Home > Policies > Service Level Policies > Pre-defined Policy Templates
Export to PDFPre-defined Policy Templates
Click View templates from the left navigation to explore our pre-defined policy templates. This part provides several pre-defined service-level policy templates for various scenarios and object types. Clicking a policy template card will open the policy template window where you can find rules and object types available for this template.
To reuse a policy template, click the policy template card, and then click Use template. If the policy template supports multiple object types, select the appropriate object type and click Continue to proceed to the Create policy page. If the policy template is limited to a single object type, the Create policy page will open automatically after you click Use template. On this page, you will see the general information, rules, and settings of the selected policy template. You can make updates if necessary and then assign this new policy to a scope to monitor the relevant objects.
Policy Templates
The sections below list the available policy templates, detailing the rules that each template includes and the specific object types that each template supports.
Object Type - Microsoft 365 Groups & Microsoft Teams
AI Confidence for Groups or Teams
Use this policy template to deploy AI with confidence by setting up policies with our recommended rules for governing your Microsoft 365 Groups or Teams.
The following table lists the rules included in this policy template.
| Rule Name | Rule Description |
|---|---|
| Access Request Settings | Control access request settings within a site to manage who can request and approve access to a site. |
| Classification Enforcement | Enforce that all Groups or Teams have a classification assigned to them and assign a default classification if there is none. |
| External Sharing Settings | Control the external sharing settings for Groups or Teams. |
| Owner Number Restriction | Control the number of owners in Microsoft 365 Groups, Teams, security groups, and distribution lists. |
| Privacy Restriction | Control the privacy settings of Groups or Teams. |
| Remove Shadow Users | Remove users who have access to the SharePoint Online site but are not part of the Group/Team membership. |
| Remove Licenses from Inactive Users | Remove licenses from users who do not have activities in Microsoft 365 services for a certain period. |
Content Sensitivity Control
Use this policy template to control the sensitivity of your Microsoft 365 Groups or Teams content.
The following table lists the rules included in this policy template.
| Rule Name | Rule Description |
|---|---|
| Classification Change Restriction | Prevent changes to the classification of Groups or Teams. |
| Microsoft 365 Group Visibility in Outlook Client | Control if a Microsoft 365 Group is visible in the Outlook client. |
| User/Group Restriction | Control users and groups that can be added to sites. |
| Privacy Restriction | Control the privacy settings of Groups or Teams. |
| Ownership Restriction | Control users who can be added to Groups or Teams as owners. |
Data Protection
Use this policy template to get started with our recommended rules for securing your Microsoft 365 Groups or Teams data.
The following table lists the rules included in this policy template.
| Rule Name | Rule Description |
|---|---|
| Permission Inheritance Protection | Protect permission inheritance from being broken at specific object levels. |
| Deletion Restriction | Control users who have the ability to delete objects in sites. |
| Classification Change Restriction | Prevent changes to the classification of Groups or Teams. |
| Ownership Restriction | Control users who can be added to Groups or Teams as owners. |
External Sharing Control
Use this policy template to monitor sharing settings and scan for external users in your Microsoft 365 Groups or Teams to prevent unauthorized data exposure.
The following table lists the rules included in this policy template.
| External Sharing Settings | Control the external sharing settings for Groups or Teams. |
|---|---|
| Scan External Users | Scan external users in sites where external sharing is disabled. |
| Control Sending Emails from Aliases | Control whether users are allowed to send emails from aliases. |
| Automatic Forwarding Restriction | Restrict users from auto-forwarding emails. |
| Deleted Item Retention Period Enforcement | Set the retention period that permanently deleted mailbox items are kept in the Recoverable Items folder. |
| Control Plus Addressing | Control whether users can use plus addressing to quickly create custom email addresses based on their standard email addresses. |
| Legacy Email Protocols Restriction | Restrict the use of legacy email protocols, including POP, SMTP, and IMAP protocols, to prevent password spray attacks that may breach mailboxes in your tenants. |
| Message Size Restriction | Restrict the maximum size for messages sent and received by mailboxes. |
| Outlook External Email Tag Enforcement | Choose whether to add tags to external emails in Outlook to help users identify emails from external senders. |
Ownerless Groups or Teams Monitor
Use this policy template to monitor your Microsoft 365 Groups or Teams to ensure each workspace has an owner to take responsibility.
The following table lists the rules included in this policy template.
| Rule Name | Rule Description |
|---|---|
| Owner Number Restriction | Control the number of owners in Microsoft 365 Groups, Teams, security groups, and distribution lists. |
| Site Owner Number Restriction | Control the number of site owners in a site. |
Object Type - SharePoint Online Site and OneDrive
AI Confidence for Sites
Use this policy template to deploy AI with confidence by setting up policies with our recommended rules for governing your sites.
The following table lists the rules included in this policy template.
| Rule Name | Rule Description |
|---|---|
| Access Request Settings | Control access request settings within a site to manage who can request and approve access to a site. |
Ownerless Sites Monitor
Use this policy template to monitor your sites to ensure each workspace has an owner to take responsibility.
The following table lists the rules included in this policy template.
| Rule Name | Rule Description |
|---|---|
| Site Owner Number Restriction | Control the number of site owners in a site. |
0bject Type - Microsoft 365 User
Clear Unused Licenses
Use this policy template to monitor inactive or blocked users retaining licenses and take action to maximize the value of your purchase.
The following table lists the rules included in this policy template.
| Rule Name | Rule Description |
|---|---|
| Remove Licenses from Blocked Users | Remove licenses from users who have been blocked from signing in. |
| Remove Licenses from Inactive Users | Remove licenses from users who do not have activities in Microsoft 365 services for a certain period. |