Texas A&M UniversityWork In Progress
Infrastructure & Devices
Endpoint ManagementCloud & Compute
Productivity & Collaboration
Microsoft 365Google Workspace
Security & Identity
IdentityCloud SecurityData Protection
Networking & Telecom
Core NetworkingTelecommunications
Development
Developer Tools
Arts & SciencesBush SchoolBusiness SupportCollege of ArchitectureCollege of EducationCollege of EngineeringExecutive SupportFacilitiesGalvestonHealthLawMays Business SchoolPerformance, Visualization & Fine ArtsStudent AffairsTransportationUniversity LibrariesVeterinary Medicine

Microsoft Purview Compliance Manager helps you assess, track, and improve your Microsoft 365 compliance posture.

purviewcompliance-managerassessmentregulatorygovernance

Compliance Manager

Microsoft Purview Compliance Manager is your compliance command center—providing a risk-based compliance score, pre-built regulatory assessments, and actionable improvement recommendations. Track your organization's progress toward meeting regulatory requirements like FERPA, HIPAA, and NIST.

What is Compliance Manager?

Compliance Manager provides:

FeatureWhat It Does
Compliance ScoreOverall measure of your compliance posture (0-100%)
AssessmentsPre-built templates for regulations and standards
Improvement ActionsSpecific steps to improve compliance
Evidence ManagementStore documentation for audit readiness

Compliance Score

Your score represents progress toward compliance goals:

ComponentImpact
Microsoft-managed controlsActions Microsoft takes (infrastructure security)
Customer-managed controlsActions you take (policies, configurations)
Improvement actionsCompleting actions increases score
Failed assessmentsReduce score until remediated
Score Context

The compliance score is a relative measure of your configuration against Microsoft's recommendations. It doesn't guarantee regulatory compliance—that requires legal and compliance review.

Assessment Templates

RegulationRelevance
FERPAStudent educational records protection
HIPAAHealth information (campus health services)
NIST 800-171Controlled unclassified information (CUI)
NIST CSFGeneral cybersecurity framework
CMMCDefense contractor requirements
GDPREU data protection (international students/staff)
Microsoft 365 BaselineGeneral security best practices

Key Capabilities

Dashboard

At-a-glance view of:

  • Overall compliance score
  • Top improvement actions
  • Assessment progress by regulation
  • Trend over time

Improvement Actions

Each action includes:

  • Description and business value
  • Implementation guidance
  • Points value toward score
  • Testing status

Evidence Management

Upload documentation proving control implementation:

  • Policy documents
  • Configuration screenshots
  • Audit reports
  • Training records

Assessment Reports

Export assessments for:

  • Audit preparation
  • Leadership reporting
  • Third-party verification

Getting Started

StepAction
1Review Microsoft 365 baseline assessment
2Add assessments for applicable regulations
3Assign improvement actions to owners
4Implement actions and mark complete
5Upload evidence for completed actions
6Review and retest periodically
ResourceDescription
Purview Compliance ManagerAssessment dashboard
Compliance Manager OverviewMicrosoft documentation
Implementation GuideEnterprise deployment guide