The regulatory compliance and business risk landscape is continuously evolving. At Microsoft, we appreciate our customers’ need to understand the Office 365 architecture and compliance with regulations to help them evaluate moving to Office 365. We also know you need to understand how we keep your data secure on the service on an ongoing basis.
Insights from this portal help you evaluate how Office 365 maintains compliance with your regulatory requirements and how you can mitigate the risks with moving to Office 365.
Through the STP you can get direct access to a wide variety of compliance reports and trust resources, including:
- Office 365 SOC 1 / SSAE 16 / ISAE 3402 Independent Audit Reports
- Office 365 SOC 2 / AT 101 Independent Audit Report
- Office 365 ISO 27001 (including 27018 controls) Independent Audit Report
- Various compliance reports, such as Office 365 Information Security Management System (ISMS)
- Various GRC and Trust resources, such as whitepapers, FAQs, security assessment, risk assessment and other reports that will help you perform your own risk assessment
You can access the STP through the URL https://trustportal.office.com
First Thing to do is to choose your Region and Industry your tenant belong to as below
Now you can select the compliance report and trust documents , for your industry and region as below
If you have a comment or question on this post, or need a detailed on boarding guide to STP,email us at O365STPApprovals@microsoft.com
Source: Office Blogs