baref00t.io

// compliance / cism365

CIS Microsoft 365 Benchmark Assessment

Global

CIS Benchmark | Global

Assess your Microsoft 365 tenant against the CIS Benchmark — the industry-standard security configuration guide recognised by auditors worldwide.

One-off
$349

Single report, no commitment.

Monthly
$179/month

Continuous monitoring — fresh report every 30 days.

Available in AUD, USD, GBP, EUR, SGD. MSP partners get volume discounts via the partner programme.

What it scores

CISM1

7 domains

Identity, Apps, Data, Email, Auditing, Storage, Teams

CISM2

CIS Level 1 and Level 2 controls scored separately

CISM3

Conditional Access, MFA, and authentication method analysis

CISM4

SharePoint sharing and Teams guest access review

CISM5

Application consent and OAuth permission audit

CISM6

Prioritised remediation with CIS control references

Microsoft APIs

  • Microsoft Graph (universal scopes, read-only across the tenant)
  • Azure REST (when the product reads Azure subscription posture)
  • Defender + Intune APIs where applicable

Customer prerequisites

  • Microsoft 365 tenant with admin-consent capability
  • Global Reader or equivalent for the consenting admin
  • No agent installs, no infrastructure changes required
  • Report delivered by email within 10 minutes of consent

Other Compliance

e8
Essential Eight ML1, ML2 & ML3 Assessment

Assess your compliance with the ACSC Essential Eight Maturity Model. Mandatory for Australian Government entities under

mcsb
Cloud Security Benchmark v2 Assessment

Assess your Azure and Microsoft 365 environment against the Microsoft Cloud Security Benchmark v2 — 14 control domains c

cps234
CPS 234 Information Security Assessment

Automated and governance-hybrid assessment against APRA's CPS 234 standard. Built for banks, insurers, and super funds t

See all Compliance Assessments