{"id":11711,"date":"2022-10-12T07:51:03","date_gmt":"2022-10-12T14:51:03","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/?p=11711"},"modified":"2022-10-12T07:01:28","modified_gmt":"2022-10-12T14:01:28","slug":"app-compliance-automation-tool-for-microsoft-365-launching-in-public-preview","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/app-compliance-automation-tool-for-microsoft-365-launching-in-public-preview\/","title":{"rendered":"App Compliance Automation Tool for Microsoft 365 launching in public preview"},"content":{"rendered":"

Enterprise governance, risk and compliance teams, and IT Admins want to ensure that applications deployed in their organization\u2019s Microsoft 365 tenant are secure and compliant. And that they meet the leading industry compliance standards (e.g., SOC2, ISO, GDPR etc.). To provide visibility into an application\u2019s security and compliance posture and to increase our customers\u2019 trust in these applications, Microsoft launched the Microsoft 365 App Compliance program. As a part of this program, developers provide information about the security, data handling and compliance attributes of their application which are most important to enterprise customers. This information is then audited against a set of controls derived from leading industry standard frameworks to award the Microsoft 365 certification. This certification gives customers assurance that apps that have received the certification have strong security and compliance practices in place to protect their data, security, and privacy.<\/p>\n

Achieving the Microsoft 365 certification involves collecting the required evidence for application, operational and data security controls. This takes a significant amount of time for you, the app developer. To simplify this process, Microsoft is now launching the App Compliance Automation Tool (ACAT) for Microsoft 365 in public preview. ACAT automates ~37% of the Microsoft 365 certification controls, decreasing the time to achieve the Microsoft 365 certification.<\/p>\n

What is App Compliance Automation Tool for Microsoft 365?<\/h2>\n

ACAT is an application-centric compliance automation tool that is deployed as a service in the Azure portal, allowing you to define the compliance boundary for your applications. ACAT enables you to get automated compliance reports and alerts to continuously monitor your application and remediate any compliance failures. And you can download and share these detailed compliance reports with your customers. IT Admins can also leverage these reports to ensure that the application has met the right level of compliance controls before deploying apps into an organization\u2019s Microsoft 365 tenant.<\/p>\n

 <\/p>\n