Warning: This post was written by me, not AI. ๐
I’ve spent enough time with customers implementing Microsoft Purview features that I’m starting to see patterns for success. One of those patterns is ensuring the right roles across the organization are involved with the appropriate level of responsibility throughout the implementation.
From my observations working with customers implementing Purview features, it’s more than a 1-team effort… IT, Compliance, or Cybersecurity teams, for instance, can’t do it alone. Purview features like information protection and records management are usually part of a much broader Data Governance program requiring engagement from a myriad of roles across the organization at times, each contributing their unique perspectives and expertise. This collaborative approach helps to ensure both a comprehensive and effective implementation.
It is common for organizations to establish a Data Governance committee where the appropriate roles are represented; however, this alone is not sufficient. It runs the risk of too many participants involved in decision-making, hindering progress. Believe me, I’ve seen it many times. There is an ebb and flow to any data governance program demanding different roles having different responsibilities at different times.
To address this, I have created a series of RACI charts for the Purview features with which I am familiar:
- Information Protection (MIP)
- Data Loss Prevention (DLP)
- Data Lifecycle Management and Records Management (DLM/RM)
- Insider Risk Management (IRM)
- Communications Compliance (CC)
What is a RACI chart? It’s a tool used to clarify roles and responsibilities in a project. It stands for Responsible, Accountable, Consulted, and Informed, indicating who is responsible for tasks, who makes decisions, who provides input, and who needs updates. This helps ensure everyone knows their role, reducing confusion and improving project management.
There must be only one Accountable role specified for each task or deliverable.
The tasks/deliverables I’ve chosen for the RACI chart for each Purview feature are the key high-level ones I see with customers I work with; however, they do not address all the tasks that need to be done. The intent of my task selection is to demonstrate the disparate roles required for each and what I believe their key responsibilities are.
Adhering to the tasks outlined in the charts certainly does not guarantee a successful implementation of the Purview feature. You must right-size the RACI charts for your organization, add/remove tasks to suit your unique implementation, and apply your organization-specific roles to each. In short, these charts aren’t perfect – they’re my interpretation of what is required.
Link to view/download RACI charts: Purview RACI charts
If you found them useful, let me know! If you think I’ve missed something major, let me know that too! ๐
Good luck on your Purview implementation!
-JCK