SSPA Compliance

Thinking about becoming a supplier for Microsoft? Then you’ll need a Supplier Security and Privacy Assurance (SSPA) certification.

Microsoft requires strict security protocols from its suppliers to protect information it defines as Confidential Data and Personal Data. Their SSPA program is designed to drive adoption of these rigorous security standards through an ongoing annual compliance cycle. Enrolling in the program means reviewing up to 53 Data Protection Requirements (DPR) and achieving compliance with each requirement applicable to your business.

For those working through an SSPA certification, the process can be daunting. Clark Nuber’s professionals will help you navigate the process by:

  • Interpreting the intent of each requirement and the practical application for your business
  • Guiding you through the DPR and the necessary documentation using our custom tools
  • Consulting with you on improving cybersecurity protocols
  • Understanding the deadlines and options for extensions of time

At a minimum, the SSPA program provides assurance to Microsoft about the ongoing state of security and privacy controls in place at your business. Beyond that, the program helps you understand the additional responsibilities that come along with the work Microsoft awarded you.

Next Steps

Clark Nuber is designated as a Preferred Assessor by Microsoft. As such, we are well versed in SSPA requirements, cybersecurity best practices, and methods for maintaining your compliance annually. If you have any questions on SSPA compliance, or you’re ready to get started, send us an email.

Ready to talk?

Contact us to get the conversation started.


Customer service, expertise, and a partner mindset is what we love about Clark Nuber. Even before any contracts are signed, they act as a strategic advisor embedded in our own team’s process. The attention to detail and customer care from the entire team makes working with them an absolute pleasure.


Clark Nuber was instrumental in getting Northwest Event Technology through the SSPA audit process. Their team is a great resource to help small companies like ours navigate the privacy requirements of our largest client.

Matt Everham

General Manager,
Northwest Event Technology