Override Approvals and Releasing Blocked Content
Allowing users to override DLP matches in SPO/ODfB without any sort of admin approval defeats the purpose of implementing DLP. In addition, should content that matches DLP rules end up being allowed, having a way to 'exclude' the content or release it from the actions taken is a basic function of other DLP tools.
This is a request to implement:
1. Admin approval for user overrides
2. A method to exempt content that has matched policy (that is not a false positive), without implementing user overrides and without having to exclude the whole site.
I am surprised this is still something not addressed. We have override policies for Exchange Online, when a set amount of the same sensitive content is detected, it sends an approval process to to cybersecurity group to determine if the email be sent or not.
The same should be when trying to share a sdocument that may contain more than X amount of sensitive types