Microsoft has identified a structural IAM coverage gap for agentic AI systems: existing identity governance frameworks do not adequately control AI agents that operate autonomously with delegated authority, creating accountability loss and excessive-permission risk in enterprise environments deploying Copilot Studio and third-party agent platforms. No patch is applicable; this requires governance and architectural control design. Enumerate all AI agent identities in your environment, enforce least-privilege scoping, establish lifecycle controls and monitoring baselines for agent-initiated actions in your SIEM, and assign formal ownership for agentic AI identity governance within your IAM or GRC function.