Use the following table to understand the detailed permissions for different activities in Data Security Posture Management for AI.
Permissions by activities
Activities
Microsoft Entra ID Compliance Administrator role
Microsoft Entra ID Global Administrator role
Microsoft Purview Compliance Administrator role group
Microsoft Purview Security Reader role group
When not supported, additional role groups required
View all get started steps
✓
✓
✓
✓
Not applicable
Complete action on getting started steps
✓
✓
✓ Excludes Activate Audit
✕
Microsoft Exchange Compliance Management
Microsoft Exchange Records Management
Microsoft Exchange Organization Management
View completion status of getting started steps
✓
✓
✓ Excludes status of Activate Audit
✓ Excludes:
Status of Activate Audit
Status of Extend Your Insights
For Activate Audit:
Microsoft Exchange View-Only Organization Management
Microsoft Exchange Hygiene Management
Microsoft Exchange Compliance Management
Microsoft Exchange Records Management
Microsoft Exchange Organization Management
For Extend Your Insights:
Microsoft Purview Insider Risk Management Administrator
Microsoft Purview Insider Risk Management Analyst
Microsoft Purview Insider Risk Management Investigator
View all recommendations from the Recommendations page
✓
✓
✓
✓
Not applicable
Complete actions on recommendation cards
✓
✓
✓
✕
Not applicable
View completion status of recommendation cards
✓
✓
✓
✓ Excludes Unethical Behavior card
Communication Compliance Administrator
View all graphs from the Reports page
✓
✓
✓
✓
Not applicable
View all policies in the policy list
✓
✓
✓
✓ Excludes:
Insider risk management policies
Communication compliance policies
For insider risk management polices:
Microsoft Purview Insider Risk Management Administrator
Microsoft Purview Insider Risk Management Analyst
Microsoft Purview Insider Risk Management Investigator
For communication compliance policies:
Communication Compliance Administrator
View all events in activity explorer
✓ Excludes browse to URL (AI Visit) from insider risk management
✓ Excludes browse to URL (AI Visit) from insider risk management
✓ Excludes browse to URL (AI Visit) from insider risk management
✓ Excludes browse to URL (AI Visit) from insider risk management
Microsoft Purview Insider Risk Management Analyst
Microsoft Purview Insider Risk Management Investigator
View user risk level of an individual user in all events from activity explorer
View link to view user details in insider risk management in all events from activity explorer
✕
✕
✕
✕
Microsoft Purview Insider Risk Management Analyst
Microsoft Purview Insider Risk Management Investigator
View the prompts and responses within AI Interaction events from activity explorer
✕
✕
✕
✕
Microsoft Purview Content Explorer Content Viewer
Create data assessments
✓
✓
✓
✕
Not applicable
View data assessments
✓
✓
✓
✓
Not applicable
View file details for data assessments
✕
✕
✕
✕
Microsoft Purview Content Explorer Content Viewer
Content Explorer List Viewer
Custom role groups
Instead of granting access to Data Security Posture Management for AI by using the built-in role groups, you can grant access by including either the Microsoft Purview Compliance Administrator role or the Microsoft Purview Security Reader role in a custom role group.
If a custom role group includes the Microsoft Purview Compliance Administrator role, the user has the same access to Data Security Posture Management for AI as the Microsoft Purview Compliance Administrator role group, except for the following:
Create, view, update, and delete policies for insider risk management and communication compliance
If a custom role group includes the Microsoft Purview Security Reader role, the user has the same access to Data Security Posture Management for AI as the Microsoft Purview Security Reader role group, except for the following:
Develop skills in securing and governing data within AI-driven environments, using Microsoft Purview to navigate AI risks and ensure compliance. This path enhances your understanding of adapting security and governance strategies in response to the evolving landscape of AI technology.