The periodic version

An annual Microsoft 365 security review, expert-led

A tenant assessed once is not a tenant secured forever. The Microsoft 365 security review is the periodic re-check: configuration drift found, new platform features weighed, Secure Score movement explained and the fix list refreshed, every year or after every big change.

Why yearly

Four reasons a secure tenant stops being one

Configuration drift

Twelve months of admins solving urgent problems leaves exclusions, test accounts and relaxed policies nobody remembers approving. The review catches what drifted.

Platform change

Microsoft ships security changes to the platform continuously: new defaults, deprecated protocols, renamed licences. The review reconciles your tenant with this year's platform, not last year's.

Business change

New starters, leavers, contractors, an acquired company bolted on in a hurry. Access accumulates; the review is where it gets pruned.

Threat change

The attacks against Microsoft 365 tenants evolve: token theft, MFA fatigue, OAuth consent abuse. Checks that were sufficient at the last review may not be now.

The review

What the annual check delivers

The review runs the assessment methodology against your current tenant and reports on the delta: what moved, what drifted, what Microsoft changed underneath you and what to do about each. For tenants we assessed originally it is priced as the lighter engagement it is; the published bands are on the pricing page.

Between reviews, if you want the tenant watched continuously rather than periodically, the monitoring page explains the 24/7 option.

The delta report covers

  • Everything material from the full assessment, re-verified
  • Delta report: what changed since last time, and whether it should have
  • Secure Score movement, explained against the UK benchmark
  • New Microsoft platform features you should now enable
  • A refreshed remediation list, usually far shorter than year one

Quick answers

Security review questions, answered

What is the difference between the review and the full assessment?

The full assessment is the deep first pass over a tenant we have never seen. The review is the periodic version: everything material re-verified, with particular attention to what changed since last time. It is faster and cheaper because the baseline already exists.

The full assessment

How often should we run an Office 365 security review?

Annually as a rhythm, and after any significant change: a migration, a licence change, an acquisition or an incident. Most clients pair an annual review with the fixes from their first assessment and find year two dramatically quieter.

Can you review a tenant another firm assessed?

Yes. We rebuild the baseline as part of the first review, and prior reports, whoever wrote them, are useful evidence. The CIS benchmark gives both sides a common language.

Is this the same as an Office 365 security check?

The names vary: security check, health check, M365 security review, periodic audit. What matters is the substance: expert re-verification of your tenant's security configuration on a schedule, with a delta report. That is what this page describes.

3D illustration of a rocket launching, representing a Microsoft 365 security assessment getting started

When was yours last checked?

Put the review in the calendar

A free 45 minute call scopes the review, confirms the published price for your workloads and books the window.