SSPA Compliance and the SSPA Independent Assessment requirement

Let’s see more about SSPA Compliance

If your SSPA Data Processing Profile includes selections that are considered higher risk to Microsoft, a Self-Attestation against the applicable items of Microsoft's Data Protection Requirements will be followed by an Independent Assessment requirement, too. Profile selection options that will trigger an Independent Assessment are published in the SSPA Program Guide. It is a great idea to check on this each year before you submit your Profile, so you can allocate time and sufficient resources to complete the requirements you will be posted.

Interpreting Microsoft’s Data Protection Requirements (DPR), confirming applicability and compliance might be challenging for suppliers and here's where our in depth knowledge of the SSPA Program and the DPR can save you time and efforts.

Microsoft takes compliance and deadlines very seriously, which is protective of Microsoft as well as their suppliers and customers and not the least it is crucial for Microsoft suppliers to stay Green in the SSPA to be available for business with Microsoft.

If you need confident and expert help with your Independent Assessment requirement, please see our contacts below and contact at cesspa@deloittece.com.