Control 3.8: Copilot Hub and Governance Dashboard

Control ID: 3.8 Pillar: Reporting Regulatory Reference: FINRA 4511, SEC 17a-3/4, GLBA 501(b), SOX 404 Last UI Verified: February 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03

Objective

Establish centralized governance of Microsoft 365 Copilot and Copilot Studio agents through the unified Copilot Hub spanning M365 Admin Center and Power Platform Admin Center. This control provides visibility into AI adoption, configuration management, and agent lifecycle governance.

Feature Status (February 2026)

The Copilot Hub governance capabilities are evolving. Some features have reached GA while others remain in preview. Feature availability, naming, and functionality may change.

Feature Status Tracking:

Feature	Status (Feb 2026)	Expected GA	Workaround for GA-Only
Copilot Hub (M365 Admin)	GA	GA	N/A
Copilot Hub (PPAC)	GA	GA	N/A
Agent Registry	Preview	TBA	Manual inventory tracking
Entra Agent ID	Frontier Preview	TBA	Service principals / managed identities
Conditional Access for Agents	Preview (depends on Entra Agent ID)	TBA	Standard CA policies
M365 Admin Center Agent Settings	GA	GA	N/A
Agent 365 Unified Control Plane	Preview (Frontier)	TBA	Per-platform admin centers
Agent 365 Observability	Preview (Frontier)	TBA	Platform-specific analytics
MCP Server Governance	GA (Oct 2025)	GA	N/A

Agent Registry Visibility: Copilot Studio agents are visible. Microsoft Foundry agents expected at GA. Declarative agents appear but lack org-wide deployment — export/import required for distribution.

Check Microsoft 365 Roadmap and Message Center for GA announcements.

Terminology Clarification

Copilot Hub (Admin) - The governance interface in M365 Admin Center and PPAC for administrators to manage Copilot settings, agents, and policies. This is the focus of this control.
copilot.cloud.microsoft - The end-user portal (formerly Microsoft Copilot) where users access M365 Copilot chat. This is NOT a governance interface.

Why This Matters for FSI

FINRA 4511: Usage records support books and records requirements
SEC 17a-3/4: Agent activity documentation must be preserved
GLBA 501(b): Access control for customer data requires centralized oversight
SOX 404: IT controls for AI systems require documented governance
Examination Readiness: Copilot configuration evidence for regulators

Control Description

The Copilot Hub provides unified governance across M365 Admin Center (Copilot and Agents sections) and PPAC (Copilot section). It enables centralized settings management, agent inventory, approval workflows, and usage monitoring.

Portal	Section	Primary Functions
M365 Admin	Copilot	Settings, connectors, billing
M365 Admin	Agents	Registry, approvals, MCP Servers
PPAC	Copilot	Copilot Studio settings, usage
Dynamics 365 Sales Admin	Copilot	Sales-specific Copilot settings
Dynamics 365 Admin	Copilot	Dynamics 365 Copilot configuration
Power Pages Admin	Copilot	Power Pages Copilot settings

Per-Product Copilot Hub Pages

In addition to the primary M365 Admin Center and PPAC hubs, Microsoft provides per-product Copilot Hub pages for Dynamics 365 Sales, Dynamics 365, and Power Pages. Each product hub surfaces product-specific Copilot settings and usage analytics. FSI organizations should include these product-level hubs in governance reviews when the corresponding products are deployed.

Key Capabilities:

Capability	Description
Copilot Settings	Organization-wide AI configuration
Agent Registry	Complete inventory of all agents
Approval Workflow	Control agent publication
MCP Server Governance	Manage agent capabilities
Usage Reporting	Track Copilot adoption and usage

January 2026 Enhancements (MC1187780)

New Admin Center Capabilities

The following capabilities were announced in MC1187780 (January 2026) and are rolling out to tenants.

Security Pivot on Copilot Overview Page:

A new Security pivot has been added to the Copilot overview page in M365 Admin Center, providing quick access to security-related Copilot settings and status.

