Managing compliance issues imposed by regulations and statutory requirements can be difficult to reconcile with regulations and standards such as PCI DSS, ISO 27002, AICPA GAPP, and COBIT. An additional challenge is the lack of a single source of compliance configuration guidance for Microsoft products.
The Compliance Management Series, a Microsoft Operations Framework (MOF) based expansion of the Regulatory Compliance Planning Guide, provides Standards of Care (SoCs) and checklists to help you configure Microsoft products in ways that address Governance, Risk, and Compliance (GRC) requirements. The Series includes a planning guide with actionable items to help organizations make informed decisions and a delivery guide with how-to information that managers can use to quickly take action. The guidance uses Microsoft Operations Framework (MOF) 4.0 to provide a pivotal mechanism for viewing data in a Plan, Deliver, Operate, and Manage methodology. The Series is designed to reduce the amount of effort that's needed to implement configuration recommendations for deployed Microsoft products.
The Compliance Management Series asks a series of simple and straightforward questions such as “How is compliance measured and managed?” to help your organization achieve a new level of compliance. And the Standards of Care help simplify complex categories such as Asset Management and Compliance Management to help you understand how to configure Microsoft products quickly and effectively. The Series provides information to help your organization comply with the following regulations and standards:
· Sarbanes-Oxley Act (SOX)
· Gramm-Leach-Bliley Act (GLBA)
· Health Insurance Portability and Accountability Act (HIPAA)
· European Union Data Protection Directive (EUDPD)
· Payment Card Industry Data Security Standard (PCI DSS)
· ISO 27002 Code of Practice for Information Security Management
· IT Governance Institute (ITGI) Control Objectives for Information and related Technology (COBIT) 4.1
· AICPA Generally Accepted Privacy Principles (GAPP)
The Compliance Management Series provides checklists of actionable configurations to help IT managers and IT professionals understand what they need to comply with applicable regulations and standards. For IT implementers, the series provides configuration guidance for the following Microsoft products:
· Windows Vista®, Windows Server® 2008
· Active Directory® Domain Services
· Exchange Server 2007
· System Center family of products
· Rights Management Services
· Windows® SharePoint® Services
· Forefront™ suite of products
· SQL Server® 2008
The beta release of the Compliance Management Series is now available and will be open thru September 24, 2008 for your review.
· To participate and learn more about this accelerator, browse to https://connect.microsoft.com/InvitationUse.aspx?ProgramID=2404&InvitationID=cmbt-8XBG-PD28&SiteID=657 and sign up.
· After you join the program, bookmark the following link to return to the program site and get the latest information about upcoming events: https://connect.microsoft.com/site/sitehome.aspx?SiteID=657