Book now
mtech labs ai
Eastbourne · UK
/ AI Consultancy / Copilot readiness

Know what Copilot will actually see before you turn it on.

A two-week, fixed-fee audit of your Microsoft 365 tenancy against the reality of an LLM with search permissions. Ends with a clear go / no-go and a fix list.

Book a readiness reviewBack to AI Consultancy
01/ What's involved

Four domains, two weeks.

A serious Copilot readiness review covers four things. We work through them in parallel, with a go / no-go recommendation and a remediation plan at the end.

Domain · 01

Microsoft 365 adoption

Who's actually using what — SharePoint, Teams, OneDrive, Copilot licences already provisioned — and where Copilot earns its keep fastest. Departmental prioritisation so the rollout lands with the teams that benefit, not the ones that shout loudest.
Domain · 02

Security posture

Identity, MFA coverage, Conditional Access, privileged roles, tenant hardening. Plus an adversarial prompt-test against a controlled instance — what a curious employee could actually extract today, not in theory.
Domain · 03

Technical readiness

Licensing, tenancy prerequisites, search index health and language-model settings. The mechanical checks that stop a deployment stalling on something avoidable in week two.
Domain · 04

Data governance

Sensitivity labels, DLP, retention, oversharing and "anyone with link" sprawl. Sample classification review to confirm the label taxonomy actually matches the content in flight.

Plus a written go / no-go recommendation — deploy now, deploy with mitigations, or hold — sized for your exec team to make a call, not a briefing to schedule another workshop.

02/ What you get

Deliverables, not just a verbal readout.

  1. Risk register with severity

    Every finding scored by likelihood and impact, with a named owner and a suggested remediation path.

  2. Prioritised remediation roadmap

    What to fix in week one, what to fix before rollout, and what can be addressed as ongoing hygiene.

  3. Exec-level readout

    A short, board-ready deck translating the technical findings into business risk and investment asks.

  4. Technical evidence pack

    The raw scan output, permission maps and screenshots — so your IT team can act without re-discovering the work.

03/ The other half of the answer

The two products that make Copilot defensible.

A readiness review is about Copilot — but Copilot isn't the tool most tenants are actually worried about. Staff pasting documents into ChatGPT, Claude or Gemini is.

Purview handles what the data is — labels, DLP, retention. Defender for Cloud Apps handles where it's allowed to go — which AI apps staff are using, which OAuth consents have been granted, and whether a sensitivity-labelled document can be pasted into ChatGPT at the session layer. Neither closes the loop on its own.

The readiness review picks up both planes. When the findings include shadow AI or unaudited tenant consents — they usually do — the fix path runs through the AI security perimeter programme, not the data-governance sprint alone.

04/ Typical findings

What we usually surface.

No tenancy is clean. The question is whether the mess is the kind Copilot will quietly amplify.

  • Sensitive HR and finance folders shared "org-wide" from years ago.
  • Board papers in a SharePoint site with inherited guest access.
  • "Anyone with the link" sharing set as the tenant default.
  • Standing Global Admin rights on a dozen accounts that don't need them.
  • OneDrives of former employees still licensed and indexed.
  • Contract libraries with lawyer commentary that shouldn't be summarised.
/ Backed by

Delivered by M-Tech Labs with the compliance and security discipline of M-Tech Systems — Cyber Essentials certified, aligned to NCSC CAF 4.0 and progressing through the Assurix trustmark programme. Code is continuously scanned for quality and security with Aikido, and hosted software runs on our own Nutanix / Fortinet platform — continuously pen-tested, current-version, UK-based. See secure development for the full picture.

Back to AI Consultancy
/ Start a conversation

Book a Copilot readiness review.

Two weeks, fixed fee, clear answers. If you're within a month of flipping the switch, this is the pre-flight check.

Book a readiness reviewAsk a scoping question