Microsoft Purview | Insider Risk Management: Updated user scoping features in policies

Updated: We have updated the timeline for gov clouds. Thank you for your patience. 

Microsoft Purview | Insider Risk Management will roll out enhancements to user scoping features in policies,

This message is associated with Microsoft 365 Roadmap ID 412942.

When this will happen:

General Availability (Worldwide): We will begin rolling out late June 2025 and expect to complete by early July 2025.

General Availability (GCC, GCC High, DoD): We will begin rolling out early October 2025 and expect to complete by late January 2026 (previously early November 2025).

How this will affect your organization:

After this rollout, Insider Risk Management admins with appropriate permissions can select combinations of users, groups, and adaptive scopes to include or exclude from Insider Risk Management policies in the Microsoft Purview portal at New insider risk policy > Users and groups > Exclusions (optional):

This change will be available by default.

What you need to do to prepare:

This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current configuration to assess the impact on your organization. You may want to notify your users about this change and update any relevant documentation.

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Learn more about creating policies in Microsoft Purview Insider Risk Management