with one click
purview-insider-risk-management
Guidance for Microsoft Purview Insider Risk Management (IRM) — detect, investigate, and act on risky user activity (data theft by departing employees, intellectual property leaks, security policy violations) using signals from M365, Entra, Defender, Windows endpoints, HR systems, and Adaptive Protection. Covers policy templates (data theft by departing users, data leaks, security policy violations), HRIS connector setup, indicator selection, sequence detection, anomaly detection, alerts triage, case investigation with content explorer, integration with eDiscovery and Communication Compliance, Adaptive Protection's automatic DLP policy adjustment, privacy controls (pseudonymization), role separation, and tenant-allow-list. WHEN: insider risk management, IRM policy, data theft departing user, IP leak detection, HRIS connector Purview, Adaptive Protection, insider risk indicators, sequence detection Purview, IRM case investigation, IRM privacy controls, IRM pseudonymization, insider risk Sentinel. DO NOT USE for
Install with Codex or Claude Copy this prompt, paste it into Codex, Claude, or another assistant, and let it review the skill page and install it for you.