Microsoft Purview compliance portal: View-only role management enhancements

🚨 The Signal: Microsoft Purview and Defender portals now allow Global Reader and Security Reader roles to view compliance role assignments. This enhances audit visibility and transparency for security teams without granting modification rights, improving governance.

The Impact

Global Reader and Security Reader roles gain read-only access to Purview role assignments, reducing blind spots for security teams and auditors.

  • Security Teams: Enhanced visibility into Purview role assignments for auditing.
  • Auditors: Improved transparency for compliance and access reviews.
  • Global Readers: New read-only access to critical security configurations.
  • Security Readers: Expanded view-only access for security posture assessment.

The Action

  1. Review internal governance and auditing processes to leverage this enhanced visibility.
  2. Communicate the new view-only capabilities to relevant security and audit personnel.

Domain: Purview · Impact: low · Workload: Microsoft Purview · Essential Eight: Restrict Administrative Privileges · ISM: ISM-0445, ISM-1175, ISM-1380, ISM-1507, ISM-1508, ISM-1509, ISM-1647, ISM-1648, ISM-1650, ISM-1686, ISM-1688, ISM-1689, ISM-1883, ISM-1897, ISM-1898