Skip to content

Agent Charter

Use this template during pilot design, implementation planning, or agent governance to make agent boundaries, ownership, controls, and approvals explicit.

Download the raw source: agent-charter.md.

1. Summary

FieldValue
Agent namePolicy Knowledge Assistant
Use case IDUC-001
Business or operating contextHR policy support
Business ownerHR Operations Lead
Product ownerHR Knowledge Manager
Technical ownerM365 Platform Owner
PlatformMicrosoft 365 Copilot extension
EnvironmentPilot
Risk tierMedium
Lifecycle statusProposed

2. Outcome

  • Target outcome: Reduce routine HR policy response time and improve answer consistency.
  • KPI baseline: Average first response time is 2 business days.
  • KPI target: 80 percent of policy questions answered same day.
  • Measurement method: Pilot analytics, sampled answer review, and HR ticket deflection.
  • Review cadence: Weekly during pilot, monthly after release.

3. Scope

In scope:

  • Answer questions from approved HR policy pages.
  • Cite the source page used for each policy answer.
  • Route employee-specific or ambiguous questions to HR operations.

Out of scope:

  • Individual employment advice.
  • Payroll corrections or benefits enrollment changes.
  • Interpretation of policies outside the approved source library.

Prohibited actions:

  • Create, update, or delete employee records.
  • Provide legal advice or make eligibility determinations.
  • Answer from unapproved files or personal chat history.

4. Users And Channels

  • Target users: HR business partners and employees in the pilot group.
  • User channel: Microsoft 365 Copilot.
  • Authentication method: Entra ID.
  • Authorization model: Current user permissions with SharePoint permission trimming.

5. Knowledge And Grounding

SourcePurposeOwnerFreshnessPermission ModelCompliance Notes
HR policy SharePoint libraryGround answers in approved policy contentHR Knowledge ManagerDailyMicrosoft 365 group permissionsContains employment policy content
Regional HR FAQ pagesAnswer region-specific questionsHR Operations LeadWeeklyRegion-based SharePoint groupsArchive stale pages before pilot

Grounding pattern:

  • RAG/search: Microsoft 365 Copilot grounding over approved SharePoint sources.
  • API/tool access: None for pilot.
  • MCP/connectors: None for pilot.
  • Other: Source citation required for all policy answers.

6. Tools And Actions

Tool Or ActionRead/WriteSystemRequired PermissionApproval RequiredAudit Evidence
Policy searchReadSharePoint OnlineCurrent user accessNoCopilot interaction logs and cited source
HR escalation linkWrite draft onlyHR ticketing intakePilot user accessUser submits final requestTicket intake audit log

7. Orchestration

  • Single-agent or multi-agent: Single-agent pilot.
  • Orchestration approach: Grounded question answering with escalation when confidence or policy coverage is insufficient.
  • Deterministic workflow points: Escalation link and ticket routing use fixed forms.
  • Human approval points: User confirms before submitting any HR ticket.
  • Fallback path: Direct users to HR operations when answer cannot be grounded.
  • Escalation path: HR operations queue owned by the HR Knowledge Manager.

8. Memory, Retention, And Privacy

  • Conversation history retention: Follow tenant Copilot retention policy.
  • Business or operational data retention: No new business records created by the agent during pilot.
  • Memory allowed: Session context only.
  • Memory prohibited: Persistent memory containing employee-specific details.
  • Sensitive data handling: Do not request personal employee details unless routing to HR intake.
  • Deletion process: Use standard Microsoft 365 retention and deletion workflow.

9. Instructions And Prompt Library

  • Instruction owner: HR Knowledge Manager.
  • Versioning method: Managed prompt file in the HR pilot repository.
  • Review process: Weekly review with HR operations and M365 platform owner.
  • Approved prompt library location: HR pilot SharePoint workspace.
  • Prompt evaluation method: Golden question set with source citation and escalation checks.

10. Security And Responsible AI Controls

Control AreaRequired ControlEvidence
Identity and accessEntra ID and SharePoint permission trimmingPilot access test results
Data loss preventionSensitivity labels on HR policy sourcesPurview label review
Prompt injection defenseIgnore instructions embedded in source documentsRed-team test results
Content safetyRefuse unsupported employment adviceGolden test set review
Audit trailRetain conversation and source evidence per tenant policyCopilot usage export
Human oversightEscalate ambiguous or employee-specific questionsSample escalation log
Privacy and complianceDo not store employee-specific memoryPrivacy review signoff
Cost controlMonitor pilot usage weeklyCopilot usage dashboard

11. Operations

  • Telemetry location: Copilot usage dashboard and HR pilot review workbook.
  • Dashboard owner: M365 Platform Owner.
  • Support owner: HR Operations Lead.
  • Incident process: Route suspected data exposure to security and privacy intake.
  • Pause procedure: Remove pilot group access and disable app publication.
  • Review cadence: Weekly during pilot.
  • Retirement criteria: Retire if answer quality remains below 85 percent after source remediation.

12. Approval

RoleNameDecisionDate
Business ownerHR Operations LeadPending2026-06-20
Product ownerHR Knowledge ManagerPending2026-06-20
SecuritySecurity ReviewerPending2026-06-20
Compliance/privacyPrivacy ReviewerPending2026-06-20
Platform ownerM365 Platform OwnerPending2026-06-20
Operations ownerHR Operations LeadPending2026-06-20

Agent Kit helps teams shape governed, measurable agentic AI initiatives.