AI governance for SMBs: the 9-document pack to write before your first Copilot rollout

Every SMB Copilot rollout we’ve seen in the last 18 months eventually hits the same conversation: an enterprise customer’s vendor-risk questionnaire arrives, asks 47 questions about how the company uses AI, and the answers don’t exist on paper. The engineering work is fine. The governance posture is undocumented. The deal slips two months while someone reverse-engineers the answers.

Governance is the cheapest insurance you’ll ever buy for an AI program and the one most consistently skipped at the 30–300 employee scale. This is the minimum viable governance pack we recommend before any production Copilot, Copilot Studio, or Power Automate + AI Builder workflow goes live in an SMB. Nine pages, two weeks to write, infinite return when the next vendor-risk review lands.

Governance isn’t a programme. It’s nine documents. SMBs that treat it as the former never finish; the ones that treat it as the latter ship it in a fortnight.

Why this matters at SMB scale (and why it’s usually skipped)

Three forces collided in the last 24 months and now sit on every SMB’s plate at once:

1. Enterprise customers cascade AI risk questions downward. Anyone selling to a Fortune 5000 buyer is now answering a 30–60 question AI vendor-risk addendum in addition to the standard security review. Most of the questions assume you have written policies.
2. Regulators have made AI usage a board-level matter.EU AI Act, NIST AI RMF, Colorado AI Act, NY DFS. Whether or not you’re directly in scope, your enterprise customers are, and they pass requirements down their supply chain.
3. Cyber insurance carriers added AI usage clauses.Renewal forms now ask whether you track AI tool usage, have DLP enabled, and maintain an acceptable-use policy. “No” to any of those moves your premium.

SMBs skip governance for an entirely defensible reason: the risk seems abstract and the legal advice expensive. The trick is to ship a minimum viable governance posture in-house, in a fortnight, that answers 80% of any vendor-risk questionnaire you’ll see. Lawyers can later iterate on a starting point; they can’t conjure one out of nothing in 48 hours when a deal is on the line.

The 9-document minimum viable governance pack

Every document is one to three pages. Together they form a defensible answer to almost every AI vendor-risk question you’ll encounter at the 30–300 employee scale.

1. AI Acceptable Use Policy (1 page)

Who can use which AI tools, for what kinds of work, with which data. Names specific tools (Microsoft 365 Copilot, Copilot Studio agents, ChatGPT Enterprise, etc.) and specific data classifications (Public / Internal / Confidential / Restricted) in a 4×4 matrix. The single most-asked-for governance artefact in vendor-risk reviews.

2. AI Tool Inventory (1 page, plus a sheet)

A list of every AI tool in the company: name, vendor, owner, data-residency posture, contract type (enterprise / business / personal), DPA on file (yes/no), date last reviewed. Maintain in SharePoint or a single Excel sheet — fancy GRC tools at SMB scale are overkill and rarely kept current.

3. Data Classification Standard (1 page)

The four-tier scheme referenced in the AUP, with examples. “Confidential” isn’t a useful label without examples of what counts. Two minutes to write, an hour of arguments saved per downstream conversation.

4. Vendor AI Risk Assessment Template (2 pages)

The questionnaire you run on a new AI vendor before signing. 15–20 questions covering data flow, model training opt-out, residency, subprocessors, breach notification, audit rights. This is also the document you’ll quietly send back to enterprise customers when their version of the same questionnaire arrives — a courtesy that signals professionalism and shortens the review cycle.

5. Copilot / AI-Specific Incident Response Addendum (1 page)

How does the existing IR plan change when the incident involves AI? Specifically: prompt-injection, model-output leakage, agent-driven action with unintended consequence, training-data exposure. Two paragraphs each. Done.

6. Microsoft Purview AI Hub Configuration Note (1 page)

What’s configured in Purview’s AI hub, what’s monitored, who reviews the dashboard weekly, and what the escalation criteria are. This is the document that turns “we use Purview” (claim) into “Purview is configured for X, monitored by Y, with escalation rule Z” (defensible position).

7. Human-in-the-Loop Standards (1 page)

Which AI outputs require human review before they leave the company. Client deliverables: yes. Internal scratch work: no. Financial communications: yes. The list belongs on one page; the conversations that produce the list belong in a workshop with the leadership team. Both are valuable. Both are skipped.

8. Training & Awareness Record (one page + log)

Every employee with AI tool access has completed a short (15–30 minute) AI-usage training and signed an acknowledgement. The document is the training outline; the log is the spreadsheet of names + dates. Vendor-risk reviewers ask for both regularly. Without them, the AUP from §1 is unenforceable.

9. Annual AI Posture Review Memo (1 page)

Written by the named AI owner (often the COO or CTO at SMB scale), reviewed by the board or leadership team, dated. Three sections: what changed since last year, what risks emerged or receded, what we’re changing next. The fact that the document exists and is dated is itself the defensible artefact.

