Control Catalog
Complete catalog of 71 governance controls for Microsoft 365 AI agents.
Overview
The Control Catalog provides detailed requirements for each governance control. Controls are organized by pillar and include:
- Control objective — What the control achieves
- Regulatory relevance — Which regulations the control supports
- Zone requirements — How the control applies by zone
- Implementation links — References to playbooks for step-by-step procedures
Quick Navigation by Role
I'm a Compliance Officer...
- Start with Pillar 2: Management Controls for supervision and oversight
- Review Regulatory Framework for mappings
- Focus on: Controls 2.6, 2.11, 2.12, 2.13, 3.3
I'm a Power Platform Admin...
- Start with Pillar 1: Security Controls for DLP and access
- Review Pillar 2: Management Controls for environments
- Focus on: Controls 1.1, 1.5, 2.1, 2.3, 2.15
I'm a SharePoint Admin...
- Start with Pillar 4: SharePoint Controls
- Focus on: Controls 4.1-4.7
I'm preparing for an examination...
- Review Evidence Standards
- Check applicable controls in Regulatory Framework
Control Summary by Pillar
Pillar 1: Security Controls (28)
Protect data and systems from unauthorized access and misuse.
| ID | Control Name | Zone | Regulatory |
|---|---|---|---|
| 1.1 | Restrict Agent Publishing | All | FINRA 3110 |
| 1.2 | Agent Registry | 2-3 | FINRA 4511 |
| 1.3 | SharePoint Content Governance | 2-3 | GLBA |
| 1.4 | Advanced Connector Policies | 2-3 | - |
| 1.5 | DLP and Sensitivity Labels | All | GLBA, SOX |
| 1.6 | DSPM for AI | 3 | GLBA 501(b) |
| 1.7 | Comprehensive Audit Logging | All | FINRA 4511, SEC 17a-4 |
| 1.8 | Runtime Protection | 3 | FINRA 3110 |
| 1.9 | Data Retention | 2-3 | SEC 17a-4, FINRA 4511 |
| 1.10 | Communication Compliance | 3 | FINRA 3110 |
| 1.11 | Conditional Access and MFA | 2-3 | GLBA, SOX |
| 1.12 | Insider Risk Detection | 3 | - |
| 1.13 | Sensitive Information Types | 2-3 | GLBA |
| 1.14 | Data Minimization | 2-3 | GLBA |
| 1.15 | Encryption | All | GLBA, SOX |
| 1.16 | Information Rights Management | 2-3 | - |
| 1.17 | Endpoint DLP | 3 | GLBA |
| 1.18 | Application-Level RBAC | 2-3 | SOX |
| 1.19 | eDiscovery | 2-3 | SEC 17a-4 |
| 1.20 | Network Isolation | 3 | - |
| 1.21 | Adversarial Input Logging | 3 | FINRA 4511 |
| 1.22 | Information Barriers | 3 | FINRA 3110 |
| 1.23 | Step-Up Authentication | 3 | SOX |
| 1.24 | Defender AI-SPM | All | OCC 2011-12, GLBA |
| 1.25 | MIME Type Restrictions | All | FINRA 4511, GLBA |
| 1.26 | File Upload Restrictions | All | GLBA, FINRA 4511 |
| 1.27 | Content Moderation | All | FINRA 3110, GLBA |
| 1.28 | Policy-Based Publishing | All | SOX, FINRA 3110 |
Pillar 2: Management Controls (24)
Govern agent lifecycle, risk, and operational processes.
| ID | Control Name | Zone | Regulatory |
|---|---|---|---|
| 2.1 | Managed Environments | 2-3 | - |
| 2.2 | Environment Groups | 2-3 | - |
| 2.3 | Change Management | 2-3 | SOX |
| 2.4 | Business Continuity | 3 | - |
| 2.5 | Testing and Validation | 2-3 | FINRA 3110 |
| 2.6 | Model Risk Management | 3 | OCC 2011-12, SR 11-7 |
| 2.7 | Vendor Risk Management | 2-3 | GLBA |
| 2.8 | Segregation of Duties | 2-3 | SOX |
| 2.9 | Performance Monitoring | 2-3 | FINRA 4511 |
| 2.10 | Patch Management | 2-3 | - |
| 2.11 | Bias Testing | 3 | SR 11-7 |
| 2.12 | Supervision and Oversight | 2-3 | FINRA 3110 |
| 2.13 | Documentation | 2-3 | SEC 17a-4 |
| 2.14 | Training Program | All | FINRA 3110 |
| 2.15 | Environment Routing | All | - |
| 2.16 | RAG Source Integrity | 2-3 | FINRA 4511 |
| 2.17 | Multi-Agent Orchestration | 3 | FINRA 3110 |
| 2.18 | Conflict of Interest Testing | 3 | FINRA 3110 |
| 2.19 | AI Disclosure | 3 | - |
| 2.20 | Adversarial Testing | 3 | FINRA 3110 |
| 2.21 | AI Marketing Claims | 3 | - |
| 2.22 | Inactivity Timeout Enforcement | 2-3 | GLBA, SOX, FINRA 4511 |
| 2.23 | User Consent and AI Disclosure | All | FINRA 3110, GLBA |
| 2.24 | Feature Enablement Governance | All | SOX, FINRA 3110 |
Pillar 3: Reporting Controls (12)
Monitor, track, and report on agent activities and compliance.
| ID | Control Name | Zone | Regulatory |
|---|---|---|---|
| 3.1 | Agent Inventory | All | FINRA 4511 |
| 3.2 | Usage Analytics | 2-3 | FINRA 4511 |
| 3.3 | Compliance Reporting | 2-3 | FINRA 4511 |
| 3.4 | Incident Reporting | 2-3 | GLBA |
| 3.5 | Cost Allocation | 2-3 | - |
| 3.6 | Orphaned Agent Detection | 2-3 | - |
| 3.7 | PPAC Security Posture | 2-3 | - |
| 3.8 | Copilot Hub | 2-3 | - |
| 3.9 | Sentinel Integration | 3 | - |
| 3.10 | Hallucination Feedback | 2-3 | FINRA 4511 |
| 3.11 | Centralized Inventory Enforcement | All | FINRA 4511, SOX |
| 3.12 | Exception and Override Management | All | SOX, FINRA 3110 |
Pillar 4: SharePoint Controls (7)
SharePoint-specific governance for agent knowledge sources.
Note: Pillar 4 specializes the governance requirements from Pillars 1-3 for SharePoint as an agent knowledge source. Controls address SharePoint-specific implementation of data protection, access governance, and content management.
| ID | Control Name | Zone | Regulatory |
|---|---|---|---|
| 4.1 | SharePoint IAG | 2-3 | GLBA |
| 4.2 | Site Access Reviews | 2-3 | SOX |
| 4.3 | Retention Management | 2-3 | SEC 17a-4 |
| 4.4 | External User Controls | 2-3 | GLBA |
| 4.5 | Security Monitoring | 2-3 | - |
| 4.6 | Grounding Scope | 2-3 | FINRA 4511 |
| 4.7 | M365 Copilot Data Governance | 2-3 | - |
Control Implementation Status
Use this table to track implementation progress:
| Status | Meaning |
|---|---|
| Not Started | Control not yet implemented |
| In Progress | Implementation underway |
| Implemented | Control configured and operational |
| Verified | Control tested and verified effective |
Related Sections
- Framework — Governance principles and structure
- Playbooks — Step-by-step implementation procedures
- Reference — Supporting materials
FSI Agent Governance Framework v1.2.51 - February 2026