Skip to content
Back to Magazine
ai-operating-models 4 min read

Microsoft Agent 365: the control plane that turns shadow AI into inventory

Does this apply to your company?

Free 30-min AI diagnostic →

Key Takeaways

  • - Identity: which agent it is and who owns it.
  • - Purpose: what work it should do and what it should not do.
  • - Permissions: which data, tools, and actions are allowed.
  • - Risk: what damage it could cause if it fails.

Decision

Decide what governance, ownership or cadence is missing before scaling AI.

Room

Executive committee, AI portfolio review, transformation steering.

Risk

Mistaking activity, pilots and tooling for real operating capability.

Agent prompt: map decision rights, KPIs, risks and the next operational move

Problem

The 2026 enterprise not only has shadow IT. It has shadow AI: agents created in different tools, with different permissions, by different teams, for tasks that sometimes no one has catalogued.

Microsoft Agent 365, generally available since May 2026, targets that problem. It does not aim to be just another agent builder. It positions itself as a control plane: inventory, security, observability, and governance for agents both inside and outside the Microsoft ecosystem.

The message is clear: when any area can create agents, the bottleneck ceases to be creation. It becomes control.

Thesis

Agent 365 matters because it names a new layer of the operating model: management of non‑human workforce.

Until now, enterprises governed users, devices, applications, and data. Now they need to govern agents: which exist, who created them, what permissions they have, what data they touch, what actions they execute, and what impact they produce.

The agents control plane is not a security feature. It is an organizational design element.

Framework

An agent inventory must answer seven questions:

  • Identity: which agent it is and who owns it.
  • Purpose: what work it should do and what it should not do.
  • Permissions: which data, tools, and actions are allowed.
  • Risk: what damage it could cause if it fails.
  • Observability: which logs and metrics it produces.
  • Escalation: when it should request human assistance.
  • Retirement: how it is shut down if it stops delivering value.

Mini‑case: marketing creates an agent to prepare briefs, finance creates another for reconciliation, IT creates another for internal tickets. Each seems minor. Together they form a parallel operational force. Without an inventory, no one knows which agents exist. With a control plane, each agent becomes a governable resource.

Measurable signal: percentage of active agents with owner, purpose, permissions, and documented retirement criteria.

Stance: you cannot scale agents if you don’t first know how many you have.

Why it matters now

Microsoft presented Agent 365 as part of its “Frontier Transformation” suite and describes it as a layer to keep agents governed, observable, and secure. In May 2026, general availability places it at the center of the enterprise conversation alongside Microsoft 365 E7, Copilot, and third‑party agent management.

The important phrase is not “create agents”. It is “operate agents”.

Anti‑example

“Agents live inside approved tools, so they are already controlled.”

Not always. An approved agent can call an unchecked integration, generate undocumented decisions, or duplicate another agent’s work. Control must not end at the tool. It must follow the action.

Protocol (3 steps)

  1. Conduct an agent census. Include Copilot Studio, Azure AI Foundry, Claude Code, OpenAI, internal scripts, and no‑code workflows.
  2. Classify by impact. Informational, productive, transactional, regulated.
  3. Define lifecycle. Onboarding, review, permission change, suspension, and retirement.
Agent typePrimary riskMinimum control
Informationalincorrect responsesource and owner
Productiveduplicated worklog and version
Transactionalundesired actionapproval and rollback
Regulatednon‑complianceaudit and segregation

Sources consulted

Next step

Create a list of real agents in your organization, not of tools. If the list does not exist, that is the first governance backlog.


Translated from the Spanish original with AI assistance and reviewed for accuracy. Read the original in Spanish.

microsoft agent-365 shadow-ai governance
Cite this article

Berthelius, V. (2026). “Microsoft Agent 365: the control plane that turns shadow AI into inventory”. BRTHLS Magazine. https://www.brthls.com/magazine/microsoft-agent-365-control-plane-en

Fractional CAIO · Free diagnostic

Is your company ready to operate with AI?

30 minutes. No pitch. An honest read on where you are and what to move first.

Book free diagnostic