![Microsoft Purview: Upcoming Update to Audit Records for Microsoft Purview Role Group Changes [MC1090695]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-evgeny-tchebotarev-1058775-4101555-1024x683.webp "Microsoft Purview: Upcoming Update to Audit Records for Microsoft Purview Role Group Changes [MC1090695] 1")
Message ID: MC1090695
To improve clarity and transparency, we’re updating the audit log messages for Microsoft Purview role group membership changes. This affects events under the SecurityComplianceRBAC workload (RecordType 87), specifically for the GrantPermission and DeletePermission operations. While the audit schema remains unchanged, the PreExecutionMessage and PostExecutionMessage fields will be refined to more accurately reflect the nature of the changes captured in the logs.
[When this will happen:]
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out on early August 2025 and expect to complete by mid-August 2025.
[How this will affect your organization:]
If your organization consumes these audit log events programmatically (e.g., via scripts or automation tools), the updated message content may affect how these logs are parsed or interpreted. No changes are required if you do not rely on these specific fields.
[What you need to do to prepare:]
Review any scripts, automation, or monitoring tools that parse the PreExecutionMessage or PostExecutionMessage fields for the affected operations. Update your logic as needed once the refined messages are available in your environment.
For more information about audit logging in Microsoft Purview, visit: Search the audit log.
[Compliance considerations:]
- Does the change alter how existing customer data is processed, stored, or accessed? Yes (audit log message content is refined)
- Does the change alter how admins can monitor, report on, or demonstrate compliance activities? Yes
Source: Microsoft
Latest Posts
- Microsoft 365 Copilot June 2025: Top Features, Costs and Privacy Insights
- Microsoft 365 Upcoming Secure by Default Settings Changes [MC1097272]
- Microsoft 365 Upcoming Secure by Default Settings Changes [MC1097272]
- Microsoft named a Leader in the 2025 Gartner® Magic Quadrant™ for Analytics and BI Platformsr
![Update to Default blocked file types in Outlook web and new Outlook for Windows [MC1090702]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-pixabay-33044-150x150.webp "Update to Default blocked file types in Outlook web and new Outlook for Windows [MC1090702] 7")
Thanks for flagging this update—adjustments to audit log messaging for Purview role group changes are a big deal for those of us managing compliance workflows. Having clearer visibility into SecurityComplianceRBAC events (RecordType 87) will definitely help with traceability during access reviews and audits. Looking forward to seeing how granular the new logs get.