Control 1.16: Copilot Tuning Governance

Control ID: 1.16 Pillar: Readiness & Assessment Regulatory Reference: GLBA 501(b), OCC Bulletin 2011-12 (SR 11-7), Interagency AI Guidance (2023) Last Verified: 2026-04-09 Governance Levels: Baseline / Recommended / Regulated

Objective

Assess and govern the use of Microsoft 365 Copilot Tuning, which enables organizations with 5,000+ Copilot licenses to create fine-tuned AI agents from proprietary organizational data. This control establishes the governance framework for evaluating tuning readiness, controlling access to tuning capabilities, managing data handling risks, and maintaining audit trails over tuned agent lifecycles.

Why This Matters for FSI

Copilot Tuning introduces a new category of AI model customization risk that financial institutions must evaluate within their existing risk management frameworks:

Model customization on sensitive data: Tuning on confidential trading data, customer PII, or internal policy documents creates model customization risk. Tuned agents may reflect patterns from sensitive training data in their outputs, requiring output supervision controls to prevent inadvertent disclosure.
Data residency and processing: SharePoint snapshots used for tuning are tenant-isolated and the EU Data Boundary is respected. However, global tenants may see processing in other regions depending on tenant configuration. Organizations should verify that tuning data processing aligns with their data residency requirements.
OCC SR 11-7 model risk management: The OCC's guidance on model risk management (SR 11-7 / OCC Bulletin 2011-12) establishes expectations for model validation, ongoing monitoring, and governance. Tuned Copilot agents function as customized AI models and should be assessed under these principles, including documentation of the tuning basis, intended use, and limitations.
Audit trail requirements: Tuning jobs, data source selections, agent creation events, and output supervision decisions should be logged to support regulatory examination readiness and internal audit review.
Third-party AI governance: The Interagency AI Guidance (2023) calls for institutions to maintain appropriate governance for AI systems, including those customized from vendor-provided platforms. Tuning extends Microsoft's base models with institutional data, creating a shared responsibility model for AI governance.

Disclaimer

This control is provided for informational purposes only and does not constitute legal, regulatory, or compliance advice. See full disclaimer.

Control Description

Admin Controls for Copilot Tuning

Copilot Tuning is managed through the M365 Admin Center with the following administrative controls:

Control	Description	Default
Tenant-level enablement	Enable or disable Copilot Tuning for the entire tenant	Disabled
User/group scoping	Restrict tuning access to specific users or Entra ID groups	N/A (requires enablement)
Request access flow	End users request tuning access with a business justification; admin approval is required before tuning can proceed	Approval required
Open-source model controls	Admins can restrict whether external open-source base models are available for tuning	Configurable

Data Handling

SharePoint snapshots: Copilot Tuning uses point-in-time snapshots of SharePoint content as the tuning data source. These snapshots are tenant-isolated and retained while the tuned agent is active.
Snapshot lifecycle: When a tuned agent is deleted, associated SharePoint snapshots are deleted.
Privacy controls: Microsoft staff cannot access tuning data or snapshots without Customer Lockbox authorization.
Data scope awareness: Organizations should carefully evaluate which SharePoint sites and libraries are included in tuning scope to prevent inadvertent inclusion of regulated or restricted content.

Request and Approval Workflow

The tuning request flow requires:

End user submits a tuning request with business justification
Request is routed to the designated admin or approval group
Admin reviews the business justification, data sources, and intended use
Admin approves or denies the request with documented rationale
Approved tuning jobs are logged for audit trail purposes

Copilot Surface Coverage

Surface	Tuning Relevance	Notes
Microsoft 365 Copilot Chat	Primary	Tuned agents are accessed through Copilot Chat
SharePoint	Data source	SharePoint content serves as the tuning data source
Teams	Potential interaction surface	Tuned agents may be accessible through Teams Copilot
Other M365 apps	Indirect	Tuned agent outputs may be referenced in other Copilot surfaces

Governance Levels

Baseline

Copilot Tuning is disabled by default at the tenant level
Document the organization's policy decision on Copilot Tuning (enabled, disabled, or under evaluation)
If tuning is enabled, document which users or groups have access and the business justification
Review Microsoft's Copilot Tuning data handling documentation and assess alignment with the institution's data governance requirements