Readiness Page:

A new Readiness page organizes Copilot configuration settings into three logical categories:

Category	Settings Included
Deployment Essentials	License assignment, user enablement, rollout planning
End-User Experience	Web search, plugins, agent access, personalization
Data Security	DLP policies, sensitivity labels, audit configuration

Success Metrics:

The Readiness page displays key adoption metrics:

Metric	Description
Chat Active Users	Users actively engaging with Copilot Chat
Assisted Hours	Time saved through Copilot assistance
Satisfaction Rate	User satisfaction scores (if feedback enabled)

These enhancements consolidate governance visibility that was previously spread across multiple admin center locations.

Copilot Hub Product Pages (GA)

The Copilot Hub has been restructured into product-specific pages providing targeted AI usage and governance insights:

Copilot Studio page: Agent creation, usage, and cost metrics for Copilot Studio agents
Power Apps page: AI features usage within Power Apps
Power Automate page: AI-assisted flow creation and AI Builder usage
Settings page: Centralized Copilot Hub configuration
What's New page: Feature announcements and update notifications

Navigate to admin.powerplatform.microsoft.com > Analytics > Copilot Hub to access product pages.

ROI Analytics and Usage Insights (GA)

Time-Cost Savings Tracking: Copilot Hub now provides ROI analytics (GA since October 2025) showing estimated time savings, cost avoidance, and productivity gains from Copilot and agent usage across the tenant. These metrics support executive reporting and business justification for AI investments
Analytics Themes: Administrators can categorize Copilot usage patterns using Analytics Themes, grouping interactions by business function, department, or use case to identify high-value adoption patterns and governance gaps

AI Feature Access Control

GA Feature

AI Feature Access Control settings in the M365 Admin Center Copilot Hub are generally available. These settings provide granular user-level and feature-level controls for Microsoft 365 Copilot.

The Copilot Hub provides admin controls for managing user-level access to M365 Copilot features. These capabilities enable FSI organizations to restrict feature availability based on license assignment, role, and compliance requirements.

Feature	Status	Description	Configuration
License-Based Restrictions	GA	Control Copilot access via M365 license assignment	M365 Admin > Licenses > Assign/Remove
Admin Exclusion Groups	GA	Exclude specific users/groups from Copilot features	M365 Admin > Copilot > Settings > User access
Copilot Chat Pinning	GA	Control whether Copilot Chat is pinned in Teams/Outlook	M365 Admin > Copilot > Settings > End-User Experience
Deployment Groups	GA	Staged rollout of Copilot to specific user groups	M365 Admin > Copilot > Settings > Deployment
Web Search Control	GA	Enable/disable Copilot web grounding per organization	M365 Admin > Copilot > Settings > Data access
Agent Access Control	GA	Control which agents users can discover and use	M365 Admin > Copilot > Settings > Actions

Zone-Based AI Feature Enablement

Organizations implementing AI governance across the three-zone model should align AI feature access controls to zone risk profiles and regulatory requirements:

Setting	Zone 1 (Personal)	Zone 2 (Team)	Zone 3 (Enterprise)	Regulatory Rationale
User Access	All licensed users	All licensed users	Specific user groups only	SOX 404: controlled access to IT systems
Admin Exclusion Groups	Not required	Compliance-sensitive roles	Traders, restricted persons, investigated employees	FINRA 3110: supervisory restrictions on communications tools
Deployment Groups	Optional phased rollout	Recommended phased rollout	Mandatory phased rollout with approval gate	SEC: controlled change management for customer-facing systems
Web Search	Enabled	Disabled for MNPI teams	Disabled organization-wide	GLBA 501(b): prevent external data leakage from customer interactions
Copilot Chat Pinning	User preference	Enabled for collaboration teams	Controlled per department	Adoption management aligned with supervision requirements
Agent Access Control	All agents allowed	Organizational + Microsoft verified	Organizational only, approved list	FINRA 4511: approved tools and systems only

Recommended Rollout Path for FSI:

Pilot Phase (Zone 1): Enable Copilot for IT and Compliance teams with all features enabled and comprehensive logging
Wave 1 (Zone 1 expansion): Expand to non-customer-facing business units with Admin Exclusion Groups for compliance-sensitive roles
Wave 2 (Zone 2 entry): Staged rollout to team collaboration environments with web search disabled and organizational agents only
Wave 3 (Zone 3 production): Deploy to customer-facing environments with strictest controls, deployment groups gating access, and real-time supervision

Admin Exclusion Group Configuration

The CopilotForM365AdminExclude security group pattern enables administrators to exclude specific users from Copilot features in Microsoft admin centers (Microsoft 365 admin center, Exchange admin center, etc.) regardless of license assignment. This provides a compliance control for temporarily or permanently restricting admin-center AI tool access. Note: This exclusion group does not remove access to end-user Microsoft 365 Copilot features (e.g., Copilot in Word, Excel, Teams); those require separate license or policy controls.

