPAA / HITECH workloads. Relevant Purview Solutions (10x) Now that you know which Control Families are relevant to HIPAA / HITECH, here are the Purview solutions that are part will help you meet those regulatory needs. Purview Compliance Score Let us look at a diagram the HIPAA / HITECH assessment’s points that it applies 1) HIPAA / HITECH Controls overall, 2) points that can specifically be addressed by Purview related tools, and 3) then the percentage of the HIPAA / HITECH assessment points covered by implementing the Purview tools. Appendix and Links HIPAA for Professionals | HHS.gov HITECH Act Enforcement Interim Final Rule | HHS.gov Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Docs Microsoft Purview- Paint By Numbers Series (Part 0) - Overview - Microsoft Tech Community Compliance score calculation - Microsoft Purview (compliance) | Microsoft Learn Working with improvement actions in Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Learn Note: This solution is a sample and may be used with Microsoft Compliance tools for dissemination of reference information only. This solution is not intended or made available for use as a replacement for professional and individualized technical advice from Microsoft or a Microsoft certified partner when it comes to the implementation of a compliance and/or advanced eDiscovery solution and no license or right is granted by Microsoft to use this solution for such purposes. This solution is not designed or intended to be a substitute for professional technical advice from Microsoft or a Microsoft certified partner when it comes to the design or implementation of a compliance and/or advanced eDiscovery solution and should not be used as such. Customer bears the sole risk and responsibility for any use. Microsoft does not warrant that the solution or any materials provided in connection therewith will be sufficient for any business purposes or meet the business requirements of any person or organization.Microsoft Purview - Compliance Score (Part 7) - Data Protection Baseline
Before we start, please not that if you want to see a table of contents for all the sections of this blog and their various Purview topics, you can locate the in the following link: Microsoft Purview - Compliance Score (Part 1) - Overview Disclaimer This document is not meant to replace any official documentation, including those found at docs.microsoft.com. Those documents are continually updated and maintained by Microsoft Corporation. If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed. Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix. All of the following steps should be done with test data, and where possible, testing should be performed in a test environment. Testing should never be performed against production data. Target Audience This blog series is aimed at Security and Compliance officers who need to understand how the Microsoft Purview Compliance Manager assessments can help them meet their regulatory and certification needs. Document Scope This document will only be discussing the assessment specific to the Microsoft Data Protection Baseline and which Purview components are needed to meet those requirements in the assessment and its associated certifications and regulations. Out-of-Scope This document does not cover any other aspect of Microsoft E5 Purview, including: Compliance Manager (configuration) Data Classification Information Protection Data Protection Loss (DLP) for Exchange, OneDrive, Devices Data Lifecycle Management (retention and disposal) Records Management (retention and disposal) eDiscovery Insider Risk Management (IRM) Priva Advanced Audit Microsoft Cloud App Security (MCAS) Information Barriers Communications Compliance Licensing For details on licensing (ie. which components and functions of Purview are in E3 vs E5) you will need to contact your Microsoft Security Specialist, Account Manager, or certified partner. We will not be walking through the Microsoft Data Protection Baseline assessment step-by-step. For more information on running an assessment in Compliance Manager, you should reference the corresponding documentation listed in the Appendix and Links section below. Overview of Document We will be walking through how the Microsoft Data Protection Baseline assessment can be leveraged to meet the multiple certification and regulatory needs and provide quantifiable results for meeting those certification and regulatory needs. What is the Microsoft Data Protection Baseline? What is the Compliance Manager Microsoft Data Protection Baseline assessment? Process of taking assessment information and score and narrowing to Purview related solutions Microsoft Data Protection Baseline assessment details (Control Family, Purview relevant solutions breakdown and Purview Compliance Score Use Case Looking at the Microsoft Data Protection Baseline assessment at a high level. Definitions Actions– the things that need to be done to mark a Control as completed and Assessments – these help you implement data protection controls specified by compliance, security, privacy, and data protection standards, regulations, and laws. Assessments include actions that have been taken by Microsoft to protect your data, and they're completed when you take action to implement the controls included in the assessment. Assessment Templates – these templates track compliance with over 300 industry and government regulations around the world. Compliance Score - Compliance Manager awards you points for completing improvement actions taken to comply with a regulation, standard, or policy, and combines those points into an overall compliance score. Each action has a different impact on your score depending on the potential risks involved. Your compliance score can help prioritize which action to focus on to improve your overall compliance posture. You receive an initial score based on the Microsoft 365 data protection baseline. This baseline is a set of controls that includes key regulations and standards for data protection and general data governance. Controls – the various requirements in your tenant that must be met to meet a part of an assessment Control Family – a grouping of Controls Microsoft Actions – These are actions that Microsoft has performed inside of your tenant to help it meet a specific assessment. Progress – each assessment has a progress chart to help you