Microsoft offers enterprise and consumer cloud services and operates data centers world-wide, and has many statutory and regulatory compliance requirements that it must meet. In order to better manage the requirements of each, Microsoft’s Global Foundation Services security and compliance team has built a compliance framework that is based on ISO/IEC 27002:2005 and extended it to incorporate the compliance requirements, and built an information security management system on ISO/IEC 27001:2005, and which is certified. In this highly interactive session listen to the people responsible for managing compliance and the controls in the framework about how the information security management system and framework was built and operates. Learn how you can take a similar approach in your enterprise, to meet your compliance burden. Bring your questions and get straight answers!