Posted by: kurtsh | October 31, 2008

RELEASE: IT Compliance Management Guide is now available!


Address your GRC needs by leveraging
your existing Microsoft investment!

This Solution Accelerator can save you time and money by shifting your governance, risk, and compliance (GRC) efforts from people to technology. Use its configuration guidance to help efficiently address your organization’s GRC objectives with Microsoft technology you may already own.

This Accelerator helps you better understand how an IT process framework can help you implement GRC controls in your Microsoft infrastructure.

The IT Compliance Management Guide includes a Microsoft® Operations Framework (MOF) 4.0 companion guide that is based on the Regulatory Compliance Planning Guide.

The IT Compliance Management Resources workbook saves you time by bringing together the information you need. It provides an extensive inventory of GRC-related configuration tasks and guidance organized by Microsoft product name.



clip_image001[8]Manage IT compliance with Microsoft Operations Framework (MOF) 4.0

The IT Compliance Management Guide helps you address GRC requirements and organization-wide governance initiatives by using an approach based on MOF 4.0. MOF is a free IT service life cycle process model that addresses the control objectives of GRC authority documents and frameworks such as COBIT and ISO 27002.

MOF provides a process model to help you manage change and configuration throughout the IT service life cycle.


clip_image001[10]Configure Microsoft products to address GRC requirements

Numerous resources are available to help address GRC requirements for Microsoft products and solutions.

The IT Compliance Management Guide ships with the IT Compliance Management Resources workbook, which provides job aids to locate these resources and conduct changes to your IT infrastructure.





  • Views compliance obligations through a ‘lens’ of 8 authority documents. The example authority documents include SOX, GLBA, HIPAA, EUDPD, PCI DSS, ISO 27002, COBIT 4.1, and AICPA GAPP.
  • Takes advantage of your current Microsoft investment. Configure Microsoft products in your environment to address GRC objectives.
  • Reviewed by auditing firm Grant Thornton LLP. "The Microsoft Operations Framework (MOF) referenced in the guide is both a reasonable and extensible framework by which an organization may manage GRC requirements and solutions."
  • Reduces complexity. Provides guidance to consolidate and address GRC requirements from multiple authority documents such as regulations, publications, and agreements.
  • Clarifies configuration requirements. Includes a Microsoft Excel® workbook with a detailed inventory list and job aids.
  • Free. The IT Compliance Management Guide is a free download.

Additional Information


%d bloggers like this: