MC1254556 - Purview DSPM’s Data Risk Assessments now support item-level investigation and remediation of SharePoint

Message ID

MC1254556

View in Message Center

Service

Microsoft Purview

Published

Mar 17, 2026

Tag

Feature update

Admin impact

Roadmap ID

523202

View in M365 Roadmap

Platforms

Web

Summary

Purview DSPM Data Risk Assessments now support item-level investigation and remediation for SharePoint, enabling admins to detect and fix oversharing risks by applying sensitivity labels, notifying owners, or removing sharing links. This feature requires admin setup and will roll out worldwide by mid-March 2026.

More information

Introduction

Purview DSPM’s Data Risk Assessments now support item-level investigation and remediation for SharePoint data, helping organizations more precisely identify and reduce oversharing risk. New item-level insights such as sensitivity label status and sharing link details make it easier to pinpoint overshared content. Admins can take direct remediation actions on selected items, including resolving findings, notifying owners, applying sensitivity labels, or removing sharing links. These enhancements help organizations proactively reduce data exposure, strengthen compliance posture, and ensure sensitive data is accessible only to the right people.

This message is associated with Microsoft 365 Roadmap ID 523202.

When this will happen:

General Availability (Worldwide): We began rolling out early March 2026 and expect to complete by mid-March 2026.

How this affects your organization:

Who is affected:

Microsoft 365 administrators using Microsoft Purview DSPM Data Risk Assessments
Organizations that create custom assessments for SharePoint data

What will happen:

Admins can scan SharePoint data at the item level to detect potential oversharing risks.

user settings

Custom assessment results include a new Potentially overshared items tab.

user settings

Admins can remediate individual items by resolving findings, notifying owners, applying sensitivity labels, or removing sharing links.

user settings

The feature requires admin setup and is not enabled by default.

What you can do to prepare:

Work with your Entra administrator to configure an Entra application (service principal) to enable item-level scanning.
The setup process enables key item-level remediation actions like assigning sensitivity labels or removing sharing links from overshared items.
- Learn more: Prerequisites for Microsoft 365 item-level scanning for data risk assessments | Microsoft Learn
Review and complete prerequisites required for item-level remediation actions.
Update internal documentation for Purview administrators.
Notify security and compliance stakeholders of the new capabilities.

Compliance considerations

Compliance area	Impact and explanation
Modification of Information Protection labels or enforcement	Admins can apply sensitivity labels directly to individual SharePoint items as part of remediation.
Audit, monitoring, or compliance reporting capabilities	Admins gain new item-level visibility and remediation workflows within Purview DSPM Data Risk Assessments.
Admin controls	Item-level scanning and remediation require configuration of an Entra application (service principal) and explicit admin setup.