This is a detailed 5-day course with hands on labs. The course covers understanding and implementation of Governance, Security and Compliance in Office 365. This course is appropriate to anyone interested in any aspect of Office 365 Governance Security and Compliance. This course covers Office 365 features pertaining to various Office 365 subscriptions: Business, E3, E5.
This course complements Microsoft Information Protection framework of;

  • Knowing your Data
  • Protecting your Data
  • Prevent Data Loss
  • Govern Your Data

Target Audience

  • Technical Business Decision Makers
  • Office 365 IT Professionals
  • Anyone who has a business interest in how to Implement Governance Security and Compliance for their organisation in Office 365

Practical Labs

During the course students will create their own Office 365 and have labs which populate their environment with data then implement the features learnt through the course (note due to latency of Microsoft services some labs can take several hours or more to complete) Labs are written so students can choose which labs they want to complete.

Read more


An understanding of Office 365 core technologies and an interest in the business benefits of the Microsoft Office 365 Platform from a Governance Security and Compliance perspective.

Read more

Course Outline

Module 1 – Introducing Compliance Standards and Microsoft Commitments

  • Data Breaches
  • Data Breach Statistics
  • Common Compliance Standards
  • General Data Protection Regulation (GDPR)
  • ISO/IEC 27001:2013
  • National Institute of Standards and Technology (NIST)
  • Microsoft’s Commitment to Compliance
  • Contractual Commitments
  • Microsoft Compliance Offerings
  • Microsoft Compliance Portals and Tools
  • The Microsoft Trust Center
  • The Microsoft Service Trust Portal
  • Compliance Manager/Compliance Score
  • Security and Compliance Admin Centers
  • GDPR Activity Hub
  • Security and Compliance PowerShell
  • Microsoft 365 Admin Roles
  • Permissions in the Security & Compliance Centers
  • Microsoft’s Compliance Model
  • Microsoft 365 GDPR action plan
  • Office 365 Overview
  • Office 365 is Dynamic
  • Office 365 Security and Compliance Licensing and Permissions
  • Security and Compliance Licensing
  • Licensing Resources
  • Security and Compliance Permissions
  • Lab 1.1a Sign Up for a Microsoft or Office 365 trial and create Sample Users
  • Lab 1.1b Optional - Uploading Profile Pictures for Sample users
  • Lab 1.2 Optional - Using Google Chrome Profiles
  • Lab 1.3 Optional - How to Get 360 days Office 365 for free

Module 2 Introducing Office 365 Search Concepts

  • GDPR articles relevant to this module
  • SharePoint Online Search
  • Sharepoint Online Columns
  • Sharepoint Online Search Schema
  • Sharepoint Online Content Types
  • Sharepoint Online Columns vs Content Types
  • Sharepoint Syntex
  • Form Processing vs Content Understanding
  • Sharepoint Syntex Classifiers
  • Sharepoint Syntex Extractors
  • Syntex and Retention Labels
  • Syntex Form Processing Models
  • Sharepoint Syntex Model Analytics
  • Compliance Center Data Classification
  • Trainable Classifiers
  • Sensitive information types
  • Testing Sensitive Information Types
  • Exact Data Match (EDM)
  • Lab 2.1 Content Types
  • Lab 2.2 SharePoint Online Syntex

Module 3 Office 365 Content Search and Privacy Management

  • Microsoft 365 Content Search
  • Content Search Security
  • Configure Security Filtering for Content Search
  • Running a Content Search
    • Search for Teams chat data for on-premises users
    • Targeted Collection Search
    • Condition Card Builder & KQL Editor
    • Preview Sample Search Results
  • Search Statistics
  • Content Search PowerShell
  • Using a CSV file to “Search by ID List” (aka Targeted Content Search)
  • Export Content Search Results
  • Unindexed Items in Content Searches
  • Increase Download Speed When Exporting Content Search Results
  • Differences Between Estimated and Actual eDiscovery Search Results
  • De-duplication in eDiscovery Search Results
  • Search for and Delete Email Messages in an Office 365 Organisation
  • Use Content Search to Search the Mailbox and OneDrive for Business Site for a List of Users
  • Clone a Content Search
  • User data search
  • Microsoft Privacy Management
  • Privacy Management Delegation
  • Privacy Management Settings
  • Discovery and Visualization of personal data within an organization
  • Privacy Management Policies
  • Subject Rights Requests
  • Creating subject Rights Requests
  • Reviewing Subject Rights Requests
  • Automatic detection of Priority Items
  • Data Collected Review
  • Subject Rights Request Content Classification
  • Completing Subject Rights Request Review and Reports
  • Subject Rights Request Reports
  • Subject Rights Requests – Other tasks
  • Lab 3.1 Office 365 Content Search

