The Enterprise Copilot Governance Platform is a SaaS prototype built by Ed Fassio using NestJS and React on Azure, targeting Microsoft 365 Copilot and Copilot Studio deployments at enterprise scale. It provides structured agent intake, risk-tier scoring, multi-stage approval workflows, RBAC-based source boundary enforcement, and a complete audit trail.
Agent Intake & Risk-Tier Scoring
Structured intake for every new Copilot agent or custom GPT, scored across data sensitivity, automation scope, approval authority, and audit exposure.
Approval Lifecycle Management
Multi-stage routing: intake → build review → security sign-off → publish/share authorization. Aligned with Microsoft 365 Information Protection policies.
RBAC & Source Boundary Controls
Role-based access enforcement defining which connectors and data sources each agent can access. Anti-oversharing guardrails at the M365 and Power Platform administrative layer.
Audit Trail & Governance Dashboard
Complete audit trail covering agent creation, version changes, approval decisions, and retirement. Real-time dashboard for compliance teams.
Technology stack: NestJS backend · React frontend · Azure infrastructure · Microsoft 365 and Power Platform integration.