<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1977396509252409&amp;ev=PageView&amp;noscript=1">

SUITE OF SERVICES services menu
Hamburger-menu.png
MobileSearchIcon.png

Microsoft SSPA Assessments

Microsoft’s Supplier Security and Privacy Assurance (SSPA) program requires that vendors that process Microsoft personal and/or confidential information comply with their Data Protection Requirements (DPR) on an annual basis.

TALK WITH A SPECIALIST

Debbie Zaller SOC 2 Specialist

OUR MICROSOFT SSPA SPECIALIST

DEBBIE ZALLER

PRINCIPAL & MICROSOFT SSPA PRACTICE LEADER

The Microsoft SSPA program requires annual self-assessment and for certain vendors, independent assessment of compliance with the DPR.  The DPR includes privacy requirements that relate to notice, collection, choice and consent, retention, and disclosure of personal or confidentiality information.  The DPR requirements also include data subject rights as well as security related requirements to protect the integrity of information, incident response procedures, and business continuity / disaster recovery procedures.

MEET DEBBIE

Brightline Advantage

INDEPENDENT ASSESSMENT

OF THE DPR

Microsoft will select certain vendors to undergo an independent verification of compliance with the DPR.  This assessment against the DPR will examine controls in place as a of point in time to determine compliance with the applicable requirements.  Suppliers will need to provide their completed self-assessment questionnaire that was previously provided to Microsoft.  The examination will result in an attestation report that includes an opinion letter, brief overview of the scope of the environment included in the examination as well as the results of Schellman’s verification of the organization’s design of controls and whether the organization is in compliance with the applicable DPR requirements.
Schellman Process

PROCESS

WHAT TO EXPECT

We begin each project with your end goals in mind and to provide preparation for future key project activities. Effective communication and timely coordination of project planning activities are central to our methodology with our clients.

LEARN MORE ABOUT OUR PROCESS
FEATURED INSIGHTS
 

VIEW MORE SSPA & PRIVACY RESOURCES

TALK WITH ONE OF

OUR SPECIALISTS

Our Schellman teams have experience performing thousands of SOC examinations.
We’re here to answer any questions.

ABOUTCONTACTPRIVACY

        
Gartner Cool Vendor
Consulting Magazine's Best Firms to Work For
Accounting Today's Top 100 Firm

Copyright © 2002 - 2020 Schellman & Company, LLC.  All rights reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited.