The fastest compliant, zero-downtime remedy is to reapply a centrally managed policy to the production environment so the “UpdateBankDetails” tool again requires approval. Environment-scoped DLP or copilot tool policies can be changed instantly through the Power Platform admin center; the change is logged for one year and involves no redeploy or credential rotation. Once production risk is mitigated, the same policy can be extended to dev/test, but scoping to prod first stops the live incident immediately without user interruption.

A. Disabling all tools halts procurement operations—downtime.

C. Credential rotation does not restore approval gating.

D. Timeout changes do not affect approval logic at all.

1. Microsoft Docs – “Edit an existing DLP policy”, Immediate enforcement paragraph.

2. Microsoft Docs – “Power Platform admin center audit log retention”, One-year retention table.

3. Microsoft Docs – “Manage tool calls in Copilot Studio”, Environment policy section (enable/disable or require approval).