Free checklist

M365 Copilot Readiness Checklist

Before rolling out Microsoft 365 Copilot or building Copilot Studio agents, make sure your tenant, permissions, and information architecture are ready for AI access.

Review this with an expert
01

Identity and access

  • Multi-factor authentication is enforced for all users, especially admins.
  • Conditional Access policies are documented, tested, and not dependent on legacy exceptions.
  • Privileged accounts are separated from daily-use accounts.
  • Guest access is reviewed and stale external users are removed.
02

Data and permissions

  • Sensitive files are not broadly shared with “Everyone” or unmanaged external users.
  • SharePoint sites have owners who understand what content lives there.
  • Old projects, former employee folders, and legacy shared drives are identified before AI rollout.
  • Permission inheritance is reviewed on high-value libraries and sensitive workspaces.
03

SharePoint and Teams hygiene

  • Teams and SharePoint sites follow naming conventions your staff can understand.
  • Duplicate, abandoned, or ownerless Teams are cleaned up or archived.
  • Important documents use metadata, folders, or site structure that supports search.
  • Internal knowledge content is current enough to be trusted by an AI assistant.
04

Security and compliance

  • Defender alerts, risky sign-ins, and audit logging are reviewed before expanding AI access.
  • Sensitivity labels or data classification policies are considered for regulated content.
  • Retention policies are documented for email, Teams, SharePoint, and OneDrive.
  • Leadership understands what Copilot can surface based on existing user permissions.
05

Adoption and governance

  • You have a small pilot group with specific use cases, not a company-wide “try AI” rollout.
  • Staff know what data should not be pasted into prompts or agent instructions.
  • There is an owner for reviewing agent behavior, content sources, and workflow changes.
  • Success is measured by concrete time saved, fewer handoffs, or faster response cycles.
// Next step

Want this reviewed against your actual tenant?

We can turn this checklist into a focused readiness review with prioritized findings, practical fixes, and a clear recommendation on whether to start with Copilot, Copilot Studio, or Power Automate.

Book a Consultation