Governance quickstart guide (#61012)

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>

Author: 3 people

content/copilot/how-tos/administer-copilot/manage-for-enterprise/manage-enterprise-policies.md

@@ -19,6 +19,8 @@ category:
 
 When an organization owner assigns a {% data variables.product.prodname_copilot_short %} license to a member of their organization, the availability of features and models is controlled by policies.
 
+If you're setting up {% data variables.product.prodname_copilot_short %} for the first time, see [AUTOTITLE](/copilot/tutorials/roll-out-at-scale/govern-for-adoption) for guidance on setting a governance posture that balances compliance with developer productivity.
+
 ## Defining policies for your enterprise
 
 Enterprise owners can define a policy for the whole enterprise, or delegate the decision to individual organization owners. See [AUTOTITLE](/copilot/concepts/policies).

content/copilot/tutorials/roll-out-at-scale/govern-for-adoption.md

@@ -0,0 +1,54 @@
+---
+title: Governing Copilot to support developer productivity
+shortTitle: Govern for adoption
+intro: 'Set a governance posture that balances compliance requirements with developer productivity, so your rollout succeeds from day one.'
+permissions: Enterprise owners
+versions:
+  feature: copilot
+category:
+  - Roll Copilot out at scale
+contentType: tutorials
+allowTitleToDifferFromFilename: true
+---
+
+Getting the most from {% data variables.product.prodname_copilot %} means finding the right balance between governance and developer access. Too restrictive, and developers can't use the features that make them productive. Too permissive, and you may not meet your compliance requirements.
+
+This guide covers the governance decisions that help your developers get value from {% data variables.product.prodname_copilot_short %} quickly, while keeping your enterprise within its compliance boundaries. You should make these decisions during initial setup, and revisit them as your usage matures.
+
+## Delegate {% data variables.product.prodname_copilot_short %} administration to people with AI context
+
+Policy decisions work best when they're informed by practical experience with AI tools. Custom enterprise roles let you delegate AI administration to subject matter experts.
+
+This approach reduces bottlenecks and helps ensure that the people setting policies understand how developers actually work with {% data variables.product.prodname_copilot_short %}.
+
+For step-by-step instructions on creating an AI manager role, see [AUTOTITLE](/copilot/tutorials/roll-out-at-scale/establish-ai-managers).
+
+## Review and enable features promptly
+
+Developers get the most value from {% data variables.product.prodname_copilot_short %} when they can access new features and models as they become available. When there are significant feature gaps, due to features remaining disabled, developers may turn to third-party tools that sit outside your compliance controls.
+
+Consider enabling vetted capabilities promptly, rather than disabling features by default and enabling them only after review:
+
+* **Enable new features and models as they become available**, unless you have a specific compliance reason not to. {% data variables.product.github %} vets all features and models before release.
+* **Only set enterprise-level defaults to disabled for non-negotiables**, such as compliance-critical controls or features that conflict with regulatory requirements.
+* **Scope restrictions to sensitive organizations**. Rather than blocking features enterprise-wide, disable them only in organizations with stricter compliance requirements. This lets other organizations move faster.
+
+### Spend management and policy posture
+
+Spend controls interact with your policies. If you enable advanced models and agentic features but set tight budget limits, developers may not be able to use those features consistently.
+
+When configuring policies and budgets, consider whether your limits align with how you want developers to use {% data variables.product.prodname_copilot_short %}.
+
+## Use pre-vetted LLM models
+
+If your organization already has a vetted LLM provider for compliance, cost management, or existing contracts, you can use those API keys with {% data variables.product.prodname_copilot_short %} instead of going through a separate approval process for {% data variables.product.github %}-hosted models.
+
+If you don't have an existing LLM provider relationship, this approach is optional. {% data variables.product.github %}-hosted models are ready to use immediately.
+
+This approach offers several advantages:
+
+* **Governance and compliance**: Use LLM providers that already meet your organization's policies and regulatory requirements.
+* **Cost management**: Align with existing payment methods, contracts, credits, or negotiated rates.
+* **Visibility and control**: Monitor usage through your provider's existing dashboards and billing.
+
+For setup instructions, see [AUTOTITLE](/copilot/how-tos/administer-copilot/manage-for-enterprise/use-your-own-api-keys).

content/copilot/tutorials/roll-out-at-scale/index.md

@@ -7,6 +7,7 @@ versions:
 children:
   - /assign-licenses
   - /establish-ai-managers
+  - /govern-for-adoption
   - /enable-developers
   - /drive-downstream-impact
   - /measure-success

data/reusables/copilot/setup-next-steps.md

@@ -1,3 +1,4 @@
+* **Set a governance posture that supports adoption**. Avoid over-restricting {% data variables.product.prodname_copilot_short %} by delegating administration, enabling vetted features promptly, and aligning spend controls with your goals. See [AUTOTITLE](/copilot/tutorials/roll-out-at-scale/govern-for-adoption).
 * **Explore self-service license management options**. Many successful rollouts use a self-service model where developers can claim a license without approval. See [AUTOTITLE](/copilot/rolling-out-github-copilot-at-scale/setting-up-a-self-serve-process-for-github-copilot-licenses).
 * **Learn how to plan and implement an effective enablement process to drive {% data variables.product.prodname_copilot_short %} adoption**. See [AUTOTITLE](/copilot/rolling-out-github-copilot-at-scale/driving-copilot-adoption-in-your-company).
 * **Enhance the development experience by enabling and training developers on the latest features**. For example, share context with {% data variables.copilot.copilot_spaces %}, enable {% data variables.copilot.copilot_code-review_short %} on pull requests, and allow developers to experiment with prompts using {% data variables.product.prodname_github_models %}. For an example showing how these features fit together, see [AUTOTITLE](/copilot/tutorials/rolling-out-github-copilot-at-scale/enabling-developers/integrating-agentic-ai).