This is a detailed 5-day course with hands on labs. The course covers how to implement Governance Security and in Office 365. Within the course there is specific reference to GDPR*, however this course is appropriate to anyone interested in any aspect of Office 365 Governance Security and Compliance. This course covers Office 365 features pertaining to various Office 365 subscriptions: Business, E3, E5.

  • Discover— Identification, retrieval and classification of personal data.
  • Govern— Importing, processing, retention and disposal of personal data.
  • Protection — Control authentication, authorization and access control of personal data including Encryption and Data Loss Prevention
  • Report — Execute data requests, report data breaches, and proactively maintain required documentation.

*Please note this is not a GDPR course - this is course on implementing Security Governace and Compliance features within Office 365 irrespective of the compliance framework. Reference will be made to GDPR within the course for context but the course is overall agnostic to any specific compliance framework

Target Audience

  • Technical Business Decision Makers
  • Office 365 IT Professionals
  • Anyone who has a business interest in how to Implement Governance Security and Compliance for their organisation in Office 365

Practical Labs

During the course students will create their own Office 365 and have labs which populate their environment with data then implement the features learnt through the course (note due to latency of Microsoft services some labs can take several hours or more to complete) Labs are written so students can choose which labs they want to complete

Read more


An understanding of Office 365 core technologies and an interest in the business benefits of the Microsoft Office 365 Platform from a Governance Security and Compliance perspective.

Read more

Course Outline

Module 1: Introducing Compliance Standards and Microsoft Commitments

  • Introduction
  • Data Breaches
  • Data Breach Statistics
  • Common Compliance Standards
  • General Data Protection Regulation (GDPR)
  • ISO/IEC 27001:2013
  • National Institute of Standards and Technology (NIST)
  • Microsoft’s Commitment to Compliance
  • Contractual Commitments
  • Microsoft Compliance Offerings
  • Microsoft Compliance Portals and Tools
  • The Microsoft Trust Center
  • The Microsoft Service Trust Portal
  • Compliance Manager/Compliance Score
  • Security and Compliance Admin Centers
  • GDPR Activity Hub
  • Security and Compliance PowerShell
  • Office 365 Admin Roles
  • Permissions in the Security & Compliance Centers
  • Microsoft’s Compliance Model
  • Microsoft 365 GDPR action plan
  • Office 365 Overview
  • Office 365 is Dynamic
  • Office 365 Security and Compliance Licensing and Permissions
  • Security and Compliance Licensing
  • Licensing Resources
  • Security and Compliance Permissions
  • Office 365 Subscription Plans
  • Compliance in Other Microsoft Cloud Services
  • Lab 1.1 Introduction
  • Lab 1.2 Using Chrome Profiles
  • Lab 1.3 Get over 6 Months Office 365 trial for free
Module 2
  • Introducing Office 365 Search Concepts
  • GDPR articles relevant to this module
  • Office 365 Search Tools and Engines
  • Columns and Content Types
  • Adding Content Types
  • Modern UI gotcha
  • Custom content types
  • Publishing Content Types via Content Type Hub
  • Sharepoint Syntex
  • Form Processing vs Content Understanding
  • Sharepoint Syntex Classifiers
  • Sharepoint Syntex Extractors
  • Syntex and Retention Labels
  • Syntex Form Processing Models
  • Sharepoint Syntex Model Analytics
  • SharePoint Online Managed Metadata
  • Term Store Groups and Permissions
  • Using Managed Metadata
  • Delve Search Security Trimming and Hiding
  • Lab 2.1 Content Types
  • Lab 2.2 Sharepoint Online Syntex
  • Azure Cognitive Search
  • Microsoft Search
  • Compliance Center Data Classification
  • Trainable Classifiers
  • Sensitive information types
  • Testing Sensitive Information Types
  • Exact Data Match (EDM)
  • Lab 2.1 Content Types
  • Lab 2.2 SharePoint Online Syntex
Module 3: Office 365 Content Search
  • Office 365 Content Search
  • Content Search Security
  • Running a Content Search
  • Preview Content Search Results
  • Search Statistics
  • Content Search PowerShell
  • Using a CSV file to “Search by ID List” (aka Targeted Content Search)
  • Export Content Search Results
  • Unindexed Items in Content Searches
  • Search Bulk Actions
  • Increase Download Speed When Exporting Content Search Results
  • Differences Between Estimated and Actual eDiscovery Search Results
  • De-duplication in eDiscovery Search Results
  • Search for and Delete Email Messages in an Office 365 Organization
  • Use Content Search to Search the Mailbox and OneDrive for Business Site for a List of Users
  • Clone a Content Search
  • Configure Security Filtering for Content Search
  • Microsoft Data Subject requests
  • Lab 3.1 Office 365 Content Search

