OIG's Microsoft 365 audit checklist and how to prepare for it
Since its inception, the US Department of Health and Human Services' Office of Inspector General's (OIG) mission has been to fight waste, fraud, and abuse. With the rise of software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS), the OIG has ramped up enforcement to ensure federal agencies and federal contractors that transmit federal Controlled Unclassified Information (CUI) are following policies set by the National Institute of Standards and Technology (NIST). OIG audits are one way the OIG can ensure organizations are complying with those policies.
Over 80 percent of the federal agencies use Microsoft 365, Azure AD, and collaboration products such as SharePoint, Yammer, and Teams to serve their thousands of employees and contractors. It is of paramount importance for them to protect sensitive information that's residing in these platforms to comply with the NIST recommendations. In this e-book, we will discuss how to set up Microsoft 365 to ensure your tenant holds up in an OIG (Office of Inspector General) audit.