Enable Copilot Tuning for approved groups only via Entra ID group-based scoping
Require documented business justification for all tuning requests
Establish a quarterly review of active tuned agents, including data sources, intended use, and output quality
Restrict tuning data sources to non-PII SharePoint sites unless explicitly approved by compliance
Review open-source model controls and configure based on organizational risk tolerance
Integrate tuning governance into the existing AI governance committee agenda

Regulated

Enable Copilot Tuning only with documented CISO and/or CRO approval
Restrict tuning data sources to approved, non-PII SharePoint sites with documented data classification review
Implement output supervision for tuned agents, including periodic review of agent responses for accuracy and compliance
Maintain a tuning audit log capturing: requestor, approver, data sources, tuning job dates, agent lifecycle events, and any output supervision findings
Assess tuned agents under OCC SR 11-7 model risk management principles, including documentation of model basis, intended use, limitations, and validation approach
Include tuning governance in regulatory examination evidence packages
Conduct annual review of tuning policy, access controls, and active agents with compliance and risk management input

Setup & Configuration

Step 1: Review Tenant Tuning Settings

Navigate to M365 Admin Center > Settings > Microsoft 365 Copilot
Locate the Copilot Tuning section
Verify that tuning is disabled by default (Baseline requirement)
Document the current configuration state

Step 2: Define Tuning Access Policy

Determine which user populations, if any, are approved for tuning access
Create Entra ID groups for approved tuning users (e.g., Copilot-Tuning-Approved)
Configure tuning access to the approved group only
Document the approval criteria and business justification requirements

Step 3: Configure Data Source Restrictions

Identify SharePoint sites and libraries that contain regulated, restricted, or PII content
Document which SharePoint content is approved for use as tuning data
Communicate data source restrictions to approved tuning users
Establish a review process for tuning data source selections

Step 4: Establish Monitoring and Review

Define the review cadence for active tuned agents (quarterly recommended)
Assign responsibility for tuning governance oversight
Configure audit log retention for tuning-related events
Integrate tuning metrics into existing Copilot governance reporting (see Control 4.5)

Financial Sector Considerations

Model risk management: Tuned Copilot agents represent a form of model customization. Institutions subject to OCC SR 11-7 should evaluate whether tuned agents meet the definition of a "model" under their model risk management framework and apply proportionate validation and monitoring controls. Organizations should verify their assessment approach with their model risk management team.
Data classification review: Before enabling tuning on any SharePoint content, conduct a data classification review to identify regulated data (customer PII, trading data, material non-public information) that should be excluded from tuning scope.
Output supervision: Tuned agents may produce outputs that reflect patterns from the training data. For agents tuned on financial data or internal policy, periodic output review helps identify accuracy issues or inadvertent disclosure of sensitive information.
Vendor risk management: Copilot Tuning extends the institution's use of Microsoft's AI platform. The tuning capability should be assessed under the institution's third-party risk management framework, including review of Microsoft's data handling commitments and Customer Lockbox protections.
Examination readiness: Maintain documentation of tuning decisions, data sources, approval workflows, and governance reviews in the institution's regulatory examination file. Examiners may ask how the institution governs AI model customization.

Verification Criteria

#	Verification Step	Expected Result
1	Review Copilot Tuning tenant settings	Tuning is disabled or restricted to approved groups per policy
2	Verify tuning access group membership	Only approved users are in the tuning-enabled Entra ID group
3	Review tuning request and approval workflow	Documented approval process exists with business justification requirements
4	Confirm data source restrictions are documented	Approved and restricted SharePoint sites for tuning are identified
5	Review active tuned agents inventory	List of active tuned agents with data sources and owners is current
6	Verify audit trail for tuning events	Tuning requests, approvals, and agent lifecycle events are logged
7	Confirm output supervision process (Regulated)	Periodic output review evidence exists for active tuned agents
8	Review open-source model control settings	External base model usage is configured per organizational policy

Additional Resources

FSI Copilot Governance Framework v1.3.1 - April 2026