Module 4 Office 365 eDiscovery

  • Office 365 eDiscovery
  • Office 365 eDiscovery Tasks
  • Office 365 eDiscovery Cases
  • eDiscovery Security
  • eDiscovery Related Roles in the Compliance Center
  • Role Groups for eDiscovery
  • Compliance boundaries for eDiscovery investigations
  • Create eDiscovery cases
  • Add Users to an eDiscovery Case
  • Place Content on Legal Hold
  • Content on hold preservation
  • Create and Run eDiscovery Searches
  • eDiscovery Exports
  • Closing and Deleting an eDiscovery Case
  • Lab 4.1 eDiscovery
Module 5 Advanced eDiscovery
  • Office 365 Advanced eDiscovery
  • Advanced eDiscovery Requirements
  • Licensing – Key Points
  • Microsoft Advanced eDiscovery
  • Advanced eDiscovery workflow
  • Global analytics settings: attorney-client privilege
  • Creating an Advanced eDiscovery Case
  • Advanced eDiscovery Cases
  • Identification - Data Custodians
  • Advanced eDiscovery Holds
  • Advanced eDiscovery Communications
  • Required and Optional Notifications
  • Advanced eDiscovery Collections
  • Advanced eDiscovery Review Sets
  • Review Set Collection Options
  • Content Ingestion Scale
  • Loading Non-Office 365 Source Data for Advanced eDiscovery
  • Advanced eDiscovery Processing
  • Processing Error Remediation
  • Review Set Profile Views
  • Working with Data in a Review Set
  • Review Set Filters and Queries
  • Conversational/Threaded views
  • Review Sets - Tagging Content
  • Advanced eDiscovery Search & Analytics
  • Ignore Text and Optical Character Recognition
  • Advanced eDiscovery Predictive Coding
  • Exporting Case Data
Module 6 Office 365 Data Retention and Disposal
  • Office 365 Retention Options
  • eDiscovery Holds
  • Retention Policies
    • Retention policy data behaviour
    • Creating Retention Policies
    • Adaptive vs Static Retention Policies
    • Adaptive Scopes
    • Retention Policy Locations
    • Teams Retention Policy considerations
    • Retention Options
    • Preservation Lock
  • Retention Labels
    • Retention and Record Label Publishing
    • Auto-applying a Retention Label
    • Alternative methods to auto apply retention labels
    • Sharepoint – Library or folder default label
    • Sharepoint – Syntex
    • Outlook – Inbox Rules
    • Single Retention Label per Item
    • Record Retention Labels
    • Retention Label Creation
    • Event Driven Retention
  • Disposition Reviews
    • Disposition Review Process
    • Disposition Review Considerations
  • Records Labels
  • Record Retention Label File Plan Descriptors
  • Locking and unlocking a record (Record Versioning)
  • Searching the audit log for record locking/unlocking events
  • Records vs Regulatory Records
  • Label Publishing and Label Policies
  • Retention Label policies and locations
  • Policy Lookup
  • Monitoring Retention Labels
  • Retention Policy and Label Auditing
  • Retention label PowerShell
  • Retention Precedence
  • Retention Policy and Retention Label Comparison
  • Microsoft Retention Flowchart
  • Inactive Mailboxes
    • Recovering or Restoring Inactive Mailboxes
    • Recovering and Restoring Inactive Mailbox Considerations
    • Deleting an Inactive Mailbox
  • Exchange Online Archiving
  • Unlimited Archiving
  • Legacy Retention Functionality
  • Disposing of data
  • Modifying Exchange Online Default retention period
  • SharePoint Online and OneDrive for Business Content Disposal
  • Microsoft Data Destruction
  • Lab 6.1 Office 365 Retention Policies
  • Lab 6.2 Office 365 Retention Labels
  • Lab 6.3 Exchange Online Archiving

Module 7 Office 365 Authentication

  • Authentication, Authorisation, and Access Control
  • Azure AD Password Protection
  • Multi-Factor Authentication in Office 365
  • Software Requirements for MFA in Office 365
  • Azure Security Defaults
  • Set Up Multi-Factor Authentication in Office 365
  • Per User MFA
  • MFA Settings
  • Inform Users How to Sign In Using MFA in Office 365
  • MFA Authentication App
  • App Passwords (legacy)
  • Resetting MFA User settings
  • Lab 7.1 Multifactor Authentication

