Home  ›  Blog  ›  Microsoft Purview Licensing
Microsoft · Data Security & Compliance

Microsoft Purview — the compliance suite you buy twice.

Most of Microsoft Purview is already inside Microsoft 365 E5, or available as the E5 Compliance add-on at around $12 per user per month on top of E3. The two recurring errors are stacking the E5 Compliance add-on on a full E5 that already includes it, and deploying premium capabilities like Insider Risk Management and Communication Compliance estate-wide when only a regulated subset triggers them. Here is the entitlement map and the scoping model.

Updated: June 2026 Reading time: 9 min Audience: CISO, Compliance, IT Procurement
Data governance and compliance
The answer, first

How is Microsoft Purview licensed in 2026?

Purview — Microsoft's data-security and compliance brand covering DLP, Information Protection, eDiscovery, Insider Risk Management, Communication Compliance and records management — is licensed per user, three ways. Baseline DLP and Information Protection ship inside Microsoft 365 E3. The premium tier ships inside Microsoft 365 E5, or as the standalone E5 Compliance add-on (~$12 per user per month) on top of an E3 base. There is also an E5 Information Protection & Governance and an E5 Insider Risk Management add-on for organisations that want only a slice. The trap is that all of these overlap, and buying the add-on on top of full E5 is paying twice for the same entitlement.

The core point: if you own Microsoft 365 E5, you already own the full Purview premium suite. The E5 Compliance add-on belongs on an E3 base only — never on top of E5.

This is a sub-guide in our Microsoft security licensing pillar. It pairs with the Intune and EMS and Sentinel pricing guides, sits under our Microsoft vendor practice, and connects to the suite decision in Microsoft 365 licensing.

What is in E3 vs E5 vs the Compliance add-on?

The split below is what determines whether you need to buy anything beyond your base suite. Baseline data protection is broad and sits in E3; the high-value, audit-grade capabilities are gated behind E5 or the E5 Compliance add-on.

Purview capabilityE3E5 / E5 Compliance
Manual sensitivity labels & basic DLPIncludedIncluded
Automatic labelling & advanced DLPIncluded
eDiscovery (Premium)Included
Insider Risk ManagementIncluded
Communication ComplianceIncluded
Records management & advanced auditBasicAdvanced

The ~$12 add-on is excellent value when it sits on an E3 base and the organisation genuinely needs the premium tier. It is pure waste when it sits on a full E5 that already carries every line — a surprisingly common finding because compliance and procurement teams buy independently.

E5 Compliance stacked on full E5?

We reconcile your compliance entitlement against the suite you already own — the double-buy is one of the fastest cleanups we run.

Contact Us →

Do you need Purview for every user?

Almost never. The premium Purview capabilities are triggered by regulated activity — handling sensitive data, falling under a retention mandate, or being in scope for insider-risk or communication monitoring. A large share of any workforce never touches that activity. Scoping Purview to the regulated personas (finance, legal, R&D, customer-data handlers, executives) rather than the whole estate is the single biggest Purview lever, and it is fully supported by Microsoft's per-user licensing. The mistake is treating Purview as an all-or-nothing tenant-wide switch when it is a per-user entitlement you can target.

PersonaPremium Purview?Driver
Finance & legalYesRecords, eDiscovery, Comms Compliance
R&D / IP handlersYesInformation Protection, Insider Risk
Executives & privilegedYesInsider Risk, advanced audit
General workforceBaseline (E3)Manual labels & basic DLP suffice
Frontline / shared devicesNoOut of regulated scope

Get the Microsoft E5 Security Stack Licensing Guide.

The Purview overlap map, the regulated-persona scoping model, and the E5-vs-add-on math in one research paper.

Get the guide →

Which Purview features are most over-deployed?

Insider Risk Management and Communication Compliance, by a distance. Both carry the heaviest list weight, both are genuinely powerful, and both are routinely switched on tenant-wide when they should be scoped to a defined population — privileged users for insider risk, regulated communicators for communication compliance. Advanced eDiscovery is the next most over-deployed: it is only invoked by legal hold and investigation workflows, so licensing it estate-wide is paying standby cost for a capability a handful of users ever touch. The pattern across all three is the same — premium capability, narrow real population, broad accidental licensing.

"Purview is rarely under-protected. It is over-licensed — the premium tier bought for ten thousand users when fewer than two thousand ever fall in scope."

When should a Purview review happen?

At the M365 or EA renewal, and whenever a compliance programme expands. The reconciliation — stripping E5 Compliance add-ons that sit on full E5, and re-scoping premium capabilities to the regulated population — typically recovers a meaningful slice of compliance spend with no reduction in actual coverage, because the coverage was never being used by the out-of-scope users. For regulated enterprises the saving funds the genuine compliance investment several times over. Sequence it inside the renewal so the corrected counts feed the negotiation.

For the full picture, read the Microsoft security licensing pillar, then the Intune and EMS and Sentinel pricing sub-guides, and see how compliance right-sizing folds into a full renewal in the Microsoft EA optimization case study.

Licensing compliance for users out of scope?
Re-scope Purview before the renewal locks.

$1.8B+ in documented client savings across 340+ engagements. Buyer-side only since 2016. Gartner recognised.

The Compliance Brief

Weekly compliance intelligence for IT leaders.