Merge pull request #53976 from MicrosoftDocs/NEW-module11-design-responsible-ai-security-governance-risk-management-compliance

New module11 design responsible ai security governance risk management compliance

Author: JamesJBarnett

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/1-introduction.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.introduction
+title: "Introduction"
+metadata:
+  title: "Introduction"
+  description: "Learn foundational concepts for designing secure, compliant, and responsible AI systems that protect data and align with organizational policies."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 3
+content: |
+  [!include[](includes/1-introduction.md)]

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/10-knowledge-check.yml

@@ -0,0 +1,43 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.knowledge-check
+title: "Module assessment"
+metadata:
+  title: "Knowledge check"
+  description: "Knowledge check"
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+  module_assessment: false
+durationInMinutes: 3
+content: "Choose the best response for each of the following questions."
+quiz:
+  questions:
+  - content: "Which option best reflects a _defense-in-depth_ approach when designing enterprise AI agents?"
+    choices:
+    - content: "Grant broad access so the agent can retrieve any data it may need in future tasks"
+      isCorrect: false
+      explanation: "Incorrect. Granting broad access increases the risk of data breaches and doesn't align with the principles of defense-in-depth."
+    - content: "Use layered identity, access, data governance, monitoring, and threat protection controls"
+      isCorrect: true
+      explanation: "Correct. Defense-in-depth requires multiple layers of security—identity, RBAC, data governance, observability, threat protection, and controlled workflows. It prevents single-point failures and ensures agents remain predictable, safe, and aligned with organizational policies."
+    - content: "Allow the agent to self-correct risky behaviors without human oversight"
+      isCorrect: false
+      explanation: "Incorrect. Allowing agents to self-correct without oversight introduces risks and doesn't align with defense-in-depth principles."
+    - content: "Disable logging to reduce operational costs"
+      isCorrect: false
+      explanation: "Incorrect. Disabling logging reduces visibility and monitoring, which are critical components of a defense-in-depth strategy."
+  - content: "What is the most effective way to reduce the risk of AI agents exposing sensitive information?"
+    choices:
+    - content: "Allow unrestricted connector access to improve retrieval accuracy"
+      isCorrect: false
+      explanation: "Incorrect. Unrestricted access increases the risk of exposing sensitive information and doesn't align with secure practices."
+    - content: "Rely solely on model instructions to avoid returning sensitive content"
+      isCorrect: false
+      explanation: "Incorrect. Relying solely on model instructions is insufficient to prevent sensitive information exposure."
+    - content: "Apply DLP policies, sensitivity labels, and least-privilege boundaries across all data sources"
+      isCorrect: true
+      explanation: "Correct. Combining DLP enforcement, sensitivity labeling, and least-privilege access ensures agents can only interact with allowed data and can't inadvertently expose sensitive, regulated, or high-risk information through prompts, retrieval, or outputs."
+    - content: "Store sensitive data in agent prompts so it can reason more accurately"
+      isCorrect: false
+      explanation: "Incorrect. Storing sensitive data in prompts increases the risk of exposure and isn't a secure practice."

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/11-summary.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.summary
+title: "Summary"
+metadata:
+  title: "Summary"
+  description: "Learn how to design secure, governed, and compliant AI systems that balance innovation with accountability across diverse cloud environments."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 3
+content: |
+  [!include[](includes/11-summary.md)]

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/2-design-security-agents.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.design-security-agents
+title: "Design security agents for Microsoft clouds"
+metadata:
+  title: "Design Security Agents for Microsoft Clouds"
+  description: "Learn to design secure autonomous agents for Microsoft clouds, ensuring compliance, governance, and threat protection at scale."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 9
+content: |
+  [!include[](includes/2-design-security-agents.md)]

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/3-design-governance-agents.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.design-governance-agents
+title: "Design governance models for AI agents"
+metadata:
+  title: "Design Governance Models for AI Agents"
+  description: "Learn to design governance models for AI agents, ensuring security, compliance, and operational standards across Microsoft cloud environments."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 5
+content: |
+  [!include[](includes/3-design-governance-agents.md)]

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/4-design-model-security.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.design-model-security
+title: "Design model security for responsible AI"
+metadata:
+  title: "Design Model Security for Responsible AI"
+  description: "Learn how to design model security for responsible AI using identity governance, threat protection, access control, and continuous monitoring."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 5
+content: |
+  [!include[](includes/4-design-model-security.md)]

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/5-analyze-solution-ai-vulnerabilities-mitigations-prompt-manipulation.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.analyze-solution-ai-vulnerabilities-mitigations-prompt-manipulation
+title: "Analyze AI vulnerabilities and mitigations for prompt manipulation"
+metadata:
+  title: "Analyze AI Vulnerabilities and Mitigations for Prompt Manipulation"
+  description: "Learn to identify AI vulnerabilities, including prompt manipulation, and apply mitigations to secure models, data, and workflows effectively."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 6
+content: |
+  [!include[](includes/5-analyze-solution-ai-vulnerabilities-mitigations-prompt-manipulation.md)]

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/6-review-solution-adherence-responsible-ai-principles.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.review-solution-adherence-responsible-ai-principles
+title: "Review solution adherence to Responsible AI principles"
+metadata:
+  title: "Review Solution Adherence to Responsible AI Principles"
+  description: "Learn how to evaluate AI solutions for adherence to Responsible AI principles, ensuring safety, compliance, transparency, and effective governance."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 5
+content: |
+  [!include[](includes/6-review-solution-adherence-responsible-ai-principles.md)]

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/7-validate-data-residency-movement-compliance.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.validate-data-residency-movement-compliance
+title: "Validate data residency and movement compliance"
+metadata:
+  title: "Validate Data Residency and Movement Compliance"
+  description: "Learn how to validate data residency and movement compliance for AI solutions, ensuring adherence to regulatory and organizational requirements."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 5
+content: |
+  [!include[](includes/7-validate-data-residency-movement-compliance.md)]

learn-pr/wwl/design-responsible-ai-security-governance-risk-management-compliance/8-design-access-controls-ground-data-model-tune.yml

@@ -0,0 +1,13 @@
+### YamlMime:ModuleUnit
+uid: learn.wwl.design-responsible-ai-security-governance-risk-management-compliance.design-access-controls-ground-data-model-tune
+title: "Design access controls for grounding data and model tuning"
+metadata:
+  title: "Design Access Controls for Grounding Data and Model Tuning"
+  description: "Learn how to design access controls for grounding data and model tuning workflows to ensure secure, compliant, and responsible AI system outputs."
+  ms.date: 02/09/2026
+  author: pabloMS
+  ms.author: taeldin
+  ms.topic: unit
+durationInMinutes: 4
+content: |
+  [!include[](includes/8-design-access-controls-ground-data-model-tune.md)]