This world is full of compliance requirements for every industry. We all have some idea that the FDA monitors foods and beverages in some manner and that the DEA regulates our pharmaceuticals and medicine or perhaps that HIPPA protects patient rights. There are a number of others, but a few more to mention would be like, ISO, the International Organization for Standardization, who develop and publish International Standards. Another few technology focused regulators are NIST and CMMC. The Nation Institute of Standards and Technology (NIST) and the Cybersecurity Maturity Model Certification (CMMC) are now being used as benchmarks for regulatory compliance in many critical infrastructure sectors as well as for any and all organizations doing or hoping to do work for the Defense Industrial Base (DIB).
Microsoft has developed a Microsoft 365 Compliance Manager to track, store, and retrieve multiple policies and procedures. Compliance Manager allows organizations to achieve points towards compliance of an assessment (NIST, ISO, CMMC, etc.). This is done by implementing and testing Microsoft created improvement actions that address regulatory controls of an assessment. With Compliance Manager, organizations will have an “auditors-dream” with a timely retrieval process containing areas to attach documentation and notations.