Learn

Azure Security Audit Checklist

Use this checklist to run reliable Azure posture audits across tenants and produce remediation-focused reports.

Checklist

  1. 1. Confirm tenant consent is active and token refresh works.
  2. 2. Verify required access roles: Directory Reader, Security Reader, Reader.
  3. 3. Run validation checks for Graph, Resource Graph, and subscription access.
  4. 4. Scope enabled subscriptions before first scan.
  5. 5. Execute baseline scan and capture risk score + P1 findings.
  6. 6. Review identity posture: global admins, MFA coverage, risky applications.
  7. 7. Review network and data exposure controls (public IP, NSG, storage access).
  8. 8. Publish a client-ready report with prioritized remediation actions.
  9. 9. Schedule recurring scans and configure alert cadence by plan tier.
  10. 10. Track trend improvements and unresolved critical risks month over month.

Next step

Run the full onboarding flow and apply this checklist in your first tenant workspace.

Start in portalView 5-minute workflow