Who owns this at SMB scale

At enterprise scale governance owners are obvious: Chief Risk Officer, Chief Privacy Officer, dedicated GRC team. At SMB scale they don’t exist. Three patterns we see work:

• COO as named owner (most common; works because the COO already owns most cross-functional risks).
• CTO or Head of IT as named owner (works when AI usage is predominantly technical / engineering-led).
• Fractional CAIO as named owner (works when AI is a strategic differentiator and there’s no internal executive carrying the function — see our fractional AI leadership page for the retainer pattern).

What does not work: leaving governance with “IT” as a collective noun. Without a named human owner, the pack will be written once and never updated, which is worse than not having it — outdated policies create liability that no policy at all doesn’t.

The Microsoft tooling that actually carries the load

Three tiles in the Microsoft stack do most of the practical governance work for SMBs already on M365. If you’ve read our Microsoft AI stack post you’ll recognise the cast:

Microsoft Purview (with AI hub)

Tracks AI tool usage across Copilot, third-party generative tools, and custom agents. DLP, sensitivity labels, audit logs, risk insights. Configure once; review weekly. The single most impactful tile for posture-on-paper, and it’s included in Microsoft 365 E5 or available as a stand-alone add-on.

Microsoft Entra (Conditional Access)

Which identities can access which AI services, under which conditions (device compliance, location, MFA state). For SMBs the high-value rule is: only managed devices can access Copilot, plus block consumer ChatGPT on corporate networks (if that matches your AUP). Two rules; high impact.

Microsoft Defender for Cloud Apps

Shadow-IT discovery, including unsanctioned AI tools. This is the tile that surfaces the 23 AI tools your team is using that nobody on the leadership team knows about. Run a 30-day discovery; the report writes most of §2 (AI Tool Inventory) for you.

The vendor-risk questionnaire shortcut

The fastest enterprise customers we’ve helped through an AI vendor-risk review answered 80% of the questionnaire by pasting from these nine documents and 20% by writing fresh. The slowest answered 100% from scratch each time, which is why their reviews took two months instead of two weeks.

The lift isn’t in producing better answers under pressure. It’s in producing answers at all from documents that already exist. Three patterns to copy:

1. Keep a master Q&A. Every time you answer an AI vendor-risk question, paste the answer into a master document. Within three or four review cycles you’ll have a 50–80 question canonical Q&A that handles 90% of future reviews.
2. Sign the customer’s document, don’t rewrite it.Procurement teams hate it when you redline their addendum. Sign with an attachment that says “see attached governance pack, sections referenced inline” and most reviewers will accept it.
3. Train your AE / CS team to recognise the form.The faster a sales rep recognises an incoming AI vendor-risk addendum and routes it to the named governance owner, the fewer Tuesdays you lose to “urgent customer paperwork.”

Anti-patterns to avoid

1. The 40-page policy nobody reads. If your AUP is more than two pages, employees will ignore it and you’ll fail an internal-controls audit faster than if you’d written nothing.
2. Buying a GRC platform before writing the policies.The platform formalises what you’ve written; if there’s nothing written, the platform is an empty filing cabinet with a six-figure invoice.
3. Putting “governance” in a future-state slide.Governance debt compounds. Every month the pack doesn’t exist is a month of unpriced risk. Ship the v0.1, iterate quarterly.
4. Letting legal own the first draft. Outside counsel produces excellent v2 documents at a price that makes you never want to update them. Write v0 internally; have counsel review v0.5; let them write v1 on the documents worth the investment (typically the AUP and the Vendor AI Risk Assessment).
5. Skipping the human-in-the-loop standards.This is the document that prevents the headline incident — the contract sent to a client with a hallucinated paragraph, the financial communication that confused a number. Two paragraphs of clarity prevent six months of reputational repair.

The two-week plan to ship the pack

We’ve run this shape at SMBs from 50 to 300 employees. Two weeks, ~ 8 hours of named-owner time, plus 4 hours of leadership-team workshop. Cost in skilled hands: $8–15K external if you bring a consultant in for the drafting; $0 external if your COO writes them with our outline as the scaffold.

1. Day 1 — Kickoff workshop. 90 minutes. Leadership team agrees data classification, named governance owner, and AI tool inventory baseline.
2. Days 2–5 — First draft of all nine documents.One person writes them all. Counter-intuitively this is faster and more consistent than parallel drafting.
3. Day 6 — Internal review. Leadership team spends 60 minutes red-teaming. Most edits land here.
4. Days 7–9 — Microsoft Purview / Entra / Defender configuration to back the documents. The documents claim things; the tenant must support those claims.
5. Day 10 — Training video recorded (15–30 minutes, screenshare + voiceover) and uploaded to SharePoint.
6. Days 11–14 — Acknowledgement collection.Every employee with AI access watches the training and signs. This is the load-bearing step; budget time for chasers.

Bottom line

AI governance at SMB scale is nine documents, two weeks, one named owner. Ship it before your next enterprise customer asks for it, not during. The documents themselves are not the value — the value is the conversations you’ll have writing them, and the reflex that lets your team handle the next vendor-risk review in days instead of months.

If you want a starting-point template pack for the nine documents, our 4-week activation engagements include this work as the governance track. The free AI Readiness Assessment also flags which of the nine documents are most urgent for your specific stack and customer profile.