Module 8 Sharepoint Online Security

  • SharePoint Online Permissions
  • Classic vs. Modern Site Permission Management
  • SharePoint Modern Team Sites
  • Access Requests
  • Member Sharing options
  • Permission levels
  • Bespoke Permission Levels
  • Granting Explicit Permissions
  • SharePoint Groups
  • SharePoint Group Best Practice
  • Recommended SharePoint Online Group Model
  • Special SharePoint Groups
  • Permission Inheritance
  • Breaking Inheritance
  • Granting Permissions
  • Permissions Panel
  • Advanced Permissions
  • SharePoint Admin Center
  • Checking Permission
  • “Sharing” SharePoint Items
  • Sharing a Site
  • Sharing a Document Library/List
  • Sharing a Folder or Items
  • Modern UI folder or item sharing
  • Modifying and Removing Permissions
  • SharePoint Online Permissions via PowerShell
  • SharePoint Online Permissions Best Practice
  • Conditional Access
  • Lab 8.1 SharePoint Online Permissions

Module 9 Sharepoint External Sharing

  • SharePoint External Sharing
  • Authenticated External User sharing
  • Authenticated External User Link Management
  • Anonymous Access Links
  • Modern Team Sites Guest Access
  • SharePoint Online External sharing administration
  • Tenant Level External Sharing Administration
    • Anyone Links
    • New and existing guests
    • Existing guests
    • Only people in your organisation
  • Advanced settings for external sharing
  • Limit external sharing by domain
  • Guests must sign in using the same account to which sharing invitations are sent
  • Allow guests to share items they don't own
  • File and Folder Links
  • Other Settings
    • Show to owners the names of people who viewed their files
    • Let site owners choose to display the names of people who viewed files or pages in SharePoint
  • Classic Sharing Settings
  • Site Collection External Sharing Options
  • Powershell External Sharing
  • SharePoint Online External Sharing Alerts, Auditing, and Reporting
  • Site Usage Reports
  • Lab 9.1 SharePoint External Sharing

Module 10 Office 365 RBAC

  • Identifying Required Role Groups
  • Administration of Administrative Role Groups
  • Custom Role Groups
  • Azure AD Privileged Identity Management (PIM)
  • Azure AD Access Reviews
  • Office 365 Privileged access management
  • Configure and enable Office 365 Privileged access management
  • Requesting and approving access
  • Exchange Online Authorisation
  • Introducing Security in Exchange Online
  • Exchange Online Admin Role
  • Role Based Access Control (RBAC)
  • RBAC Role Groups
  • Creating Role Groups
  • Copying Role Groups
  • Roles
  • Role Entries
  • Management Role Scopes
  • Creating Custom Scopes
  • Lab 10.1 Azure AD Privileged Identity Management
  • Lab 10.2 Exchange Online RBAC

Module 11 Office 365 Groups and Microsoft Teams Governance

  • Office 365 Groups and Teams Security
  • Controlling Guest Access to Office 365 Groups
  • Remove guest access to group files
  • Disabling Guest Access for Office 365 Groups
  • Disabling ability for Office 365 Group guests to access content
  • PowerShell for managing Office 365 Guest access
  • Controlling which users can create Office 365 Groups
  • Obsolete Office 365 Group Expiration and Removal
  • Finding and Archiving Obsolete Office 365 Groups
  • Office 365 Group Governance
  • Microsoft Teams Governance
  • Understanding Roles and Permissions in Microsoft Teams
  • Manage User Access to Microsoft Teams
  • Manage Guest Access to Teams
  • Manage Team Organizational Settings
  • Lab 11.1 Managing Office 365 Groups and Teams

Module 12 Office 365 Multi-Geo

  • Sample Multi-Geo Tenant Configuration
  • Implementing Multi-Geo
  • Office 365 Multi-Geo Features for SharePoint and OneDrive

