Microsoft's Cloud Infrastructure Compliance Framework
Microsoft offers enterprise and consumer cloud services and operates data centers worldwide, whilst having to meet many statutory and regulatory compliance requirements. To better manage the requirements of each, Microsoft’s Global Foundation Services security and compliance team has built a compliance framework that is based on ISO/IEC 27002:2005, extended it to incorporate the compliance requirements, and built a certified information security management system on ISO/IEC 27001:2005. In this highly interactive session, the people responsible for managing compliance and the controls in the framework discuss how the information security management system and framework was built and operates. Learn how you can take a similar approach in your enterprise to meet your compliance burden. Bring your questions and get straight answers.