Step 1 – Problem statement
User1 has the Compliance Administrator role but cannot view the regular expression in the built-in IP Address sensitive info type.
This is expected because:
Microsoft provides a large set of built-in sensitive info types (SITs).
For these built-in SITs, the underlying regular expressions, keywords, or detection logic are not exposed to administrators for security reasons.
As a result, even with Compliance Administrator privileges, User1 cannot directly see or modify the regex in the built-in IP Address SIT.
Step 2 – Microsoft solution
To view or modify the regex:
You must create a copy of the built-in SIT.
Once copied, the new custom SIT allows you to edit and view the regex and supporting elements.
This is the only supported way to customize or examine the detection logic.
???? Reference: Create a custom sensitive information type
“You can't directly modify the definitions of built-in sensitive information types, but you can create a copy of an existing SIT and then edit it.”
Step 3 – Why not the other options?
A. Reviewer role group → Reviewers are for records management/discovery, not SIT regex visibility.
C. Test function → Allows you to test SIT detection but does not reveal the regex.
D. Global Reader role → Read-only access, does not expose regex definitions either.
