Data

Tier 1 Checks

#	Check	License
P01	Sensitivity labels are configured	—
P02	Sensitivity label policies are published to users	—
P03	Mandatory labeling is enabled in sensitivity label policies	—
P04	Users must provide justification to downgrade sensitivity labels	—
P05	Sensitivity labels with encryption are configured	—
P06	Container labels are configured for collaborative workspaces	E5 / Compliance add-on
P07	Auto-labeling policies are configured for all workloads	E5 / Compliance add-on
P08	Data loss prevention policies are enabled	—
P09	Endpoint data loss prevention policies are configured	E5 / Compliance add-on
P10	Purview audit logging is enabled	—
P11	Email retention policies are configured	—

Tier 2 / Tier 3 coverage

Tier 1 covers the essentials of label taxonomy, encryption, and DLP. Tier 2 adds depth on adaptive protection, insider risk management, communication compliance, trainable classifiers, custom sensitive information types, exact data match, message encryption branding, and the rapidly-evolving AI-app data-governance surface (Copilot prompts, Edge for Business browser DLP).

📩 Don't Miss the Next Solution

Join the list to see the real-time solutions I'm delivering to my GCC High clients.

Tier 1 Checks​

Tier 2 / Tier 3 coverage​

📩 Don't Miss the Next Solution

Tier 1 Checks

Tier 2 / Tier 3 coverage