TruSight Announces Completion of 4th Annual Risk Assessment of Microsoft

Published: May. 16, 2022 at 10:00 AM EDT

Assessment of the Industry Giant was Conducted Using TruSight's Newly Released Best Practices Methodology 4  

NEW YORK , May 16, 2022 /PRNewswire/ -- TruSight, the financial industry's leading provider of validated third-party risk data, recently completed its fourth annual comprehensive risk assessment of the Microsoft Cloud, making Microsoft the longest-running cloud provider to participate in the TruSight assessment process. The assessment was performed using the newly released TruSight Best Practices Methodology 4, which has been enhanced to include the most recent global due diligence and privacy requirements governing the financial services industry. Microsoft is also the first major cloud provider to successfully complete the TruSight 4 Methodology. The comprehensive, fully validated Microsoft risk assessment is now available to institutions interested in obtaining the data for their third-party risk management efforts and will continue to be updated on a regular basis to ensure alignment with the latest regulatory requirements, industry standards, and developments in Microsoft's technology.

TruSight (PRNewsfoto/TruSight)
TruSight (PRNewsfoto/TruSight)(PRNewswire)

The widely adopted TruSight methodology enables financial institutions to gain greater visibility into supply chain risk and supports third parties by removing the need to perform multiple bilateral and duplicative assessments. Working in collaboration with a diversified group of industry stakeholders, TruSight has designed – and continually updates – this comprehensive methodology for the benefit of all market participants.

The TruSight Best Practices Methodology 4 covers 27 diversified control domains, enabling a holistic approach to assessing third parties, and maps to the latest regulations worldwide. The 4 Methodology incorporates additional requirements for assessment against the Cloud Security Alliance (CSA) and global data protection and privacy requirements. TruSight's objective with its assessment methodology is to check against all the high-value requirements that customers in the United States, Canada, EMEA, and APAC expect. For the Microsoft assessment, TruSight put into practice the 4 methodology to assess the company's cloud services, including Microsoft Azure, Microsoft 365, and Microsoft Dynamics 365, to validate the design and implementation of controls according to the methodology's requirements.

"Being the longest-running major cloud provider participating in TruSight's third-party assessment process is a testament to Microsoft's dedication to equipping our customers with risk data that surpasses global regulatory requirements," said Alan Ross, Managing Director, Microsoft Cloud for FSI. "Simplifying the assessment consumption process for customers is essential to Microsoft's compliance offerings and we are pleased to be the first major cloud provider to successfully complete TruSight's recently launched and rigorous Methodology 4. The continued enhancement of TruSight's standardized industry-backed methodology showcases the organization's drive to provide the highest-quality risk data and solutions to customers."

"With global legislation constantly evolving, financial service firms are challenged to ensure that their vendors and third-party partners are in compliance, and TruSight's rigorous methodology enables them to achieve that," said Sarah Gavan, COO of TruSight. "We are proud that one of the industry's most important cloud providers, Microsoft, has entrusted TruSight to once again validate its compliance against global regulatory requirements."

Financial institutions seeking to work with Microsoft can purchase the validated risk assessment data of Microsoft's services by contacting

About TruSight
TruSight, an industry-initiated utility, is the leading provider of comprehensive, validated third-party risk assessments. Developed and backed by five of the largest global financial institutions, including American ExpressBank of AmericaJPMorgan Chase, BNY Mellon, and Wells Fargo, the TruSight methodology combines best practices and standardization to deliver the highest quality data, enabling businesses to gain greater visibility into supply chain resilience.

For more information, contact:
Laura Nelson or Erin O'Brien
SVM Public Relations

View original content to download multimedia:


The above press release was provided courtesy of PRNewswire. The views, opinions and statements in the press release are not endorsed by Gray Media Group nor do they necessarily state or reflect those of Gray Media Group, Inc.