Module 4: Office 365 eDiscovery

  • Office 365 eDiscovery Tasks
  • Office 365 eDiscovery Cases
  • Assign eDiscovery Permissions
  • eDiscovery Related Roles in the Security & Compliance Center
  • Role Groups for eDiscovery
  • Compliance boundaries for eDiscovery investigations
  • Create eDiscovery cases
  • Add Users to an eDiscovery Case
  • Place Content on Legal Hold
  • Location of content on hold
  • Create and Run Content Searches
  • Prepare Search Results for Advanced eDiscovery
  • Lab 4.1 eDiscovery

Module 5: Office 365 Advanced eDiscovery and Data Investigations

  • Office 365 Advanced eDiscovery and Data Investigations
  • Advanced eDiscovery and Data Investigation Key Differences
  • Advanced eDiscovery and Data Investigation Requirements
  • Licensing
  • Microsoft Advanced eDiscovery
  • Advanced eDiscovery workflow
  • Data Investigation Workflow
  • Creating an Advanced eDiscovery Case
  • Identification - Data Custodians
  • Preservation - Advanced eDiscovery Holds
  • Advanced eDiscovery Communications
  • Advanced eDiscovery Communication tool
  • Required and Optional Notifications
  • Advanced eDiscovery Case Searches
  • Advanced eDiscovery Review Sets
  • Review Set Collection Options
  • Loading Non Office 365 Source Data for Advanced eDiscovery
  • Advanced eDiscovery Processing
  • Processing Error Remediation
  • Working with Data in a Review Set
  • Review Set Filters and Queries
  • Review Sets - Tagging Content
  • Advanced eDiscovery Relevance Module
  • Relevance Module Data Preparation
  • Relevance Setup
  • Relevance tagging
  • Tracking Tagging Progress
  • Relevance Decision Based on Results
  • Test Relevance Analysis
  • Relevance Settings and Utilities
  • Exporting Case Data
  • Microsoft 365 Data Investigations

Module 6: Data Import and Connectors

  • GDPR articles relevant to this module
  • Office 365 Data Governance
  • Importing Data into Office 365
  • Importing messaging data
  • Office 365 Import Service
  • Office 365 Messaging Data Import
  • PST Import Service Requirements
  • Drive Shipping Import Service Requirements
  • Filtering Data on Import
  • Hybrid Exchange
  • Importing Data into Sharepoint, OneDrive and Teams
  • Challenges to Sharepoint/Onedrive/Teams migrations
  • Microsoft Options for Sharepoint Online Migrations
  • Migration Stages
  • Stage 1 Prepare and Assess
  • SharePoint Migration Assessment Tool
  • Stage 2 – Migrating Data into Sharepoint Online
  • The Sharepoint Migration Tool
  • SPMT Advanced settings
  • Sharepoint Migration Manager
  • Migration Manager Global/Task Settings
  • Mover.io
  • Stage 3 & 4 Post Migration and Reducing Business Impact
  • Convert users to adopters
  • Third Party Migration tools
  • Customization Migrations
  • Importing Third-Party Data Sources
  • Use Connectors in Office 365 Groups and Microsoft Teams

Module 7: Office 365 Data Retention and Disposal

  • Office 365 Retention Options
  • eDiscovery Holds
  • Retention Policies
  • Retention policy data behaviour
  • Creating Retention Policies
  • Office 365 Group and Teams Considerations
  • Teams Considerations and limitations
  • Preservation Lock
  • Retention Precedence
  • Retention Labels
  • Auto-applying a Retention Label
  • Retention Labels and Folders
  • Retention Labels Records Declaration
  • Retention Label Creation
  • File Plan Descriptors
  • Retention Settings
  • Sharepoint Online Record Features
  • Locking and unlocking a record
  • Searching the audit log for record locking/unlocking events
  • Record Preservation
  • Label Publishing and Label Policies
  • Auto Apply Labels
  • Retention Label policies and locations
  • Monitoring Retention Labels
  • Retention label Powershell
  • Inactive Mailboxes
  • Recovering or Restoring Inactive Mailboxes
  • Recovering and Restoring Inactive Mailbox Considerations
  • Deleting an Inactive Mailbox
  • Event Driven Retention
  • Exchange Online Retention Features
  • Exchange Online Archiving
  • Unlimited Archiving
  • Exchange Online Legacy Compliance Features
  • Exchange Online Retention tags and policies
  • Key Point: Retention tags can be used to move items to an archive mailbox
  • Legacy Retention Functionality
  • Disposing of data
  • Modifying Exchange Online Default retention period
  • Sharepoint Online and OneDrive for Business Content Disposal
  • Microsoft Data Destruction
  • Office 365 Disposition Reviews
  • Disposition Review Considerations
  • Lab 7.1 Office 365 Labels
  • Lab 7.2 Office 365 eDiscovery Holds
  • Lab 7.3 Office 365 Event Driven Retention
  • Lab 7.4 Exchange Online Archiving
  • Lab 7.5 Exchange Online Retention Tags and Policies

