Microsoft Purview compliance portal: View-only role management enhancements

Microsoft Purview will enable Global Reader and Security Reader roles to view role assignments and scopes in the Purview and Defender portals with read-only access, enhancing compliance visibility without permission changes. Rollout begins late July 2026, requiring no user action but recommending governance review.

[What and Why:]

Microsoft Purview is introducing a new view-only role management capability that enables administrators with Global Reader and Security Reader roles to view role assignments and scopes within the Microsoft Purview portal and Microsoft Defender portal. This update improves visibility and transparency of compliance role configurations without granting additional permissions, supporting audit readiness and strengthening enterprise security governance.

Rollout Schedule:

• Worldwide (General Availability): Beginning in late July 2026 and expect to complete by late August 2026
• GCC, GCC High, DoD: Beginning in late August 2026 and expect to complete by late September 2026

[Impact on Your Organization:]

Who is affected: Administrators assigned Global Reader or Security Reader roles in Microsoft Entra ID and Microsoft Purview

Platforms/Services:

• Microsoft Purview compliance portal (web)
• Microsoft Entra ID

What will happen:

• Users with Global Reader and Security Reader roles will gain read-only access to the following settings
  • Roles and scope pages in the Microsoft Purview portal
  • Permissions page in the Purview portal
• Admins can view all role memberships and assignments without being able to modify them.
• The feature will be enabled automatically for eligible roles.
• No changes are made to existing permissions or role assignments.
• There is no impact to user workflows.

[Action Required/Recommendations:]

• No action is required.
• Review internal governance or auditing processes to determine if additional stakeholders should be assigned Global Reader or Security Reader roles for visibility.
• Inform compliance or security teams of increased transparency capabilities.
• Update internal documentation if referencing role visibility limitations.

Learn more: Permissions in the Microsoft Purview portal | Microsoft Learn (will be updated before rollout)

[Compliance considerations:]

Area	Explanation
Does the change alter how admins can monitor, report on, or demonstrate compliance activities?	Admins gain expanded visibility into role assignments and scopes within the Purview portal, improving compliance transparency and audit support.
Does the change include an admin control and, can it be controlled through Entra ID group membership?	Access is governed through existing Global Reader and Security Reader roles, which can be managed via Entra ID role assignments (including group-based assignment), or role group management in the Microsoft Purview portal.