Every Microsoft 365 Copilot rollout we have seen go badly in a mission-driven organization went badly in a predictable way. It was almost never about the model, the prompt design, or the user interface. It was about seven decisions that should have been made before the license was assigned and were either skipped, delegated, or assumed.
This is the checklist we work through during the first week of every Discovery Sprint. Most boards we present it to have not been asked these questions before. Almost none can answer all seven on day one. That is the gap the work closes.
Where is your sensitive data, and who can see it today?
Copilot indexes everything a user already has access to. That is the design. If your SharePoint sites have years of accumulated oversharing—board minutes in a Communications folder, donor lists in a shared drive, HR files in a department site that grew open permissions over a decade—Copilot will surface every one of them on demand. The week after deployment, a staff member will ask Copilot "what does the board think about Program X" and get back a synthesis of three sets of minutes nobody knew were readable.
The remediation work happens before Copilot is enabled, not after. A real Copilot readiness program starts with a SharePoint and OneDrive permissions audit, an oversharing report, and a documented remediation plan. This is unglamorous, and it is non-optional.
Do you have a Microsoft Purview sensitivity-label scheme—and is it applied?
Sensitivity labels are how you tell Copilot what to treat as confidential. Without them, Copilot has no signal that "Donor Reconciliation Q4" is more sensitive than the office holiday party flyer. The label scheme needs to be defined (typically four to six labels, mapped to your data classes), applied (manually at first, then via auto-labeling policies), and policy-bound (encryption, watermarking, export restrictions where appropriate).
Most foundations and nonprofits we work with have a labeling scheme that exists in policy but does not exist on documents. Copilot will not invent the labels. If they aren't applied, they aren't enforced.
Is conditional access enforced on the accounts that will use Copilot?
A Copilot license on an unmanaged personal device with no multi-factor authentication is a license to leak. Conditional access policies in Microsoft Entra are what turn "this person has a Copilot license" into "this person can use Copilot from a compliant device, with MFA, from a known location, with session controls." Most of the controls are already paid for in your Microsoft 365 Business Premium or E3/E5 licensing—they just are not turned on.
The honest test: can a staff member with a Copilot license open Copilot Chat from their personal phone on hotel Wi-Fi, with no MFA prompt, and ask it to summarize a board document? If yes, you have an identity problem, not a Copilot problem.
Do you have a real responsible-AI policy, or do you have a one-pager?
Most boards have approved an AI policy in the last twelve months. In our experience, eight out of ten of those policies are a one-page document copied from a sector template, approved without amendment, and filed. That document will not survive contact with deployment.
A real responsible-AI policy names specific permitted use cases (Copilot for drafting board communications, yes; Copilot for grant decisions, no), specific prohibited uses (no personally identifiable information of unrelated parties, no protected health information in unmanaged prompts), an escalation path (who decides on edge cases), and a review cadence (the policy will be wrong within six months and you need a way to update it). The policy is the boundary inside which the AI operates. If it is vague, the operation will be vague.
The policy is the boundary inside which the AI operates. If it is vague, the operation will be vague.
Have you trained the staff on what Copilot will and won’t do?
The single largest category of "Copilot disappointed us" feedback comes from staff who expected ChatGPT and got a tool grounded in their organization's data. Copilot will refuse questions ChatGPT will answer. Copilot will produce citations to documents the user has access to, and the citations will sometimes be wrong. Copilot will summarize a document and miss the most important clause. These are not failures—they are characteristics of a grounded enterprise AI tool. The staff need to know that going in.
Training is part of the deployment, not a follow-up project. Plan for two formal sessions: a one-hour "what Copilot is and isn't" overview for all licensed users, and a deeper "use cases that work in your role" workshop by team or function. The single best investment in a Copilot rollout is the time the staff spend learning what to ask it.
Who owns the prompt-and-output review loop?
Copilot will produce outputs that need a human in the loop. A grant summary that misstates the eligibility criteria. A donor brief that miscites a giving total. A board-facing memo that compresses a nuanced position into a misleading single sentence. The model will be confidently wrong, occasionally, in exactly the cases that matter most. That is not a Copilot problem—it is a workflow design problem, and the design has to name a human owner.
Usually this is the role of the Communications lead, the COO, or in smaller organizations the Executive Director. Whoever it is, they need to know that AI-assisted outputs going to the board, to a funder, or to a regulator pass through their desk first. The accountability does not move just because the first draft did.
Do you have a kill switch—and do you know how to use it?
If a Copilot agent starts exposing data it should not, or a custom Copilot Studio agent built on top of your tenant starts producing outputs you cannot defend, can you disable it within five minutes? Can your IT lead do it, or does the answer involve a call to a vendor and a four-hour SLA? The kill switch exists in Microsoft 365 admin, but it is not always wired into your organization's incident response.
This is the question that turns Copilot from a technology procurement into a governance posture. The board does not need to know how to flip the switch. The board does need to know that the switch exists, that a named person can operate it on a defined timeline, and that the policy condition that triggers it is written down before something goes wrong.
The good news is that none of these are theoretical. The seven questions map directly to capability areas of the CompleteCare platform—Foundations and Govern handle questions one through four, Shield handles seven, the AI Practice handles five and six—and they are the same seven we work through during a Discovery Sprint. The bad news is that almost no organization gets all seven right on day one. The work is real, the timeline is two to four weeks for most mid-sized nonprofits and foundations, and the cost of skipping it is paid in a slow drip of data exposure, staff frustration, and board confidence loss that takes longer to repair than the deployment took in the first place.
The Managed Intelligence Provider model exists because these seven questions cannot be answered by the model vendor and usually cannot be answered by the in-house IT team alone. They are an interdisciplinary problem—data, identity, policy, training, governance, incident response—and they reward a partner who has seen the same patterns in dozens of organizations and can shortcut the path from question to defensible answer. That is what the MIP does.
If you are about to enable Copilot, do not press the button until you have a written answer to each of the seven. If you do not have written answers, the work to get them is short, scoped, and worth more than the Copilot rollout it precedes.
Start a Discovery Sprint.
Two weeks, structured, fixed fee. We answer all seven questions for your organization, write the remediation plan, and deliver a 90-day roadmap your board can act on. The deliverable lands on Day 14 or you pay nothing.
Begin a Discovery SprintRequest a Frontier Briefing.
A 90-minute, no-charge board-level session that walks through these seven questions in the context of your organization. Suitable for an executive committee or a full board.
Request a Frontier Briefing