Skip to main content
Free readiness scan

See your ISO 27001 gap in 5 minutes.

Connect your M365 tenant and get a gap report showing which controls you already cover and where to start. Free, read-only, no data stored.

New to Certaria? Read how it works, compare pricing, or see who built it.

Read-only access
No data stored
Run Your Free Scan See what we access
Certaria Readiness Scan
Complete
ISO 27001 Annex A coverage
A.5 Organisational Controls 8/12
A.6 People Controls 3/8
A.7 Physical Controls 2/8
A.8 Technological Controls 15/25
28
controls evidenced
53
in scope
53%
coverage

Example scan result. Your numbers depend on your M365 configuration.

How it works

Three steps. Five minutes.

No installation, no agent software, no configuration changes. Just a read-only check of your existing M365 setup.

01

Connect your M365 tenant

2 minutes

Sign in with your Microsoft admin account. We request three read-only Graph API scopes. Nothing more.

02

Certaria reads your configuration

3 minutes

The scan checks your Secure Score, Intune device management, and directory audit settings against ISO 27001 Annex A controls.

03

Get your gap report

Instant

See which controls you already cover, which need work, and where to start. Your report stays in your browser. We don't store it.

Transparency

Here's exactly what we access, and what we don't.

Four read-only Graph API scopes. No write access. No data stored on our servers. The scan runs in your browser.

SecurityEvents.Read.All

Microsoft Secure Score

Reads your tenant's Secure Score and the recommendations behind it. Doesn't change any security configuration.

DeviceManagementManagedDevices.Read.All

Intune device management

Reads the compliance state of every device enrolled in Intune. Doesn't change any device settings or push configuration.

AuditLog.Read.All

Directory audit logs

Checks that directory audit events are flowing in your tenant. Doesn't read individual audit entries or store audit content.

What we never access

Email content
Document content
Chat messages
User passwords
File contents
Personal data

Run your scan now.

Sign in with your Microsoft admin account, approve three read-only permissions, and get your ISO 27001 gap report in minutes. No data is stored.

Run Your Free Scan

The scan runs in your browser. See our privacy policy.

Sign in with your Microsoft admin account (2 minutes) → receive your gap report (3 minutes) → decide if Certaria is right for you (your pace, no pressure). The Certaria AI agent will guide you through next steps in Microsoft Teams.