What the audit covers
This is not broad Microsoft 365 management, helpdesk support, or a generic security score exercise. The audit is built around cleanup: who still has access, who has too much access, what still belongs to former users, and what you are still paying for.
- Active, inactive, former employee, contractor, and guest accounts that need review.
- Admin roles, privileged access, role sprawl, and unclear ownership.
- MFA coverage and visible baseline identity control gaps.
- Guest access, shared mailbox access, group access, and obvious external sharing issues.
- Files, mailboxes, groups, and shared resources still owned by former users.
- Licenses that appear unused, over-assigned, incorrectly tiered, or redundant.
- Offboarding gaps that keep creating stale accounts and messy handoffs.
A prioritized cleanup report with issue, recommended action, risk, effort, likely owner, and savings where relevant.
Read-only or least-privilege access where possible. Exports can work for some scopes.
Growing teams with 20 to 100 users, recurring staff changes, contractors, or no recent access cleanup.
Implementation is scoped after the audit as a separate fixed-fee cleanup project, typically $3,000 to $10,000.
Typical cleanup findings
The exact findings depend on your tenant, but the recurring issues are practical: old accounts left active, unnecessary admin roles, guests nobody owns, shared mailboxes with stale delegates, files owned by departed staff, and license spend that no longer matches the team.
Want to know what is sitting in your tenant?
Use the scope check to confirm user count, adjacent tools, access method, and whether the audit is likely to be worth doing.
Book a 15-minute scope check