Module 13 Office 365 Message Encryption

  • Office 365 Message Encryption (OME)
  • OME Configuration
  • OME Enhanced Recipient Experiences
  • Flexible controls for attachment encryption for recipients
  • Decrypting Attachments
  • Read Only and Attachment Download Restrictions in Exchange Online
  • Combining OME with blocked attachment download
  • Branding OME Encrypted messages
  • Branding/Advanced Configuration is not just for Branding
  • OME Integration with Data Loss Prevention (DLP)
  • OME Integration with Exchange Transport Rules
  • Encrypted Mail Revocation
  • Lab 13.1 Office 365 Message Encryption
Module 14 Office 365 Sensitivity Labels
  • Office 365 Sensitivity Labels
  • Sensitivity Labels for Files and Emails
  • Classification
  • Sharepoint Search using Sensitivity Labels
  • Sensitivity Labels as a DLP condition
  • Sensitivity Label Visual marking, watermarks, headers and footers
  • Sensitivity Label Protection – Encryption both inside/outside the organisation
  • Double Key Encryption
  • Sensitivity Label Client Support
  • Client ‘Quirks’
  • Applying File and Email Sensitivity labels
  • Sensitivity Label Support for Office Online Files
  • Automatically Applying Sensitivity Labels
  • Auto labelling Policies
  • Alternative (cheaper) auto labelling strategies
  • Exchange Mail Flow Rules
  • Exchange DLP Policies
  • Sharepoint Syntex sensitivity label assignment
  • Microsoft Cloud App Security File Policy based Sensitivity Labels
  • Sensitivity Labels for Teams, 365 Groups and SharePoint Sites
  • Sensitivity Label priority and grouping
  • 365 Group and Site vs File and email label ordering
  • Sublabels
  • Editing or deleting a sensitivity label
  • Label Policies
  • Label Analytics
  • Data Classification – Activity Explorer
  • Lab 14.1 Office 365 Sensitivity Labels
Module 15 Microsoft/Office 365 Cloud App Security
  • Overview
  • Microsoft Defender for Cloud Apps Editions
  • Defender for Cloud Apps Licensing Options
  • Microsoft Defender for Cloud Apps Dashboard
  • User anonymisation
  • Cloud App Catalog
  • App Sanctioning
  • Defender for Cloud Apps Activity Log
  • Defender for Cloud Apps Activity Privacy
  • Files
  • Files Management Reports
  • Users and accounts
  • User Governance Actions
  • Security Configuration
  • OAuth Apps
  • Compliance Center App Reports
  • Deploy Conditional Access App Control
  • Defender for Cloud Apps Policy Templates
  • Policy Alerts
  • Scoping Defender for Cloud Apps
  • Generic SIEM integration
  • Azure Sentinel Integration
  • Use Power BI with Defender for Cloud Apps data in Azure Sentinel
  • Top tips for Using Defender for Cloud Apps
  • MCAS Ninja training
  • Lab 15.1 Defender for Cloud Apps

Module 16 Managing Insider risks

  • Insider Risk Management
  • Insider Risk Management Requirements
  • Insider Risk Management Process
  • Insider Risk Management Settings
  • Privacy
  • Policy Indicators
  • Policy timeframes
  • Intelligent detections
  • Export alerts
  • Priority user groups
  • Priority Physical Assets
  • Power Automate Flows
  • Microsoft Teams Integration
  • Analytics
  • Insider Risk Management Administration
  • Policies
  • Policy Health and Recommendations
  • Alerts
  • Cases
  • Case Actions
  • Resolving Cases
  • Insider Risk Management Scenarios
  • Communication Compliance
  • Configure Policies
  • Investigate
  • Resolution
  • Information Barriers
  • Information Barriers and Exchange ABP’s
  • Information barrier functionality
  • Information barrier configuration
  • Make sure prerequisites are met
  • Segment users in the organisation
  • Define information barrier policies
  • Apply information barrier policies
  • Customer Lockbox
Module 17 Microsoft Threat Intelligence - Alerts - AIR - Defender for Office 365Microsoft Threat Intelligence
  • Microsoft Threat Intelligence Center (MSTIC)
  • Microsoft Security Roadmap
  • Microsoft Defender
  • Microsoft 365 Defender suite products
  • Microsoft 365 Defender cross-product features
  • Microsoft Defender Cross-product attack Simulation
  • Threat Management Administration
  • Threat Dashboard
  • Threat Explorer
  • Campaign Views
  • Threat Management Threat Tracker
  • Threat Management Reviews
  • Office 365 Automated Investigation and Response (AIR)
  • AIR Security Playbooks
  • AIR Security Playbooks Roll Out
  • Alert Policy Triggers
  • AIR Requirements
  • AIR Investigation Initiation
  • Report Message Mailbox
  • AIR alert email notifications
  • Automated Investigations
  • Investigation Graph
  • Investigation Alert Tab
  • Entities tab
  • Similarity
  • Indicators
  • E-mail Investigation Flyout
  • Investigation log tab
  • Investigation (Recommended) actions tab
  • Threat Policies
  • Exchange Online Protection
  • Overview of Exchange Online Protection (EOP)
  • Exchange threat protection PowerShell
  • Exchange Online Protection, Microsoft Defender for Office 365 plan 1 and plan 2
  • Exchange Online anti-spam protection
  • Connection filters
  • Outbound spam policy
  • Verify spam policies are configured and working properly
  • Control automatic external email forwarding
  • Email forwarding rule alerts
  • Exchange Online Auto Forwarded Message Reports
  • Exchange Online Protection Spoof Intelligence
  • Enhanced email protection with DKIM and DMARC
  • DomainKeys Identified Mail (DKIM)
  • Domain-based Messaging and Reporting Compliance (DMARC)
  • Anti-phishing Policies
  • Office 365 antimalware protection
  • Antimalware policies
  • Office 365 Secure by default
  • Preset Security Policies
  • Configuration analyzer
  • Defender for Office 365 Safe attachments and Safe links
  • Defender for Office 365 Safe attachments
  • Defender for Office 365 Safe attachments for SharePoint, OneDrive and Teams
  • Quarantine in Defender for Office 365 for SharePoint Online, OneDrive for Business, and Microsoft Teams
  • Defender for Office 365 Safe attachments reports and alerts
  • Defender for Office 365 standalone
  • Defender for Office 365 Safe Links
  • Defender for Office 365 reports
  • Microsoft Security Center Reports
  • Attack Simulation Training
  • Microsoft 365 Defender Advanced Hunting
  • Office 365 Alerts
  • Lab 17.1 Defender for Office 365
  • Lab 17.2 Office 365 Alerts
  • Lab 17.3 Office 365 AIR
Module 18 Office 365 Data Loss Prevention
  • Office 365 Data Loss Prevention
  • Components of DLP Policies
  • Sensitive Information Types
  • Creating a Custom DLP Policy
  • DLP Policy Locations
  • Endpoint DLP
  • Microsoft Compliance Extension for Google Chrome
  • DLP Policy Settings
  • DLP Conditions/Exceptions
  • DLP Actions
  • DLP User Notifications and User Overrides
  • DLP Incident reports
  • DLP Powershell
  • DLP Mark Files as Sensitive by Default
  • DLP Reports
  • DLP Activity Explorer
  • Lab 18.1 Data Loss Prevention

