Take Assessment
CONFIDENTIAL March 24, 2026

IT Security Audit Report

Prepared for Acme Corp

Executive Summary

IT Health Score

38
of 100

Your organization has 12 critical issues requiring immediate attention.

Security 25/100
Compliance 45/100
Efficiency 52/100
Critical Findings
Critical

3 Ex-Employee Accounts Still Active

Former employees retain access to email, SharePoint, and OneDrive. These accounts could be used for unauthorized data access or as entry points for attackers.

Recommended Fix
  • Immediately disable all 3 accounts in Microsoft Entra ID
  • Revoke all active sessions and tokens
  • Implement automated offboarding workflow
Critical

Intune Compliance Policies Not Enforced on 40% of Devices

32 out of 80 managed devices are non-compliant. Unencrypted drives, outdated OS versions, and missing antivirus detected.

Recommended Fix
  • Enforce BitLocker encryption via Intune compliance policy
  • Set automated OS update deadlines with grace periods
  • Block non-compliant device access to corporate resources
High

No Admin Activity Monitoring Enabled

Global admin actions are not logged or alerted. Admin role changes, bulk deletions, and configuration changes go unnoticed.

Recommended Fix
  • Enable Unified Audit Logging in Microsoft 365
  • Configure alert policies for admin actions
  • Set up weekly admin activity review process
High

Public File Sharing Links Detected (47 files)

47 files in SharePoint/OneDrive are shared with "Anyone with the link" permissions. Includes financial documents, employee PII, and client contracts.

Recommended Fix
  • Audit and revoke all anonymous sharing links
  • Set default sharing to "Specific people" organization-wide
  • Enable DLP policies to flag sensitive content sharing
Medium

No Cloud Backup Solution for Microsoft 365 Data

Microsoft's native retention is not a backup. Accidental deletions, ransomware, or account compromises could result in permanent data loss.

Recommended Fix
  • Deploy third-party backup solution (Veeam, Datto, etc.)
  • Configure daily backups with 1-year retention
  • Test restore procedures quarterly
Remediation Roadmap
Week 1 Emergency Fixes

Critical Security Actions

  • Revoke 3 ex-employee accounts & active sessions
  • Enforce MFA for all users (4 remaining)
  • Revoke 47 public sharing links
  • Enable unified audit logging
Week 2 Policy Enforcement

Intune & Compliance Hardening

  • Deploy BitLocker enforcement to all 32 non-compliant devices
  • Configure OS update compliance policies
  • Set default sharing to "Specific people"
  • Enable Data Loss Prevention (DLP) policies
Week 3–4 Monitoring & Automation

Ongoing Security Operations

  • Deploy cloud backup solution for all M365 data
  • Configure suspicious sign-in alerts
  • Set up automated access review workflows
  • Begin CIS Benchmark alignment assessment
  • Schedule first security awareness training session
Ready to Fix This?

Self-Service Guide

Free

Step-by-step remediation guide based on your audit findings. Implement the fixes yourself.

Start Assessment →
Recommended

Full Stack Fix by StackFix

$2,000

We implement all fixes, configure policies, and provide 30 days of post-fix monitoring.

Book a Call →