This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 42%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
Secure score recommdations are suggesting I Protect all users with a user risk policy, but as far as anyone here knows. We do have User Risk Policy enabled and the implementation status says 5 out of 600 users do not have the policy enabled. They're not excluded from the policy in AD, and I'm not sure how I'm supposed to identify them or look for them, are there any tips for this? Or anything that may have been overlooked that would keep users from having a risk policy despite no exclusions
Hi,
Can you check risky users detected tab under portal.azure.com and also check the Users at Risk Reports. Should provide you some information on the users, also did you included all the admins and standard users for Risk Policy?
==
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Sorry if this isn't what you're asking for, but:
There doesn't appear to be anyone under risky users, and I'm not sure what you mean by users at risk reports (if it's the same thing as the other stuff grouped with risky users, then those are all empty as well right now), do you mind telling me where to find that?
And yes, all users are included, there are no exclusions or people left out to my knowledge.
Hi,
Can you check the score and click the link here for detailed information - security.microsoft.com.
Click on the secure Score tab and check the recommendations and history of users.
On other note if the score is 95% with low risk users I would not worry, some actions are scored for partial completion, like enabling multi-factor authentication (MFA) for your users.
Detailed information over here on how the calculation is done. microsoft-secure-score
=
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
There are 6 users that are excluded from the MFA registration policy, would that manifest as 5 users not have the risk policy enabled?
I'll check your suggestions as well
Hello there,
How can I get a report of detection of a specific type?
Go to the risk detection view and filter by ‘Detection type’. You can then download this report in .CSV or .JSON format using the Download button at the top.
https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/troubleshooting-identity-protection-faq
For better understanding you can dig deep into the reports to investigate these risks.
Identity Protection provides organizations with three reports they can use to investigate identity risks in their environment. These reports are the risky users, risky sign-ins, and risk detection. Investigation of events is key to better understanding and identifying any weak points in your security strategy.
Here is the link for detailed description https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-investigate-risk
----------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept it as an answer--