Control 4.1: SharePoint Information Access Governance (IAG) / Restricted Content Discovery
Control ID: 4.1
Pillar: SharePoint
Regulatory Reference: GLBA 501(b), GLBA §§521-523, SEC Reg S-P, SEC 17a-4, FINRA 4511, FINRA 25-07, SOX 302/404
Last UI Verified: April 2026
Governance Levels: Baseline / Recommended / Regulated
Objective
Control which SharePoint sites and content Microsoft 365 Copilot and AI agents can access. Verify that Copilot queries against RCD-protected sites return no results, even when users have permission to view the content directly.
Why This Matters for FSI
- GLBA 501(b) (16 CFR Part 314 — Safeguards Rule): Requires administrative, technical, and physical safeguards for customer nonpublic personal information (NPI); IAG aids in restricting AI agents from surfacing NPI from sites holding customer financial records
- SEC Reg S-P (17 CFR §248.30): Mandates written policies to protect customer records and information; RCD/RAC help meet the access-control element by scoping which repositories Copilot may surface
- SEC Rule 17a-4(f): Books-and-records preservation requires that recordkeeping systems remain controlled; IAG audit events (RCD enable/disable with justification) supply the evidence trail required for examination
- FINRA Rule 4511(a) & FINRA 25-07: Books-and-records integrity and supervision of generative AI; maintains a documented governance posture over what AI tools can read across the firm
- SOX 302/404: Internal controls over financial reporting; restricting agent reach into SOX-scoped sites supports segregation of duties and ICFR assertions
- Information Barriers: Supports the "ethical wall" expectations under FINRA 3110 supervision and MNPI handling rules to separate M&A, trading, research, and investment-banking populations
- GLBA §§521-523 (15 USC 6821-6823):[^1] Prohibits obtaining customer information through false pretenses (pretexting); IAG controls help demonstrate that AI agents access only legitimately authorized content
[^1]: GLBA §§521-523 (15 USC 6821-6823) address pretexting — obtaining customer information under false pretenses. While primarily a prohibition rather than a safeguard requirement, IAG controls help demonstrate that AI agents are not circumventing access controls to obtain customer information inappropriately.
No companion solution by design
Not all controls have a companion solution in FSI-AgentGov-Solutions; solution mapping is selective by design. This control is operated via native Microsoft admin surfaces and verified by the framework's assessment-engine collectors. See the Solutions Index for the catalog and coverage scope.
Control Description
Licensing Prerequisites
This control requires SharePoint Advanced Management (SAM) capabilities. SAM features (including RCD, RSS, RAC, and Data Access Governance reports) are now included with Microsoft 365 Copilot licenses — no separate add-on purchase is required for Copilot-licensed organizations. The only SAM feature requiring a separate add-on is Restricted Site Creation. Organizations without Copilot licenses still require the standalone SAM add-on.
Copilot License Required for Restricted Content Discovery
As of the March 2026 Microsoft Learn update, Restricted Content Discovery (RCD) requires at least one user assigned a Microsoft 365 Copilot license in the tenant as a hard prerequisite. Tenants without any Copilot license assignments cannot enable RCD. Organizations should verify Copilot license assignment before planning RCD deployment. See Restricted Content Discovery documentation for current prerequisites.
This control establishes governance over SharePoint content accessibility to Microsoft 365 Copilot and AI agents. SharePoint Information Access Governance provides multiple mechanisms to control what content AI can access:
Restricted Content Discovery (RCD) is a block-list approach where administrators specify sites to exclude from Copilot. This is ideal for mature deployments with good data hygiene.
Restricted SharePoint Search (RSS) is an allow-list approach where only explicitly approved sites are accessible to Copilot chat and agentic experiences. RSS is designed as a short-term solution to allow time for administrators to review and audit site permissions — it is not intended or scalable for long-term use. Comprehensive data security solutions such as SharePoint Advanced Management and Microsoft Purview should replace RSS for ongoing governance. This Zero Trust model is recommended for initial Copilot deployments.
Verify Current RSS Site Limit
The 100-site limit referenced below was current as of January 2026. Microsoft may update this limit — verify the current value at Restricted SharePoint Search documentation before implementation.
Current documented limit: Up to 100 sites can be added to the RSS allowlist.
Restricted Access Control (RAC) enables ethical walls by limiting site access to specific security groups regardless of individual sharing permissions, ideal for M&A deal rooms, trading desk separation, and regulatory examination sites.
The control is designed to prevent AI agents from surfacing sensitive content inappropriately, even when users have legitimate access to it.
