Microsoft is making Insider Risk Management in Purview even more useful with the introduction of a Policy Recommendation panel, a feature designed to help admins quickly spot gaps in their current risk coverage and strengthen their defenses.

Let’s face it: even with policies in place, it’s not always easy to know what you might be missing. That’s where this new capability comes in. It analyzes your existing setup and highlights missing or high-impact policies, offering clear, actionable suggestions to improve your security posture.

What’s new?

The Policy Recommendation panel lives directly on the Policies page and automatically reviews your current configuration. Using built-in analytics, it identifies areas where you could increase protection and recommends policies to cover common insider risk scenarios like:

• Data leakage
• Data theft
• IP theft
• Risky AI usage
• Other security violations

It’s essentially a built-in advisor that helps you get more value from Insider Risk Management without needing to manually audit everything.

A quick reminder: what Insider Risk Management does

Microsoft Purview Insider Risk Management works by correlating signals across your environment to detect potentially risky behavior, whether intentional or accidental.

It’s also designed with privacy in mind, including:

• Pseudonymization by default
• Role-based access controls
• Audit logs for transparency

So you can investigate risks while still protecting user privacy.

Rollout timeline

• Public Preview: Mid–June 2026 → Late June 2026
• General Availability: Mid–July 2026 → Late July 2026

This message is associated with Microsoft 365 Roadmap ID 560600.