Office 365 Security Assessment Workshop Onsite Engagement Overview

Office 365 Security Assessment Workshop On-site Engagement Overview <Presenter Name>

Agenda 1 Introduction 2 On-site Engagement Overview 3 Project Governance Update 4 Q&A

On-site Workshop Introduction ▶ ▶ • • ▶

Team Introductions Name Please share your name and where are you based? Role Please share your role in the company, which business unit or team you are part of, what other roles have you had? (Internal/External) Expectations Please share your expectations of the session?

On-site Engagement Overview

Engagement Workflow Now • • Kick-off workshop Provide pre-assessment questionnaire Two weeks from now • • Completion of questionnaire Return completed questionnaire Three weeks from now On-site workshops that will cover: • Security objectives and requirements • Office 365 security readiness • Office 365 security assessment • Office 365 security roadmap

Workshop Description Outcome On-site Engagement Overview Provides an overview of the 2 day on-site agenda and goals as well as an opportunity to cover Q&A and project governance. Office 365 Security Overview outlining Microsoft‘s approach to securing enterprise organisations. Customer Security Strategy Customer to present goals and ambitions on their cloud security strategy. Agreed plan and schedule for the 2 -day on-site assessment. Customer attendees Time Scheduled time, room All project team 60 minutes <Time>, <Room> Sets the stage and provides a high-level overview of Office 365 security features. All project team 60 minutes <Time>, <Room> Provides a common understanding of the customer cloud security strategy. All project team 60 minutes <Time>, <Room> Lunch 60 minutes Review Security Questionnaire Review the completed security questionnaire. Prioritized list of security requirements. All project team 60 minutes <Time>, <Room> Office 365 Security Technical Readiness Presentation Technical readiness presentation time slot. Technical readiness provided to customer team. Security Engineers Security Architects 60 minutes <Time>, <Room> Office 365 Secure Score Actionable Security Analytics Overview of Office 365 Secure Score and how it relates to the security requirements. Technical readiness on O 365 Secure Score. Security Engineers Security Architects 60 minutes <Time>, <Room> Day one wrap up and Q&A e pl am Ex Office 365 Security Assessment Agenda, Day 1 20 minutes

Workshop Customer attendees Scheduled time, room Description Outcome Day Two Briefing Provides an overview of the second day agenda and goals as well as an opportunity to cover Q&A. Agreed schedule for day two. All project team 30 minutes <Time>, <Room> Secure Score Recommendations / Discussion Workshop to cover current O 365 Secure Score and recommended security actions. Prioritization of O 365 Secure Score security actions. All project team 120 minutes <Time>, <Room> Technical readiness presentation time slot. Or, Shadow IT Analysis Workshop using Office 365 Advanced Security Management. Technical readiness provided to customer team. or Understanding of current usage of Shadow IT. Security Engineers Security Architect 60 minutes Office 365 Security Technical Readiness Presentation or Shadow IT Analysis Workshop Time Lunch <Time>, <Room> 60 minutes Office 365 Security Technical Readiness Presentation Technical readiness presentation time slot. Technical readiness provided to customer team. Security Engineers Security Architect Office 365 Security Roadmap Workshop to create an Office 365 security roadmap based on the security requirements and the prioritization of the Office 365 Secure Score actions. Defined high-level security roadmap based on Office 365 Secure Score security actions. Security Engineers Security Architect Project close-out and Next steps Close-out presentation and discussion of next steps. Provide an engagement summary and clear steps with tangible outcomes. All project team e pl am Ex Office 365 Security Assessment Agenda, Day 2 60 minutes <Time>, <Room>

Role Description • Project Executive Sponsor • • • Project Manager Enterprise, Security and/or Infrastructure Architects Security Engineers, technical resources Executive sponsor who is responsible for driving the strategic vision for the organization Responsible for making key strategic decisions Ultimate authority and accountability for the project and delivery on project objectives Helps resolve issues escalated by project team Sponsors communication within the company about project goals and deliverables Provides guidance and clarity regarding overall security strategy, standards and policies for the organization • • • Coordinates partner and working teams engaged in the project Schedules all meetings with appropriate resources Is the central point for dissemination of the engagement deliverables Records and manages project issues, including escalations Liaises with, and provides updates to, project executive sponsors Ensures that the on-site requirements are met in time for the 2 -day on-site workshops • • Responsible for security strategy defined by the organization Analyses and chooses security products for the organization that meets business goals Accountable for creating and maintaining the security architecture Responsible for operation of security products Provides insights into current and planned security guidelines, requirements and standards for the organization • • • Responsible the deployment, operations and maintenance of security solutions Provides technical knowledge on how existing security controls have been implemented Provides insight in to existing use of Office 365 Title e pl am Ex Customer Team - Workshop Attendees Contact information

Role Project / Engagement Manager Security Architects / Consultants Description • • Develops and maintains project timeline Coordinates partner and working teams engaged in the project Manages project deliverables Records and manages project issues, including escalations Liaises with, and provides updates to, customer Project Manager Prepares the workshop materials and delivers the 2 -day security assessment workshops Accountable for creating the engagement deliverables Title e pl am Ex Partner Team - Workshop Attendees Contact information

Project Governance Update

Date recorded Risk/Issue description e pl am Ex Project Governance Update Probability Impact Mitigation plan

Deliverable, Work Product Description e pl am Ex Project Deliverables and Work Products Delivery Date Kick-off Presentation Overview of the engagement covering vision and objectives, requirements and next steps and actions After the kick-off presentation Pre-Assessment Questionnaire A questionnaire containing questions on cloud usage/adoption, security requirements and objectives, regulations and frameworks After the kick-off presentation Recommendations and Roadmap Report A document containing a prioritized list of Office 365 security recommendations based on Office 365 Secure Score After the 2 -day on-site workshops

Q&A

© 2017 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U. S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.