Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Copilot Studio empowers makers to build scalable, secure agents by offering a comprehensive set of governance controls. These controls include both maker-level and tenant-level access controls for Copilot Studio and its features, data policies that restrict access to endpoints, sharing rules to ensure agents are used by the appropriate audience, and support for data residency and GDPR compliance.
Effective governance and security are essential for managing agents across your enterprise. This section provides agent administrators, Copilot Studio Center of Excellence (COE) leads, and other stakeholders with recommendations to ensure secure and efficient operations. It also highlights critical areas to consider when governing, securing, and monitoring agents.
Use the following articles to manage your Copilot Studio projects:
- Capture governance requirements: Align executives, IT, and business owners to translate outcomes into concrete governance requirements.
- Implement a zoned governance strategy: Define layered environments, guardrails, and approval workflows that separate experimentation from production, reduce risk, and ensure agents move through a controlled lifecycle with the right security, data access, and operational oversight at each stage.
- Secure your Copilot Studio projects: Implement role-based access controls, enforce data policies, apply gated release processes, define safe sharing and publishing rules, and ensure agents operate within your organization's data residency and compliance boundaries.
- Design a testing strategy: Develop a comprehensive testing strategy for your Copilot Studio projects by validating agent behavior throughout the build lifecycle.
- Test the performance of your agents: Evaluate your agent's performance and stability under varying patterns of load, and identify potential problems as the user base grows to ensure the agent remains functional and responsive.
- Use Application Lifecycle Management (ALM) to deploy Copilot Studio agents: Implement a disciplined ALM approach for your Copilot Studio agents by moving agents through environments and using automated pipelines to ensure controlled deployments, consistent quality, and reliable promotion from development to production.
- Monitor operations, compliance, and capacity: Use Copilot Studio's built-in analytics, transcript reviews, and feedback tools to monitor agent effectiveness, spot regressions, and drive iterative improvements across quality, safety, and user satisfaction.
- Review the manage checklist: Validate security, governance, compliance, and deployment requirements.