Services
Affected Platforms
Summary
Microsoft Purview Insider Risk Management will enhance the Risky AI usage policy to support priority content, allowing alerts only for sensitive content involvement. Public preview starts mid-July 2025; general availability begins mid-September 2025. No admin action is needed before rollout; review policies to define priority content.
Details
Updated August 21, 2025: We have updated the timeline. Thank you for your patience.
Coming soon: Microsoft Purview Insider Risk Management is enhancing the Risky AI usage policy template with support for priority content. This allows organizations to define what content is most sensitive—such as Sensitive Info Types (SITs), Trainable Classifiers, and Sensitivity Labels—and receive alerts only when risky AI activity involves that content.
This message is associated with Microsoft 365 Roadmap ID 484085.
When this will happen:
Public Preview: We will begin rolling out mid-July 2025 and expect to complete by late July 2025.
General Availability (Worldwide): We will begin rolling out mid-September 2025 (previously mid-August) and expect to complete by late September 2025 (previously late August).
How this will affect your organization:
This update enables more targeted risk detection by allowing admins to specify content to be considered high priority. Alerts will only trigger when risky AI activity involves this defined content, reducing noise and improving signal clarity.
The feature will be available by default and configurable by admins.
No changes will be made to existing policies unless updated by your organization.
Priority content matched in Insider Risk Management > Alerts:
Define priority content in the policy at Insider Risk Management > Content to prioritize > New insider risk policy > Decide whether to prioritize content:
What you need to do to prepare:
This rollout will happen automatically by the specified dates with no admin action required before the rollout. Review your current configuration to assess the impact on your organization. You may want to notify your admins and/or users about this change and update internal documentation.
Review your current Insider Risk Management policies and identify content that should be marked as priority.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Learn more: The Prioritize content in policies section of Create and manage insider risk management policies | Microsoft Learn (will be updated before rollout)