Microsoft Azure provides services that can help meet the security, privacy, and compliance needs of Microsoft customers. In addition, Microsoft works with customers to help them understand their responsibilities to protect their data and environment infrastructure after their service has been provisioned. This infrastructure includes applications, data content, virtual machines, access credentials, and compliance issues requirements.
This paper provides insight into how organizations can use thirteen security principles to address critical security and compliance controls, and how these controls can fast track an organization’s ability to meet its compliance obligations using cloud-based services.
The thirteen principles are designed on best practices that are aligned to International Organization for Standardization (ISO) 27001, the Microsoft Security Development Lifecycle (SDL), and operational security for Microsoft online services.
You can download the Microsoft Whitepaper 13 Effective Security Controls for ISO 27001 Compliance here