What is a policy threshold?
A policy threshold is a numeric value or a percentage of matched items that can be set to determine whether a policy is compliant or not compliant.
The threshold only affects reporting and does not impact remediation actions. This means that the remediation action will always be executed regardless of the set threshold.
For example, if your organization is okay with having up to 10 unused licenses because you know you will recycle them, you can set this number as your threshold.
In the reporting, if the unused licenses detected are less than 10, the policy will be displayed with green icons and labels, indicating compliance with the set threshold.
Conversely, if more than 10 unused licenses are detected, the icons and labels will turn red, indicating non-compliance.
Threshold and Health Check
Setting a threshold is important because it influences reports, including the Health Check.
The Health Check is a set of widget-based dashboards that offer a comprehensive snapshot of the governance of your Microsoft 365 environment. By setting a threshold, you can clearly see where you lack control and easily improve your security posture.
Depending on the threshold settings, icons, and matched item labels will be flagged with different colors.
- Red means that the policy is not compliant with the set threshold.
- Green means that the policy is compliant with the set threshold.
Blue indicates that the threshold is not set.
This is only possible for Custom policies, as setting a threshold is required for Out-of-the-Box policies.
Predefined threshold values
By default, the threshold value for Out-of-the-Box policies is 0, while custom policies have no default threshold set.