In this training, you'll learn how to use Microsoft Purview to comply with regulations around privacy, information security, and records management. You'll discover how to identify, classify, and protect sensitive information, set retention periods, and support audits, investigations, and reporting. Through practical exercises, you'll work with labels, policies, DLP, eDiscovery, and audit logs, gaining directly applicable knowledge for your organisation. The training closely aligns with current requirements around data governance, security, and GDPR compliance.

What you'll learn

• The role of Microsoft Purview within data compliance and information security.
• Identifying and classifying sensitive data using (auto)labels and classifiers.
• Setting up retention and records management for retention periods and deletion.
• Designing Data Loss Prevention (DLP) policies to prevent data leaks.
• Working with eDiscovery and Legal Hold for investigations and legal requests.
• Using audit logs and reports for oversight, audits, and incident investigation.
• Best practices for embedding compliance in a Microsoft 365 environment.

Programme

Part 1 – Introduction to Data Compliance & Microsoft Purview

• Legislation and regulation (GDPR, records and sector-specific legislation) in relation to Purview.

Part 2 – Classification & Labels

• Identifying sensitive information, (auto)labels, sensitivity labels, and policy rules.

Part 3 – Retention & Records Management

• Retention periods, deletion, records, and applying policies to M365 content (mail, Teams, SharePoint).

Part 4 – Data Loss Prevention (DLP)

• Designing, testing, and rolling out DLP policies; preventing data leaks and unwanted exports.

Part 5 – eDiscovery & Legal Hold

• Setting up cases, running searches, preserving content, exporting, and documentation.

Part 6 – Audit Logs & Reporting

• Activity logs, alerts, dashboards, and evidence for audits and investigations.

Part 7 – Policy, Processes & Adoption

• Roles and responsibilities, governance model, communication, and change management.

Part 8 – Best Practices & Q&A

• Real-world examples, common mistakes, and next steps for your organisation.

‍

• Compliance officers, privacy officers, and DPOs.
• Security and risk managers responsible for security and regulatory adherence.
• Information and records managers.
• Microsoft 365 and security administrators.
• Data stewards and data owners managing sensitive information.

Prerequisites

• Basic knowledge of Microsoft 365 (SharePoint, Teams, Exchange) is recommended.
• Understanding of privacy and security concepts (e.g. GDPR, data breaches, retention periods) is helpful.
• No in-depth Azure technical knowledge required; all core concepts are explained in the training.