The day Copilot indexed the wrong SharePoint folder
Picture a 2,000-person enterprise that flips on an AI assistant across the company on a Friday. By Monday, someone in sales asks it a question and it cheerfully surfaces a compensation spreadsheet that lived in an over-shared SharePoint folder for three years. Nobody wrote a bad line of code. The model did exactly what it was built to do. The failure was upstream: no one decided which use cases were allowed, who owned them, or what data they were permitted to touch.
That is the gap a responsible AI framework is supposed to close, and most frameworks miss it because they start with principles instead of a list. The thing that actually governs enterprise AI is a use-case register: one row per workflow, each with a business owner, the data sources it reads, the user group it serves, a risk tier, a review rule, a monitoring approach, and an escalation path. Eight columns. If a use case can't fill them in, it doesn't ship.
The NIST AI Risk Management Framework is the right scaffolding here because it forces you to map, measure, manage, and govern each system in its actual context — not in the abstract. A summarization tool reading public marketing copy and a tool drafting customer contracts are not the same risk, and a single company-wide policy treats them as if they are. The register is where context lives. And as the PwC Responsible AI survey makes plain, the organizations that get this right operationalize accountability into day-to-day practice rather than parking it in an executive deck. A framework that never reaches the person clicking "deploy" was never governance to begin with.
Five names, or it isn't governed
Here is the test I'd apply to any enterprise framework: pick your highest-risk use case and ask who fills five specific roles. A sponsor who owns the budget and the outcome. A workflow owner who runs it in production. A data steward who knows what the AI is allowed to read and who approved that scope. A reviewer who signs off before it touches customers. A risk lead who owns the escalation when it goes sideways. If three of those five resolve to "the AI committee" or a person who left in Q1, you don't have a governed use case — you have an incident waiting for a date.
Those five roles are what turn platform settings into actual control. Enterprise AI deployment lands squarely on security and resilience, which is why CISA's artificial intelligence guidance treats misuse and abuse as first-order risks, not edge cases. Access boundaries, logging, and a real incident-response expectation need to exist before a high-impact workflow goes live — and each of those needs a name attached.
The tooling can enforce a lot of this, but only if someone configures it on purpose. Microsoft's documentation on Copilot architecture and data protection spells out that the assistant inherits the permissions and sensitivity labels already in your tenant — which is exactly why the SharePoint folder from the opening scene was a governance failure, not a product flaw. Copilot honored permissions that were wrong. The data steward role exists to catch that before launch: who confirmed the access scope, who labeled the sensitive content, and who audits it after. Identity, permissions, data protection, and auditability are knobs the platform gives you; the register decides who is responsible for turning them.
Make the register a fast lane, not a toll booth
The instinct after a near-miss is to slow everything down — add an approval board, require a sign-off form, route everything through legal. That kills adoption, and adoption is where the value actually comes from. McKinsey's State of AI research consistently finds that returns track workflow redesign and real usage, not the number of tools licensed. Governance that blocks the good use cases as efficiently as the bad ones is a net loss.
So design the register to do two jobs at once. For a low-risk, low-data use case — say, a team that wants AI to summarize its own meeting notes — the path to "yes" should be same-day: owner named, data scope confirmed, monitoring set, go. For a use case that drafts customer-facing language or reads regulated data, the same register routes it through review, security sign-off, and a defined escalation path before it sees a real customer. One intake, two speeds, sorted by risk tier. Your governance is working when the safe stuff ships faster than it used to, not slower.
If you want a concrete starting move this week: open a spreadsheet and write down every place AI is already running in your company, sanctioned or not. You will find more than you expect, and the shadow ones are usually the unowned ones. That inventory is the spine of the whole framework. We typically begin with a QuickStart AI Audit to build that register and tier the risk, then turn the workflows that are ready into an AI Transformation Blueprint for scaling with the controls and owners already attached.
