Funding
For ECIF projects exceeding $150K, this role must be engaged to execute an amendment.
Who is the Commercial Executive?
Before approving a vendor contract, employees must complete this process to ensure no personal or family ties create bias in procurement decisions.
What is the vendor due diligence and disclosure requirement under Microsoft’s procurement policy?
This Microsoft standard defines how personal data must be processed globally, including rights like access, deletion, and portability.
What is the Microsoft Privacy Standard (MPS)?
According to Microsoft, enabling this simple feature can block virtually all password-based attacks.
What is multi-factor authentication (MFA)?
When an employee resigns, what is the manager’s required actions in Microsoft’s termination process?
What is enter the resignation in Employee Central and notify HR?
Before releasing ECIF funds, Microsoft requires this document to confirm that project milestones have been completed.
What is Proof of Execution (POE)?
If you think you might have a conflict of interest, this is the first action you must take according to Microsoft policy.
What is disclose the situation and request approval through the COI Tool?
Before storing or sharing any funding-related documents, managers must follow this standard to ensure data is properly labeled and protected.
What is the Data Classification and Handling Standard?
This routine action is required under Microsoft’s Digital Security Policy to protect systems from known vulnerabilities.
What is keeping software up to date and fully patched?
Before initiating an involuntary termination, managers must do this according to Microsoft policy.
What is consult with HR and compile all supporting documentation?
For ECIF requests, at least one approver must have this type of authority to commit funds.
What is a SAFE (Signing Authority for Expenses) limit equal to or greater than the ECIF amount?
If your conflict of interest is approved, you must do this every year to remain compliant.
What is renew the approval annually in the COI Tool?
According to Microsoft’s privacy onboarding guidance, what is the recommended method for exchanging personal or confidential data?
What is secure exchange using approved tools like SharePoint or Teams, with encryption?
This type of social engineering attack tricks users into clicking malicious links or sharing credentials and is the most common entry point for breaches.
What is Phishing?
When an employee requests a Leave of Absence, what two steps must the manager take?
What are review the request promptly and ensure it is submitted through the HR system for approval?
According to Microsoft’s Employee Expense Reimbursement Policy, what payment method is prohibited for event sponsorship fees?
What is using a personal credit card or Amex?
When reviewing a COI request, managers must ensure two things before granting approval: that the decision is in Microsoft’s best interest and that this risk is addressed.
What are confirming no undue influence and applying mitigation conditions if needed?
When handling funding applications that include personal data, retention must align with this principle.
What is store only as long as necessary and follow official retention schedules?
Microsoft’s incident response strategy includes four key phases: analysis, containment, eradication, and this final step.
What is Recovery?
Managers should reinforce this principle to maintain trust and integrity in the workplace.
What is Speak Up culture?
To ensure the right level of discount for a customer, this person needs visibility into all offers—ECIF, ACO, Financing, and Credit Term Extensions.
Who is the Deal Approver?
According to policy, you should not request approval for a COI unless you can clearly demonstrate this.
What is a compelling business need?
Under GDPR and similar laws, individuals can request Microsoft to permanently remove their personal data. What is this right called?
What is the Right to be Forgotten?
This Microsoft standard defines how to classify and protect sensitive information across devices, apps, and networks.
What is the Microsoft Security Standards (MSS) and Data Classification Standard?
Name three tasks managers must complete after an employee’s exit date to ensure compliance.
What are collect company assets, revoke system access, and confirm payroll and benefits processing?