Control 3.6: Orphaned Agent Detection and Remediation
Control ID: 3.6 Pillar: Reporting Regulatory Reference: FINRA 4511, SOX 404, GLBA 501(b), OCC 2011-12 Last UI Verified: January 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03
Agent 365 Architecture Update
Agent 365 lifecycle governance automates orphan detection through Entra ID Lifecycle Workflows. When sponsors leave the organization, workflows automatically flag agents for reassignment or suspension -- replacing manual PowerShell scripts that query multiple platforms. See Unified Agent Governance for lifecycle workflow configuration and sponsor departure handling.
Objective
Identify and remediate AI agents that lack assigned owners, have been abandoned, or are no longer actively maintained. Orphaned agents represent security, compliance, and operational risks that must be addressed through automated detection and structured remediation workflows.
Why This Matters for FSI
- FINRA 4511: Unowned agents may generate records without proper supervision
- SOX 404: Orphaned agents bypass IT general controls for access and change management
- GLBA 501(b): Unmanaged agents accessing customer data violate safeguard requirements
- OCC 2011-12: Third-party risk extends to unmonitored agent deployments
- Security Risk: Orphaned agents are prime targets for exploitation
Control Description
This control establishes automated detection of orphaned agents through owner status monitoring, inactivity tracking, and environment health checks. Remediation workflows ensure proper reassignment, archival, or deletion with appropriate approvals.
| Capability | Description |
|---|---|
| Owner Monitoring | Detect when agent owner departs or becomes inactive |
| Activity Tracking | Flag agents with zero activity for 90+ days |
| Health Checks | Identify agents with broken connectors or environments |
| Remediation Workflow | Structured process for reassign/archive/delete |
| SLA Enforcement | Time-bound remediation with escalation |
Agent Ownership Reassignment (GA October 2025)
Microsoft released native Agent Ownership Reassignment capabilities in October 2025, providing streamlined remediation for orphaned agents:
| Method | Description | Requirements |
|---|---|---|
| PPAC Portal | UI-based reassignment in Agent Registry | Power Platform Admin role |
| PowerShell | Scripted bulk reassignment | Microsoft.PowerApps.Administration.PowerShell module |
| Power Automate | Automated reassignment workflows | Integration with HR departure triggers |
New Owner Requirements:
- Active Copilot Studio license (or equivalent)
- Member of the agent's environment
- Appropriate Maker/Admin role in environment
PowerShell Reassignment:
# Reassign agent ownership
Set-AdminPowerAppOwner -AppName $agentId `
-EnvironmentName $envName `
-AppOwner $newOwnerPrincipalId
PPAC Portal Path:
- Navigate to admin.powerplatform.microsoft.com
- Select Manage > Agents (or Resources > Power Apps)
- Locate orphaned agent
- Select ... > Change owner
- Search and select new owner
- Confirm reassignment
Orphan Categories:
| Category | Risk Level | Remediation SLA | Description |
|---|---|---|---|
| Owner Departed | Critical | 14 days | Agent owner left organization |
| Environment Deleted | Critical | 3 days | Underlying environment removed |
| No Activity (90d) | Medium | 30 days | Zero usage for extended period |
| License Expired | High | 7 days | Required license no longer valid |
| Connector Broken | Medium | 14 days | External connection failed |
| Shadow Agent (Unmanaged) | Critical | 7 days | Agent exists in tenant but not in registry |
Shadow Agent Detection
Terminology Note
"Shadow Agent" is a framework-specific term used to classify unregistered agents discovered in the tenant. This term is analogous to "shadow IT" in the broader IT governance context and is not Microsoft's official terminology. Microsoft uses "discovered apps" in Defender for Cloud Apps for similar concepts.
Shadow agents are AI agents that exist within the tenant but are not registered in the organization's agent inventory. Unlike orphaned agents (known agents that lose owners), shadow agents represent undiscovered or unmanaged deployments that bypass governance controls entirely.
Why Shadow Agents Are Critical for FSI
- Regulatory Gap - Unregistered agents cannot be included in regulatory reporting or examination responses
- Data Exposure - Shadow agents may access customer data without proper DLP controls
- Audit Failure - Examiners expect complete agent inventories; shadow agents create material gaps
- Security Risk - Unmonitored agents are prime vectors for data exfiltration or abuse
Discovery Methods
| Method | Coverage | Frequency | Tools |
|---|---|---|---|
| PowerShell Tenant Scan | Copilot Studio, Power Platform | Weekly | PowerShell, Power Platform Admin Center |
| Defender for Cloud Apps | All cloud-connected agents | Continuous | Microsoft Defender XDR |
| Entra App Registration Audit | Agents with app registrations | Weekly | Entra ID, Microsoft Graph |
| M365 Admin Center Review | Integrated apps, Copilot agents | Weekly | M365 Admin Center |
Shadow Agent Discovery Process
Step 1: Enumerate All Agents in Tenant
Use multiple discovery sources to build a comprehensive list:
# Power Platform agents
Get-AdminPowerApp -EnvironmentName $env | Where-Object { $_.Properties.appType -eq "Agent" }