visualize the progress you are making to meet the requirements of the assessment Your Improvement Actions – These are actions that you and your organization must perform to meet a specific assessment. Notes It is highly recommended that you run your own Microsoft Data Protection Baseline assessment to see the following information in your own Tenant. Pre-requisites It is highly recommended that you run your own Microsoft Data Protection Baseline assessment to see the following information in your own Tenant. What is the Data Protection Baseline assessment? Here is the definition listed in Microsoft Purview Compliance Manager. “The Microsoft 365 data protection baseline is a set of controls that includes common industry regulations and standards. This baseline draws elements primarily from NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) and ISO (International Organization for Standardization), as well as from FedRAMP (Federal Risk and Authorization Management Program) and GDPR (General Data Protection Regulation of the European Union).” You can also find more information at the Microsoft Data Protection Baseline official website, listed in the Appendix and Links section below. What is the Compliance Manager Microsoft Data Protection Baseline assessment? This is the official Microsoft tool that scans your tenant and compares it to the Microsoft Data Protection Baseline. It then provides a report and workflow. Narrowing Microsoft Data Protection Baseline to applicable Purview tools We narrow the scope of from All Microsoft Data Protection Baseline Control Families (21x) the Assessment runs to just the Compliance applicable Microsoft Data Protection Baseline Control Families (9x). Then we can take those tactical Control Families and leverage the applicable Microsoft Purview tools that, when applied, can help you meet these Control Families. Here is one way to view this All Control Families (21x) -> Compliance applicable Control Families (9x) -> applicable Microsoft Purview tools This graphic shows another way to visualize this. Microsoft Data Protection Baseline Assessment details Let us look at the details of the Microsoft Data Protection Baseline assessment as they related to Microsoft Compliance Purview solutions and your Compliance Score for your Microsoft tenant. All Control Families (21x) The Baseline assessment will report back on ALL the Control Families that are part of the Microsoft Data Protection Baseline assessment. Compliance applicable All Control Families (9x) From a Purview perspective, here are the 9 Control Families that are applicable to Microsoft Data Protection Baseline workloads. Relevant Purview Solutions (11x) Now that you know which Control Families are relevant to Microsoft Data Protection Baseline, here are the Purview solutions that are part will help you meet those baseline needs. Purview Compliance Score Let us look at a diagram the Microsoft Data Protection Baseline assessment’s points that it applies 1) Baseline Controls overall, 2) points that can specifically be addressed by Purview related tools, and 3) then the percentage of the Baseline assessment points covered by implementing the Purview tools. Appendix and Links Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Learn Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Docs Microsoft Purview- Paint By Numbers Series (Part 0) - Overview - Microsoft Tech Community Compliance score calculation - Microsoft Purview (compliance) | Microsoft Learn Working with improvement actions in Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Learn Note: This solution is a sample and may be used with Microsoft Compliance tools for dissemination of reference information only. This solution is not intended or made available for use as a replacement for professional and individualized technical advice from Microsoft or a Microsoft certified partner when it comes to the implementation of a compliance and/or advanced eDiscovery solution and no license or right is granted by Microsoft to use this solution for such purposes. This solution is not designed or intended to be a substitute for professional technical advice from Microsoft or a Microsoft certified partner when it comes to the design or implementation of a compliance and/or advanced eDiscovery solution and should not be used as such. Customer bears the sole risk and responsibility for any use. Microsoft does not warrant that the solution or any materials provided in connection therewith will be sufficient for any business purposes or meet the business requirements of any person or organization.Discover the Partner Skilling Playbook
A go-to enablement guide for Microsoft partners AI and Cloud capabilities are enabling new opportunities and helping organizations of all sizes achieve their goals. In today's rapidly evolving landscape, embracing and harnessing this potential is a must if businesses want to thrive. Discover a range of enablement opportunities to help you stay up-to-date on technical knowledge and deepen your understanding of how technology can help your organization evolve and transform. Download the Playbook below and benefit from enablement opportunities!Microsoft Purview - Compliance Score (Part 3) - HITRUST
Before we start, please not that if you want to see a table of contents for all the sections of this blog and their various Purview topics, you can locate the in the following link: Microsoft Purview - Compliance Score (Part 1) - Overview Disclaimer This document is not meant to replace any official documentation, including those found at docs.microsoft.com. Those documents are continually updated and maintained by Microsoft Corporation. If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in docs.microsoft.com, you should always defer to that official documentation and contact your Microsoft Account team as needed. Links to the docs.microsoft.com data will be referenced both in the document steps as well as in the appendix. All of the following steps should be done with test data, and where possible, testing should be performed in a test environment. Testing should never be performed against production data. Target Audience This blog series is aimed at Security and Compliance officers who need to understand how the Microsoft Purview Compliance Manager assessments can help them meet their regulatory and certification needs. Document Scope This document will