The “Tenant Configuration Alignment Report” allows you to compare your tenant’s configurations against the CIS M365 Foundations 5.0.0, displaying the security state of your configurations and identifying those that deviate from baseline standards.
This report helps you to:
- Monitor newly introduced CIS controls (“Recommended from baseline”) that require evaluation or enforcement
- Maintain an overview of configuration drift (“Unaccepted deviations”)
- View accepted deviations
You can reach this report
- By clicking on the “Go to Summary” button in the “Tenant configuration alignment” widget in the Security dashboard.
- By clicking “Reports” > “Tenant Configuration” > “Tenant configuration alignment” in the left menu.
Update frequency
The report updates with every scheduled, manual, or automatic sync.
What's included in the report
Data include:
- Configuration name: technical name of the configuration
- Configuration type: simplified category/type
- Description: configuration description
-
Status:
- Aligned: the configuration exists in your tenant and matches the recommended baseline value.
- Unaccepted deviation: the configuration exists in your tenant, but its value conflicts with the baseline.
- Accepted deviation: the configuration exists in your tenant with a conflicting value, but you have approved this difference.
- Recommended from baseline: the configuration is recommended by the baseline but is not currently present in your tenant.
Perform actions on reports
The report, which is read only, allows for
- Filtering, for example, displaying only accepted deviations or configurations that are recommended from the baseline.
- Scheduling email alerts (via the actions button) for real-time notifications when configurations are marked as unaccepted or when recommended controls from the baseline are detected but not enforced.
