Merge branch 'main' into deniseb-smb

denisebmsft · web-flow · commit 4041f4f50864 · 2023-06-30T13:14:22.000-07:00
diff --git a/microsoft-365/compliance/communication-compliance-teams.md b/microsoft-365/compliance/communication-compliance-teams.md
@@ -8,7 +8,7 @@ ms.topic: reference
 ms.service: msteams
 audience: admin
 ms.reviewer: anwara
-ms.date: 04/17/2023
+ms.date: 06/30/2023
 ms.localizationpriority: medium
 search.appverid: MET150
 f1.keywords:
@@ -44,7 +44,7 @@ Communication compliance and Microsoft Teams are tightly integrated and can help
 
 ### Getting started
 
-Getting started with communication compliance in Microsoft Teams begins with [planning](communication-compliance-plan.md) and creating pre-defined or custom policies to identify inappropriate user activities in Teams channels or in 1:1 and groups. Keep in mind that you'll need to [configure](communication-compliance-configure.md) some permissions and basic prerequisites as part of the configuration process.
+Getting started with communication compliance in Microsoft Teams begins with [planning](communication-compliance-plan.md) and creating predefined or custom policies to identify inappropriate user activities in Teams channels or in 1:1 and groups. Keep in mind that you'll need to [configure](communication-compliance-configure.md) some permissions and basic prerequisites as part of the configuration process.
 
 Teams administrators can configure communication compliance policies at the following levels:
 
@@ -67,7 +67,7 @@ In the next dialog box, the user selects the **Inappropriate - Harassment, viole
 ![Report a message choices.](../media/communication-compliance-report-message-choices.png)
 
 > [!NOTE]
-> The other choice in the list (**Security risk- Spam, phishing, malicious content**), if available, is managed by Microsoft Defender for Office 365. The user might also be presented with just the **Inappropriate - Harassment, violence, nudity, and disturbing content** option, depending on which policy options are turned on in the Microsoft Teams admin center. 
+> The other choice in the list (**Security risk- Spam, phishing, malicious content**), if available, is managed by Microsoft Defender for Office 365. The user might also be presented with just the **Inappropriate - Harassment, violence, nudity, and disturbing content** option, depending on which policy options are turned on in the Microsoft Teams admin center. [Learn more about the Microsoft Defender for Office setting](https://go.microsoft.com/fwlink/?linkid=2226727)
 
 After submitting the message for review, the user receives a confirmation of the submittal in Microsoft Teams. Other participants in the chat do not see this notification.
 
diff --git a/microsoft-365/compliance/insider-risk-management-activities.md b/microsoft-365/compliance/insider-risk-management-activities.md
@@ -10,7 +10,7 @@ f1.keywords:
 ms.author: robmazz
 author: robmazz
 manager: laurawi
-ms.date: 05/09/2023
+ms.date: 06/30/2023
 audience: itpro
 ms.collection:
 - tier1
@@ -124,9 +124,30 @@ To dismiss an insider risk alert, complete the following steps:
 4. On the **Dismiss alerts** detail pane, you can review the user and policy details associated with the selected alerts.
 5. Select **Dismiss alerts** to resolve the alerts as benign or select **Cancel** to close the details pane without dismissing the alerts.
 
+## Assign an alert
+
+If you're an administrator with the appropriate permissions, you can assign ownership of an alert to yourself or to an insider risk management user with the Insider Risk Management, Insider Risk Management Analyst, or Insider Risk Management Investigator role. After an alert is assigned, you can also reassign it to a user with any of the same roles. You can only assign an alert to one admin at a time. 
+
+After an admin is assigned, you can filter by admin. 
+
+### Assign an alert from the Alerts dashboard
+
+1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to **Insider risk management**, and then select the **Alerts** tab.
+2. On the **Alerts dashboard**, select the alert(s) that you want to assign.
+3. In the button bar above the alerts queue, select **Assign**. 
+4. In the **Assign owner** pane on the right side of the screen, search for an admin with the appropriate permissions, and then select the checkbox for that admin.
+5. Select **Assign**.
+
+### Assign an alert from the Alerts detail page
+
+1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to **Insider risk management**, and then select the **Alerts** tab.
+2. Select an alert.
+3. In the detail pane for the alert, in the upper-right corner of the page, select **Assign**.
+4. In the **Suggested contacts** list, select the appropriate admin.
+
 ## Triage alerts
 
-To triage an insider risk alert, complete the following steps:
+To triage an insider risk alert:
 
 1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to **Insider risk management** and select the **Alerts** tab.
 2. On the **Alerts dashboard**, select the alert you want to triage.
diff --git a/microsoft-365/compliance/insider-risk-management-cases.md b/microsoft-365/compliance/insider-risk-management-cases.md
@@ -10,7 +10,7 @@ f1.keywords:
 ms.author: robmazz
 author: robmazz
 manager: laurawi
-ms.date: 02/21/2023
+ms.date: 06/30/2023
 audience: itpro
 ms.collection:
 - tier1
@@ -63,6 +63,27 @@ Use the **Search** control to search for a Case ID or to search for specific tex
 - Time case opened, start date, and end date
 - Last updated, start date, and end date
 
+## Assign a case
+
+If you're an administrator with the appropriate permissions, you can assign ownership of a case to yourself or to an insider risk management user with the Insider Risk Management, Insider Risk Management Analyst, or Insider Risk Management Investigator role. After a case is assigned, you can also reassign it to a user with any of the same roles. You can only assign a case to one admin at a time. 
+
+If an admin is assigned to a case, you can filter by admin. 
+
+### Assign a case from the Cases dashboard
+
+1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to **Insider risk management**, and then select the **Cases** tab.
+2. On the **Cases dashboard**, select the case(s) that you want to assign.
+3. In the button bar above the cases queue, select **Assign**. 
+4. In the **Assign owner** pane on the right side of the screen, search for an admin with the appropriate permissions, and then select the checkbox for that admin.
+5. Select **Assign**.
+
+### Assign a case from the Cases detail page
+
+1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com), go to **Insider risk management**, and then select the **Cases** tab.
+2. Select a case.
+3. In the detail pane for the case, to the left of the **Resolve a case** button, select **Assign**.
+4. In the **Suggested contacts** list, select the appropriate admin.
+
 ## Filter cases
 
 Depending on the number and type of active insider risk management policies in your organization, reviewing a large queue of cases can be challenging. Using case filters can help analysts and investigators sort cases by several attributes. To filter alerts on the **Cases dashboard**, select the **Filter** control. You can filter cases by one or more attributes:
diff --git a/microsoft-365/security/office-365-security/TOC.yml b/microsoft-365/security/office-365-security/TOC.yml
@@ -4,8 +4,8 @@
   items:
    - name: Overview
      items:
-       - name: Overview of Office 365 security
-         href: microsoft-defender-for-office-365-product-overview.md
+       - name: Why do I need Microsoft Defender for Office 365?
+         href: why-do-i-need-microsoft-defender-for-office-365.md
        - name: What's new in Defender for Office 365
          href: defender-for-office-365-whats-new.md
        - name: Zero Trust for Defender for Office 365
