Have you ever wondered how compliant your Microsoft 365 environment is? Well with Microsoft Compliance Score you can now check your environment just like Microsoft Secure Score. This a standalone feature with a simpler, more user-friendly design to help organizations more easily manage compliance.
The following screenshots show the experience you will receive when you launch https://compliance.microsoft.com/compliancescore?viewid=overview. The first time setup can take anything between 5-10 minutes to complete depending on your environment.
Once the first time setup has been completed you will welcomed with the following 4 windows.
Microsoft Compliance Score Dashboard
As you can see from the image below it shows your current score, helps you see what needs attention, and guides you to actions to improve your score. Your Compliance Score dashboard will look like this:
Improvement actions centralize your compliance activities. Each improvement action gives detailed implementation guidance to help you align with data protection regulations and standards. Actions can be assigned to users in your organization to perform implementation and testing work. You can also store documentation, notes, and record status updates within the improvement action.
Solutions list all the Microsoft products which are scored using the Compliance Score dashboard. You are able drill into each solution to understand if any additional configuration is required, as shown beleow.
An assessment is grouping of controls from a specific regulation, standard, or policy. Completing the actions within an assessment help you meet the requirements of a standard, regulation, or law. For example, you may have an assessment that, when you complete all actions within it, brings your Microsoft 365 settings in line with ISO 27001 requirements.
Assessments have several components:
- In-scope services: the specific set of Microsoft services applicable to the assessment
- Microsoft managed controls: controls that Microsoft implements and tests
- Your controls: controls that you manage
- Assessment score: the percentage of the points achieved by completing improvement actions within that assessment
When creating assessments, you’ll assign them to a group. You can configure groups in whatever way is most logical for your organization. For example, you may group assessments by year, compliance standard, service, teams within your organization, or some other way. Once you create groups, you can filter you Compliance Score dashboard to view your score by one or more groups.
As you can see from the screenshot below during the initial first launch, the default Data Protection Baseline assessment will be ran.
This will give you a base understanding of their compliance footprint once it has completed.
The Author – Blogabout.Cloud