Microsoft Purview- Paint By Numbers Series (Part 7) - Viva and Purview workloads
Published Apr 28 2022 08:50 PM 1,529 Views



Before we start, please not that if you want to see a table of contents for all the sections of this blog and their various Purview topics, you can locate the in the following link:

Microsoft Purview- Paint By Numbers Series (Part 0) - Overview - Microsoft Tech Community




This document is not meant to replace any official documentation, including those found at  Those documents are continually updated and maintained by Microsoft Corporation.  If there is a discrepancy between this document and what you find in the Compliance User Interface (UI) or inside of a reference in, you should always defer to that official documentation and contact your Microsoft Account team as needed.  Links to the data will be referenced both in the document steps as well as in the appendix.


All of the following steps should be done with test data, and where possible, testing should be performed in a test environment.  Testing should never be performed against production data.


Target Audience

The Information Life Cycle Management section of this blog series is aimed at Security and Compliance officers who need to deal with data related to Viva.


Document Scope

This document is meant to guide an administrator who is “net new” to Microsoft E5 Purview through.

We will be addressing the 4 parts of Viva:

  • Viva Insights
  • Viva Learning
  • Viva Connections
  • Viva Topics



This document does not cover any other aspect of Microsoft E5 Purview, including:

  • Sensitive Information Types
  • Exact Data Matching
  • Information Protection (labeling)
  • Data Protection Loss (DLP) for Exchange, OneDrive, Devices
  • Microsoft Cloud App Security (MCAS)
  • Records Management (retention and disposal)
  • Premium eDiscovery
  • Reports and Analytics
  • Insider Risk Management
  • Privacy Management


In addition, this document will not have any walk-throughs/hand holding of activities, workloads or configurations as those are covered in other documentation


Overview of Document

We will look at each of the 4 basic Viva components, where their data resides or does not reside, and what types of Purview (compliance) workloads should be run against those Viva components.


Use Case

An organization wants to know what Purview (compliance) workloads should be leveraged against the 4 components of Viva (Insights, Learning, Connections, and Topics)



  • Viva Insights – Provides reporting about a user’s tasks, todos, sending kudos to fellow employees, etc.
  • Viva Learning – This is the Learning landing page inside of Teams so employees do not need to go to other education sites, either internal or external.
  • Viva Connections – This is the Teams app that allows users to see tools and applications needed to do their job.
  • Viva Topics – This is a correlated set of information from inside the tenant that acts as a landing page for users to find more information relevant to their jobs.







  • None


Purview workloads defined

For the purpose of this document, Purview workloads are considered the following:

  • Data Classification
  • Information Protection (labeling)
  • Data Protection Loss (DLP)
  • Information Governance (retention and disposal)
  • Premium eDiscovery
  • Insider Risk Management
  • Privacy Management


Viva Data Locations

Before we start, let us look at where Viva holds its information (see the screenshot below).


  • Viva Insights – stores data inside the users’ mailboxes.
  • Viva Learning – does not hold data inside the tenant.
  • Viva Connections – stores its data in SharePoint Online.
  • Viva Topics – does not hold data inside the tenant.







Viva Insights





Purview workloads (applicable):





Viva Insights compiles its data from the Graph API.  The exception is the personalized user’ report which is stored in each users’ corresponding mailboxes.   Those reports are anonymized and refreshed on a regular basis.  It is more effective to apply your Purview workloads and policies against them because there is no standalone data repository(s).



Viva Learning





Purview workloads (applicable):





Viva Learning does not store any data in a repository of its own.  It aggregates its data from either external training sites (ex. LinkedIn Learning) or internal training (ie, organization driven training sites)


Viva Connections





Purview workloads (applicable):

  • Data Loss Prevention
  • Information Protection
  • Information Governance


Note – You can see high level information around these workloads on other sections of this blog series.




Viva Connections stores data in SharePoint Online.  This is collected into a single Home Site for the organization.


You can 1) apply an overarching set of Purview policies (listed above) to all internal SharePoint sites or 2) apply more granular Purview policies against subsets of internal SharePoint sites, including one specifically for the Viva Connections Home Site.



Viva Topics


Purview workloads (applicable):





Viva Topics does have its own SharePoint site, but it is continually refreshed and does not possess any data on its own.  The Viva Topics site references content from the original SharePoints sites within your tenant.  Essentially this Topics site is only a list of pointers.


In theory, you could run an Information Governance (retention/disposal) policy against the Viva Topics site as a secondary measure to ensure references to other sites are deleted.  However, the simpler path would be to apply your Purview workloads and policies against all other SharePoint sites inside your tenant, as is best practice.



Appendix and Links
















Version history
Last update:
‎Nov 03 2022 10:13 AM
Updated by: