Importance of Auditing and Reporting your Office 365 Environment – Part 1

Ok. So you have successfully migrated to Office 365. Phew! Your migration went well and you are slowly settling down into the routine of managing your “cloudified” environment. It’s time to start stringing together the right set of tasks to effectively administer your Office 365 tenant. You need to first understand what’s there in your office 365 tenant and which elements in your office 365 are important to track and keep a tab on. In other words, audit and document your Office 365!

The importance of auditing and documenting your Office 365 environment

When it comes to successfully managing the Office 365 environment, the very first step that administrators need to do before anything else is to perform an Office 365 Audit. You need to know who your Office 365 users are, what groups have been configured, what permissions have been granted, who your administrators are, what roles have been granted to users, how your mailboxes have been configured and so on. If you have migrated to Office 365 SharePoint online you have another set of documentation to generate – your site collections, sites, lists, Site permissions, user access rights to your SharePoint content etc. These give you detailed information on what you are starting out with after your migration and also serves as a checklist to ensure that your migration was indeed completed successfully. A post-migration audit of Office 365 also helps catch errors due to any oversight while validating your settings and content post your Office 365 migration. Here is a quick list of Office 365 documentation reports to give you some idea of what’s involved. This is in no way a complete list, but gives you a possible approach to systematically documenting your Office 365 environment. I have also not covered Lync (Skype for business) and Yammer in this list.

1. What to document? Well document every bit of information for your records. You don’t want to manage your office 365 environment without knowing what you are starting out with. First, start with reports on how you have configured your Office 365 (Office 365 post-migration reports)

  • Tenant Configuration – list of tenants/custom domains, Authentication details (such as multi-factor authentication), Directory Synchronization details, list of assigned licenses etc.
  • Exchange online configuration – Admin roles, mailbox configuration, Mailbox email addresses, Public folders and their permissions, Mail flow rules, Message size restrictions, Message delivery restrictions, Storage Quotas, Mailbox Storage quotas, Mailbox delivery options, Mailbox default folder security, Public Folder settings, Public Folder message size and delivery restrictions, Public folder limits etc.
  • SharePoint Online configuration – Site inventory, List inventory, Site configuration, List configuration, List templates, Site collection workflow templates, Site columns, Site content types, Site templates, Site workflows, Web parts etc.

2. Office 365 Security Audit for Exchange online

  • Groups and Group members
  • Group, Group message size and Group message delivery restrictions
  • Mailbox permissions
  • Mailbox folder permissions
  • Public Folder Permissions

Office 365 Exchange Online Reports

3. Office 365 Security Audit for SharePoint online

  • Permissions of Sites, Lists and List Items, including effective permissions
  • Access rights of Users and Groups
  • Group Ownership
  • Limited Access permissions
  • Sites and Lists with no unique securable objects
  • Unique securable objects with empty permissions

Office 365 Security Audit for SharePoint online

In the next post, I will talk about Office 365 Usage reporting, that is, how your users are currently using Office 365.

Vyapin Office 365 Management Suite contains a comprehensive Reporting module for Office 365. Even though many of these reports may be generated using PowerShell scripts, the power and convenience of having a dedicated reporting tool for Office 365 should not be underestimated. As one of the earliest vendors of reporting solutions for IT management, Vyapin tools have assisted thousands of IT administrators and managers to get the right reports in the right format for Compliance and Systems management needs.

For more information, please visit –

Also, Read Part 2 version of this post.