When setting up a DGM policy with a 'Where' clause, no incidents are created against the policy.
For Example:If the word in your 'Where' clause happens to be "It" as in 'Where Department contains any of "It"' then an incident for this policy will never be generated due to the same word "it" being in our stopword list. This list can be found in \Vontu\Protect\config\stopwords on the Detection Server.
If you remove the stopword then you have to also do the following;
Additionally, DGM's behave just like EDM in that spaces are not permitted as the field will be parsed and the two words will be seen as separate words, not part of the same phrase. For example, if the "Where" clause happens to contain a name with a space in it such as "Sales Department", then the DGM will only be looking for "Sales" only and will not generate an Incident. The solution for this is to change the data for the DGM to include an underscore, change the where clause and reindex the DGM.
See Also: KB 46663: Does DLP have a list of "common" words that it ignores?