FAQ

What is the CMI (formerly known as SCA) Program?
The Control Monitoring Insights (CMI) Program performs ongoing monitoring of transactions globally using criteria determined by the CMI program leadership and the Controls and Compliance community. For details regarding the CMI schedule for this fiscal, please refer to the CMI Portal.

What is the SRMM Program?
The Spend Risk Management Modernization (SRMM) Program was launched by the Finance BI C&C and FinOps.  It is an enterprise program that assesses risk end-to-end for each spend transaction, with the vision of modernizing how we manage risk for the company, empowering our employees and business partners to do more via fast, compliant processes and tools.  For more details, read FAQs here.

Why am I here?
You have been identified as the Transaction Owner or alternate point of contact for a selected transaction(s). For all these cases, we would request you to respond to the questionnaire(s) and share the relevant evidence.

Why are you collecting this information?
EY has begun its testing globally for all the controls in scope. This testing cycle, one of our selections, requires additional information from you.

Whom should I contact about these programs?

1. CMI - Please refer to the CMI Portal Contact Page.
2. SRMM - Please contact Ayomide Cole (ayomidecole@microsoft.com) or srmm@microsoft.com.

What if I don’t respond?
The responses/evidences are required to conclude the testing and it will impact compliance results for your Area/Organization.

Privacy & CookiesData Protection Notice (DPN)