Copilot Surfaces
Where Microsoft 365 Copilot appears across M365 applications, with governance considerations for each surface.
Overview
Microsoft 365 Copilot is not a single application -- it is an AI capability embedded across more than 20 M365 applications. Each surface accesses different data sources, generates different output types, and presents unique governance considerations for financial services.
This document catalogs every Copilot surface, the data it accesses, and the governance controls that apply.
Surface Categories
| Category |
Applications |
Primary Risk |
Key Controls |
| Productivity |
Word, Excel, PowerPoint, OneNote, Loop, Whiteboard, Forms |
Content generation from grounded data |
2.1, 2.2, 3.1 |
| Communication |
Outlook, Teams |
Customer communication drafting, meeting exposure |
3.4, 3.5, 3.6 |
| Collaboration |
SharePoint, OneDrive, Planner, Stream |
Data discovery amplification, sharing |
1.1, 1.2, 4.8 |
| Intelligence |
Viva Insights, Viva Engage, Viva Learning, Viva Pulse, Viva Goals |
Employee data analysis, behavioral insights |
3.10, 4.3 |
| AI-Native |
Microsoft 365 Copilot Chat, Copilot Pages |
Cross-tenant data retrieval, new content surfaces |
1.4, 3.2, 4.8 |
| Extensibility |
Plugins, Graph connectors, declarative agents |
Extended data reach, external data flow |
2.8, 4.10 |
Productivity Surfaces
Word
| Attribute |
Details |
| Copilot Capabilities |
Draft documents, rewrite text, summarize, generate from prompts, transform existing content |
| Data Sources |
Current document, referenced files, Microsoft Graph (user's accessible content) |
| Governance Considerations |
Copilot-generated content inherits the sensitivity label of the current document. Content generated from grounded data may surface information from other documents the user can access. Output may contain hallucinated content that appears authoritative in document form. |
| Key Controls |
2.2 (Sensitivity labels), 2.1 (DLP), 3.1 (Audit logging), 3.5 (Communication review for client-facing documents) |
Excel
| Attribute |
Details |
| Copilot Capabilities |
Analyze data, generate formulas, create charts, identify trends, generate Python code for analysis |
| Data Sources |
Current workbook data, referenced tables |
| Governance Considerations |
Copilot can analyze financial data and generate insights that may inform investment decisions or financial reporting. Formula suggestions may be incorrect. Python code generation creates executable content. Data analysis outputs may be used without independent verification. |
| Key Controls |
3.1 (Audit logging), 3.8 (Model risk -- if outputs inform regulated decisions), 2.1 (DLP for financial data) |
PowerPoint
| Attribute |
Details |
| Copilot Capabilities |
Create presentations from prompts or documents, add slides, redesign, summarize |
| Data Sources |
Referenced documents, current presentation, Microsoft Graph |
| Governance Considerations |
Presentations generated from grounded data may incorporate content from multiple sources, potentially combining information with different classification levels. Client-facing presentations may require review before distribution. |
| Key Controls |
2.2 (Sensitivity labels), 3.5 (Communication review), 3.1 (Audit logging) |
OneNote
| Attribute |
Details |
| Copilot Capabilities |
Summarize notes, generate to-do lists, rewrite, draft content |
| Data Sources |
Current notebook/section, Microsoft Graph |
| Governance Considerations |
OneNote notebooks may contain unstructured meeting notes, client information, or deal notes. Copilot can surface and synthesize this content. OneNote content is indexed by the Semantic Index. |
| Key Controls |
3.1 (Audit logging), 2.2 (Sensitivity labels), 1.1 (Oversharing assessment) |
Loop
| Attribute |
Details |
| Copilot Capabilities |
Generate content in Loop components, draft, summarize, brainstorm |
| Data Sources |
Current Loop workspace, Microsoft Graph |
| Governance Considerations |
Loop components are portable (can be embedded in Teams, Outlook, etc.) and may be shared broadly. Content generated by Copilot in Loop can propagate across multiple surfaces. Loop content is stored in the creator's OneDrive and is indexed by the Semantic Index. |
| Key Controls |
2.2 (Sensitivity labels), 1.11 (External sharing audit), 3.2 (Retention) |
Whiteboard
| Attribute |
Details |
| Copilot Capabilities |
Generate ideas, categorize content, summarize board content |
| Data Sources |
Current whiteboard content |
| Governance Considerations |
Whiteboard content from brainstorming sessions may contain sensitive strategic information. Copilot-generated suggestions are based on board content only (limited grounding). Whiteboard files are stored in OneDrive. |
| Key Controls |
