Microsoft Purview is the unified platform for data governance, compliance, and risk management that Microsoft assembled from what was previously a fragmented collection of products — Azure Purview, Microsoft Compliance, Azure Information Protection, and Microsoft 365 Compliance Center. The rebrand created a coherent story. The licensing remains complex. Enterprises routinely pay for Purview capabilities they don't use, or miss capabilities they need because the licensing map is impenetrable.

This guide maps what Microsoft Purview features are included in your existing M365 licences, what requires paid add-ons, and the compliance use cases that genuinely justify the E5 Compliance premium versus the E3 baseline. The goal: you leave with a clear licensing decision, not another vendor-led journey toward maximum spend.

What Is Microsoft Purview?

Microsoft Purview encompasses two distinct product families: Purview for Data Governance (formerly Azure Purview — a data catalogue and lineage product billed per vCore) and Purview for Microsoft 365 Compliance (formerly Microsoft 365 Compliance Center — covering information protection, data lifecycle management, eDiscovery, audit, and insider risk). This guide focuses primarily on the M365 compliance dimension, as this is where most enterprise licensing decisions concentrate.

What Microsoft Purview Features Are Included in Your M365 Plan

Before purchasing any Purview add-on, understand what you already have. A significant amount of Purview functionality is included in M365 E3 — and organisations routinely pay for add-ons that replicate capabilities they already own.

Included in Microsoft 365 E3

  • Sensitivity Labels (basic): Apply manual labels to files and emails; enforce basic encryption on labelled content
  • Retention Policies: Configure retention and deletion policies across Exchange, SharePoint, OneDrive, and Teams
  • Data Loss Prevention (DLP) — basic: Policy-based DLP for Exchange, SharePoint, and OneDrive using built-in sensitive information types
  • Content Search: Search across M365 workloads for compliance investigations
  • eDiscovery (Standard): Case management, holds, and export for legal discovery
  • Audit (Standard): 90-day audit log retention for M365 user and admin activities
  • Microsoft Information Protection (basic): Manual classification and labelling
  • Communication Compliance (limited): Basic communications policy configuration (full features require E5 Compliance)

Included in Microsoft 365 E5 (or E5 Compliance add-on)

  • Advanced Audit: 1-year (standard) to 10-year (add-on) log retention; high-bandwidth API access; MailItemsAccessed events for forensic investigation
  • eDiscovery Premium: Custodian management, predictive coding (ML-based relevance scoring), advanced processing of non-M365 content
  • Information Protection (advanced): Auto-labelling based on content scanning; trainable classifiers; exact data match (EDM)
  • Communication Compliance (full): Policy-based supervision for regulatory communications requirements (FINRA, MiFID II)
  • Insider Risk Management: Risk indicators, user behaviour analytics, anonymous investigation
  • Information Barriers: Restrict communication between specific user groups (financial services, legal)
  • Records Management: Regulatory records, retention labels triggered by events, proof of disposal
  • Data Lifecycle Management (advanced): Adaptive scopes, simulation mode, auto-apply retention labels
  • Privileged Access Management: Just-in-time access approval for high-privilege admin tasks
£9
Per user per month for the E5 Compliance add-on — the most efficient way to access advanced Purview features without upgrading all users to E5. In a 1,000-user compliance team, this is £108K annually. For 50 compliance-intensive roles, it's £5.4K. Scope matters enormously.

The E5 Compliance Add-On: What It Unlocks

The E5 Compliance add-on (approximately £9/user/month for E3 users) is the primary vehicle for accessing advanced Purview features without a full E5 upgrade. Understanding exactly what it adds is essential before committing at scale.

Feature E3 (Base) E5 Compliance Add-On Who Needs It
eDiscovery Standard (basic hold, export) Premium (predictive coding, ML) Legal, compliance — not all staff
Audit Standard (90-day retention) Premium (1-year default; 10-year add-on) Security, compliance — not all staff
Communication Compliance Limited Full (regulatory supervision) Regulated comms users (FINRA, MiFID)
Insider Risk Management Not included Full HR, security — not all staff
Information Protection Manual labelling Auto-labelling, trainable classifiers Users handling regulated data
Records Management Basic retention policies Regulatory records, event-based Records management team
Information Barriers Not included Full Financial services, legal
Key Principle

The E5 Compliance add-on is licensed per the user whose data is being supervised, not just the compliance administrators who configure policies. This is the most common licensing error. If Communication Compliance policies supervise all traders in a bank, all traders need E5 Compliance — not just the compliance team who reviews alerts.

Purview Data Governance: The Azure-Billed Product

Microsoft Purview Data Governance (formerly Azure Purview) is a distinct product from M365 compliance features. It's billed through Azure, not M365, and provides:

  • Unified data catalogue: Discover and classify data assets across Azure, M365, AWS, GCP, and on-premises sources
  • Data lineage: Track data movement and transformation across pipelines
  • Business glossary: Define and govern business terms mapped to data assets
  • Data policy: Access policies for Azure Storage, SQL, and other data sources

Pricing is based on capacity units (vCores) consumed during scanning operations, plus storage for the governance catalogue. A typical mid-size enterprise scanning Azure Data Lake, SQL databases, and SharePoint runs £2,000–£8,000/month depending on scan frequency and data volume. This is separate from your M365 licence costs and often overlooked in EA planning.

