diff --git a/tools/importer-msgraph-metadata/components/workarounds/workaround_connectedorganization.go b/tools/importer-msgraph-metadata/components/workarounds/workaround_connectedorganization.go
new file mode 100644
index 00000000000..7db7363fac1
--- /dev/null
+++ b/tools/importer-msgraph-metadata/components/workarounds/workaround_connectedorganization.go
@@ -0,0 +1,34 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package workarounds
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/pandora/tools/importer-msgraph-metadata/components/parser"
+)
+
+var _ dataWorkaround = workaroundConnectedOrganization{}
+
+// workaroundConnectedOrganization adds missing fields and fixes some field types.
+type workaroundConnectedOrganization struct{}
+
+func (workaroundConnectedOrganization) Name() string {
+	return "Connected Organization / identitySources is not read-only"
+}
+
+func (workaroundConnectedOrganization) Process(apiVersion string, models parser.Models, constants parser.Constants, resourceIds parser.ResourceIds) error {
+	model, ok := models["microsoft.graph.connectedOrganization"]
+	if !ok {
+		return fmt.Errorf("`connectedOrganization` model not found")
+	}
+
+	// `identitySources` is not read-only
+	if _, ok = model.Fields["identitySources"]; !ok {
+		return fmt.Errorf("`identitySources` field not found")
+	}
+	model.Fields["identitySources"].ReadOnly = false
+
+	return nil
+}
diff --git a/tools/importer-msgraph-metadata/components/workarounds/workaround_crosstenantaccesspolicyconfigurationpartner.go b/tools/importer-msgraph-metadata/components/workarounds/workaround_crosstenantaccesspolicyconfigurationpartner.go
new file mode 100644
index 00000000000..8b6bfad28df
--- /dev/null
+++ b/tools/importer-msgraph-metadata/components/workarounds/workaround_crosstenantaccesspolicyconfigurationpartner.go
@@ -0,0 +1,34 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package workarounds
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/pandora/tools/importer-msgraph-metadata/components/parser"
+)
+
+var _ dataWorkaround = workaroundCrossTenantAccessPolicyConfigurationPartner{}
+
+// workaroundCrossTenantAccessPolicyConfigurationPartner adds missing fields and fixes some field types.
+type workaroundCrossTenantAccessPolicyConfigurationPartner struct{}
+
+func (workaroundCrossTenantAccessPolicyConfigurationPartner) Name() string {
+	return "Cross Tenant Access Policy Configuration Partner / tenantId is not read-only"
+}
+
+func (workaroundCrossTenantAccessPolicyConfigurationPartner) Process(apiVersion string, models parser.Models, constants parser.Constants, resourceIds parser.ResourceIds) error {
+	model, ok := models["microsoft.graph.crossTenantAccessPolicyConfigurationPartner"]
+	if !ok {
+		return fmt.Errorf("`crossTenantAccessPolicyConfigurationPartner` model not found")
+	}
+
+	// `tenantId` is not read-only
+	if _, ok = model.Fields["tenantId"]; !ok {
+		return fmt.Errorf("`tenantId` field not found")
+	}
+	model.Fields["tenantId"].ReadOnly = false
+
+	return nil
+}
diff --git a/tools/importer-msgraph-metadata/components/workarounds/workaround_unifiedrolemanagementpolicy.go b/tools/importer-msgraph-metadata/components/workarounds/workaround_unifiedrolemanagementpolicy.go
new file mode 100644
index 00000000000..206fc3fd51f
--- /dev/null
+++ b/tools/importer-msgraph-metadata/components/workarounds/workaround_unifiedrolemanagementpolicy.go
@@ -0,0 +1,40 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+
+package workarounds
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/pandora/tools/importer-msgraph-metadata/components/parser"
+)
+
+var _ dataWorkaround = workaroundUnifiedRoleManagementPolicy{}
+
+// workaroundUnifiedRoleManagementPolicy adds missing fields and fixes some field types.
+type workaroundUnifiedRoleManagementPolicy struct{}
+
+func (workaroundUnifiedRoleManagementPolicy) Name() string {
+	return "Unified Role Management Policy / lastModifiedBy and lastModifiedDateTime are read-only"
+}
+
+func (workaroundUnifiedRoleManagementPolicy) Process(apiVersion string, models parser.Models, constants parser.Constants, resourceIds parser.ResourceIds) error {
+	model, ok := models["microsoft.graph.unifiedRoleManagementPolicy"]
+	if !ok {
+		return fmt.Errorf("`unifiedRoleManagementPolicy` model not found")
+	}
+
+	// `lastModifiedBy` is read-only
+	if _, ok = model.Fields["lastModifiedBy"]; !ok {
+		return fmt.Errorf("`lastModifiedBy` field not found")
+	}
+	model.Fields["lastModifiedBy"].ReadOnly = true
+
+	// `lastModifiedDateTime` is read-only
+	if _, ok = model.Fields["lastModifiedDateTime"]; !ok {
+		return fmt.Errorf("`lastModifiedDateTime` field not found")
+	}
+	model.Fields["lastModifiedDateTime"].ReadOnly = true
+
+	return nil
+}
diff --git a/tools/importer-msgraph-metadata/components/workarounds/workarounds.go b/tools/importer-msgraph-metadata/components/workarounds/workarounds.go
index e1f5e02aab7..05db410d063 100644
--- a/tools/importer-msgraph-metadata/components/workarounds/workarounds.go
+++ b/tools/importer-msgraph-metadata/components/workarounds/workarounds.go
@@ -22,6 +22,9 @@ var workarounds = []dataWorkaround{
 	workaroundApplication{},
 	workaroundConditionalAccessPolicy{},
 	workaroundUnifiedRoleAssignment{},
+	workaroundUnifiedRoleManagementPolicy{},
+	workaroundConnectedOrganization{},
+	workaroundCrossTenantAccessPolicyConfigurationPartner{},
 }
 
 // serviceWorkarounds make post-parsing changes to individual services and are able to make any changes to resources