only be discussing the assessment specific to HITRUST and which Purview components are needed to meet those requirements in the assessment and its associated certification. Out-of-Scope This document does not cover any other aspect of Microsoft E5 Purview, including: Compliance Manager (configuration) Data Classification Information Protection Data Protection Loss (DLP) for Exchange, OneDrive, Devices Data Lifecycle Management (retention and disposal) Records Management (retention and disposal) eDiscovery Insider Risk Management (IRM) Priva Advanced Audit Microsoft Cloud App Security (MCAS) Information Barriers Communications Compliance Licensing For details on licensing (ie. which components and functions of Purview are in E3 vs E5) you will need to contact your Microsoft Security Specialist, Account Manager, or certified partner. We will not be walking through the HITRUST assessment step-by-step. For more information on running an assessment in Compliance Manager, you should reference the corresponding documentation listed in the Appendix and Links section below. Overview of Document We will be walking through how the HITRUST assessment can be leveraged to meet HITRUST certification and provide quantifiable results for meeting that certification. What is HITRUST Certification? What is the Compliance Manager HITRUST assessment? Process of taking assessment information and score and narrowing to Purview related solutions HITRUST assessment details (Control Family, Purview relevant olutions breakdown and Purview Compliance Score) Use Case Looking at a HITRUST assessment at a high level Definitions Actions– the things that need to be done to mark a Control as completed and Assessments – these help you implement data protection controls specified by compliance, security, privacy, and data protection standards, regulations, and laws. Assessments include actions that have been taken by Microsoft to protect your data, and they're completed when you take action to implement the controls included in the assessment. Assessment Templates – these templates track compliance with over 300 industry and government regulations around the world. Compliance Score - Compliance Manager awards you points for completing improvement actions taken to comply with a regulation, standard, or policy, and combines those points into an overall compliance score. Each action has a different impact on your score depending on the potential risks involved. Your compliance score can help prioritize which action to focus on to improve your overall compliance posture. You receive an initial score based on the Microsoft 365 data protection baseline. This baseline is a set of controls that includes key regulations and standards for data protection and general data governance. Controls – the various requirements in your tenant that must be met to meet a part of an assessment Control Family – a grouping of Controls Microsoft Actions – These are actions that Microsoft has performed in side of your tenant to help it meet a specific assessment. Progress – each assessment has a progress chart to help you visualize the progress you are making to meet the requirements of the assessment Your Improvement Actions – These are actions that you and your organization must perform to meet a specific assessment. Notes It is highly recommended that you run your own HITRUST assessment to see the following information in your own Tenant. Pre-requisites It is highly recommended that you run your own HITRUST assessment to see the following information in your own Tenant. What is HITRUST certification? Here is the definition listed in Microsoft Purview Compliance Manager. “The HITRUST CSF is a single harmonized framework based on recognized security, privacy and compliance standards, regulations and leading practices. Established in collaboration with private sector, government, technology and information privacy and security leaders, the HITRUST CSF can be used by any organization that creates, accesses, stores, or exchanges sensitive information. This template reflects the update from V9.6.” You can also find more information at the HITRUST official website, listed in the Appendix and Links section below. What is the Compliance Manager HITRUST assessment? This is the official Microsoft tool that scans your tenant and compares it to the HITRUST CSF. It then provides a report and workflow on how to meet this certification. Narrowing HITRUST to applicable Purview tools We narrow the scope of from All HITRUST Control Families (21x) the Assessment runs to just the Compliance applicable HITRUST Control Families (6x). Then we can take those tactical Control Families and leverage the applicable Microsoft Purview tools that, when applied, can help you meet these Control Families. Here is one way to view this All Control Families (21x) -> Compliance applicable Control Families (6x) -> applicable Microsoft Purview tools This graphic shows another way to visualize this. HITRUST Assessment details Let us look at the details of the HITRUST assessment as they related to Microsoft Compliance Purview solutions and your Compliance Score for your Microsoft tenant. All Control Families (21x) The HITRUST assessment will report back on ALL the Control Families that are part of the HITRUST certification. Compliance applicable All Control Families (6x) From a Purview perspective, here are the 6 Control Families that are applicable to HITRUST certification workloads. Relevant Purview Solutions (12x) Now that you know which Control Families are relevant to HITRUST certification, here are the Purview solutions that are part will help you meet those certification needs. Purview Compliance Score Let us look at a diagram the HITRUST assessment’s points that it applies 1) HITRUST Controls over all, 2) points that can specifically be addressed by Purview related tools, and 3) then the percentage of the HITRUST assessment points covered by implementing the Purview tools. Appendix and Links HITRUST Alliance | HITRUST CSF | Information Risk Management Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Docs Microsoft Purview- Paint By Numbers Series (Part 0) - Overview - Microsoft Tech Community Compliance score calculation - Microsoft Purview (compliance) | Microsoft Learn Working with improvement actions in Microsoft Purview Compliance Manager - Microsoft Purview (compliance) | Microsoft Learn
