dspm module

Author: riswinto

learn-pr/wwl-sci/purview-data-security-posture-management-understand/data-security-objectives.yml

@@ -1,2 +1,15 @@
-Data security objectives as the organizing model
-5
+### YamlMime:ModuleUnit
+uid: learn.wwl.purview-data-security-posture-management-understand.data-security-objectives
+title: Data security objectives as the organizing model
+metadata:
+  title: Data security objectives as the organizing model
+  description: "Data security objectives as the organizing model"
+  ms.date: 02/03/2026
+  author: wwlpublish
+  ms.author: riswinto
+  ms.topic: unit
+azureSandbox: false
+labModal: false
+durationInMinutes: 5
+content: |
+  [!include[](includes/data-security-objectives.md)]

learn-pr/wwl-sci/purview-data-security-posture-management-understand/data-security-posture-ai.yml

@@ -1,2 +1,15 @@
-How AI is used inside DSPM
-4
+### YamlMime:ModuleUnit
+uid: learn.wwl.purview-data-security-posture-management-understand.data-security-posture-ai
+title: How AI is used inside DSPM
+metadata:
+  title: How AI is used inside DSPM
+  description: "How AI is used inside DSPM"
+  ms.date: 02/03/2026
+  author: wwlpublish
+  ms.author: riswinto
+  ms.topic: unit
+azureSandbox: false
+labModal: false
+durationInMinutes: 4
+content: |
+  [!include[](includes/data-security-posture-ai.md)]

learn-pr/wwl-sci/purview-data-security-posture-management-understand/data-security-workflow-fit.yml

@@ -1 +1,15 @@
-Where DSPM fits in the broader data security workflow
+### YamlMime:ModuleUnit
+uid: learn.wwl.purview-data-security-posture-management-understand.data-security-workflow-fit
+title: Where DSPM fits in the broader data security workflow
+metadata:
+  title: Where DSPM fits in the broader data security workflow
+  description: "Where DSPM fits in the broader data security workflow"
+  ms.date: 02/03/2026
+  author: wwlpublish
+  ms.author: riswinto
+  ms.topic: unit
+azureSandbox: false
+labModal: false
+durationInMinutes: 6
+content: |
+  [!include[](includes/data-security-workflow-fit.md)]

learn-pr/wwl-sci/purview-data-security-posture-management-understand/evaluate-risk-posture.yml

@@ -1,2 +1,15 @@
-How DSPM evaluates data risk and posture
-5
+### YamlMime:ModuleUnit
+uid: learn.wwl.purview-data-security-posture-management-understand.evaluate-risk-posture
+title: How DSPM evaluates data risk and posture
+metadata:
+  title: How DSPM evaluates data risk and posture
+  description: "How DSPM evaluates data risk and posture"
+  ms.date: 02/03/2026
+  author: wwlpublish
+  ms.author: riswinto
+  ms.topic: unit
+azureSandbox: false
+labModal: false
+durationInMinutes: 5
+content: |
+  [!include[](includes/evaluate-risk-posture.md)]

learn-pr/wwl-sci/purview-data-security-posture-management-understand/includes/data-security-objectives.md

@@ -10,7 +10,7 @@ In data security posture management (DSPM), objectives are the primary way risk
 
 :::image type="content" source="../media/objectives-as-outcomes.png" border="false" alt-text="Diagram showing objectives progressing through assess, identify, recommend, and validate steps over time." lightbox="../media/objectives-as-outcomes.png":::
 
-Objectives aren't checklists or static views. They function as workflows that connect:
+Objectives aren’t checklists or static views. They function as workflows that link:
 
 - Assessing current posture
 - Identifying gaps or risks

learn-pr/wwl-sci/purview-data-security-posture-management-understand/includes/data-security-posture-ai.md

@@ -18,7 +18,7 @@ Within DSPM, AI assists with tasks that benefit from pattern recognition and con
 - Prioritization of risks based on patterns, trends, and scope
 - Analysis that explains why certain risks surface and how they relate to posture
 
-These capabilities help reduce the time spent interpreting data and connecting signals across tools. They don't change what actions are available or how those actions are taken.
+These capabilities reduce the time spent interpreting data and connecting signals across tools. They don't change what actions are available or how those actions are taken.
 
 ## What AI doesn't do
 

learn-pr/wwl-sci/purview-data-security-posture-management-understand/includes/data-security-workflow-fit.md

@@ -1,12 +1,12 @@
-Data security posture management (DSPM) isn't designed to replace existing security tools. It's designed to help decide how and when those tools should be used.
+Data security posture management (DSPM) isn't designed to replace existing security tools. It helps decide how and when those tools should be used.
 
 Throughout the data security lifecycle, different solutions serve different purposes. DSPM sits upstream of that work. It helps identify where risk is concentrated so follow-up actions are intentional, not reactive.
 
 ## DSPM and data loss prevention
 
 Data loss prevention (DLP) is where controls are defined and enforced. Policies determine what actions are allowed, blocked, or audited.
 
-DSPM doesn’t create or enforce DLP policies. Instead, it helps surface where sensitive data is most exposed, where protections are inconsistent, or where existing controls may not be sufficient. These insights can inform decisions about creating new policies, refining scope, or adjusting actions.
+DSPM doesn’t create or enforce DLP policies. Instead, it helps surface where sensitive data is most exposed, where protections are inconsistent, or where existing controls might not be sufficient. These insights can inform decisions about creating new policies, refining scope, or adjusting actions.
 
 In practice:
 
@@ -17,7 +17,7 @@ In practice:
 
 Insider Risk Management focuses on detecting and analyzing risky patterns of behavior.
 
