Third‑Party AI Tool Requests & Approved Use of Microsoft Copilot
Category: Security / Identity / SaaS Governance
Applies To: All employees and managers
Audience: IT Admins, Security Team, Managers
Effective Date: 04-03-2026
Owner: IT / Security
Review Cycle: Annual or as needed
Purpose
This Knowledge Base article defines the organization’s standard approach to third‑party AI tool requests, including how such requests are evaluated, when they are denied, and what approved AI alternatives are available.
The goal is to:
- Reduce security and data‑governance risk
- Prevent AI tool sprawl (“shadow AI”)
- Maximize value from Microsoft Copilot
- Provide a consistent, transparent decision framework
Approved Enterprise AI Platform
✅ Microsoft Copilot is the organization’s approved enterprise AI platform, including:
- Microsoft 365 Copilot (Word, Excel, Outlook, PowerPoint, Teams)
- Copilot Chat
- Copilot Chat in Microsoft Edge
Microsoft Copilot is approved because it:
- Operates within our Microsoft 365 tenant
- Enforces identity via Microsoft Entra ID
- Applies Enterprise Data Protection (EDP)
- Supports auditing, compliance, and retention requirements
Policy Statement
Third-party AI tools are not approved by default.
Requests for external AI applications will be denied unless there is a documented business requirement that cannot be met by Microsoft Copilot.
Evaluation Criteria for AI Tool Requests
When a third‑party AI request is submitted, IT/Security evaluates the following:
✅ Approval Requires:
- A clear business use case
- Demonstration that Copilot cannot meet the requirement
- Review of data classification and handling
- IT Security approval (and Legal/Compliance if applicable)
❌ Denied If:
- Functionality overlaps with Microsoft Copilot
- Data would be processed outside the Microsoft tenant
- No clear business justification is provided
- Tool introduces audit, compliance, or IP risk
Most requests fall into the Denied category due to functional overlap and governance risk.
If to Deny third‑party AI request and provide:
- Clear business‑aligned reasoning
- Approved Copilot alternatives
- Training resources
Replace bracketed fields as needed.
Subject
Decision on AI Tool Request & Approved Microsoft Copilot Resources
Email Body
Hi [Manager / Requestor Name],
Thank you for submitting the request to approve [AI Tool Name].
After review, the request has been denied.
Reason for Decision
Our organization has Microsoft Copilot deployed as the approved enterprise AI solution, including Copilot Chat in Microsoft Edge and Microsoft 365 applications. Copilot provides comparable capabilities while maintaining required enterprise controls, including:
- Identity and access enforcement via Microsoft Entra ID
- Enterprise Data Protection when used in Microsoft Edge
- Compliance, auditing, and governance aligned with Microsoft Purview
- Reduced risk of data exposure to third‑party AI platforms
At this time, approval of additional third‑party AI tools introduces unnecessary governance and data‑handling risk without a demonstrated business requirement that Copilot cannot already meet.
-
Using Microsoft Copilot in Edge at work
-
Microsoft Support – Covers enterprise‑protected Copilot usage directly in the browser.
-
Microsoft Copilot Chat in Edge
Microsoft Learn – Explains how Copilot uses page context securely in Edge. -
Get started with Microsoft 365 Copilot
Microsoft Learn – Beginner‑friendly training across Microsoft 365 apps and Edge.
Exception Requests
If there is a specific business requirement that Microsoft Copilot (including Copilot in Edge) cannot support, a documented exception request may be submitted for further review.
Please let us know if IT or SecOps can assist with Copilot onboarding or identifying supported workflows.