3.1 (Audit logging), 2.2 (Sensitivity labels) |
| Attribute |
Details |
| Copilot Capabilities |
Generate survey questions, analyze responses |
| Data Sources |
Current form and responses |
| Governance Considerations |
Forms used for customer feedback or internal surveys may contain PII. Copilot-generated questions may inadvertently collect regulated information. Response analysis outputs should be reviewed before use in decision-making. |
| Key Controls |
3.10 (Privacy), 2.1 (DLP), 3.1 (Audit logging) |
Communication Surfaces
Outlook
| Attribute |
Details |
| Copilot Capabilities |
Draft emails, summarize threads, coaching (tone/clarity), reply suggestions, schedule management |
| Data Sources |
Current email thread, user's mailbox, calendar, Microsoft Graph |
| Governance Considerations |
Highest-risk communication surface for FSI. Copilot-drafted emails sent to clients may constitute "correspondence" under FINRA Rule 2210. Draft suggestions may contain hallucinated information, incorrect client details, or inappropriate language. Auto-generated replies may not meet supervisory standards. Email content generated from grounded data may surface information from other sources. |
| Key Controls |
3.5 (FINRA 2210 review), 3.4 (Communication compliance), 3.6 (Supervisory review), 2.1 (DLP), 3.1 (Audit logging) |
FINRA Rule 2210 Applicability
Copilot-drafted customer communications in Outlook are subject to the same FINRA Rule 2210 requirements as any other written communication. The fact that content is AI-generated does not change the supervisory obligation. Organizations should implement pre-send review workflows or post-send sampling programs for Copilot-assisted customer emails.
Teams
| Attribute |
Details |
| Copilot Capabilities |
Chat summarization, meeting recap, meeting transcription analysis, compose messages, action item extraction, meeting notes generation |
| Data Sources |
Chat messages, meeting transcripts, meeting recordings, shared files, Teams channel content |
| Governance Considerations |
Multiple unique governance challenges. Meeting transcription captures spoken content (including off-the-record remarks, informal statements, preliminary opinions) and makes it searchable by Copilot. Meeting recap may include content participants did not intend to be recorded. Chat summaries may surface information shared in confidence within a group. Teams channels may contain regulated communications requiring supervision. |
| Key Controls |
1.5 (Teams meeting governance), 4.6 (Teams-specific controls), 3.4 (Communication compliance), 3.2 (Retention), 3.1 (Audit logging) |
Teams-Specific Governance Concerns:
| Feature |
Governance Issue |
Recommended Action |
| Meeting transcription |
All spoken content becomes indexed and searchable by Copilot |
Consider disabling transcription for sensitive meetings; implement retention policies for transcripts |
| Meeting recap |
Copilot generates summaries of meeting content |
Review meeting recap access permissions; train users on sensitivity |
| Teams chat Copilot |
Summarizes chat history, which may include informal communications |
Communication compliance monitoring for Teams chats |
| Teams channel summaries |
Surfaces content across channels the user can access |
Channel governance and access reviews |
| Teams Phone / Queues |
Copilot may assist with call handling |
Evaluate applicability of FINRA/SEC supervision requirements |
Collaboration Surfaces
SharePoint
| Attribute |
Details |
| Copilot Capabilities |
Site search and summarization (via Copilot Chat grounding), declarative agents from SharePoint sites |
| Data Sources |
SharePoint sites, lists, document libraries (user's accessible content) |
| Governance Considerations |
SharePoint is the primary content repository for most organizations and the primary source of oversharing risk. Copilot's Semantic Index indexes all SharePoint content the user can access. Permissions inherited through site hierarchies create broad access patterns. Declarative agents from SharePoint extend Copilot capabilities with site-scoped knowledge. |
| Key Controls |
1.1 (Oversharing assessment), 1.2 (Permissions remediation), 1.4 (Restricted SharePoint Search), 4.10 (Declarative agents), 2.2 (Sensitivity labels) |
OneDrive
| Attribute |
Details |
| Copilot Capabilities |
File search, summarization, content generation from personal files |
| Data Sources |
User's OneDrive files, shared files |
| Governance Considerations |
OneDrive is the default storage location for many M365 outputs including Copilot Pages, Loop components, and Whiteboard files. Files shared from OneDrive may not have sensitivity labels applied. "Shared with me" content is accessible to Copilot. |
| Key Controls |
1.12 (OneDrive governance), 2.2 (Sensitivity labels), 3.2 (Retention) |
