Copilot readiness scan
Is your environment ready for Copilot?
A Copilot readiness scan checks, before the rollout, whether your Microsoft 365 environment is ready: permissions and oversharing, SharePoint hygiene, sensitive data and tenant readiness. You get a report with scores per domain and a prioritised list of top actions.
The core
Copilot inherits your permissions
Copilot makes no judgement of its own about access — it works within the permissions a user already has. The scan maps overly broad permissions before Copilot makes them visible. This is data and technical readiness, not the people readiness of adoption.
1 question
If a document was ever shared too widely, a single question surfaces it effortlessly.
The scale
Oversharing is no edge case
- 802,000
- files per organisation exposed by oversharing on average
- 16%
- of business-critical data is accessible to people who should not see it
- 99%
- of organisations have sensitive data exposed to AI tools
Concentric AI, Data Risk Report
Concentric AI, Data Risk Report
Varonis, State of Data Security 2025
Four domains
What we measure
The scan checks the places where oversharing and weak data tend to hide.
Permissions & oversharing
Mapping who can reach which documents — before Copilot makes it visible.
SharePoint hygiene
Stale sites and duplicate files that feed weak answers.
Sensitive data & labels
Which content deserves a sensitivity label or DLP policy (Purview).
Licence & tenant
Licence assignment, agent controls and admin settings set up right.
Scorecard
A score per domain
No vague impression, but a substantiated status per domain — so you see at a glance where the work sits.
- Attention
Permissions & oversharing
Who can reach which documents
- Risk
SharePoint hygiene
Stale sites and duplicate content
- Attention
Sensitive data & labels
Labels and DLP policy via Purview
- Ready
Licence & tenant
Assignment and agent controls
- Attention
Agent readiness
Who may create and share agents
Example view. Your own scorecard follows from the requested scan.
What you get
Four concrete deliverables
Not a report that gathers dust — but insight you turn straight into actions before the rollout.
Readiness report
A substantiated score per domain, in plain language.
Top actions
A prioritised list to resolve before the rollout.
Risk map
Oversharing and sensitive data, clearly translated.
Working session
We walk through the findings together and set the next step.
Why beforehand
Repairing after the rollout always costs more.
The approach
In four steps
From short intake to working session — clearly scoped, with no surprises.
- 1
Intake
A short session on tenant, ambition and audience.
- 2
Measurement
Analysis of permissions, SharePoint, labels and tenant settings.
- 3
Report
Scores per domain with substantiated findings.
- 4
Working session
Discuss the findings and decide the approach.
Tenant & agents
Agent readiness too
Agent settings decide who may create, share and use agents. Together with licence and usage reporting, that makes risk and use measurable the moment Copilot goes live. It fits neatly onto your governance setup.
Agent controls
Who creates, shares and uses agents — set in the admin centre.
Telemetry & reporting
Insight into suitability, risk and adoption once Copilot runs.
FAQ
Veelgestelde vragen
The most common questions about readiness, oversharing and the scan.
What is a Copilot readiness scan?
A pre-flight check of your Microsoft 365 environment: permissions and oversharing, SharePoint hygiene, sensitive data and tenant settings. You get a report with scores per domain and a prioritised list of top actions.
Why scan before the rollout?
Copilot works within the permissions a user already has. If those are too broad, sensitive documents suddenly become easy to find. Measuring first avoids repairs after the rollout.
What exactly is oversharing?
Access broader than needed: documents shared with everyone or whole teams. People rarely notice, until a search function or Copilot surfaces that content effortlessly.
How long does the scan take?
After a short intake we typically deliver the report within a few working days. The lead time depends on the size of your tenant. We confirm this in the advisory call.
Is this the same as the adoption approach?
No. The scan measures the technical and data readiness of your environment. Adoption focuses on people: training and behaviour. The scan comes first, so the rollout starts on a safe footing.
Request the readiness scan
In a short advisory call we set the scope. Then we deliver your report with scores per domain and the top actions you resolve before the rollout.