Control 4.7: Microsoft 365 Copilot Data Governance
Control ID: 4.7 Pillar: SharePoint Regulatory Reference: SEC 17a-3/4, GLBA 501(b), FINRA 4511, SOX 302/404, OCC 2011-12 Last UI Verified: February 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03
Objective
Establish governance controls for Microsoft 365 Copilot (embedded AI in Word, Excel, PowerPoint, Outlook, Teams) including knowledge source governance, plugin management, user behavior guardrails, and output quality considerations. This control addresses the embedded Copilot experiences that access organizational data through Microsoft Graph and Semantic Index.
Why This Matters for FSI
- SEC 17a-3/4: Record keeping for AI-assisted communications requires usage logging and retention
- GLBA 501(b): Content exclusions and access controls protect customer information
- FINRA 4511: Audit trail of Copilot usage supports books and records requirements
- SOX 302/404: Output review processes support internal controls over financial reporting
- OCC 2011-12: Over-reliance prevention addresses model risk management concerns
- FINRA 3110: Review requirements for Copilot-generated outputs support supervisory obligations
Control Description
This control establishes policies for governing M365 Copilot, which differs from custom Copilot Studio agents in that it automatically accesses broader organizational data based on user permissions.
| Capability | Description |
|---|---|
| Restricted Content Discovery | Exclude sensitive sites from Copilot via RCD |
| Plugin Governance | Control third-party integrations and approve new plugins |
| Web Search Control | Enable or disable web grounding per policy |
| Usage Analytics | Monitor Copilot adoption, usage patterns, and feature utilization |
| Sensitivity Label Respect | Ensure labels are honored in Copilot responses |
SAM Licensing Included with Copilot
SharePoint Advanced Management (SAM) features used in this control (RCD, Data Access Governance reports) are included with Microsoft 365 Copilot licenses — no separate add-on purchase is required. The only SAM feature requiring a separate add-on is Restricted Site Creation.
Key Configuration Points
- Track and manage M365 Copilot license assignments
- Configure Restricted Content Discovery for sensitive repositories (executive, legal, HR, M&A)
- Establish plugin approval workflow with security and compliance review
- Configure web search per governance level (disabled for regulated environments)
- Publish acceptable use policy covering permitted/prohibited uses
- Establish output review requirements by content type
- Configure usage monitoring in M365 Admin Center
- Monitor AI subprocessor changes and update third-party risk registers accordingly
Anthropic Subprocessor (January 2026)
As of January 7, 2026, Microsoft added Anthropic as an AI subprocessor for Microsoft 365 Copilot. Key implications for FSI organizations:
- Data residency exception: Anthropic models are not within Microsoft's EU Data Boundary or in-country LLM processing commitments. Customer prompts and responses may be processed by Anthropic infrastructure outside the customer's selected geography.
- Data protection: Anthropic processing is governed by Microsoft's Product Terms and Data Processing Addendum (DPA). Microsoft does not share customer data with Anthropic for model training.
- Built-in safeguards: Anthropic models include built-in content filtering operated by Anthropic (similar to Azure OpenAI content filters).
- Regulatory impact: Under GLBA 501(b), OCC 2011-12, and interagency third-party guidance, organizations should update their subprocessor tracking registers and third-party risk assessments to include Anthropic.
- Monitoring: Track subprocessor changes at Microsoft Copilot AI Subprocessor.
FSI Third-Party Risk Action Required
Financial services organizations with data residency requirements or third-party risk management programs should review Anthropic's inclusion in their next governance cadence. Update vendor risk registers and notify compliance teams of the new subprocessor relationship.
Technical Implementation Notes
Permission Hygiene Prerequisite
Critical: Organizations must audit and remediate over-permissioning before deploying Microsoft 365 Copilot. Copilot operates under a strict permission inheritance model where it only accesses data the user is already authorized to access. However, Copilot's discovery capabilities amplify existing permission issues by making previously obscure but technically accessible content more discoverable.
