Microsoft Purview · Compliance Manager

Compliance Manager Assessors

Create assessments, implement improvement actions, and update test status for improvement actions in Microsoft Purview Compliance Manager.

Scope: Assessment creation, improvement action implementation, and test status management

Permissions

  • Compliance Manager Assessment - Create assessments and implement improvement actions
  • Compliance Manager Contribution - Create assessments and perform work to implement improvement actions
  • Compliance Manager Reader - View all Compliance Manager content
  • Data Connector Admin - Configure data connectors

Common use cases

  • Creating compliance assessments for specific regulations
  • Implementing and testing improvement actions
  • Updating test status and uploading evidence
  • Managing assessment lifecycle from creation to completion

Best practices

  • Use for compliance analysts who actively manage assessments
  • Document evidence for each improvement action
  • Coordinate with Contributors for implementation work
  • Review assessment results before sharing with leadership

Security considerations

  • Can create assessments that affect compliance score
  • Can update test status for improvement actions
  • Cannot modify templates - requires Administrator role

Common questions

When should I assign the Compliance Manager Assessors role?

Assign Compliance Manager Assessors when you need to: Creating compliance assessments for specific regulations; Implementing and testing improvement actions; Updating test status and uploading evidence; and Managing assessment lifecycle from creation to completion. It is part of Microsoft Purview and should be granted as a least-privilege alternative to broader roles like Global Administrator.

What can someone with the Compliance Manager Assessors role do?

The Compliance Manager Assessors role grants permissions including: Compliance Manager Assessment - Create assessments and implement improvement actions; Compliance Manager Contribution - Create assessments and perform work to implement improvement actions; Compliance Manager Reader - View all Compliance Manager content; and Data Connector Admin - Configure data connectors. See the Permissions section above for the full list.

What are the security risks of the Compliance Manager Assessors role?

Key considerations when assigning Compliance Manager Assessors: Can create assessments that affect compliance score; Can update test status for improvement actions; and Cannot modify templates - requires Administrator role. Review the Security considerations section before assignment, and pair with Privileged Identity Management (PIM) for just-in-time access where possible.

Official Microsoft Learn documentation →

Open the interactive RBACMap →