AI GovernanceMost Popular

Know exactly what Copilot will expose - before you turn it on.

Scan your tenant for Copilot exposure risks and get a prioritized remediation plan.

From $7,500one-time deployment

Get Your Copilot Readiness Score See Pricing

compass://readiness-assessment

Data Security

65%

Governance

78%

Compliance

82%

Infrastructure

68%

Findings

Sites with org-wide access12

Anonymous sharing links active47

Sites missing sensitivity labels156

Stale sites with no activity (90d)89

Sites Scanned

1,247

Files at Risk

802K

Remediation

14 steps

Overview

Consulting firms charge $15,000-$50,000 for manual Copilot readiness assessments that take 4-6 weeks. Compass Copilot Readiness Assessment automates the entire process in hours. Python Azure Functions use Microsoft Graph API and the SharePoint REST API to enumerate every SharePoint site permission, detect "Everyone except external users" access grants, catalog sharing links by type, identify sites missing sensitivity labels, flag stale content and inactive sites, and enumerate guest user access patterns.

The output is an interactive React dashboard with a composite readiness score across four pillars - Data Security (35%), Governance (25%), Compliance (25%), and Infrastructure (15%) - plus a prioritized remediation roadmap with specific, actionable steps your team can execute immediately. Every finding is exportable to CSV and PDF.

Use Cases

Pre-Copilot deployment risk assessment
Quarterly governance health checks
Board-level security reporting
Compliance audit preparation

Key Features

Automated tenant-wide permission scan via Microsoft Graph API and SharePoint REST API

Durable Functions fan-out/fan-in pattern scans thousands of sites in parallel

Detection of "Everyone except external users" claims across all site collections

Sharing link catalog: anonymous, organization-wide, specific people, with expiration status

Sensitivity label coverage gap analysis

Guest user access enumeration and risk scoring

Inactive site and stale content identification

Interactive React dashboard with composite governance score (Recharts visualizations)

Prioritized remediation roadmap with effort estimates, exportable to CSV/PDF

Works with E3 licensing - no E5 required for core scan

Technical Architecture

Deployed in your tenant

Your Microsoft 365 Tenant

Timer TriggerScheduled scans

Python Azure FunctionsDurable Functions orchestrator

MS Graph APISharePoint REST API

Azure SQLResults + baselines

React DashboardAzure Static Web Apps

trigger

compute

api

storage

output

All components run in your Azure subscription

Requires Sites.Read.All, Files.Read.All, User.Read.All, Reports.Read.All permissions via Entra ID service principal with certificate credentials stored in Azure Key Vault.

Ready to deploy Copilot Readiness Assessment?

Book a consultation and we will walk through your tenant to show exactly how this product maps to your requirements.

Get Your Copilot Readiness Score See all pricing

Copilot Usage Analytics