Microsoft has released a new governance capability in SharePoint Online called Site Attestation Policies, which reached general availability in mid-December 2025.
This goes beyond simple reminder emails. Site Attestation introduces automated enforcement when site owners fail to regularly review and confirm their sites—closing a long-standing governance gap.
Why this matters
In many organizations:
-
SharePoint sites remain active indefinitely
-
Site ownership changes without oversight
-
External sharing stays enabled
-
Risk grows quietly over time
Site Attestation is designed to address these challenges directly.
What Site Attestation provides
Site owners are periodically required to review and confirm:
-
Site ownership
-
Membership accuracy
-
Sharing settings
What admins can enforce
When owners don’t respond, admins can automatically:
-
Restrict access
-
Archive inactive or non-compliant sites
-
Reduce governance and compliance risk at scale
Important details
-
Configured through the SharePoint Admin Center
-
Disabled by default and requires explicit admin enablement
-
Available to all SharePoint Online tenants
For large or highly regulated organizations, this is a meaningful advancement in aligning collaboration with security and lifecycle governance—closely aligned with Zero Trust and least-privilege principles.
More details: https://lnkd.in/gUH2JqtT
No comments:
Post a Comment