Module 19 Office 365 Encryption

  • Data in transit
  • Data at rest
  • Encryption in Office 365 Products
    • Exchange Online
    • SharePoint Online and OneDrive for Business
    • Teams/Skype for Business Online
  • Customer Encryption Controls
  • Scenario 1 – Files are saved on Windows computers
  • Scenario 2 – Customers want control over the encryption keys used to encrypt your data in Microsoft data centers
  • Scenario 3 – Files are saved on mobile devices
  • Scenario 4 – People are communicating via email
  • Scenario 5 – Users are accessing files using SharePoint Online or OneDrive for Business
  • Customer Lockbox
  • Microsoft 365 Information Protection

Module 20 Office 365 Auditing, Report, and Compliance Tools

  • Module Introduction
  • Microsoft 365 Usage Analytics
  • Dashboard Reports
  • Enabling Microsoft 365 Usage Analytics
  • Office 365 Auditing
  • Audit Log Permissions
  • Running an Audit Log Search
  • Viewing Audit Log Search Results
  • Filtering Audit Log Search Results
  • Exporting Audit Log Search Results
  • Advanced Audit in Microsoft 365
  • Audit log retention policies
  • Exchange Online Auditing - Deprecated
  • Reports
  • Office 365 Management API
  • Compliance Manager and Compliance Score
  • Compliance Manager Automated Testing
  • Microsoft Compliance Configuration Analyzer (MCCA)
  • Microsoft 365 Secure Score
  • Compliance/Secure Score “Old Skool”
  • Microsoft Service Trust Portal
  • Microsoft Trust Center
  • Microsoft Security Site
  • Lab 20.1 Office 365 Auditing
  • Lab 20.2 Secure Score
Read more

Why choose QA

Special Notices

Please note: Due to the dynamic nature of updates to Office 365 functionality by Microsoft, elements of the syllabus of this course can be subject to change without notice.

Please note: for Attend from Anywhere customers an additional screen is required. The additional screen must have a minimum screen size of 19 inch and minimum resolution of 1280x1024, with the vertical resolution (1024) being the most critical.

This course is one of the unique technical Office 365 QA authored Mastering courses.

Other technical courses within the QA authored curriculum for Office 365 include:

Dates & Locations

Microsoft 365 learning pathways

= Required
= Certification
Technical Decision Maker
Office 365 General Administration
Exchange Online/Hybrid
SharePoint Online/Hybrid
Device Management, Identity and Services
Security and Compliance
Modern Desktop
Power Platform
Office 365 Development
Microsoft Teams
Office 365 General Administration
Office 365 Development

Frequently asked questions

See all of our FAQs

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

Learn more about our Virtual Classrooms.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

Learn more about QA’s online courses.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Contact Us

Please contact us for more information