Planner
| Attribute |
Details |
| Copilot Capabilities |
Generate task plans, break down goals into tasks, suggest assignments |
| Data Sources |
Current plan, user's Planner data |
| Governance Considerations |
Copilot-generated task plans may reference sensitive project information. Task descriptions may contain client names or deal details. Limited governance exposure compared to communication surfaces. |
| Key Controls |
3.1 (Audit logging), 2.2 (Sensitivity labels) |
Stream
| Attribute |
Details |
| Copilot Capabilities |
Video summarization, transcript search, chapter generation |
| Data Sources |
Video content, transcripts, metadata |
| Governance Considerations |
Stream video transcripts are indexed by the Semantic Index. Recorded meetings, presentations, and training videos become searchable by Copilot. Transcripts may contain sensitive spoken content. |
| Key Controls |
3.2 (Retention), 3.1 (Audit logging), 1.5 (Meeting governance) |
Intelligence Surfaces (Viva Suite)
Viva Insights
| Attribute |
Details |
| Copilot Capabilities |
Productivity insights, work pattern analysis, meeting effectiveness, focus time recommendations |
| Data Sources |
Exchange, Teams, and calendar metadata (not content); aggregated organizational data |
| Governance Considerations |
Viva Insights processes behavioral metadata (meeting frequency, email volume, collaboration patterns). While it does not access content, aggregated insights could reveal organizational dynamics. Personal insights are visible only to the individual. Manager/leader insights are aggregated and de-identified. |
| Key Controls |
3.10 (Privacy), 4.3 (Usage analytics) |
Viva Engage
| Attribute |
Details |
| Copilot Capabilities |
Draft posts, summarize threads, generate responses |
| Data Sources |
Viva Engage communities and conversations |
| Governance Considerations |
Viva Engage content is indexed by the Semantic Index. Posts may contain informal communications, internal opinions, or company announcements. Copilot-drafted posts in company-wide communities should be reviewed for tone and accuracy. |
| Key Controls |
3.4 (Communication compliance), 3.1 (Audit logging) |
Viva Learning
| Attribute |
Details |
| Copilot Capabilities |
Learning content recommendations, skill gap analysis |
| Data Sources |
Learning content catalog, user learning history |
| Governance Considerations |
Lower governance risk. Primary consideration is accuracy of AI-generated learning recommendations. Training completion data is HR-sensitive. |
| Key Controls |
3.10 (Privacy), 3.1 (Audit logging) |
Viva Pulse
| Attribute |
Details |
| Copilot Capabilities |
Survey question suggestions, results analysis |
| Data Sources |
Survey responses, organizational data |
| Governance Considerations |
Survey data may contain employee sentiment about sensitive topics. Results analysis should be reviewed before sharing with leadership. Anonymity protections must be maintained. |
| Key Controls |
3.10 (Privacy), 2.1 (DLP) |
Viva Goals
| Attribute |
Details |
| Copilot Capabilities |
Goal drafting, progress analysis, alignment suggestions |
| Data Sources |
Goals, OKRs, organizational hierarchy |
| Governance Considerations |
Goals may reference strategic initiatives, financial targets, or M&A activity. Copilot-generated goal suggestions should be reviewed for sensitivity. |
| Key Controls |
2.2 (Sensitivity labels), 3.1 (Audit logging) |
AI-Native Surfaces
Microsoft 365 Copilot Chat
| Attribute |
Details |
| Copilot Capabilities |
Cross-application conversational AI: ask questions about any M365 content, generate content, analyze data, summarize across sources |
| Data Sources |
All M365 content accessible to the user -- SharePoint, OneDrive, Exchange, Teams, Semantic Index, web search (if enabled) |
| Governance Considerations |
Highest-risk surface for discovery amplification. Microsoft 365 Copilot Chat is the primary surface where Copilot searches across all of a user's M365 content simultaneously. A single prompt can surface documents from multiple SharePoint sites, emails, Teams chats, and meeting transcripts. This is where oversharing risk is most acute. Restricted SharePoint Search directly limits Copilot Chat's grounding scope. |
| Key Controls |
1.1-1.4 (All oversharing controls), 1.4 (Restricted SharePoint Search), 2.7 (Web search controls), 3.1 (Audit logging), 3.2 (Retention) |
Microsoft 365 Copilot Chat and Restricted SharePoint Search
For Regulated environments, Restricted SharePoint Search (RSS) is the primary mechanism for controlling which SharePoint sites Copilot Chat uses for grounding. Without RSS, Copilot Chat will ground responses using content from any SharePoint site the user can access. RSS limits grounding to an approved site list.
