Skip to content

Copilot readiness scan

Is your environment ready for Copilot?

A Copilot readiness scan checks, before the rollout, whether your Microsoft 365 environment is ready: permissions and oversharing, SharePoint hygiene, sensitive data and tenant readiness. You get a report with scores per domain and a prioritised list of top actions.

The core

Copilot inherits your permissions

Copilot makes no judgement of its own about access — it works within the permissions a user already has. The scan maps overly broad permissions before Copilot makes them visible. This is data and technical readiness, not the people readiness of adoption.

1 question

If a document was ever shared too widely, a single question surfaces it effortlessly.

The scale

Oversharing is no edge case

802,000
files per organisation exposed by oversharing on average

Concentric AI, Data Risk Report

16%
of business-critical data is accessible to people who should not see it

Concentric AI, Data Risk Report

99%
of organisations have sensitive data exposed to AI tools

Varonis, State of Data Security 2025

Four domains

What we measure

The scan checks the places where oversharing and weak data tend to hide.

Permissions & oversharing

Mapping who can reach which documents — before Copilot makes it visible.

SharePoint hygiene

Stale sites and duplicate files that feed weak answers.

Sensitive data & labels

Which content deserves a sensitivity label or DLP policy (Purview).

Licence & tenant

Licence assignment, agent controls and admin settings set up right.

Scorecard

A score per domain

No vague impression, but a substantiated status per domain — so you see at a glance where the work sits.

  • Permissions & oversharing

    Who can reach which documents

    Attention
  • SharePoint hygiene

    Stale sites and duplicate content

    Risk
  • Sensitive data & labels

    Labels and DLP policy via Purview

    Attention
  • Licence & tenant

    Assignment and agent controls

    Ready
  • Agent readiness

    Who may create and share agents

    Attention

Example view. Your own scorecard follows from the requested scan.

What you get

Four concrete deliverables

Not a report that gathers dust — but insight you turn straight into actions before the rollout.

Readiness report

A substantiated score per domain, in plain language.

Top actions

A prioritised list to resolve before the rollout.

Risk map

Oversharing and sensitive data, clearly translated.

Working session

We walk through the findings together and set the next step.

Why beforehand

Repairing after the rollout always costs more.

The approach

In four steps

From short intake to working session — clearly scoped, with no surprises.

  1. 1

    Intake

    A short session on tenant, ambition and audience.

  2. 2

    Measurement

    Analysis of permissions, SharePoint, labels and tenant settings.

  3. 3

    Report

    Scores per domain with substantiated findings.

  4. 4

    Working session

    Discuss the findings and decide the approach.

Tenant & agents

Agent readiness too

Agent settings decide who may create, share and use agents. Together with licence and usage reporting, that makes risk and use measurable the moment Copilot goes live. It fits neatly onto your governance setup.

Agent controls

Who creates, shares and uses agents — set in the admin centre.

Telemetry & reporting

Insight into suitability, risk and adoption once Copilot runs.

FAQ

Veelgestelde vragen

The most common questions about readiness, oversharing and the scan.

What is a Copilot readiness scan?

A pre-flight check of your Microsoft 365 environment: permissions and oversharing, SharePoint hygiene, sensitive data and tenant settings. You get a report with scores per domain and a prioritised list of top actions.

Why scan before the rollout?

Copilot works within the permissions a user already has. If those are too broad, sensitive documents suddenly become easy to find. Measuring first avoids repairs after the rollout.

What exactly is oversharing?

Access broader than needed: documents shared with everyone or whole teams. People rarely notice, until a search function or Copilot surfaces that content effortlessly.

How long does the scan take?

After a short intake we typically deliver the report within a few working days. The lead time depends on the size of your tenant. We confirm this in the advisory call.

Is this the same as the adoption approach?

No. The scan measures the technical and data readiness of your environment. Adoption focuses on people: training and behaviour. The scan comes first, so the rollout starts on a safe footing.

Request the readiness scan

In a short advisory call we set the scope. Then we deliver your report with scores per domain and the top actions you resolve before the rollout.