10.5 Retention, Records Management, and Label Policies
Key Takeaways
- Retention policies, retention labels, and retention label policies are Microsoft Purview data governance topics.
- Records management belongs with retention and lifecycle governance scenarios.
- Retention is different from sensitivity labeling, because retention focuses on keeping or managing information over time.
- SC-900 questions often use words such as retain, records, lifecycle, or policy when testing this area.
Retention and Records Language
Retention in Microsoft Purview is the SC-900 topic for governing how information is kept and managed over time. The source outline names retention policies, retention labels, retention label policies, and records management. Those terms belong together because they all relate to lifecycle and recordkeeping needs rather than immediate threat detection or identity access.
The word label can create confusion. A sensitivity label is about classifying or protecting information based on sensitivity. A retention label is about retention and records behavior. A sensitivity label policy and a retention label policy both involve policy distribution or application, but they serve different governance goals. The exam will usually give enough wording to separate sensitivity from lifecycle.
| Term | Study-guide meaning | Exam clue |
|---|---|---|
| Retention policy | Governance policy for keeping or managing information | Retain content over time |
| Retention label | Label tied to lifecycle or records needs | Mark content for retention |
| Retention label policy | Policy path for retention labels | Publish or apply retention labels |
| Records management | Governance of information as records | Manage official records |
Retention is also different from eDiscovery and audit. eDiscovery helps find and work with information for discovery needs. Audit helps review activity records. Retention governs whether information should be kept or managed over a period. In a realistic compliance workflow, retention may support later discovery or audit work, but the exam answer should follow the immediate requirement.
A typical SC-900 retention scenario might say that an organization must keep certain business records according to policy. Another might say the organization needs labels that govern content lifecycle. Those prompts point to retention labels, retention label policies, or records management. If the scenario instead says the organization needs to prevent sensitive content from being shared, the answer is DLP. If it says classify content as confidential, the answer is sensitivity labels.
Use this retention checklist:
- Look for retain, retention, record, lifecycle, keep, dispose, or manage over time.
- Choose retention policies when the prompt emphasizes broad policy behavior.
- Choose retention labels when the prompt emphasizes applying a lifecycle marker to content.
- Choose records management when the prompt emphasizes formal records governance.
- Avoid sensitivity labels unless the prompt emphasizes sensitivity or protection classification.
Retention questions reward careful reading. The products are close enough that memorizing names is not enough. You need to connect the product name to the purpose. Sensitivity labels answer a sensitivity problem. DLP answers a prevention problem. Retention and records management answer a lifecycle and recordkeeping problem.
Retention is also a good reminder that compliance work continues after data is created. The organization may need policies that govern information throughout its useful life, especially when business records must be managed consistently.
A company needs to keep business records according to a governance policy. Which Microsoft Purview area best fits?
Which clue points to a retention label rather than a sensitivity label?
Why is retention not the best answer for a prompt about preventing sensitive information from leaving the organization?