Key Configuration Points
- RCD Copilot license prerequisite: Verify that at least one user in the tenant has an assigned Microsoft 365 Copilot license before enabling RCD — this is a hard dependency as of the March 2026 Microsoft Learn update
- Enable Restricted Content Discovery (RCD) for all enterprise-managed and regulated sites containing sensitive data
- Consider Restricted SharePoint Search (RSS) allow-list approach for initial Copilot deployments (Zero Trust)
- Configure Restricted Access Control (RAC) for information barrier scenarios (M&A, trading, research separation)
- Run Data Access Governance reports to identify oversharing risks before Copilot deployment
- Document all restricted sites with business justification and review schedule
- RCD delegation with justification logging (GA): SharePoint site administrators can now manage RCD settings for their sites when delegated by tenant administrators. When site admins enable or disable RCD, they must provide a justification, which is captured in the audit log for compliance tracking
- RCD audit events: All RCD state changes (enable, disable, justification records) are captured as SharePoint audit events, supporting FINRA 4511, FINRA 25-07 recordkeeping requirements and providing evidence trails for compliance audits
- Restricted Access Control (RAC) enhancements: RAC now supports up to 10 security groups per site (expanded from previous limits), providing more granular access control. Use
Start-SPORestrictedAccessForSitesInsightsPowerShell cmdlet to generate reports on RAC-protected site access patterns - RAC delegation to site admins: SharePoint administrators can delegate RAC management to site admins using
Set-SPOTenant -DelegateRestrictedAccessControlManagement $true. When delegated, site admins must provide justification when updating the policy. Check delegation status withGet-SPOTenant | Select-Object DelegateRestrictedAccessControlManagement
Technical Implementation Notes
RCD Reindexing Latency
When RCD is enabled on a site, SharePoint must reindex every file in the site to update the Semantic Index. This process may take several hours for large sites with thousands of documents. Plan RCD enablement during maintenance windows and verify restriction effectiveness after reindexing completes.
Site Administrator Control (January 2026)
As of January 2026, site collection administrators can enable or disable RCD for their own sites without requiring SharePoint tenant administrator intervention. This enables a distributed governance model where site owners can protect sensitive content while maintaining central oversight through tenant-level monitoring and DAG reports.
Recent Interaction Discovery Exception
Users who have recently interacted with content (viewed, edited, or shared) may still discover that content through Microsoft 365 Copilot even when RCD is enabled on the site. RCD primarily prevents org-wide discovery scenarios (SharePoint home, Office.com, Bing) but does not override a user's individual interaction history.
Zone-Specific Requirements
| Zone | Requirement | Rationale |
|---|---|---|
| Zone 1 (Personal) | Baseline tenant-wide IAG settings enabled; Data Access Governance (DAG) "oversharing" report reviewed; documented exception process for any user-flagged sensitive site | Reduces personal-use risk while keeping friction low; DAG visibility is required before broad Copilot enablement |
| Zone 2 (Team) | RCD applied to every shared agent knowledge source containing internal/confidential data; owner approval and business justification logged before knowledge source attachment; semi-annual review of restricted site list | Shared agents amplify data exposure across team boundaries; consistent controls and documented owner accountability are recommended to support FINRA 3110 supervision |
| Zone 3 (Enterprise) | RCD required on all SOX-scoped, MNPI, NPI, and regulatory-examination sites; RAC required for information-barrier scenarios (M&A, trading, research, IB) using Entra security groups; quarterly attestation by Compliance; RCD/RAC justification audit events fed to SIEM | Highest regulatory and reputational risk; strictest content governance is required to support SEC 17a-4, FINRA 4511, and ethical-wall expectations |
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| SharePoint Admin | Configure RCD/RSS/RAC settings, run Data Access Governance reports |
| SharePoint Site Collection Admin | Manage site-specific access restrictions |
| Compliance Officer | Approve restriction configurations, review audit logs |
| AI Governance Lead | Define policies for content accessibility to agents |
Related Controls
| Control | Relationship |
|---|---|
| 1.3 - SharePoint Content Governance | Foundation for SharePoint permissions; IAG builds on base security |
| 1.5 - DLP and Sensitivity Labels | Labels can trigger automatic content restrictions |
| 1.6 - DSPM for AI | AI access monitoring and oversharing assessment |
| 1.14 - Data Minimization | Complementary scope control principles |
| 4.2 - Site Access Reviews | Periodic reviews of restricted sites |
| 4.6 - Grounding Scope Governance | Controls Semantic Index content inclusion |
| 4.8 - Item-Level Permission Scanning | Item-level permissions within agent knowledge source libraries |
Implementation Playbooks
Step-by-Step Implementation
This control has detailed playbooks for implementation, automation, testing, and troubleshooting:
- Portal Walkthrough — Step-by-step portal configuration
- PowerShell Setup — Automation scripts
- Verification & Testing — Test cases and evidence collection
- Troubleshooting — Common issues and resolutions
Verification Criteria
Confirm control effectiveness by verifying:
- All regulated/enterprise-managed sites have RCD enabled (RestrictContentOrgWideSearch = true)
- Microsoft 365 Copilot does NOT return content from restricted sites when queried
- Test RCD enforcement: Query Copilot for content from a sample restricted site and verify no results returned
- RAC-protected sites deny access to users outside authorized security groups
- Audit logs capture all IAG setting changes with user, timestamp, and site details
- Quarterly review of restricted sites list is documented
Additional Resources
- Restrict SharePoint site content from Microsoft 365 Copilot (RCD)
- Restricted SharePoint Search (RSS) - Allow-list approach
- Manage site access based on sensitivity label (RAC)
- SharePoint Advanced Management overview
- Data access governance reports for SharePoint sites
Implementation Note
Organizations should verify that their implementation meets their specific regulatory obligations. This control supports compliance efforts but requires proper configuration and ongoing validation.
Updated: April 2026 | Version: v1.4.0 | UI Verification Status: Current