Configuration Steps:

Create a security group in Entra ID (Microsoft Entra admin center > Groups > New group)
Name the group CopilotForM365AdminExclude (exact name required)
Set Group type to "Security"
Add members: users or nested groups to exclude from Copilot access
Exclusion takes effect within 24 hours of group membership change

FSI Use Cases:

Scenario	Population	Duration	Regulatory Driver
Trading blackout periods	Traders, investment bankers	Temporary (quarterly)	SEC Regulation FD, insider trading prevention
Compliance investigations	Employees under review	Temporary (investigation duration)	FINRA 3110: enhanced supervision
Restricted persons lists	Individuals with conflicts of interest	Permanent or semi-permanent	FINRA 2111: suitability, conflict management
Customer-facing trial period	Sales, advisory teams	Temporary (pilot phase)	Risk management during controlled rollout

Operational Notes:

Exclusion group membership changes propagate within 24 hours (not real-time)
Users in exclusion group retain M365 Copilot license assignment but cannot access Copilot features
Nested groups are supported (allows synchronization with existing compliance distribution lists)
Audit log captures group membership changes for compliance evidence (Entra ID > Audit logs)

Deployment Group Rollout Strategy

Deployment Groups enable phased rollout of Microsoft 365 Copilot to specific user populations, supporting controlled adoption aligned with organizational readiness and regulatory compliance validation.

Phased Rollout Pattern:

Phase	Population	Duration	Validation Criteria	Rollback Procedure
Pilot	IT, Compliance, AI Governance team (10-50 users)	4-6 weeks	Feature functionality verified, no compliance violations, positive user feedback	Remove users from deployment group
Wave 1	Non-customer-facing business units (100-500 users)	8-12 weeks	Usage metrics healthy, DLP policies effective, no audit findings	Disable deployment group, return to pilot only
Wave 2	Customer-facing with supervision (500-2000 users)	12-16 weeks	Supervision workflows validated, regulatory reporting functional	Reduce deployment group to Wave 1 scope
Wave 3	Full organization rollout	Ongoing	Continuous monitoring, quarterly compliance review	Revert to deployment group model if issues arise

Zone-Aligned Rollout Recommendations:

Zone 1 environments: Deployment groups optional; consider for large-scale rollouts to manage support load
Zone 2 environments: Recommended to validate team collaboration patterns and data exposure before full enablement
Zone 3 environments: Mandatory; align deployment group phases with change control approval gates and regulatory notification requirements

Rollback Procedure:

If issues arise during rollout (compliance violations, excessive hallucinations, user resistance):

Remove affected users from deployment group immediately (takes effect within 8 hours)
Document rollback reason and affected user count
Conduct root cause analysis before re-enabling
Update deployment criteria and validation steps
Resume phased rollout with enhanced controls

FSI Governance Guidance

AI Feature Access Control capabilities help support FINRA 4511 (restricting AI tool access to approved populations and supervised personnel), GLBA 501(b) (controlling data exposure paths via web search controls and external data access restrictions), SOX 404 (documented IT controls over AI feature rollout and change management), and SEC 17a-3 (records of AI tool access, configuration changes, and user population changes for books and records requirements).

Recommended Control Configuration for Regulated Environments:

Admin Exclusion Groups: Create and maintain exclusion groups for traders (during blackout periods), employees under compliance investigation, and restricted persons lists
Deployment Groups: Implement mandatory phased rollout with compliance review gates at each wave transition
Web Search Control: Disable organization-wide for Zone 3 environments processing customer data or MNPI; consider selective enablement for Zone 1/2 with DLP enforcement
Agent Access Control: Restrict to organizational agents only for Zone 3; require approval workflow for all agents that access customer or financial data
Copilot Chat Pinning: Align with supervision requirements — disable pinning for unsupervised roles to reduce inadvertent AI usage without oversight

Monthly Governance Review:

Export Admin Exclusion Group membership and validate against current restricted persons list
Review deployment group assignments against approved rollout plan
Audit web search usage logs for unauthorized external data access attempts
Verify agent access restrictions remain aligned with approved agent inventory

Key Configuration Points

Configure Copilot Settings with FSI defaults (disable web search, block external AI)
Configure user-level feature access via Copilot Settings
Set up Admin Exclusion Groups for compliance-sensitive users
Configure deployment groups for staged Copilot rollout
Review Agent Registry weekly for ownerless agents and pending requests
Configure allowed agent types to restrict to organizational and Microsoft-verified
Manage MCP Servers to block unnecessary data access capabilities
Set up billing policies by department for cost allocation
Configure PPAC Copilot Studio settings (disable Computer Use, restrict channels)
Export usage reports monthly for compliance documentation
Configure transcript access controls with role-based restrictions (supervisor-only access, agent creator exclusion)
Enable transcript logging with 7-year retention for FINRA/SEC compliance
Implement separation of duties controls preventing agent creators from accessing their own transcripts
Configure immutable audit trail for transcript access events with Purview Audit (Standard or Premium)
Export transcripts to immutable storage (Azure Immutable Blob Storage or compliance recording system)

PPAC Copilot Studio AI Feature Controls

The following AI feature toggles in Power Platform Admin Center and Copilot Studio control agent capabilities that may introduce data protection risks if enabled without governance. Review and configure each setting per zone requirements.

AI Feature	Portal Path	Recommended Default	Zone 1	Zone 2	Zone 3	Risk if Uncontrolled
AI Prompts	PPAC > Environment > Settings > Product > Features > AI prompts	Off	Optional (with review)	Off unless approved	Off unless approved	Unintended data exposure through AI-generated suggestions
Generative Actions	Copilot Studio > Agent > Overview > Orchestration	Off	Optional (with review)	Off unless approved	Off unless approved	Unauthorized system actions, prompt injection, data exfiltration
File Analysis	Copilot Studio > Agent > Settings > Generative AI > File processing	Off	Optional (with review)	Off unless approved	Off unless approved	Sensitive file content processed without classification awareness
Model Knowledge	Copilot Studio > Agent > Settings > Generative AI > Use model knowledge	Off	Optional for low-risk	Off unless approved	Off	Unverified/hallucinated content in responses to sensitive queries
Semantic Search	Copilot Studio > Agent > Settings > Generative AI > Use semantic search	Off	Optional for low-risk	Off unless approved	Off unless approved	Indirect information leakage through intent-based knowledge retrieval
Generative AI Features	PPAC > Environment > Generative AI features	Review per-environment	Enable selectively	Restrict by default	Restrict by default	Uncontrolled AI feature availability across environments
Move Data Across Regions	PPAC > Environment > Generative AI features	Off	Off unless required	Off	Off	Data residency violations, regulatory non-compliance
Bing Search	PPAC > Environment > Generative AI features	Off	Optional	Off	Off	External data leakage from customer interactions
Microsoft 365 Services	PPAC > Environment > Generative AI features	Review per use case	Enable selectively	Review with compliance	Review with compliance	Uncontrolled data access across M365 service boundaries

AI Feature Governance for Regulated Environments

For Zone 2 and Zone 3 environments, disable all AI feature toggles by default and enable only through a documented approval process that includes:

Business justification for the specific feature
Data classification review (what data the agent accesses)
Risk assessment documenting mitigating controls
Compliance officer sign-off
Quarterly re-attestation of continued need

Conversational Transcript Access Governance

Copilot Studio conversational transcripts contain user inputs, agent responses, and organizational context that may include confidential data, customer information, or material non-public information (MNPI). Proper transcript access governance supports regulatory compliance with communications supervision, records retention, and separation of duties requirements.

Granular Access Controls

Role-Based Access Restrictions:

Organizations should implement granular access control for transcripts aligned with regulatory supervision requirements:

Access Level	Permitted Roles	Typical Entra ID Groups	Regulatory Rationale
Full Transcript Access	Compliance Officers, Supervisors, Audit Teams	`Copilot-Compliance-Supervisors`, `Internal-Audit-Team`	FINRA 3110: supervisory review of electronic communications
Agent Performance Data Only	Agent Developers, Product Managers	`Copilot-Studio-Developers`, `AI-Product-Managers`	SOX 404: separation of duties - developers cannot access production communications
No Access	Agent Creators/Operators (same individual)	Self-service exclusion	FINRA 3110: prevent self-supervision of communications
Read-Only Audit Access	External Auditors (time-limited)	`External-Audit-FY2026`	SEC 17a-4: examiner access for regulatory review

Configuration Path: PPAC > Environment > Settings > Product > Features > Copilot Studio Agents > Transcript Access

Recommended Practice: Use Entra ID Conditional Access to enforce MFA and compliant device requirements for transcript access roles.

Transcript Retention and Supervision

Regulatory Retention Requirements:

Regulation	Retention Period	Scope	Implementation Requirement
FINRA 4511	7 years (3 years readily accessible)	All agent conversations involving customer interactions or recommendations	Export transcripts to immutable storage (e.g., Compliance Recording)
SEC 17a-3/4	7 years	Communications related to securities transactions or advisory services	Transcript exports with tamper-evident audit trail
CFTC 1.31	5 years	Commodity futures/derivatives communications	Transcript retention with regulatory retrieval capability
SOX 404	Align with IT records policy (typically 7 years)	Agent configurations and system change records	Transcript metadata (who accessed, when, configuration state)

Retention Configuration Guidance:

Enable transcript logging: PPAC > Environment > Settings > Product > Features > Copilot Studio Agents > Enable Transcript Storage
Configure retention period: Set minimum 7-year retention for FSI environments (align with FINRA/SEC requirements)
Export to immutable storage: Use Power Automate flows to automatically export transcripts to Azure Immutable Blob Storage or approved compliance recording systems
Tag customer-facing transcripts: Apply metadata tags to differentiate customer-facing vs. internal-only conversations for retention policy enforcement

Supervision Workflow Integration:

Organizations subject to FINRA 3110 supervision requirements should implement automated transcript review workflows:

Daily Export: Export new transcripts from Copilot Studio to supervision platform
Risk-Based Sampling: Route high-risk keywords (e.g., "trade", "recommendation", "guaranteed return") to compliance review queue
Supervisor Assignment: Assign transcripts to designated supervisors (not agent creators) for review
Exception Escalation: Flag policy violations for escalated review and remediation
Quarterly Attestation: Supervisors attest to completion of transcript review for audit evidence

Separation of Duties

Agent Creator/Operator Restrictions:

To support FINRA 3110 supervision requirements and prevent self-review of communications, organizations should implement the following separation of duties controls:

Control	Implementation	Enforcement Mechanism
Prevent creator self-access	Agent creators cannot access transcripts of agents they built	Entra ID Conditional Access policy denying transcript access role to `Copilot-Studio-Publishers` group
Supervisor assignment	All agent transcripts assigned to independent supervisor	Automated workflow assigns supervisor based on agent's business unit (not creator's)
Restricted operator access	Users operating agents daily cannot access historical transcripts without supervisor approval	RBAC policy requires `Supervisor-Approval` claim for transcript access
Compliance-only export	Bulk transcript exports restricted to Compliance team	PPAC environment security role limits "Export Data" permission to Compliance Officers

Recommended Implementation:

Create two separate Entra ID groups:
Copilot-Studio-Publishers (agent creators/developers) — NO transcript access
Copilot-Compliance-Supervisors (supervisors/compliance) — Full transcript access
Configure PPAC environment security roles to enforce separation
Use Conditional Access to block Copilot-Studio-Publishers from transcript URLs
Document separation in AI Governance Policy and verify quarterly

Immutable Transcript Audit Trail

Tamper-Evident Logging:

To support SEC 17a-4(f) WORM (Write Once, Read Many) requirements and audit integrity, organizations should implement immutable audit trail capabilities for transcript access and modifications:

Audit Event	Required Metadata	Retention	Regulatory Justification
Transcript Accessed	User ID, timestamp, transcript ID, access duration	7 years	SEC 17a-4: audit trail of record access
Transcript Exported	User ID, timestamp, export scope, destination	7 years	FINRA 4511: evidence of records production
Transcript Deleted	User ID, timestamp, transcript ID, deletion reason, supervisor approval	Permanent	SOX 404: change management audit
Access Policy Changed	Admin ID, timestamp, old/new policy, approval ticket	Permanent	FINRA 3110: supervision policy changes

