Microsoft Purview risk and compliance solutions

Microsoft Purview risk and compliance solutions help you manage and monitor your data, protect information, minimize compliance risks, and meet regulatory requirements. This article helps you learn about Microsoft Purview risk and compliance solutions and quickly get started with deploying these solutions to meet specific compliance needs for your organization.

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview trials hub. Learn details about signing up and trial terms.

Identify data risks and manage regulatory compliance requirements

Insider risks are one of the top concerns of security and compliance professionals in the modern workplace. Industry studies have shown that insider risks are often associated with specific user events or activities. Protecting your organization against these risks can be challenging to identify and difficult to mitigate. Insider risks include vulnerabilities in various areas and can cause major problems for your organization, ranging from the loss of intellectual property to workplace harassment, and more.

Microsoft Purview offers the following risk and compliance solutions to help your organization manage data risk and compliance requirements:

Detect and act on inappropriate and sensitive messages with communication compliance

Protecting sensitive information and detecting and acting on workplace harassment incidents is an important part of compliance with internal policies and standards. Microsoft Purview Communication Compliance helps minimize these risks by helping you quickly detect, capture, and take remediation actions for email and Microsoft Teams communications. These include inappropriate communications containing profanity, threats, and harassment and communications that share sensitive information inside and outside of your organization.

Manage your data lifecycle

Microsoft Purview Data Lifecycle Management (formerly Microsoft Information Governance) provides you with tools and capabilities to retain and delete content across Exchange, SharePoint, OneDrive, Microsoft 365 Groups, Teams, and Viva Engage. Retaining and deleting emails, documents, and messages are often needed for compliance and regulatory requirements. However, deleting content that no longer has business value also reduces your attack surface.

For more information, see Learn about data lifecycle management.

Microsoft Purview Records Management helps an organization manage its legal obligations, provides the ability to demonstrate compliance with regulations, and increases efficiency with regular disposition of items that are no longer required to be retained, no longer of value, or no longer required for business purposes. For more information, see Learn about records management.

Log and search for audited activities in SharePoint and OneDrive with Audit (Premium) or Audit (Standard)

Microsoft Purview auditing solutions provide integrated solutions to help organizations effectively respond to security events, forensic investigations, internal investigations, and compliance obligations. Thousands of user and admin operations performed in dozens of Microsoft 365 services and solutions are captured, recorded, and retained in your organization's unified audit log. Audit records for these events are searchable by security ops, IT admins, insider risk teams, and compliance and legal investigators in your organization. This capability provides visibility into the activities performed across your Microsoft 365 organization.

For more information about auditing solutions, see Learn about auditing solutions.

Electronic discovery, or eDiscovery, is the process of identifying, collecting, and auditing electronic information for legal, regulatory, or business reasons. You can use Microsoft Purview eDiscovery (preview) to search for data and content in Exchange Online, OneDrive, SharePoint, Microsoft Teams, Microsoft 365 Groups, and Viva Engage teams. You can search mailboxes and sites in the same eDiscovery search, and then export the search results for analysis and review.

Get started with regulatory compliance

Organizations must comply with a complex and evolving web of policies, industry standards, and regional regulations, and also cope with the increasing cost of potential non-compliance. In fact, there are hundreds of updates per day from thousands of regulatory bodies, making it challenging to keep up to date with the rapidly changing compliance landscape. Microsoft Purview Compliance Manager and a detailed collection of compliance offerings can help your organization manage these regulatory requirements.

Get started with Compliance Manager

Microsoft Purview Compliance Manager is a feature in the Microsoft Purview compliance portal that helps you manage your organization's compliance requirements with greater ease and convenience. Compliance Manager can help you throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors.

Learn about Microsoft regulatory compliance offerings

Microsoft offers a comprehensive set of compliance offerings to help your organization comply with national, regional, international, and industry-specific requirements governing the collection and use of data.

Deploy Purview compliance solutions

Area-specific solutions bring together the technical guidance you need to understand, plan, and implement integrated compliance solutions for secure and compliant data collaboration:

Next steps for organizations new to risk and compliance solutions