Preferred Assessor for Microsoft.
Trusted advisor for our clients.

We know SSPA.

We value our long-standing relationship with Microsoft's SSPA team and we've been recognized for the high-value services provided to Microsoft suppliers. With a deep understanding of Microsoft's SSPA Program and Data Protection Requirements (DPR), we proudly hold our clients’ hands through the Independent Assessment process, and beyond.

Don't speak compliance? We'll translate.

You know your industry. We know ours. Microsoft's SSPA framework and requirements can be confusing. We'll help you understand the true intentions behind the framework and ensure your compliance efforts are well aligned and of business value.

Breathe easy. We've got you.

Navigating the SSPA Aravo portal; updating your supplier profile; understanding your compliance requirements; requesting due date extensions; communicating with SSPA...talk about stress! You need an SSPA partner. We're here for you.

Not in compliance? Not a problem!

We don't expect you to be fully-compliant with Microsoft's DPR at the start of your assessment. Our proven process identifies your compliance gaps and provides specific recommendations for remediation. We hold your hand through remediation to ensure 100% compliance.
FAQS

Frequently Asked Questions

How long is the assessment process?

Typically, 3-6 weeks depending on supplier preparedness and compliance gaps identified during the assessment.

What is the cost of an assessment?

Assessment costs are client-specific and take into consideration factors including the type of data processed (personal and/or confidential), the number of applicable DPR, complexity of services performed for Microsoft, complexity of information systems, and the maturity of your data privacy and security programs.

What if my company doesn't pass the assessment?

SSPA assessments are not pass/fail - Microsoft will only accept Independent Assessment letters if the supplier is able to demonstrate compliance with all applicable DPR. If we identify gaps in your compliance with any DPR, we will help you understand the remediation actions required for completion of the assessment.

How often is my company required to undergo an assessment?

Independent Assessments are required during new supplier enrollment and annually during Microsoft's annual supplier renewal process. An Assessment may be required more often if changes are made to your Data Processing Profile in Microsoft's Aravo portal.

Let's talk SSPA!

Let's Connect!