No, all analysis will be done by customer IT admins, in the role of compliance manager, with  guidance from Infotechtion and Microsoft

There is no impact to end users,  except for stakeholder engagements for nominated users.

The check will be done leveraging solutions that you can find and access today in the Microsoft Compliance Center (Audit, Content Search and Activity Explorer). As such there is no separate application that needs to be run. There is a need to have or trial E5 licenses and appoint a compliance administrator or equivalent role to perform the needed steps.

To access the compliance center advanced features you need to have or trial E5 licenses and appoint a compliance administrator or equivalent role to perform the needed steps. There is nothing to install.

The data itself is only accessible by the people who have an account in your tenant and have been given the appropriate permissions by your administrators. We will ask your compliance administrator to export grouped and anonymized results which can not be led back to any specific data in your tenant. The data in your tenant will not be accessible to Infotechtion, nor to Microsoft without prior consent and actions taken by your administrators.

The results will be anonymous to Infotechtion. Beware though that the appointed IT admin, in the compliance manager role, will be able to identify content and activity of particular individuals in the organization.

The features and solutions the Microsoft Compliance center are yours. We encourage you to run reports and create snapshots over time. Please consider using those results to create and support the business case for better governance.

Your IT admin, in the compliance manager role, will be asked to to export grouped and anonymized results to be shared with Infotechtion and to be used in the deliverables of the compliance maturity scan. 

The role assignment for access will need to be given by the Global administrator of M365. Further to this you should inform the Identity Manager (AD admin), Data Protection Officer (or similar roles involving compliance or privacy).

The check itself is automated and runs in the background. We will take the IT admin through steps outlining the technical setup and performing the analysis of the outcome. This should not take more than 2 half days of effort.

We expect key stakeholders to invest a total of 8 hrs in a three week period. Generally speaking these stakeholders are found in the Compliance Office, Records Management team, Legal / Litigation team or Business change/transformation.