Microsoft Security Best Practices module: Governance, risk, and compliance
Governance, Risk, and Compliance (GRC) activities help reduce organizational risk by ensuring policy and best practices are followed consistently over time. This section also addresses key roles and responsibilities we have found important for successfully managing cloud security.
The following videos provide guidance on governance, risk, and compliance. You can also download the PowerPoint slides associated with these videos.
Note
The following videos and slides were created on October 2019.
Part 1: Introduction + Manage Connected Tenants (08:45)
Part 2: Clear Lines of Responsibility (02:46)
Part 3: Segmentation Strategy (02:11)
Part 4: Management Groups (04:15)
Part 5: Root Management Group (03:06)
Part 6: GRC Top Risks (03:31)
Part 7: Security Incident Notification (03:35)
Part 8: Access Reviews (02:15)
Part 9: Security Posture Improvement (03:30)
Part 10: Access for Security Personnel (03:18)
Part 11: Insecure Legacy Protocols (01:53)
Part 12: Compliance (04:29)
Part 13: Benchmarks (01:37)
Part 14: Azure Policy (02:30)
Part 15: Elevated Security Capabilities (03:43)
Part 16: General Guidance (03:01)
Next steps
For additional security guidance from Microsoft, see Microsoft security documentation.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for