In office 365 Security & Compliance Center, the permissions zone enables you to assign permissions which allow users to perform compliance tasks such as Data loss prevention (DLP), Device management, eDiscovery, Auditing and retention in exchange.
You can manage permissions only when the compliance features reside within the security & compliance center.
Make sure to mark yourself as an office 365 global administrator or assigned member to one or more Security and Compliance role groups to access the security and compliance center.
For managing Permissions defined roles and role groups:
A role grants permissions to do a set of tasks. Consider an example to preview search results in eDiscovery centers, the user must have Preview role to work in it. There are around 29 sets of roles by default in permissions center.
A role group is a set of roles in which people perform their work across the Security & Compliance Center.
The Security & Compliance Center contains default role groups for performing tasks and functions which you need to assign people to. These different options provide admins with the choice when assigning permissions, enabling to grant the access which users need.
In office 365 permissions consists of several default role groups. Below image shows default list of role groups in permissions.
![]()
Compliance Administrator
The Compliance Administrator Role Group Manage settings for device management, data loss prevention, reports, and preservation. If users wants to compliance search they will assigned this role only to user’s no need to assign it as full membership.
eDiscovery role group Perform searches and place holds on mailboxes, SharePoint Online sites, and One Drive for Business locations. It is used for recognizing, protective and providing electronic information.
In
Organization Management role group, members are able to control permissions for retrieving features and manage settings in the Security & Compliance Center such as data loss prevention, reports, preservation and device management settings.
The
Reviewer role group is a block of eDiscovery. In this group
review is the only assigned role accessible and it has a limited set of analysis features in Office 365 Advanced eDiscovery. The Members which added in this group can able to see the specific documents that are assigned to them. They can’t open, create, or manage an eDiscovery case.
In
Service Assurance User role group, members which has added in this group can access the service assurance section of the Security and Compliance Center. It uses for review documents such as security aspects, privacy settings so on.
In the
Supervisory Review role group members can control policies and permissions in which create and manage policies undergoing review purpose in order to communications which is subject to review in an organization.
That’s about permissions in security and compliance center in office 365.
Happy reading.Thank you.