Skip to content

Control 1.13: Sensitive Information Types (SITs) - Portal Walkthrough

This playbook provides portal configuration guidance for Control 1.13.

Prerequisites

  • Microsoft 365 E5 or E5 Compliance (full functionality)
  • Purview Compliance Admin or Purview Info Protection Admin role
  • Inventory of sensitive data types handled by organization
  • Sample data patterns for custom SITs (sanitized)
  • Test environment for SIT validation

Step 1: Review Built-in Financial SITs

Portal Path: Microsoft Purview > Data classification > Classifiers > Sensitive info types

  1. Navigate to Microsoft Purview
  2. Go to Data classification > Classifiers > Sensitive info types
  3. Filter by category: Financial
  4. Review essential financial SITs:
SIT Name Use Case
U.S. Social Security Number (SSN) Customer identification
U.S. Bank Account Number Payment/transfer monitoring
Credit Card Number PCI-DSS compliance
ABA Routing Number Wire transfer protection
U.S. Individual Taxpayer ID (ITIN) Tax document protection
CUSIP Trading/portfolio data

Step 2: Create Custom FSI SITs

Portal Path: Data classification > Classifiers > Sensitive info types > + Create sensitive info type

Custom SIT 1: Internal Account Number

  1. Click + Create sensitive info type
  2. Configure:
  3. Name: FSI-Internal-Account-Number
  4. Description: "Detects internal customer account numbers"
  5. Click Next > Create pattern
  6. Add primary element:
  7. Type: Regular expression
  8. Pattern: \b[A-Z]{3}-\d{6}-[A-Z0-9]{2}\b
  9. Confidence level: High (85)
  10. Add supporting element:
  11. Keywords: "account", "acct", "customer number"
  12. Within: 300 characters
  13. Click Create

Custom SIT 2: FINRA CRD Number

  1. Click + Create sensitive info type
  2. Configure:
  3. Name: FSI-FINRA-CRD-Number
  4. Description: "Detects FINRA Central Registration Depository numbers"
  5. Add pattern:
  6. Type: Regular expression
  7. Pattern: \b(?:CRD\s*#?\s*)?([1-9]\d{4,7})\b
  8. Confidence level: Medium (75)
  9. Add supporting keywords: "CRD", "registered representative", "broker"
  10. Click Create

Custom SIT 3: MNPI Indicators

  1. Click + Create sensitive info type
  2. Configure:
  3. Name: FSI-MNPI-Indicators
  4. Description: "Detects potential material non-public information"
  5. Add pattern using keywords:
  6. Type: Keyword dictionary
  7. Keywords: "earnings announcement", "merger", "acquisition target", "quarterly results", "guidance revision", "SEC filing", "insider", "material information"
  8. Confidence level: Medium (65)
  9. Click Create

Custom SIT 4: Trade Details

  1. Click + Create sensitive info type
  2. Configure:
  3. Name: FSI-Trade-Details
  4. Description: "Detects trading activity patterns"
  5. Add pattern:
  6. Type: Regular expression
  7. Pattern: \b(BUY|SELL|HOLD)\s+\d+(?:,\d{3})*\s+(?:shares?|units?|contracts?)\s+(?:of\s+)?[A-Z]{1,5}\b
  8. Add supporting keywords: "execute", "trade", "order", "position"
  9. Click Create

Step 3: Create Keyword Dictionaries

Portal Path: Data classification > Classifiers > EDM classifiers > Keyword dictionaries

  1. Click Create keyword dictionary
  2. Configure:
  3. Name: FSI-Competitor-Names
  4. Description: "List of competitor companies for MNPI monitoring"
  5. Enter keywords (one per line)
  6. Click Create

Step 4: Configure Exact Data Match (EDM)

Portal Path: Data classification > Classifiers > EDM classifiers

  1. Click + Create EDM classifier
  2. Define schema:
  3. Name: FSI-Customer-Data-EDM
  4. Description: "Exact match for customer account data"
  5. Add columns:
  6. CustomerAccountNumber (searchable)
  7. SSN (searchable)
  8. CustomerName (supporting)
  9. Configure matching rules
  10. Upload hashed data source (see PowerShell playbook)

Step 5: Test SIT Detection

Portal Path: Data classification > Content explorer

  1. Create test document with sample sensitive data
  2. Upload to SharePoint
  3. Wait 24 hours for classification
  4. Navigate to Content explorer
  5. Filter by sensitive information type
  6. Verify test data correctly identified
  7. Check for true/false positives

Step 6: Tune SIT Accuracy

Reduce False Positives

  1. Edit the SIT > Patterns
  2. Add exclusions for common false positive formats
  3. Add keyword requirements for context
  4. Increase confidence threshold

Reduce False Negatives

  1. Edit the SIT > Patterns
  2. Add pattern variations
  3. Lower confidence threshold (carefully)
  4. Add alternative keyword groups

Back to Control 1.13 | PowerShell Setup | Verification Testing | Troubleshooting

Updated: January 2026 | Version: v1.2