Control 2.2: Environment Groups and Tier Classification
Control ID: 2.2 Pillar: Management Regulatory Reference: FINRA 4511, GLBA 501(b), SOX 302/404, OCC 2011-12 Last UI Verified: January 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03
Objective
Provide scalable governance by applying consistent policies across multiple Power Platform environments based on risk classification through environment groups and governance zone alignment.
Why This Matters for FSI
- FINRA 4511: Consistent recordkeeping controls across environments through transcript access and usage insights rules
- GLBA 501(b): Uniform data protection via sharing restrictions, authentication requirements, and IP binding
- SOX 302/404: Segregation of duties enforced through zone classification and solution checker blocking
- OCC 2011-12: Model risk management through external AI model restrictions and experimental feature controls
Control Description
Environment Groups enable consistent governance policy application across multiple Power Platform environments. By grouping environments and applying rules, administrators can enforce sharing limits, channel restrictions, authentication requirements, and AI model governance at scale.
This control implements a three-zone governance model:
- Zone 1 (Personal Productivity): Individual experimentation and learning; non-sensitive data only; lowest blast radius
- Zone 2 (Team Collaboration): Shared team workloads and shared data sources; internal/confidential data; moderate blast radius
- Zone 3 (Enterprise Managed): Production and enterprise-managed workloads; may include regulated data; highest audit expectations
Environment groups work in conjunction with Managed Environments (Control 2.1) and Environment Routing (Control 2.15) to ensure makers are placed into correctly governed environments that inherit appropriate rules automatically.
Critical Security Note: Computer-Using Agents (CUA) must be DISABLED for all environment groups in FSI organizations due to significant security risks including data exposure, unauthorized actions, and audit trail gaps.
Key Configuration Points
- Create environment groups aligned to governance zones (Personal/Team/Enterprise)
- Configure all applicable environment group rules per zone (see comprehensive rules table below)
- Publish rules after configuration — unpublished rules have no effect
- Monitor for new rules added by Microsoft and evaluate for zone applicability
Comprehensive Environment Group Rules
The following table documents all available environment group rules with FSI zone recommendations:
| Rule | Zone 1 (Personal) | Zone 2 (Team) | Zone 3 (Enterprise) | FSI Rationale |
|---|---|---|---|---|
| Agent sharing | Disabled | Enabled (with approval) | Enabled (governed) | Helps prevent unauthorized agent distribution |
| Canvas app sharing | Disabled | Enabled (with controls) | Enabled (governed) | Limits blast radius of shared apps |
| Solution checker enforcement | None | Warn | Block | Catches quality/security issues before deployment |
| External AI models | Disabled | Disabled | Disabled | Helps prevent unvetted model usage in regulated environments |
| Computer-Using Agents (CUA) | Disabled | Disabled | Disabled | Data exposure, unauthorized actions, audit gaps |
| Authentication for agents | Optional | Required | Required | Ensures identity verification for shared agents |
| Transcript access | Enabled | Enabled | Enabled | Supports FINRA 4511 books and records |
| Usage insights | Enabled | Enabled | Enabled | Provides adoption and compliance telemetry |
| Advanced Connector Policies (ACP) | Not applied | Applied | Applied | Controls connector-level permissions and data flow |
| Deployment pipeline | Not required | Recommended | Required | Enforces change management via ALM |
| IP firewall binding | Not required | Recommended | Required | Restricts environment access to approved networks |
| Customer Managed Key (CMK) | Not required | Not required | Recommended | Additional encryption key governance for regulated data |
| Generative AI features | Enabled (limited) | Enabled | Enabled (with monitoring) | Controls AI feature availability per zone |
| Copilot for makers | Enabled | Enabled | Enabled (with audit) | AI-assisted development in Power Platform |
| AI prompts | Enabled | Enabled | Enabled (with DLP) | Controls prompt-based AI capabilities |
| Agent builder | Enabled | Enabled (with DLP) | Enabled (governed) | Controls who can build agents |
| Channel publishing | Restricted | Controlled | Governed (approval required) | Limits agent publishing channels |
| Backup and restore | Default | Configured | Required (with RTO/RPO) | Supports BCDR requirements |
| Maker analytics | Enabled | Enabled | Enabled | Maker activity visibility |
| Managed environment activation | Recommended | Required | Required | Prerequisite for advanced governance features |
| Environment routing target | Default fallback | Routed via security group | Routed via security group | Ensures makers land in governed environments |
Rule Updates
Microsoft periodically adds new environment group rules. Review the Environment Group Rules documentation quarterly to incorporate new rules into zone configurations.
Zone-Specific Requirements
| Zone | Requirement | Rationale |
|---|---|---|
| Zone 1 (Personal) | Apply baseline environment groups; document exceptions; disable sharing and external models | Reduces risk from personal use while keeping friction low |
| Zone 2 (Team) | Apply zone-aligned rules consistently; require named owner and approval trail; retain rule snapshots | Shared agents increase blast radius; controls must be consistently applied |
| Zone 3 (Enterprise) | Require strictest configuration enforced via policy; treat rule changes as controlled changes with change tickets | Enterprise agents handle most sensitive content and highest regulatory risk |
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| Power Platform Admin | Create environment groups, configure rules, publish rule changes |
| Environment Admin | Add environments to groups, manage environment-level settings |
| Compliance Officer | Approve zone classifications, review rule configurations |
| AI Governance Lead | Define governance zone requirements, agent-specific rules |
| IT Security | Review security rules (IP firewall, authentication, CUA settings) |
Related Controls
| Control | Relationship |
|---|---|
| 2.1 - Managed Environments | Environment-level governance that complements group rules |
| 2.15 - Environment Routing | Automatic maker placement into governed environments |
| 1.4 - Advanced Connector Policies | Connector governance that complements group rules |
| 1.5 - DLP and Sensitivity Labels | Data policies that complement group rules |
Exception Criteria for Simplified Classification
The following scenarios qualify for expedited classification without full assessment:
| Scenario | Classification | Justification |
|---|---|---|
| Proof-of-concept (≤30 days, ≤5 users, no production data) | Zone 1 Auto-Approve | Limited scope, no regulatory exposure |
| Training/demo environment (no customer data) | Zone 1 Auto-Approve | Educational purpose only |
| Migration of existing approved agent to new environment | Retain original zone | No change in risk profile |
Exception Request Process:
- Document business justification
- Confirm data sensitivity (must be public/internal only)
- Set expiration date (max 30 days for POC exceptions)
- Obtain AI Governance Lead approval
- Log exception in governance register
Implementation Playbooks
Step-by-Step Implementation
This control has detailed playbooks for implementation, automation, testing, and troubleshooting:
- Portal Walkthrough — Step-by-step portal configuration
- PowerShell Setup — Automation scripts
- Verification & Testing — Test cases and evidence collection
- Troubleshooting — Common issues and resolutions
Verification Criteria
Confirm control effectiveness by verifying:
- Environment groups exist for each governance zone (Zone 1/2/3) with descriptive names
- All production environments are assigned to appropriate zone groups
- Rules are published and show "Published" status with timestamp
- New environments added to a group inherit rules automatically
- Computer-Using Agents (CUA) rule is disabled for all environment groups
Additional Resources
- Microsoft Learn: Environment Groups Overview
- Microsoft Learn: Environment Group Rules
- Microsoft Learn: Managed Environments Overview
- Microsoft Learn: Power Platform Administration
Advanced Implementation: Environment Lifecycle Management
For automated environment provisioning with automatic Environment Group assignment based on zone classification, see Environment Lifecycle Management.
Updated: January 2026 | Version: v1.2 | UI Verification Status: Current