# Overview

> **SCU Cost Estimate**&#x20;
>
> This agent typically consumes **2-4 SCUs** per analysis run, depending on the volume of Purview data and timeframe analyzed.

### Introduction

Policy Advisor helps you understand if your data governance policies are actually working. If you've ever wondered "are our DLP policies catching what they should?" or "is anyone actually using sensitivity labels?", this agent is for you. It analyzes your entire Purview environment, measures policy effectiveness, tracks adoption trends, and gives you actionable insights to optimize your data protection strategy.

<figure><img src="/files/XcfJ60PaJ74wq73C9nNH" alt=""><figcaption></figcaption></figure>

<div><figure><img src="/files/S8Yw8UZ1ZUTud6olzucl" alt=""><figcaption></figcaption></figure> <figure><img src="/files/jR5qQok0fUITRoQgtMTy" alt=""><figcaption></figcaption></figure> <figure><img src="/files/cFk3MkmpQDDOYt6Wzsjw" alt=""><figcaption></figcaption></figure></div>

### What It Does

* **Measures policy effectiveness** by analyzing actual performance vs intended purpose
* **Tracks sensitivity label adoption** showing which labels are used and which are ignored
* **Detects DLP incident patterns** to identify recurring data protection issues
* **Monitors information protection ROI** showing value delivered by your governance investments
* **Calculates governance maturity scores** to track your data protection program progress
* **Maps regulatory compliance** against your current policy implementation
* **Identifies trends** in data protection incidents over time
* **Provides benchmark comparisons** against industry best practices
* **Generates executive dashboards** with key metrics for leadership
* **Recommends improvements** with specific, prioritized actions

### Use Cases

#### 1. Proving ROI on Data Governance

Leadership wants to know if your Purview investment is delivering value. Policy Advisor analyzes policy performance, shows adoption metrics, calculates prevented data loss incidents, and provides clear ROI metrics demonstrating the business value of your data governance program.

#### 2. Optimizing DLP Policy Effectiveness

Your DLP policies are generating alerts, but you're not sure if they're catching the right things or creating too much noise. The agent analyzes DLP incident patterns, identifies which policies are effective vs problematic, and recommends specific adjustments to improve detection while reducing false positives.

#### 3. Driving Sensitivity Label Adoption

You've deployed sensitivity labels but adoption is unclear. Policy Advisor tracks which labels are actually being used, identifies departments or teams with low adoption, shows which content types aren't being labeled, and provides specific recommendations to increase usage.

#### 4. Compliance Readiness Reporting

An audit is approaching and you need to demonstrate your data protection posture. The agent maps your current policy implementation against regulatory requirements (GDPR, HIPAA, etc.), calculates compliance metrics, identifies gaps, and generates audit-ready reports showing your readiness.

#### 5. Strategic Data Governance Planning

You're planning next year's data governance initiatives but need data to guide priorities. Policy Advisor provides governance maturity scoring, trend analysis, benchmark comparisons, and a roadmap showing where to invest effort for maximum impact.

### Why Policy Advisor?

| The Problem You're Dealing With                                                                   | How This Helps                                                                                |
| ------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------- |
| **Policy effectiveness is unclear**: You have policies, but don't know if they're working         | **Performance analytics**: Actual effectiveness metrics showing what's working and what isn't |
| **Raw telemetry is overwhelming**: Purview generates lots of data, but you can't make sense of it | **Actionable insights**: Clear metrics and visualizations instead of raw logs                 |
| **Adoption is a mystery**: Unclear if users are actually using labels and following policies      | **Adoption tracking**: Specific metrics showing who's using what and where gaps exist         |
| **ROI is hard to prove**: Leadership wants to know the value, but you can't quantify it           | **ROI metrics**: Prevented incidents, coverage rates, and business value calculations         |
| **Compliance reporting is manual**: Proving readiness for audits requires hours of work           | **Audit-ready reports**: Compliance metrics automatically mapped to regulatory frameworks     |
| **Strategic planning lacks data**: Deciding priorities based on intuition instead of evidence     | **Trend analysis**: Data-driven insights showing where to invest effort                       |

### How It Works

**What goes in:**

* Purview activity logs and audit data
* DLP incident reports and policy match statistics
* Sensitivity label usage metrics across content types
* Retention policy execution data
* Insider risk alerts and patterns
* Compliance manager assessments
* Data classification statistics
* Policy configuration and rules

**What it does:**

* Analyzes policy performance against intended goals
* Tracks adoption rates for labels, policies, and protection mechanisms
* Identifies patterns in data protection incidents
* Calculates effectiveness scores and ROI metrics
* Compares performance against benchmarks and best practices
* Maps current state to regulatory compliance requirements
* Generates trend visualizations over time
* Provides governance maturity assessment
* Creates prioritized improvement recommendations

**What you get:**

* Executive dashboard report with key governance metrics
* Policy effectiveness scores (which policies work, which don't)
* Incident trend visualizations showing patterns over time
* Sensitivity label adoption rates by department, content type, location
* DLP incident pattern analysis with recurring issue identification
* Information protection ROI assessment (prevented loss, coverage rates)
* Compliance posture assessment mapped to regulatory frameworks
* Governance maturity score with improvement roadmap
* Benchmark comparisons against industry standards
* Prioritized recommendations for optimization


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://agents.glueckkanja.com/agents/policy-advisor/overview.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.