Independent Assessments

Microsoft Supplier Security and Privacy Assurance (SSPA)

Have you been asked by Microsoft to complete an independent assessment of your compliance with their Data Protection Requirements (DPRs)?

A critical part of the Microsoft procurement process is the Supplier Security and Privacy Assurance (SSPA) programme which demonstrates Microsoft’s accountability to GDPR and their control of you, in their supply chain.

If you have been selected to complete an independent assessment, you MUST complete this process before Microsoft will issue future Purchase Orders. We can help.

iCompli’s team of International Association of Privacy Professional (IAPP) certified auditors (CIPP/E) will take your company through the Independent Assessment Requirement, completing all stages and providing the required independent letter of attestation.

If you process payment card data on behalf of Microsoft, our auditors can further assess your compliance with the PCI Data Security Standard (PCI DSS) should your transaction volumes require third-party verification.

Talk to one of our team about our SSPA Audit Services including;

  1. Initial organisation audit and letter of attestation
  2. cost effective annual staff training to comply with Microsoft’s ‘annual staff training’ DPR(3).
  3. Or joining up your Data Protection Officer (DPO) and SSPA requirements in to one, easy to manage annual contract with iCompli

Timescales are usually tight! The request for an independent assessment is often unexpected, but don't worry, we can get you back on track.