Microsoft Purview Communication Compliance enables investigators to detect policy-violating, inappropriate, or high-risk communications across Microsoft 365 and supported third-party communication channels, including enterprise AI. It can identify messages involving sensitive data disclosure, harassment, threats, regulatory misconduct, business conduct violations, or other communications that may indicate insider risk.

This detection supports review of subject communications using defined policies, machine learning classifiers, keyword matching, sensitive information types, and investigator workflows. Alerts should be assessed in context and correlated with related evidence such as DLP events, audit logs, eDiscovery results, Teams activity, HR context, and prior case history. Communication Compliance findings should not be treated as standalone proof of intent, but as structured investigative leads requiring authorized human review.

Sections

ID	Name	Description
IF036	Misuse of Corporate Communication Channels	A subject uses organization-managed communication channels to send, distribute, or amplify messages that violate acceptable use expectations, undermine workplace safety, damage operational trust, or create legal, reputational, or personnel risk. This may occur through email, enterprise messaging platforms, collaboration tools, internal forums, ticketing systems, shared document comments, or other corporate communication environments.
IF036.004	Extremist Communication Content	A subject distributes extremist, radicalizing, terrorist-supportive, or ideologically violent material through organization-managed communication channels. This may include propaganda, manifestos, violent ideological imagery, symbols associated with extremist organizations, recruitment material, or communications endorsing politically, religiously, racially, or ideologically motivated violence.
IF036.003	Offensive Communication Content	A subject distributes offensive, graphic, obscene, degrading, or inflammatory material through organization-managed communication channels. This may include content that violates acceptable use expectations, disrupts workplace operations, damages team trust, or creates legal, reputational, or personnel risk.
IF036.002	Inappropriate Sexual or Explicit Communications	A subject uses corporate communication channels to send, request, display, or distribute sexually explicit, obscene, or otherwise inappropriate material unrelated to legitimate business activity. This may include explicit images, sexualized comments, unwanted personal advances, or inappropriate jokes distributed through work systems.
IF036.001	Hostile, Abusive, or Threatening Communications	A subject uses organization-managed communication channels to send hostile, abusive, coercive, intimidating, or threatening messages to another individual or group. This may include direct insults, aggressive language, repeated disparagement, intimidation, implied retaliation, coercive demands, or threats of professional, personal, or physical harm.

References

https://learn.microsoft.com/en-us/purview/communication-compliance-solution-overview