Presentation is loading. Please wait.

Presentation is loading. Please wait.

2 3 Global Foundation Services Security Global Delivery Sustainability Infrastructure.

Published byCason Rootes Modified over 10 years ago

Similar presentations

Presentation on theme: "2 3 Global Foundation Services Security Global Delivery Sustainability Infrastructure."— Presentation transcript:

1

2 2

3 3 Global Foundation Services Security Global Delivery Sustainability Infrastructure

4 4

5 5Microsoft Confidential Security Policy – Applies to all of Microsoft – High-level objectives – Aligns to Industry Standards ISO/IEC 27001:2005, NIST SP800-53r3, etc. Security Standards – Apply to Online Services – Low-level, high-detail Baseline Configurations – Technology- and environment-specific Standard Operating Procedures – Business- and property-specific implementations

6 6 Global Foundation Services Security Global Delivery Sustainability Infrastructure

7 7Microsoft Confidential

8 8 Control ID In CCM Description (CCM Version R1.1. Final) Microsoft Response DG-01 Data Governance - Ownership / Stewardship All data shall be designated with stewardship with assigned responsibilities defined, documented and communicated. Microsoft Online Services has implemented a formal policy that requires assets (the definition of asset includes data and hardware) used to provide Microsoft Online Services to be accounted for and have a designated asset owner. Asset owners are responsible for maintaining up-to-date information regarding their assets. Allocation of information security responsibilities and ownership of assets is covered under the ISO 27001 standards, specifically addressed in Annex A, domains 6.1.3 and 7.1.2. For more information review of the publicly available ISO standards we are certified against is suggested. DG-02 Data Governance - Classification Data, and objects containing data, shall be assigned a classification based on data type, jurisdiction of origin, jurisdiction domiciled, context, legal constraints, contractual constraints, value, sensitivity, criticality to the organization and third party obligation for retention and prevention of unauthorized disclosure or misuse. Microsoft Online Services standards provide guidance for classifying assets of several applicable security classification categories, and then implements a standard set of Security and privacy attributes. Information classification is covered under the ISO 27001 standards, specifically addressed in Annex A, domain 7.2. For more information review of the publicly available ISO standards we are certified against is suggested.

9 9Microsoft Confidential

10 10Microsoft Confidential

11 11

Download ppt "2 3 Global Foundation Services Security Global Delivery Sustainability Infrastructure."

Similar presentations

Slide 1 Configuration Management. Slide 2 Goal – Primary Objective To provide a logical model of the IT infrastructure by identifying,controlling, maintaining.

Slide 1 Configuration Management. Slide 2 Goal – Primary Objective To provide a logical model of the IT infrastructure by identifying,controlling, maintaining.
RPKI Certificate Policy Status Update Stephen Kent.

RPKI Certificate Policy Status Update Stephen Kent.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
International Organization

International Organization
Dr Lami Kaya LamiKaya@gmail.com ISO 27001 Information Security Management System (ISMS) Certification Overview Dr Lami Kaya LamiKaya@gmail.com.

Dr Lami Kaya ISO Information Security Management System (ISMS) Certification Overview Dr Lami Kaya
Agenda What is Compliance? Risk and Compliance Management

Agenda What is Compliance? Risk and Compliance Management
Massachusetts Digital Government Summit October 19, 2009 IT Management Frameworks An Overview of ISO 27001:2005.

Massachusetts Digital Government Summit October 19, 2009 IT Management Frameworks An Overview of ISO 27001:2005.
Secure Systems Research Group - FAU Process Standards (and Process Improvement)

Secure Systems Research Group - FAU Process Standards (and Process Improvement)
<<Date>><<SDLC Phase>>

<<Date>><<SDLC Phase>>
Chapter 5: Asset Classification

Chapter 5: Asset Classification
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
Security Controls – What Works

Security Controls – What Works
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Information Systems Security Policies & ISO 17799

Information Systems Security Policies & ISO 17799
Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.
NIST framework vs TENACE Protect Function (Sestriere, 21-23 Gennaio 2015)

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Session 3 – Information Security Policies

Session 3 – Information Security Policies
Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.

Copyright © Center for Systems Security and Information Assurance Lesson Eight Security Management.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Key changes and transition process

Key changes and transition process

Similar presentations

Ads by Google