Pre-deployment requirements:
- Run DAG "Content Shared with EEEU" report and remediate all findings
- Review Site Permissions for Users report for all pilot users
- Audit broken permission inheritance using SharePoint Admin Center
- Bulk disable risky "Anyone" sharing links
EEEU Risk (Everyone Except External Users)
Content shared with "Everyone Except External Users" (EEEU) represents the highest-priority remediation target:
- EEEU grants access to all internal users, including new hires and contractors
- Copilot can surface EEEU content to any licensed user who asks relevant questions
- Financial institutions often have EEEU content containing sensitive information from legacy migrations
Recommendation: Run the EEEU report monthly and treat all findings as critical remediation items.
Discovery Amplification
Copilot does not bypass permissions but significantly enhances content discoverability:
| Without Copilot | With Copilot |
|---|---|
| User must know where to look | Natural language queries find relevant content |
| Content buried in deep folder structures remains obscure | All accessible content surfaces based on relevance |
| Oversharing rarely discovered until incident | Oversharing becomes immediately apparent |
This amplification effect means that pre-existing permission gaps that may have been "acceptable" due to obscurity become material risks with Copilot deployment.
No Elevated Access
Microsoft 365 Copilot does not have superuser, service-level, or elevated credentials:
- Copilot queries Microsoft Graph using the signed-in user's identity
- Semantic Index queries are filtered by user permissions in real-time
- Conditional Access and MFA policies apply to Copilot-initiated data access
- Sensitivity labels and DLP policies are enforced on Copilot responses
Zone-Specific Requirements
| Zone | Requirement | Rationale |
|---|---|---|
| Zone 1 (Personal) | Standard Copilot access; self-review of outputs; basic acceptable use guidance | Personal productivity use is lower risk |
| Zone 2 (Team) | RCD for sensitive sites; peer review for shared outputs; plugin approval workflow | Shared outputs require more oversight |
| Zone 3 (Enterprise) | Comprehensive exclusions; strict plugin allowlist; mandatory external review; full audit logging | Enterprise-wide Copilot requires strictest governance |
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| Entra Global Admin | Copilot settings and license management |
| SharePoint Admin | Content exclusion configuration via RCD |
| Compliance Officer | Acceptable use policy and review requirements |
| AI Governance Lead | Overall M365 Copilot governance strategy |
Related Controls
| Control | Relationship |
|---|---|
| 3.8 - Copilot Hub | M365 Admin Center Copilot management |
| 4.6 - Grounding Scope Governance | SharePoint content scoping for Studio agents |
| 4.1 - Information Access Governance | Restricted Content Discovery configuration |
| 1.5 - DLP and Sensitivity Labels | Content classification and protection |
| 3.1 - Agent Inventory | Monitor agent proliferation and per-site agent access tracking via SharePoint Admin Center |
| 4.5 - Security & Compliance Monitoring | SharePoint monitoring provides visibility into Copilot content access |
Note: This control focuses on Microsoft 365 Copilot and Copilot Studio agents. For SharePoint Premium (document intelligence and content understanding scenarios), consult Microsoft's dedicated SharePoint Premium governance documentation.
Implementation Playbooks
Step-by-Step Implementation
This control has detailed playbooks for implementation, automation, testing, and troubleshooting:
- Portal Walkthrough — Step-by-step portal configuration
- PowerShell Setup — Automation scripts
- Verification & Testing — Test cases and evidence collection
- Troubleshooting — Common issues and resolutions
Verification Criteria
Confirm control effectiveness by verifying:
- Copilot licenses are inventoried with assigned users documented
- Sensitive sites (executive, legal, HR, M&A) are excluded via RCD
- Plugin governance workflow is established with approval process
- Copilot query against excluded site does not return content
- Usage analytics are accessible in M365 Admin Center
- Acceptable use policy is published and accessible to users
Additional Resources
- Microsoft 365 Copilot overview
- Microsoft 365 Copilot data, privacy, and security
- Manage Microsoft 365 Copilot
- Restricted Content Discovery
- Microsoft Copilot AI Subprocessor List
- ISO 42001 AI Management System Certification — Microsoft 365 Copilot has achieved ISO 42001 certification
Updated: February 2026 | Version: v1.2 | UI Verification Status: Current