Copilot Pages
| Attribute |
Details |
| Copilot Capabilities |
Collaborative AI-generated content surface; users can promote Copilot responses to shareable Pages; real-time co-authoring with Copilot assistance |
| Data Sources |
User's M365 content (via Copilot Chat), page content, collaborator inputs |
| Governance Considerations |
Pages create new content objects that may duplicate regulated data outside original governance boundaries. Pages are stored in user-owned SharePoint Embedded containers and may be shared broadly if not governed. Pages require sensitivity labeling, SharePoint retention coverage, eDiscovery procedures, and explicit Cloud Policy decisions for creation. Pages represent a new data sprawl vector that did not exist before Copilot. |
| Key Controls |
2.11 (Copilot Pages governance), 2.2 (Sensitivity labels), 3.2 (Retention), 3.3 (eDiscovery), 1.11 (Sharing governance) |
Extensibility Surfaces
Plugins
| Attribute |
Details |
| Copilot Capabilities |
Extend Copilot with third-party integrations (e.g., ServiceNow, Salesforce, Jira) via message extensions and API plugins |
| Data Sources |
External systems accessed by the plugin |
| Governance Considerations |
Plugins send data to and receive data from external services. Each plugin represents a potential data exfiltration path. Plugin data is not subject to M365 DLP policies at the plugin boundary. Organizations must evaluate each plugin for data classification, authentication, and audit requirements. |
| Key Controls |
2.8 (Plugin governance), 3.1 (Audit logging), 2.1 (DLP) |
Graph Connectors
| Attribute |
Details |
| Copilot Capabilities |
Extend Copilot's knowledge base with content from external systems ingested into Microsoft Graph |
| Data Sources |
External data ingested via connectors (file shares, databases, third-party SaaS) |
| Governance Considerations |
Ingested data becomes part of Copilot's grounding corpus. ACL (access control list) mapping must accurately reflect source system permissions. Misconfigured ACLs can expose external data to unauthorized users via Copilot. Sensitivity labels should be applied to ingested content. |
| Key Controls |
2.8 (Connector governance), 2.2 (Sensitivity labels), 1.1 (Access assessment) |
Declarative Agents from SharePoint
| Attribute |
Details |
| Copilot Capabilities |
Custom Copilot experiences scoped to specific SharePoint sites with custom instructions |
| Data Sources |
Specified SharePoint sites, plus the user's general M365 content |
| Governance Considerations |
Declarative agents from SharePoint are governed by this framework (not FSI-AgentGov). Site selection determines the agent's knowledge scope. Custom instructions can influence agent behavior and output tone. Agent publication should be restricted to authorized administrators. |
| Key Controls |
4.10 (Declarative agent governance), 1.2 (SharePoint permissions), 2.2 (Sensitivity labels), 3.1 (Audit logging) |
Governance Summary by Surface
Risk Tier Assignment
| Tier |
Risk Level |
Surfaces |
Governance Priority |
| Tier 1 (Highest) |
High |
Microsoft 365 Copilot Chat, Outlook, Teams |
Full governance at all levels |
| Tier 2 |
Medium-High |
Word, Excel, PowerPoint, SharePoint, Copilot Pages |
Sensitivity labels, DLP, audit |
| Tier 3 |
Medium |
OneNote, Loop, OneDrive, Stream, Plugins, Connectors |
Standard governance, monitoring |
| Tier 4 |
Lower |
Whiteboard, Forms, Planner, Viva suite |
Baseline governance, awareness |
Quick Reference: Controls by Surface
| Surface |
Audit (3.1) |
DLP (2.1) |
Labels (2.2) |
Retention (3.2) |
Comm Compliance (3.4) |
Oversharing (1.1) |
| Copilot Chat |
Required |
Required |
Required |
Required |
Recommended |
Critical |
| Outlook |
Required |
Required |
Required |
Required |
Required |
Required |
| Teams |
Required |
Required |
Required |
Required |
Required |
Required |
| Word |
Required |
Required |
Required |
Required |
If client-facing |
Required |
| Excel |
Required |
Required |
Recommended |
Required |
-- |
Recommended |
| PowerPoint |
Required |
Required |
Required |
Required |
If client-facing |
Required |
| SharePoint |
Required |
Required |
Required |
Required |
-- |
Critical |
| Copilot Pages |
Required |
Required |
Required |
Required |
-- |
Required |
| Plugins |
Required |
Recommended |
-- |
Required |
-- |
-- |
| Viva suite |
Required |
Recommended |
-- |
Recommended |
-- |
-- |
FSI Copilot Governance Framework v1.2.1 - March 2026