Services
Affected Platforms
Summary
Microsoft Purview Insider Risk Management now extends to AI agents, detecting and managing risky activities on Copilot Studio, Azure AI Foundry, and Agent 365. Features include AI-specific policies and risk profiling. Public preview starts December 2025; general availability by April 2026. Organizations can review, tune, or disable these policies.
Details
Updated January 30, 2026: We have updated the timeline. Thank you for your patience.
Introduction
As AI agents become deeply embedded in enterprise ecosystems, they are evolving beyond simple tools or workflows into an autonomous digital workforce. These agents can interpret user intent, access and manipulate enterprise data, execute actions on behalf of users, and even make real-time decisions. In many ways, they operate like human insiders only with machine-speed data processing capabilities.
To govern and protect these agents effectively, organizations require visibility into their activities, contextual understanding of their actions, and the ability to flag or block risky behavior. Now, Insider Risk Management can be extended to detect and remediate potentially risky agent activities.
Features:
- Copilot Studio & Azure AI Foundry Integration: Detect potentially risky activities of agents hosted on Copilot Studio, Azure AI Foundry, and Agent 365 platforms
- Risky AI Usage Policies: Define and enforce policies specific to AI agents accessing sensitive data or performing high-risk actions.
- IRM for Agent Users: Extend IRM in Purview to govern agent-driven workflows and protect organizational data.
This message is associated with Microsoft 365 Roadmap ID 516032.
When this will happen:
- Public Preview: We will begin rolling out early December 2025 and expect to complete by mid-January 2026.
- General Availability (Worldwide): We will begin rolling out late March 2026 (previously early December) and expect to complete by late April 2026 (previously late December).
How this affects your organization:
On the Overview page in the Insider Risk Management solution, you will be able to access the overall risk profile of agents deployed in your organization.
The Risky Agents policy will be automatically deployed for all agents hosted on Copilot Studio and Azure AI Foundry across your organization. Alerts from this policy will be generated when an agent’s activity exceeds the thresholds configured in this automatically deployed Risky Agents policy. These alerts can be found under Agents > Alerts on the left pane.
What you can do to prepare:
- Review the public facing documentation to learn more about this exciting new offering: Learn about Insider Risk Management policy templates | Microsoft Learn
- Review the new Insider Risk Management interface in the Microsoft Purview portal, which now includes separate sections for Users and Agents.
- Review and tune the Risky Agents policy based on your organization’s requirements.
- If you don’t wish to track agent activities, you can delete the automatically deployed Risky Agents policy.
Learn more: