I wanted to point you to an excellent whitepaper that discusses compliance across the entire 2007 Microsoft Office System. Rather than talk about specific certifications Microsoft is pursuing (like DoD 5015.2), the paper explains the other side of compliance. It provides an overview of the compliance space and showcases the tools that Microsoft provides to help customers comply with regulations like Sarbanes-Oxley. Certainly many of the features on this blog are mentioned in the paper, but there are plenty of other products and features in there as well (Excel Services, Microsoft Office Forms Server 2007, Microsoft Exchange Server 2007, and a lot more)
Here’s a summary of the paper:
“Compliance Features in the 2007 Microsoft Office System” showcases compliance-related features and extensibility opportunities within the 2007 Microsoft Office system, and demonstrates how the Office system can help you meet the demands of regulatory compliance. Out-of-the-box, the 2007 Office system provides many of the fundamental components required to support compliance regulations, such as auditing, records management, and data security. However, some degree of development and customization is necessary to tailor regulation-compliant solutions for particular organizations and environments. This paper provides examples of extending the platform to build custom compliance solutions for the financial services, healthcare, and accounting fields. The target audience includes developers, technical architects, and technical decision makers interested in delivering business solutions that leverage and extend the compliance-related feature set of the 2007 Microsoft Office system.
Joanna Bichsel, the author of the paper, also has a blog post about it.