Setting Up Security and Compliance for Microsoft 365

Navigate to Information Governance website in the Microsoft Compliance center.

Click +New retention policy to start the setup wizard.

Add a Name and a Description for the policy and click Next.

Choose the applications to apply the retention policy to. You can either select Apply policy only to content in Exchange email, public folders, Office 365 groups, OneDrive, and SharePoint documents.

Once you choose the locations where the retention policy applies, click Next.

Set the retention period of the messages along with other options. Configure the settings so that they meet your compliance requirements and click Next. Review the settings that you have chosen. If everything is correct, click Submit.