RoleGroup List
Detail: Security & Compliance Center (SCC)
| RoleGroup | Role Description |
|---|---|
| Purview Administrators | Purview Administrators can create, edit and delete domains and perform role assignments. |
| Attack Simulator Administrators | Create and manage all aspects of attack simulation campaigns. |
| Attack Simulator Payload Authors | Create and manage attack payloads that can be deployed by attack simulator administrator. |
| Audit Manager | Manage Audit log settings and Search, View, and Export Audit logs. |
| Billing Administrator | Can configure Billing features. |
| eDiscovery Manager | Perform searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations. |
| Insider Risk Management Analysts | Analysts of insider risk management that can triage alerts, investigate and action on cases (but cannot explore content). |
| Communication Compliance Investigators | Analysts of communication compliance that can investigate policy matches, view message content, and take remediation actions. |
| Privacy Management Analysts | Analysts of privacy management solution that can investigate policy matches, view messages meta data, and take remediation actions. |
| Subject Rights Request Administrators | Administrators who are able to create subject rights requests. |
| Data Security Management | Aimed at centralizing data security management within an organization, this role group allows members to access Data Security Analytics insights, use Copilot for Security, and fully manage data security solutions such as Information Protection, Data Loss Prevention, and Insider Risk Management. |
| Data Investigator | Perform searches on mailboxes, SharePoint Online sites, and OneDrive for Business locations. |
| Communication Compliance Analysts | Analysts of communication compliance that can investigate policy matches, view messages meta data, and take remediation actions. |
| Communication Compliance Viewers | Viewer of communication compliance that can access the available reports and widgets. |
| Compliance Data Administrator | Manage settings for device management, data protection, data loss prevention, reports, and preservation. |
| Compliance Manager Administrators | Manage template creation and modification. |
| Compliance Manager Assessors | Create assessments, implement improvement actions, and update test status for improvement actions. |
| Compliance Manager Contributors | Create assessments and perform work to implement improvement actions. |
| Global Reader | View reports, alerts, and settings of security and compliance features. |
| Compliance Manager Readers | View all Compliance Manager content except for administrator functions. |
| Privacy Management Viewers | Viewer of privacy management solution that can access the available dashboards and widgets. |
| Privacy Management Contributors | Manage contributor access for privacy management cases. |
| Subject Rights Request Approvers | Approvers who are able to approve subject rights requests. |
| Data Source Administrators | Data source administrators can manage data sources and data scans. |
| Content Explorer Content Viewer | Provides the ability to view the contents of the files. |
| Content Explorer List Viewer | Provides the ability to view all items in Content explorer in list format only. |
| Data Governance | Grants access to manage the Data Governance solution, including role assignments. |
| Data Catalog Curators | Data Catalog curators can perform create, read, modify, and delete actions on catalog data objects and establish relationships between objects. |
| Data Estate Insights Readers | A role group that provides read-only access to all insights reports across platforms and providers. |
| Data Estate Insights Admins | A role group that provides admin access to all insights reports across platforms and providers. |
| Data Security Investigation Admins | Can access all investigations in the organization and can manage the membership of the case including who has investigator role and are other members of the case. |
| Data Security Investigation Investigators | Has access to all of the capabilities within the cases that they own or are members of. |
| Data Security Investigation Reviewers | Has access to review the evidence sets within the investigation where they are added. |
| Exact Data Match Upload Admins | Upload data for Exact Data Match |
| MailFlow Administrator | |
| Insider Risk Management Approvers | For internal approval use only. |
| Insider Risk Management Auditors | Auditors of insider risk management that can view the audit logs of actions performed by Analysts, Investigators and Administrators. |
| IRM Contributors | Manage contributor access for Insider risk management. |
| Insider Risk Management Session Approvers | For internal approval use only. |
| Knowledge Administrators | Can configure knowledge, learning, assign trainings and other intelligent features. |
| Quarantine Administrator | Manage and control quarantined messages. |
| Reviewer | Use a limited set of the analysis features in Office 365 Advanced eDiscovery. Members of this group can see only the documents that are assigned to them. |
| Service Assurance User | Access the Service Assurance section in the Security & Compliance Center. Members of this role group can use this section to review documents related to security, privacy, and compliance in Office 365 to perform risk and assurance reviews for their own organization. |
| Supervisory Review | Control policies and permissions for reviewing employee communications. |
| Audit Reader | Search, View, and Export Audit logs. |
| Default Role Assignment Policy |