Microsoft Purview Insider Risk Management will allow selecting multiple DLP policies as triggering events, enhancing flexibility and risk detection. Public preview starts late August 2025; general availability in December 2025. No action required, but admins can improve policy customization and compliance monitoring.
Introduction:
Microsoft Purview Insider Risk Management is enhancing policy configuration by enabling the selection of multiple Data Loss Prevention (DLP) policies as triggering events. Previously, only one DLP policy could be selected per Insider Risk Management policy. This update provides greater flexibility and alignment with complex organizational risk scenarios.
This message is associated with Microsoft 365 Roadmap ID 493756
When this will happen:
How this affects your organization:
This update does not change existing configurations or require any action. It simply allows eligible admins to select multiple DLP policies as triggering events when creating or editing Insider Risk Management policies. This enhancement supports more comprehensive risk detection scenarios and improves policy customization.
What you can do to prepare:
No preparation is needed. However, you may wish to review your current Insider Risk Management policies and consider whether leveraging multiple DLP triggers could improve your risk detection strategy.
Compliance considerations:
| Compliance Area | Explanation |
|---|---|
| Does the change modify how admins can monitor, report on, or demonstrate compliance activities? | Yes – Admins can now configure policies with multiple DLP triggers, enhancing monitoring and reporting capabilities. |
| Does the change include an admin control and, can it be controlled through Entra ID group membership? | Yes – Policy configuration is managed by admins and can be scoped using role-based access controls. |