Implementation Options:

Purview Audit (Standard): Enable Purview Audit (Standard) and retain Copilot Studio audit events for 180 days (extend to 7 years with retention policy)
Purview Audit (Premium): Capture granular transcript access events with 10-year retention and intelligent insights
Export to SIEM: Forward Copilot Studio audit logs to security information and event management (SIEM) for correlation with other security events
Immutable Storage: Configure Azure Immutable Blob Storage with legal hold or time-based retention for exported transcript archives

Verification Steps:

Confirm Purview Audit logging captures "Copilot Studio transcript accessed" events
Verify audit retention policy set to minimum 7 years for FSI compliance
Test transcript export integrity with SHA-256 hash verification
Validate access policy changes trigger workflow approval and audit log entry
Conduct quarterly audit log review for unauthorized transcript access attempts

Caveat: Organizations should verify that their chosen audit and storage configurations meet their specific regulatory obligations. This control provides technical capabilities to support compliance but does not ensure regulatory compliance without proper implementation and ongoing validation.

DLP for Agent Publishing Connectors

Block agent publishing connectors via DLP policies: Apply Data Loss Prevention policies at the environment level to block connectors such as "Copilot Studio for Microsoft Teams" and "M365 Copilot channel" in environments where agent publishing should be restricted. This prevents unauthorized deployment of AI agents through unapproved channels. See Control 1.5 for DLP policy configuration details

Zone-Specific Requirements

Zone	Requirement	Rationale
Zone 1 (Personal)	Baseline settings; monthly review; transcript access: team leads + compliance	Low-risk personal use; limited supervision requirements
Zone 2 (Team)	Approval required for shared agents; weekly registry review; transcript access: designated supervisors (not agent creators)	Team data exposure; enhanced supervision for collaboration
Zone 3 (Enterprise)	Strictest settings; real-time monitoring; executive reporting; transcript access: compliance officers only with 7-year immutable retention	Customer-facing, highest risk; full FINRA/SEC supervision requirements

Roles & Responsibilities

Role	Responsibility
Entra Global Admin	Configure Copilot settings, manage billing
AI Administrator	Manage Copilot settings and feature access (delegated)
Power Platform Admin	Configure PPAC Copilot, Copilot Studio settings; Configure transcript access restrictions
AI Governance Lead	Review agent registry, approve publications
Compliance Officer	Validate settings meet regulatory requirements; Review and approve Admin Exclusion Group membership for regulatory compliance; Access and review conversational transcripts for supervision (FINRA 3110)
Supervisor	Review assigned agent transcripts for compliance violations; Cannot access transcripts for agents they created (separation of duties)

Control	Relationship
1.1 - Restrict Agent Publishing	Enforced via Agent Settings
1.2 - Agent Registry	Centralized in Agents section
3.2 - Usage Analytics	Usage reports integration
3.7 - Security Posture	Complementary governance
2.22 - Inactivity Timeout Enforcement	Inactivity timeout compliance scan results provide data for consolidated governance visibility

Automated Validation: Agent Access Governance Monitor

For automated detection of overly permissive agent access configurations across Power Platform environments, see the Agent Access Governance Monitor solution.

Capabilities:

Zone-based agent access compliance validation (Zone 1/2/3 requirements)
Daily scheduled drift detection with baseline comparison
Teams adaptive card alerts with severity classification
Dataverse-persisted validation history for audit trail
SHA-256 integrity-hashed evidence export for examination support

Deployable Solution: agent-access-monitor provides PowerShell validation scripts, Power Automate flow definitions, and Dataverse schema for persistent governance state.

Implementation Playbooks

Step-by-Step Implementation

This control has detailed playbooks for implementation, automation, testing, and troubleshooting:

Portal Walkthrough — Step-by-step portal configuration
PowerShell Setup — Automation scripts
Verification & Testing — Test cases and evidence collection
Troubleshooting — Common issues and resolutions

Advanced Implementation: Configuration Hardening Baseline

This control is covered by the Configuration Hardening Baseline, which consolidates SSPM-detectable settings across all 7 mapped controls into a single reviewable checklist with automation classification and evidence export procedures.