Module 8: Office 365 Authentication

  • Authentication, Authorization, and Access Control
  • Azure AD Password Protection
  • Multi-Factor Authentication in Office 365
  • Software Requirements for MFA in Office 365
  • Security Defaults
  • Set Up Multi-Factor Authentication in Office 365
  • Per User MFA
  • MFA Settings
  • Inform Users How to Sign In Using MFA in Office 365
  • MFA Authentication App
  • App Passwords (legacy)
  • Resetting MFA User settings
  • Lab 8.1 Multifactor Authentication

Module 9: Sharepoint Online Security

  • SharePoint Online Permissions
  • Classic vs Modern Site Permission Management
  • Sharepoint Modern Team Sites
  • Access Requests
  • Member Sharing options
  • Permission levels
  • Bespoke Permission Levels
  • Granting Explicit Permissions
  • SharePoint Groups
  • Sharepoint Group Best Practice
  • Recommended Sharepoint Online Group Model
  • Special SharePoint Groups
  • Permission Inheritance
  • Breaking Inheritance
  • Granting Permissions
  • Checking Permission
  • “Sharing” SharePoint Items
  • Sharing a Site
  • Sharing a Document Library/List
  • Sharing a Folder or Items
  • Modern UI folder or item sharing
  • Modifying and Removing Permissions
  • Sharepoint Online Permissions via PowerShell
  • Sharepoint Online Permissions Best Practice
  • Lab 9.1 SharePoint Online Permissions
  • Conditional Access

Module 10: Sharepoint External Sharing

  • SharePoint External Sharing
  • Authenticated External User sharing
  • Authenticated External User Link Management
  • Anonymous Access Links
  • Modern Team Sites Guest Access
  • Sharepoint Online External sharing administration
  • Tenant Level External Sharing Administration
  • Advanced settings for external sharing
  • File and Folder Links
  • Other Settings
  • Show to owners the names of people who viewed their files
  • Classic Sharing Settings
  • Site Collection External Sharing Options
  • Powershell External Sharing
  • Sharepoint Online External Sharing Alerts, Auditing and Reporting
  • Lab 10.1 SharePoint External Sharing

Module 11: Office 365 RBAC PIM PAM Access Reviews

  • Office 365 RBAC
  • Identifying Required Role Groups
  • Administration of Administrative Role Groups
  • Azure AD Privileged Identity Management (PIM)
  • Azure AD Access Reviews
  • Office 365 Privileged access management
  • Configure and enable Office 365 Privileged access management
  • Requesting and approving access
  • Exchange Online Authorization
  • Introducing Security in Exchange Online
  • Exchange Online Admin Role
  • Role Based Access Control (RBAC)
  • RBAC Role Groups
  • Creating Role Groups
  • Copying Role Groups
  • Roles
  • Role Entries
  • Management Role Scopes
  • Creating Custom Scopes
  • Lab 11.1 Azure AD Privileged Identity Management
  • Lab 11.2 Exchange Online RBAC

Module 12: Office 365 Groups and Microsoft Teams Governance

  • Office 365 Groups and Teams Security
  • Controlling Guest Access to Office 365 Groups
  • Remove guest access to group files
  • Disabling Guest Access for Office 365 Groups
  • Disabling ability for Office 365 Group guests to access content
  • Powershell for managing Office 365 Guest access
  • Controlling which users can create Office 365 Groups
  • Obsolete Office 365 Group Expiration and Removal
  • Finding and Archiving Obsolete Office 365 Groups
  • Office 365 Group Governance
  • Microsoft Teams Governance
  • Understanding Roles and Permissions in Microsoft Teams
  • Manage User Access to Microsoft Teams
  • Manage Guest Access to Teams
  • Manage Team Organizational Settings
  • Lab 12.1 Managing Office 365 Groups and Teams

