![Microsoft Purview: Data Security Investigations – role-based access simplification [MC1259826]](https://mwpro.co.uk/wp-content/uploads/2025/06/pexels-atahandemir-28779687-1024x683.webp "Microsoft Purview: Data Security Investigations – role-based access simplification [MC1259826] 1")
[Introduction]
We’re simplifying how organizations manage access to Data Security Investigations (DSI) in Microsoft Purview. Based on customer feedback and continued alignment with Data Security Posture Management (DSPM), Insider Risk Management (IRM), and Microsoft Defender XDR, the DSI Admin and DSI Contributor roles will automatically be included in additional role groups. This reduces manual assignments and helps teams that frequently work across these solutions have the right access by default.
This message is associated with Microsoft 365 Roadmap ID 558546.
[When this will happen]
- General Availability (Worldwide): Rolling out in late April 2026 and expected to complete by late April 2026.
[How this affects your organization]
Who is affected
- Admins managing roles and permissions in the Microsoft Purview compliance portal
What will happen
- The Data Security Investigation Contributor role will automatically be added to these role groups:
- Organization Management
- Data Security Management
- Insider Risk Management
- Members of these role groups will automatically receive the corresponding DSI access.
- No existing permissions or role assignments will be removed.
- No opt-in is required; this change applies by default.
[What you can do to prepare]
No action is required before rollout.
You may want to:
- Review which users in your organization are members of the affected role groups.
- Confirm that the resulting DSI access is appropriate for those users.
- Update internal access management documentation, if needed.
Learn more:
- Learn about Data Security Investigations | Microsoft Purview | Microsoft Learn
- Permissions in the Microsoft Purview portal | Microsoft Purview | Microsoft Learn
[Compliance considerations]
This change will automatically grant DSI access to members of the affected role groups. Admins should review current role group membership and ensure DSI access aligns with their organization’s security and compliance requirements.
Source: Microsoft
Latest Posts
- GCP Release Notes: March 25, 2026
- (Updated) Microsoft OneNote | Sensitivity labels now available on desktop, web, iOS, Android, and Mac [MC1157712]
- (Updated) Microsoft 365: Modern Access Request and Access Denied web page [MC1188599]
- Microsoft Teams town halls now support backup Real-Time Messaging Protocol (RTMP) streams [MC1261595]
![Offline attachments policy for the new Outlook for Windows [MC1259820]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-enginakyurt-3219549-150x150.webp "Offline attachments policy for the new Outlook for Windows [MC1259820] 6")
![Microsoft Purview: Data Security Investigations – analyze files tied to audit log activities [MC1259827]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-hngstrm-1983924-150x150.webp "Microsoft Purview: Data Security Investigations – analyze files tied to audit log activities [MC1259827] 7")