check before: 2026-04-01
Product:
Microsoft 365 Apps, Purview, Purview Communication Compliance, Purview Data Loss Prevention, Purview Information Protection, Purview Insider Risk Management
Platform:
Online, Web, World tenant
Status:
In development
Change type:
New feature, User impact, Admin impact
Links:
Details:
Summary:
Microsoft Purview is updating permissions so all roles with DLP policy view access can also run diagnostics, enhancing troubleshooting and visibility without changing enforcement. This rollout begins late April 2026 and affects various admin and compliance roles. No action is required from organizations.
Details:
[Introduction]
We're updating permissions in Microsoft Purview so that all roles that can view Data Loss Prevention (DLP) policies can also run diagnostics on those policies. This change improves visibility and helps authorized users more easily troubleshoot, validate, and understand DLP policy behavior without requiring elevated permissions.
This message is associated with Microsoft 365 Roadmap ID 557192.
[When this will happen]
General Availability (Worldwide): We will begin rolling out in late April 2026 and expect to complete rollout by late May 2026.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2026-04-10
updated:
2026-04-10
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Increased Risk of Misconfiguration
With more roles having access to run DLP diagnostics, there is a potential risk of misconfiguration or incorrect diagnostics being run, leading to false positives or negatives in DLP policy enforcement.
- roles: Compliance Admin, Security Admin
- references: https://learn.microsoft.com/troubleshoot/microsoft-365/purview/diagnostics/purview-compliance-diagnostics" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/troubleshoot/microsoft-365/purview/diagnostics/purview-compliance-diagnostics, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=557192
User Experience Variability
The expanded access may lead to variability in user experience as more users can run diagnostics, potentially leading to confusion or inconsistent interpretations of DLP policy behavior among different roles.
- roles: Information Protection Analyst, Security Reader
- references: https://sip.purview.microsoft.com/datalossprevention/diagnostics, https://learn.microsoft.com/troubleshoot/microsoft-365/purview/diagnostics/purview-compliance-diagnostics" target="_blank" rel="nofollow noopener noreferrer">https://learn.microsoft.com/troubleshoot/microsoft-365/purview/diagnostics/purview-compliance-diagnostics
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