Module 13: Office 365 Multi-Geo

  • Sample Multi-Geo Tenant Configuration
  • Implementing Multi-Geo
  • Office 365 Multi-Geo Features for SharePoint and OneDrive

Module 14: Office 365 Message Encryption (OME)

  • OME Configuration
  • OME Enhanced Recipient Experiences
  • Flexible controls for attachment encryption for recipients
  • Decrypting Attachments
  • Read Only and Attachment Download Restrictions in Exchange Online
  • Combining OME with blocked attachment download
  • Branding OME Encrypted messages
  • Branding/Advanced Configuration is not just for Branding
  • OME Integration with Data Loss Prevention (DLP)
  • OME Integration with Exchange Transport Rules
  • Encrypted Mail Revocation
  • Lab 14.1 Office 365 Message Encryption
Module 15
  • Microsoft 365 Sensitivity Labels
  • Sensitivity Labels for Files and Emails
  • Classification
  • Visual marking, watermarks, headers and footers
  • Protection – Encryption both inside/outside the organization
  • Double Key Encryption
  • Sensitivity Label Client Support
  • Client ‘Quirks’
  • Sensitivity Label Support for Office Files
  • Sensitivity Labels for Teams, 365 Groups and Sharepoint Sites
  • Sensitivity Label Administration
  • Sensitivity Label priority and grouping
  • 365 Group and Site vs File and email label ordering
  • Sublabels
  • Editing or deleting a sensitivity label
  • Label Policies
  • Label Analytics
  • Lab 15.1 Office 365 Sensitivity Labels
Module 16: Microsoft 365 Cloud App Security
  • Microsoft/Office 365 Cloud App Security
  • Overview
  • Background
  • Microsoft Cloud App Security vs Office 365 Cloud App Security
  • Office 365 Cloud App Security
  • Cloud App Security Licensing Options
  • Office 365 Cloud App Security
  • Microsoft Cloud App Security
  • Microsoft Cloud App Security Dashboard
  • User anonymization
  • Cloud App Catalog
  • App Sanctioning
  • Cloud App Security Activity Log
  • Files
  • Files Management Reports
  • Users and accounts
  • Governance Actions
  • Security Configuration
  • OAuth Apps
  • Deploy Conditional Access App Control
  • Cloud App Security Policy Templates
  • Policy Alerts
  • Scoping Cloud App Security
  • Cloud App Security Activity Privacy
  • Microsoft top tips for Using Cloud App Security
  • Generic SIEM integration
  • Azure Sentinel
  • Use Power BI with Cloud App Security data in Azure Sentinel
  • Lab 16.1 Cloud App Security
Module 17 Managing Insider Risks
  • Insider Risk Management
  • Insider Risk Management Requirements
  • Insider Risk Management Process
  • Insider Risk Management Settings
  • Privacy Settings
  • Policy Indicators
  • Policy timeframes
  • Intelligent detections
  • Export alerts
  • Priority user groups
  • Insider Risk Management Administration
  • Policies
  • Alerts
  • Cases
  • Insider Risk Management Scenarios
  • Communication Compliance
    • Configuration
    • Investigation
    • Resolution
  • Information Barriers
  • Information Barriers and Exchange ABP’s
  • Information barrier functionality
  • Information barrier configuration
  • Customer Lockbox
Module 18: Microsoft Threat Intelligence - Alerts - AIR - Microsoft 365 Defender - Secure Score
  • Microsoft Threat Intelligence
  • Microsoft Threat Intelligence Center (MSTIC)
  • Microsoft Security Roadmap
  • Microsoft Defender
  • Microsoft 365 Defender suite products
  • Microsoft 365 Defender cross-product features
  • Microsoft Defender Cross-product attack Simulation
  • Threat Management Administration
  • Threat Dashboard
  • Threat Explorer
  • Campaign Views
  • Threat Management Threat Tracker
  • Threat management Reviews
  • Office 365 Automated Investigation and Response (AIR)
  • AIR Security playbooks
  • AIR Security playbooks roll out
  • AIR requirements
  • AIR Investigation initiation
  • Automated Investigations
  • Investigation Graph
  • Investigation Alert Tab
  • Investigation Email Tab
  • Investigation User Tab
  • Investigations Machine Tab
  • Investigations Entities Tab
  • Investigation (Playbook) log tab
  • Investigation (Recommended) actions tab
  • Office 365 Threat Management Policy
  • Microsoft Defender for 365 anti-phishing
  • Microsoft Defender for Office 365 Safe Attachments and Safe Links
  • Microsoft Defender for Office 365 Safe attachments
  • Microsoft Defender for 365 Safe attachments integration with Sharepoint, OneDrive and Teams
  • Quarantine for SharePoint Online, OneDrive for Business, and Microsoft Teams
  • Microsoft Defender for Office 365 Safe attachments reports and alerts
  • Microsoft Defender for Office 365 Safe Links
  • Microsoft Defender for Office 365 Reports
  • Threat Management Anti-Spam Policies
  • Zero-Hour Auto Purge (ZAP)
  • Threat Management Anti Malware Policies
  • Preset Security Policies
  • Security Policy order of precedence
  • Configuration Analyzer
  • Threat Management DKIM settings
  • Enabling DKIM in Office 365
  • Domain-based Messaging and Reporting Compliance (DMARC)
  • Implementing DMARC in Office 365
  • Threat Management Attack Simulator
  • Attack simulation training
    • Policies
    • Payloads
    • Training
    • Insights
  • Defender 365 Advanced Hunting
  • Office 365 Alerts
  • Microsoft 365 Secure Score
  • Secure Score – “Old Skool”
  • Lab 18.1 Exchange ATP
  • Lab 18.2 Office 365 Alerts
  • Lab 18.3 Office 365 AIR
  • Lab 18.4 Secure Score

Module 19: Office 365 Data Loss Prevention

  • DLP Functionality
  • Components of DLP Policies
  • Sensitive Information Types
  • Creating a Custom DLP Policy
  • Microsoft EndPoint Data Loss Prevention
  • Conditions/Exceptions
  • Mark Files as Sensitive by Default
  • DLP Reports
  • Lab 19.1 Data Loss Prevention

Module 20: Office 365 Encryption

  • Data in transit
  • Data at rest
  • Encryption in Office 365 Products
    • Exchange Online
    • SharePoint Online and OneDrive for Business
    • Teams/Skype for Business Online
  • Customer Encryption Controls
  • Scenario 1 – Files are saved on Windows computers
  • Scenario 2 – Customers want control over the encryption keys used to encrypt your data in Microsoft data centers
  • Scenario 3 – Files are saved on mobile devices
  • Scenario 4 – People are communicating via email
  • Scenario 5 – Users are accessing files using SharePoint Online or OneDrive for Business
  • Microsoft 365 Information Protection Guides

Module 21: Office 365 Auditing, Report and Compliance Tools

  • Module Introduction
  • Microsoft 365 Usage Analytics
  • Dashboard Reports
  • Enabling Microsoft 365 Usage Analytics
  • Office 365 Auditing
  • Audit Log Permissions
  • Running an Audit Log Search
  • Viewing Audit Log Search Results
  • Filtering Audit Log Search Results
  • Exporting Audit Log Search Results
  • Advanced Audit in Microsoft 365
  • Audit log retention policies
  • Exchange Online Auditing - Deprecated
  • Compliance and Security Reports
  • Office 365 Management API
  • Microsoft Compliance Manager
  • Microsoft Service Trust Portal
  • Microsoft Trust Center
  • Microsoft 365 Secure Score
  • Compliance/Secure Score “Old Skool”
  • Microsoft Security Site
  • Lab 21.1 Office 365 Auditing
Read more

Why choose QA

Special Notices

Please note: Due to the dynamic nature of updates to Office 365 functionality by Microsoft, elements of the syllabus of this course can be subject to change without notice.

Please note: for Attend from Anywhere customers an additional screen is required. The additional screen must have a minimum screen size of 19 inch and minimum resolution of 1280x1024, with the vertical resolution (1024) being the most critical.

This course is one of the unique technical Office 365 QA authored Mastering courses.

Other technical courses within the QA authored curriculum for Office 365 include:

Dates & Locations

Microsoft 365 learning pathways

This course features in the following learning path:

= Required
= Certification
Technical Decision Maker
Office 365 General Administration
Exchange Online/Hybrid
SharePoint Online/Hybrid
Device Management, Identity and Services
Security and Compliance
Modern Desktop
Power Platform
Office 365 Development
Microsoft Teams
Office 365 General Administration Average salary: £ (based on QA research)
Modern Desktop Average salary: £ (based on QA research)
Microsoft Teams Average salary: £ (based on QA research)

Frequently asked questions

See all of our FAQs

How can I create an account on myQA.com?

There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.

If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".

If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.

Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.

How do QA’s virtual classroom courses work?

Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.

We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.

Learn more about our Virtual Classrooms.

How do QA’s online courses work?

QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.

All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.

Learn more about QA’s online courses.

When will I receive my joining instructions?

Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.

When will I receive my certificate?

Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.

Contact Us

Please contact us for more information