Advanced Implementation: Unrestricted Agent Sharing Detector

For continuous detection of overly permissive agent sharing configurations at the per-agent level, see the Unrestricted Agent Sharing Detector. Complements the Agent Access Governance Monitor (environment-level) with per-agent sharing violation detection, automated remediation, and exception management.

Governance Script: Zone Access Validation

Test-ZoneAgentAccess.ps1 validates M365 Admin Center agent access settings against zone-based governance policies. Checks agent access policy alignment (Zone 1: all agents, Zone 2: Org + Microsoft verified, Zone 3: Org only), admin exclusion group membership, staged deployment group configuration, and web search controls — with drift detection and adaptive card alerting via adaptive-card-zone-access-alert.json (in FSI-AgentGov-Solutions).

Script Location: scripts/governance/Test-ZoneAgentAccess.ps1

Verification Criteria

Confirm control effectiveness by verifying:

Copilot Settings accessible with all four tabs (User access, Data access, Actions, Other)
Web search for M365 Copilot disabled for compliance-sensitive environments
Admin Exclusion Groups correctly exclude designated users
Deployment groups limit Copilot access to approved user populations
Agent Registry shows all agents with accurate owner information
Pending agent requests reviewed and actioned within SLA
Ownerless agents identified and assigned within 14 days
Monthly usage reports exported and archived
AI Prompts toggle is disabled in PPAC for Zone 2/3 environments (PPAC > Environment > Settings > Features)
Generative Actions are disabled for all agents without documented approval (Copilot Studio > Agent > Orchestration)
File Analysis is disabled for agents without documented data classification review
Model Knowledge is disabled for agents handling sensitive data
Semantic Search is disabled for agents without approved and scoped knowledge bases
Generative AI features, Move Data Across Regions, and Bing Search are reviewed and restricted per-environment
Conversational transcript access is restricted to authorized personnel
DLP policies block agent publishing connectors in restricted environments
Transcript access roles configured with separation of duties (agent creators excluded)
Transcript retention policy set to minimum 7 years for FINRA/SEC compliance
Transcripts exported to immutable storage with tamper-evident audit trail
Purview Audit logging captures all transcript access events with 7-year retention
Supervisor assignment workflow prevents agent creators from reviewing their own transcripts
Quarterly review of transcript access audit logs for unauthorized access attempts

Additional Resources

Microsoft Audit Reporting Tools

For enhanced Copilot/AI reporting beyond native M365 Admin Center capabilities, see:

Microsoft Audit Reporting Tools Playbook - AI-in-One Dashboard and PAX (Portable Audit eXporter) for enterprise-scale analytics

Microsoft Agent 365 Strategic Context (Preview)

Preview Notice

Microsoft Agent 365 was announced at Ignite 2025 as the strategic evolution of agentic AI capabilities. The following reflects preview guidance that may change.

Microsoft Agent 365 represents Microsoft's unified platform for agentic AI across the Microsoft ecosystem, announced at Ignite 2025. For FSI organizations, this signals:

Consideration	Current State	Future Direction
Governance Surface	Copilot Hub (M365 Admin + PPAC)	Unified Agent 365 governance (roadmap)
Agent Types	Copilot Studio, Declarative, Extensions	Converging to Agent 365 SDK model
Identity Model	Service principals, user delegation	Agent ID (Entra workload identities)

Recommended Approach: - Continue implementing Copilot Hub governance controls as documented - Monitor Agent 365 roadmap for GA timeline and migration guidance - Plan for potential governance consolidation in 2026-2027 - Note that admins can block or delete declarative agents from the registry but cannot deploy them org-wide; export/import workflows are required for broader distribution

Agent Essentials Governance (Preview)

Note: The following resources are preview documentation and may change.

Microsoft's Agent Essentials provides additional governance visualization and planning tools:

Visual Governance Map - Decision flow for agent governance settings
MCP Governance - Model Context Protocol server management in Agent settings
Microsoft Learn: Agent Visual Governance Guide (Preview) - Visual map for governance decision points
Microsoft Learn: Agent Deployment Checklist (Preview) - Comprehensive governance checklist

Data Refresh Timing

Settings Propagation

Configuration changes made in the Copilot Hub may take up to 8 hours to fully propagate across the tenant. Plan changes accordingly and verify settings after the propagation window.

Updated: February 2026 | Version: v1.3 | UI Verification Status: Current