MC1259826 - Microsoft Purview: Data Security Investigations – role-based access simplification

Introduction

We’re simplifying how organizations manage access to Data Security Investigations (DSI) in Microsoft Purview. Based on customer feedback and continued alignment with Data Security Posture Management (DSPM), Insider Risk Management (IRM), and Microsoft Defender XDR, the DSI Admin and DSI Contributor roles will automatically be included in additional role groups. This reduces manual assignments and helps teams that frequently work across these solutions have the right access by default.

This message is associated with Microsoft 365 Roadmap ID 558546.

When this will happen

General Availability (Worldwide): Rolling out in late April 2026 and expected to complete by late April 2026.

How this affects your organization

Who is affected

Admins managing roles and permissions in the Microsoft Purview compliance portal

What will happen

The Data Security Investigation Contributor role will automatically be added to these role groups:
- Organization Management
- Data Security Management
- Insider Risk Management
Members of these role groups will automatically receive the corresponding DSI access.
No existing permissions or role assignments will be removed.
No opt-in is required; this change applies by default.

What you can do to prepare

No action is required before rollout.

You may want to:

Review which users in your organization are members of the affected role groups.
Confirm that the resulting DSI access is appropriate for those users.
Update internal access management documentation, if needed.

Learn more:

Compliance considerations

This change will automatically grant DSI access to members of the affected role groups. Admins should review current role group membership and ensure DSI access aligns with their organization's security and compliance requirements.