Purview Compliance vs E5 Security: The Bundle Decision

Microsoft sells three add-on paths for E3 users who need advanced capabilities:

Option Cost What You Get Best For
E5 Compliance add-on ~£9/user/month All advanced Purview compliance features Organisations needing compliance depth
E5 Security add-on ~£5.50/user/month Defender P2, Entra ID P2, Sentinel Security-focused organisations
Full E5 upgrade ~£57/user/month Both + Teams Phone, Audio Conferencing High value only if you use the full E5 stack

The full E5 at £57/user/month (versus E3 at £28) costs £29/user/month more. E5 Compliance + E5 Security together cost £14.50/user/month as add-ons to E3. If you don't need Teams Phone bundling, the E3 + selective add-ons route saves £14.50/user/month — significant at scale. Our E3 vs E5 comparison covers the full calculus.

Purview licensing getting complex?
We map your compliance requirements to the minimum required licences — avoiding both under-licensing and costly over-purchasing.
Request Assessment

Use-Case Licensing Map

The most practical way to approach Purview licensing is to start from your compliance use cases, not the product catalogue:

GDPR Data Subject Requests (DSRs)

The Content Search and Standard eDiscovery capabilities in E3 are sufficient for most GDPR DSR workflows — locating personal data, placing holds, and exporting results. E5 Compliance (Premium eDiscovery) adds predictive coding and advanced processing, valuable for large-scale litigation but not standard DSR handling. Most organisations do not need E5 Compliance for GDPR DSRs.

Financial Services Communication Surveillance (MiFID II, FINRA)

Communication Compliance at full depth requires E5 Compliance or E5. All users whose communications are supervised — typically front-office traders and advisors — need the licence. Configuration is handled by the compliance team (who also need E5 Compliance), but the per-supervised-user requirement is what drives the licence count.

Data Loss Prevention (DLP)

E3 DLP covers Exchange, SharePoint, and OneDrive with built-in sensitive information types. E5 Compliance adds Endpoint DLP (covering Windows devices), Teams DLP, and trainable classifiers. If your DLP requirement is cloud workloads with standard data types, E3 is sufficient. Endpoint DLP and Teams DLP are the primary drivers for E5 Compliance DLP.

Records Management

E3 retention policies cover basic document lifecycle management. E5 Compliance adds regulatory records (immutable with proof of disposal), event-based retention, and adaptive scopes. Regulated industries (financial services, healthcare, life sciences) with strict document retention obligations typically need E5 Compliance records management. Standard corporate records management does not.

Insider Risk

Insider Risk Management (E5 Compliance) is genuinely powerful for detecting data exfiltration, policy violations, and departing employee data theft. It requires E5 Compliance for all users in scope of monitoring. In most organisations, this is a subset — not all users. Scope your Insider Risk deployment carefully before committing licences at scale.

Purview Audit Licensing

Audit is one of the most commercially important Purview features from a compliance standpoint — and the licensing is frequently misconfigured:

Audit Standard (E3)

90-day audit log retention for M365 workloads. Access via Compliance Center or API. Sufficient for most routine compliance monitoring. Does not include the MailItemsAccessed event (critical for email-based breach investigation) — that's Audit Premium.

Audit Premium (E5 Compliance)

1-year log retention by default, extendable to 10 years with the Audit Premium 10-year retention add-on (approximately £11/user/year for the user pool requiring long-term retention). Includes high-bandwidth access for SIEM integration and the full set of intelligent insights events. Financial services, healthcare, and government organisations with mandatory long-term audit requirements need Audit Premium.

Licensing Rule

Audit Premium logs are generated for users with E5 Compliance licences. If you want Audit Premium logs for a specific user group (e.g., privileged administrators), those users need E5 Compliance — you cannot cherry-pick Audit Premium independently. The E5 Compliance add-on unlocks all features including Audit Premium for the licensed user.

Right-Sizing Your Purview Licence Investment

The systematic approach to Purview licence optimisation:

  • Map compliance requirements to specific Purview features — not to "Purview" as a product category. Most requirements can be met with E3 capabilities.
  • Identify the minimum user population that each feature applies to. Communication Compliance affects supervised users, not all users. Information Barriers affect specific user groups, not the whole tenant.
  • Use E5 Compliance add-on selectively for users in high-compliance-intensity roles rather than deploying uniformly.
  • Evaluate E5 Compliance vs full E5 based on whether the non-compliance E5 components (Teams Phone, Security) are already covered by other means.
  • Separate Azure Purview governance costs from M365 compliance costs in your budgeting — they are often conflated but are independently negotiated and optimised.

The broader M365 licence optimisation approach — including Purview within the full licence stack — is covered in our M365 cost reduction guide. For the security add-on dimension, see the Microsoft security licensing guide.

Our M365 Optimisation service includes a Purview licensing review as part of the full M365 licence optimisation engagement — ensuring your compliance requirements are met at the minimum necessary licence investment.