Updated September 19, 2023: We have updated the rollout timeline below. Thank you for your patience.
To assist in the implementation of security best practices, we are introducing new way to assign administrative privileges in the Microsoft Purview Data Lifecycle Management and Microsoft Purview Records Management solutions that will provide admins the least privilege access required for their job duties.
With this change (currently in public preview), organizations can leverage Administrative Units in Azure Active Directory (AAD) to define who can configure and manage policies in Microsoft Purview. This update will include the ability to set up a Data Lifecycle Management or Records Management admin for a specific geography, department, or other unit, who can manage retention and label policies for their unit.
This message is associated with Microsoft 365 Roadmap ID 117354.
[When this will happen:]
Rollout to general availability will begin in late September 2023 (previously late August) and is expected to be complete by early October 2023 (previously early September).
[How this will affect your organization:]
Once this feature rolls out, Data Lifecycle Management and Records Management administrators in your organization will have the ability to use administrative units to granularly define access to who can manage retention policies and label policies for different parts of the organization.
Previously, you were only able to assign a tenant-wide admin for Data Lifecycle Management. These people would configure and administer retention and label policies for every part of the organization. Now, you can associate Data Lifecycle Management administrators to one or more admin units. This enables administrators who can view and manage policies for only part of an organization to do so confidently without affecting other units. For example, you can designate an administrator for the Finance Admin Unit. This person can then create polices that apply only to Finance users, groups, or sites.
[What you need to do to prepare:]
There is nothing you need to do to receive this feature.
You may consider updating any training or reference material for your Data Lifecycle Management and Records Management administrators and evaluate if you would like to use this new capability.
Get started with Data Lifecycle Management and Records Management in the Microsoft Purview compliance portal.
Learn more: Permissions in the Microsoft Purview compliance portal