The Governance Gap in Enterprise AI

Most organisations that have deployed AI agents in production have discovered the same uncomfortable truth: the tools for building agents have outpaced the tools for governing them. You can stand up a Copilot Studio agent in an afternoon. Knowing exactly what it is doing, what data it is accessing, whether it is behaving as intended, and how to audit its activity if something goes wrong — that has been significantly harder.

This is not a minor operational concern. As AI agents take actions on behalf of employees — sending emails, modifying documents, routing approvals, interacting with external systems — the consequences of ungoverned agent behaviour compound quickly. IDC predicts 1.3 billion agents in circulation by 2028. Eighty percent of the Fortune 500 are already using Microsoft agents. The governance infrastructure needed to operate at that scale has been a visible gap.

Agent 365 is Microsoft's answer to that gap. It is generally available from May 1, 2026, priced at $15 per user per month, and it is worth understanding clearly before your organisation's agent portfolio grows large enough to make governance reactive rather than proactive.

What Agent 365 Does

Agent 365 is described by Microsoft as a control plane for AI agents — a centralised governance layer that gives IT and security teams visibility and control over every agent running in the organisation, regardless of which tool created it or which model it runs on.

The core capabilities break down into four areas. Observability: Agent 365 provides a unified view of all agents across your Microsoft 365 Copilot environment and Copilot Studio, showing which agents are deployed, who is using them, how frequently, and at what cost. This is the visibility layer that turns agent adoption from a shadow IT problem into a managed portfolio.

Performance monitoring: beyond basic usage tracking, Agent 365 evaluates agent quality over time. Are agents producing accurate outputs? Are they behaving consistently with their defined instructions? Are there patterns of unexpected behaviour that warrant investigation? This monitoring function is what allows organisations to maintain agent quality as agent portfolios scale.

Security: Agent 365 includes runtime threat protection for agents using the Agent 365 tools gateway, enabling detection, blocking, and investigation of malicious agent activity. It also provides detection, investigation, and response capabilities for Foundry and Copilot Studio agents — including remediation of attacks that target agents directly. The risk of agents becoming "double agents" — compromised by prompt injection or other attack vectors to act against the organisation's interests — is a real one that Agent 365 is specifically designed to address.

Governance: consistent policy application across all agents without slowing innovation. Administrators can define what agents are permitted to access and do at the organisational level, review and approve agent deployments before they go live, and maintain audit logs of agent activity that satisfy compliance requirements.

Why the $15 Per User Per Month Price Point Matters

The pricing structure of Agent 365 reflects an important architectural decision: governance is priced per user rather than per agent. This means the cost scales with the number of people in your organisation whose agent activity needs to be governed, not with the number of agents you deploy. As organisations move from a handful of agents to dozens or hundreds, this pricing model becomes significantly more economical than per-agent alternatives.

For organisations already on the Microsoft 365 E7 Frontier Suite — priced at $99 per user per month — Agent 365 is included. The E7 bundle brings together Microsoft 365 Copilot, Agent 365, Microsoft Entra Suite, and advanced security capabilities across Defender, Intune, and Purview. For organisations not on E7, Agent 365 is available as a standalone add-on.

What Needs to Be in Place Before Agent 365 Deployment

Agent 365 provides governance infrastructure, but it works best when the underlying agent architecture is designed with governance in mind from the start. That means agents with clearly defined scopes and permission boundaries, data access configurations that apply least-privilege principles, and agent instructions that are specific enough to produce consistent, auditable behaviour.

Organisations that have deployed agents without this discipline will find that Agent 365 reveals the governance gaps rather than automatically filling them. That is valuable information, but acting on it requires going back into existing agent configurations and tightening them up — which is easier to do before Agent 365 surfaces the problems than after.

The right preparation timeline is now: audit your current agent portfolio, define governance standards for agent scope and data access, and configure agents to those standards before Agent 365 goes live in May. That way, the governance layer finds a well-organised agent estate rather than one that needs remediation.

At Trim Journey, we help organisations build agent portfolios that are governance-ready from day one — whether that is designing the right agent scope boundaries, preparing for Agent 365 deployment, or auditing an existing agent estate. Book a 30-minute call to talk through your agent governance readiness.