DORA Regulations and Azure CSP (Reseller)

Cristian Nedelcu 20 Reputation points
2025-01-17T17:25:08.6266667+00:00

Hi team - we have customers asking us for DORA addendums in their Azure contracts - as they are in our CSP model, that would fall under the MCA framework - what is the guidance from Microsoft on that, has the MCA been updated so that it is fit for purpose under the DORA framework?

Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
955 questions
{count} votes

Accepted answer
  1. Rahul Podila 1,570 Reputation points Microsoft Vendor
    2025-01-20T11:34:32.57+00:00

    Hi @Cristian Nedelcu

    Microsoft does not offer a specific DORA addendum for the Microsoft Cloud Agreement (MCA) or other direct agreements such as Enterprise Agreements (EA). However, as I mentioned earlier, the Azure service is already designed to meet many of DORA's key requirements, particularly in terms of business flexibility, security, and risk management.

    If your customer has specific concerns or requirements related to DORA, you can work with Microsoft to find information that best suits their needs. Microsoft offers several compliance tools, such as Azure Compliance Manager and Trust Center, which can help demonstrate Azure's compliance with various regulations and standards, including those related to DevOps and software development.

    Additionally, Microsoft provides guidance and best practices for implementing DevOps practices in Azure, which can help your customer achieve their DevOps goals while also meeting their compliance and security requirements.

    If you have any further queries, do let us know


    If the answer is helpful, please click "Accept Answer" and "Upvote it"

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.