ORB Access Checklist (Client-Friendly)
Goal: enable fast assessment with read-only access where possible.
Identity & Admin
- Tenant admin contact / role list (who is global admin)
- MFA/2FA status overview (admin + users)
- SSO status (if used)
- List of shared accounts (if any)
Email & Collaboration
- Email security configuration overview (phishing/spam settings)
- DMARC/SPF/DKIM status (if known)
- External sharing settings (Drive/SharePoint)
Endpoints
- Device inventory report (or best available)
- Patch/update posture report (or best available)
- Disk encryption status (BitLocker/FileVault)
Backups & Restore
- Backup solution name + admin access (read-only acceptable)
- Backup coverage overview (what systems are backed up)
- Retention settings
- Last restore test date (if any)
Ops & Vendors
- Vendor list (MSP, backup vendor, IT support, key SaaS)
- Critical workflows list (top 5 things that must work)
- Current “runbook” docs (if any)
How to share access safely
- Prefer temporary admin delegation or a dedicated audit account
- Use a password manager for sharing credentials (avoid email/text)
- Revoke access after delivery