-DSPM complements this by highlighting data-related conditions that may increase insider risk, like broad access to sensitive information or repeated exposure across workloads. When posture insights suggest elevated risk, Insider Risk Management provides the tools to investigate behavior in more detail.
+DSPM complements this by highlighting data-related conditions that might increase insider risk, like broad access to sensitive information or repeated exposure across workloads. When posture insights suggest elevated risk, Insider Risk Management provides the tools to investigate behavior in more detail.
 
 In practice:
 
@@ -41,7 +41,7 @@ Data security investigations bring together evidence, context, and analysis when
 
 DSPM doesn’t replace investigations or manage cases. It helps justify when an investigation is warranted by identifying patterns, trends, or exposure that go beyond isolated events.
 
-When posture insights indicate sustained or high-impact risk, investigations provide the structured environment to examine data, activity, and outcomes more closely.
+When posture insights indicate sustained or elevated risk, investigations provide the structured environment to examine data, activity, and outcomes more closely.
 
 In practice:
 
@@ -56,16 +56,18 @@ DSPM helps differentiate between:
 
 - Isolated findings and broader patterns
 - Temporary conditions and sustained exposure
-- Low-impact gaps and high-risk areas
+- Low-priority gaps and high-risk areas
 
 This context helps determine when to adjust controls, when to monitor trends, and when to escalate into investigation or enforcement workflows.
 
 ## Why DSPM is a starting point, not an end state
 
 DSPM is designed to guide action, not complete it.
 
+:::image type="content" source="../media/data-security-posture-lifecycle.png" border="false" alt-text="Diagram showing posture insights leading to protections, activity review, and outcome validation that refine posture over time." lightbox="../media/data-security-posture-lifecycle.png":::
+
 It brings visibility, prioritization, and context together so decisions about data security are informed and focused. The actual work of enforcing policies, investigating activity, and validating outcomes still happens in the appropriate tools.
 
-By starting with posture, data security work becomes more intentional. Effort is directed where it matters most, and actions across DLP, Insider Risk Management, audit, and investigations stay aligned to real risk.
+By starting with posture, data security work becomes more intentional. Effort is directed where it matters most. Actions across DLP, Insider Risk Management, audit, and investigations stay aligned to real risk.
 
 This is how DSPM closes the loop.

learn-pr/wwl-sci/purview-data-security-posture-management-understand/includes/evaluate-risk-posture.md

@@ -6,7 +6,7 @@ DSPM doesn't rely on point-in-time checks or one-off scans. It builds its view o
 
 Data environments don't stay still. Files are created, shared, moved, and reused. Access changes. New apps appear. AI accelerates all of this.
 
-DSPM accounts for this by continuously assessing where sensitive data exists and how it's being used. Instead of asking whether a scan ran or a policy fired, DSPM looks at what the environment looks like _now_ and how that picture changes over time.
+DSPM continuously assesses where sensitive data exists and how it’s being used. Instead of asking whether a scan ran or a policy fired, DSPM looks at what the environment looks like _now_ and how that picture changes over time.
 
 This ongoing assessment is what allows DSPM to surface trends and shifts in exposure, not just isolated findings. Posture reflects patterns and conditions over time, not individual events or momentary findings.
 

learn-pr/wwl-sci/purview-data-security-posture-management-understand/includes/introduction.md

@@ -0,0 +1,15 @@
+Data security work often starts in the middle. Teams respond to alerts, investigate activity, and adjust policies based on what surfaces in individual tools. What's harder to answer is a more basic question: **where is the organization most exposed right now, and why**.
+
+When sensitive data is spread across workloads, widely accessible, or actively used through AI-driven experiences, isolated signals don't provide enough context to guide decisions. Without a clear view of posture, teams might spend effort in the wrong places or react to symptoms instead of underlying risk.
+
+Data security posture management exists to solve this problem. It helps teams understand where sensitive data exists, how it’s being used, and how consistently it's protected. This context helps direct effort intentionally before configuring controls or launching investigations.
+
+## Learning objectives
+
+By the end of this module, you'll be able to:
+
+- Explain what data security posture management is and the problem it addresses
+- Describe how posture is evaluated over time
+- Explain how data security objectives organize risk into outcomes
+- Describe the role of AI in data security posture management
+- Explain how data security posture management fits with data loss prevention (DLP), Insider Risk Management, audit, and investigations

learn-pr/wwl-sci/purview-data-security-posture-management-understand/includes/summary.md

@@ -0,0 +1,17 @@
+Understanding data security posture management starts with understanding its role. It doesn't enforce policies, investigate incidents, or replace existing security tools. It provides the visibility and context needed to decide where those tools should be applied and why.
+
+In this module, you learned how to:
+
+- Explain what data security posture management is and the problem it addresses
+- Describe how posture is evaluated over time
+- Explain how data security objectives organize risk into outcomes
+- Describe the role of AI in data security posture management
+- Explain how data security posture management fits with data loss prevention (DLP), Insider Risk Management, audit, and investigations
+
+Without this understanding, teams might react to isolated findings, focus effort in the wrong areas, or miss patterns that indicate broader exposure. Using posture as a starting point helps align protection, investigation, and validation around real data risk as conditions change.
+
+This foundation prepares you to apply controls, investigate activity, and evaluate outcomes with clearer intent, using Microsoft Purview tools in a way that stays focused on what matters most.
+
+## Resources
+
+- [Learn about Data Security Posture Management](/purview/data-security-posture-management-learn-about?azure-portal=true)