Blog Post

Microsoft Learn Blog
4 MIN READ

Validate critical information security skills with our new Certification

michaelkophs's avatar
michaelkophs
Icon for Microsoft rankMicrosoft
Feb 04, 2025

Earn the new Microsoft Certification and become part of your team’s cybersecurity solution.

The cybersecurity landscape is constantly evolving, and organizations of all sizes must stay ahead of the curve to protect their networks and keep their data, systems, and digital assets safe. With the growth of AI and cloud computing, defenders and cyberattackers alike can change this landscape. As a result, business leaders are reassessing their digital defenses, especially around data governance. And while the technology is critical, it’s even more important to have a workforce with the skills and experience to maximize its potential, protect against cyberthreats, and detect and respond to any security incidents. In short, security skills in the era of AI are crucial.

To support these needs, we regularly review and update our training and credentials portfolio to make sure that it encompasses the latest technologies and in-demand, real-world skills. As these skills are becoming more defined for specific roles, we’re making some changes to our Security offerings.

Introducing a new Certification for information security

Created specifically for those in the data security and information protection profession, we’re glad to introduce the new Microsoft Certified: Information Security Administrator Certification that will be available in April 2025. You can earn this new Certification by passing Exam SC-401: Administering Information Security in Microsoft 365,available in beta on February 11, 2025.

This new Certification validates the skills needed to plan and implement information security for sensitive data by using Microsoft Purview and related services. It also validates the skills needed to mitigate risks from internal and external threats by protecting data inside collaboration environments that are managed by Microsoft 365. Plus, it verifies subject matter expertise needed to participate in information security incident responses. As an information security administrator who earns this Certification, you demonstrate your expertise in:

  • Implementing information protection.
  • Implementing data loss prevention and retention.
  • Managing risks, alerts, and activities.

Get ready to take Exam SC-401 and earn the new Certification:

  • Check out the Exam SC-401 study guide, and explore potential exam topics.
  • Stay tuned for Exam SC-401 self-paced training.

We’re retiring the Information Protection and Compliance Administrator Associate Certification

In addition to introducing the new Certification, we’re announcing the upcoming retirement of the Microsoft Certified: Information Protection and Compliance Administrator Associate Certification and its related Exam SC-400: Administering Information Protection and Compliance in Microsoft 365. The Certification, related exam, and renewal assessments will all be retired on May 31, 2025.

We’ve received consistent feedback regarding the fact that this Certification includes two separate roles—data security/information protection professionals and compliance professionals—and that each role should have its own validation solution. Although we aren’t creating a new Certification for compliance-related roles, we offer Microsoft Applied Skills that can validate these skills. Find more details in the next section.

The following questions and answers can help you determine how these retirements could impact your learning goals:

Q: What if I’m studying for Exam SC-400?

A: If you’re currently preparing for Exam SC-400, you should take and pass the exam before May 31, 2025. If you’re just starting your preparation process, we recommend that you explore the new Information Security Administrator Certification and its related Exam SC-401: Administering Information Security in Microsoft 365.

Q: I’ve already earned the Information Protection and Compliance Administrator Associate Certification. What happens now?

A: If you’ve already earned the Information Protection and Compliance Administrator Associate Certification, it will stay on the transcript in your profile on Microsoft Learn. If you’re eligible to renew your Certification before May 31, 2025, we recommend that you consider doing so, because it won’t be possible to renew the Certification after this date.

Validate your compliance administrator skills with Microsoft Applied Skills

Microsoft Applied Skills help you demonstrate your capabilities in specific scenarios or workloads, complementing the broader job role competencies validated by Microsoft Certifications. By combining these credentials, you validate a comprehensive skill set across projects and roles.

To prove your skills in security and compliance, consider earning the following Applied Skills:

Be part of the cybersecurity solution

Your validated, in-demand skills can help make a positive impact in your organization and in your career. As business leaders aim to modernize systems, integrate new technologies, and fortify their cybersecurity in the era of AI, this new Certification is a great opportunity for you to become part of the solution—now and in the future.

 

 

 

 

 

 

Updated Feb 04, 2025
Version 3.0
  • Radinaaa's avatar
    Radinaaa
    Copper Contributor

    Hi, all, and thanks for the info! Which certificate should be taken next year - should I again try to renew SC 400 or leave it and go with 401? Thanks 

  • It would be appreciated if we could be grandfathered from SC-400 into SC-401 and catch up on any new or different content through the renewal process. Even the exam nomenclature is simply changing from 400 to 401.

  • kkoutrou's avatar
    kkoutrou
    Copper Contributor

    I got the SC 400 5 days ago. This is really bad news for all the candidates and certification holders, and something should be done for users with active SC 400 certifications, because all the hard work for the preparation and the money spent for the exam will be thrown away.

    Please give us the option to automatically get the SC 401 when we renew our active SC 400.

    • simbamupiwi's avatar
      simbamupiwi
      Brass Contributor

      i thought so too, what have they changed ??

       

      sc-400 -Skills measured

      • Implement information protection
      • Implement DLP
      • Implement data lifecycle and records management
      • Monitor and investigate data and activities by using Microsoft Purview
      • Manage insider and privacy risk in Microsoft 365

       

      sc-401 -As an information security administrator who earns this Certification, you demonstrate your expertise in:

      • Implementing information protection.
      • Implementing data loss prevention and retention.
      • Managing risks, alerts, and activities.

       

      • Dennis van Doorn's avatar
        Dennis van Doorn
        Copper Contributor

        https://learn.microsoft.com/en-gb/credentials/certifications/resources/study-guides/sc-401

  • hatsikidee's avatar
    hatsikidee
    Brass Contributor

    In case you already have the SC-400, is there a path to upgrade to SC-401 for a reduced price?

    Furthermore, the link to the study guide doesn't work. 

    Is there an overview of the changes/updates between SC-400 and SC-401?

    • Dennis van Doorn's avatar
      Dennis van Doorn
      Copper Contributor

      https://learn.microsoft.com/en-gb/credentials/certifications/resources/study-guides/sc-401

    • Fabio_Teles's avatar
      Fabio_Teles
      Copper Contributor

      I'm taking the SC-400 this Saturday and having at least a discount on the beta would be nice :) 

  • edchuy's avatar
    edchuy
    Iron Contributor

    Interesting. It seems that at least this one and the Fabric Data Engineer one are replacing older certifications that have become less relevant with the newest developments at Microsoft.