# Copilot Studio agents
Connect-MicrosoftTeams
Get-CsTeamsApp | Where-Object { $_.AppType -eq "Bot" }
# Entra Agentic Users
# Note: 'AgenticUser' is a framework-defined classification. Standard Microsoft
# Entra ID userType values are 'Member' and 'Guest'. Agent identity detection
# may require querying additional attributes such as application registrations
# or service principals.
Get-MgUser -Filter "userType eq 'AgenticUser'" -All
Step 2: Compare Against Agent Registry
Cross-reference discovered agents against the inventory from Control 3.1:
- Match by Agent ID, App ID, or unique identifier
- Flag any agents not found in the registry as "Shadow Agent"
- Document discovery source and discovery date
Step 3: Risk Assessment
For each shadow agent, assess:
| Factor | Questions |
|---|---|
| Data Access | What data sources can this agent access? |
| Owner Identification | Can we identify who created this agent? |
| Business Purpose | Is there a legitimate business need? |
| Compliance Impact | Does this affect regulated data or processes? |
Step 4: Remediation Decision
| Decision | Criteria | Action |
|---|---|---|
| Register | Legitimate business need, identifiable owner | Add to registry with proper metadata |
| Transfer | Valid agent, wrong owner/zone | Reassign and register |
| Decommission | No business need or owner | Disable and schedule deletion |
| Escalate | Accessing sensitive data, unknown origin | Security team review |
Zone-Specific Shadow Agent Scanning
| Zone | Scan Scope | Frequency | Response |
|---|---|---|---|
| Zone 1 | Personal workspace apps | Monthly | Register or decommission |
| Zone 2 | Team environments, shared agents | Weekly | Register with owner assignment |
| Zone 3 | All production environments | Daily | Immediate suspension pending review |
Integration with Agent Inventory (Control 3.1)
Shadow agent detection feeds directly into the agent inventory:
- Discovery Feed - Automated discovery results populate a "Pending Review" queue in the inventory
- Reconciliation Report - Weekly report showing registry vs. tenant discrepancies
- Registration Workflow - Streamlined process to register legitimate shadow agents
- Audit Evidence - Detection logs demonstrate proactive governance for examiners
Defender for Cloud Apps Integration
Microsoft Defender for Cloud Apps provides continuous shadow agent monitoring:
- Navigate to Microsoft Defender XDR > Cloud Apps > Cloud App Catalog
- Filter for AI/ML applications and agents
- Review Discovered Apps for unmanaged agent activity
- Configure alerts for new agent discoveries
- Export findings for integration with agent registry
Key Configuration Points
- Define orphan criteria: owner departed, inactive 90+ days, broken connectors, deleted environment
- Create SharePoint orphan tracking list with status, assigned reviewer, and action fields
- Configure Power Automate flow for weekly automated detection against Entra ID
- Establish remediation options: Reassign (transfer to new owner), Archive (disable), Delete (permanent removal)
- Define approval requirements by zone and action type
- Set SLAs for review and remediation with automatic escalation
Zone-Specific Requirements
| Zone | Requirement | Rationale |
|---|---|---|
| Zone 1 (Personal) | Monthly detection; team lead approval for deletion | Low risk, simple remediation |
| Zone 2 (Team) | Weekly detection; manager approval for archive/delete | Team data exposure risk |
| Zone 3 (Enterprise) | Immediate detection; director + compliance approval; auto-suspend if unresolved | Customer-facing risk, regulatory exposure |
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| Power Platform Admin | Run detection, execute remediation actions |
| AI Governance Lead | Review orphan reports, approve sensitive actions |
| Business Unit Owner | Identify replacement owner for reassignment |
| HR Integration | Provide termination/departure notifications |
Related Controls
| Control | Relationship |
|---|---|
| 3.1 - Agent Inventory | Source of owner and status data |
| 2.3 - Change Management | Retirement workflow for orphans |
| 2.8 - Access Control | Owner determines access rights |
| 3.5 - Cost Tracking | Orphans contribute to wasted spend |
Implementation Playbooks
Step-by-Step Implementation
This control has detailed playbooks for implementation, automation, testing, and troubleshooting:
- Portal Walkthrough — Step-by-step portal configuration
- PowerShell Setup — Automation scripts
- Verification & Testing — Test cases and evidence collection
- Troubleshooting — Common issues and resolutions
Verification Criteria
Confirm control effectiveness by verifying:
- Weekly orphan detection runs without errors and flags all orphan categories
- Orphan count in M365 Admin Center Agents > Overview matches detection results
- Remediation SLAs are tracked with automatic escalation at breach
- Reassignment transfers all permissions and metadata to new owner
- Archived agents are disabled and inaccessible to users
- Deletion requires documented approval per zone requirements
Additional Resources
- Manage Copilot Agents in Integrated Apps
- Power Platform Admin Center Resources
- Entra ID User Management
- Power Automate Scheduled Flows
- Microsoft Defender for Cloud Apps - Discover and Manage Shadow IT
- Microsoft Learn: Agent 365 Identity (Preview)
- Microsoft Learn: Agent 365 Observability (Preview)
Agent ID Lifecycle Governance (Preview)
Note: The following resources are preview documentation and may change.
Microsoft Entra Agent ID provides lifecycle governance capabilities that enhance orphan detection:
- Sponsorship Model - Agents require human sponsors; orphan detected when sponsor departs
-
Lifecycle Events - Automatic notifications when agent identities require attention
-
Microsoft Learn: Governing Agent Identities - Agent lifecycle governance including orphan detection
Governed Environment Provisioning
For preventing orphaned environments through controlled provisioning with required approvals:
- Environment Lifecycle Management - Unapproved/rejected requests don't create orphaned environments; all environments have documented owners
Updated: January 2026 | Version: v1.2 | UI Verification Status: Current