JGS
Independent Referee • Microsoft 365
Book a quick callBook call
MICROSOFT 365 EVIDENCE • INSURANCE • CLIENT REVIEWS

When someone asks “can you prove it?”,
hand them clear evidence from Microsoft 365.

We take a read-only snapshot of your Microsoft 365 (your business email, Teams, and files). Then we map what we find to multiple compliance standards and package it into an Evidence Binder and Evidence Index you can hand to insurers, clients, auditors, or leadership—without scrambling for screenshots.

New here? Microsoft 365 is the cloud suite behind your email, calendars, Teams chat/meetings, and shared files.

Scope agreedRead‑onlyReady to hand over
BOOK A QUICK CALL
What you receive
Evidence BinderA simple, shareable binder mapped to compliance standards a reviewer can read
Evidence IndexLinks every outcome back to evidence
Governance WorklistItems marked “Evidence Required” or “Attestation Required” with what to show
Optional Evidence PackRaw exports delivered to a named custodian (optional)
Why it holds up
ScopeDeclared and locked before collection starts
Read‑onlyEvidence exported directly from the Microsoft 365 tenant
No partial truthIf required evidence is blocked, you get a Deliverability Blocker Report — not a compromised binder

Snapshot evidence package. Not penetration testing. Not vulnerability scanning. Not a certification or guarantee.

JGS Overview
90S OVERVIEW
90-second tour of PROVE · SECURE · ASSURE and the Digital Binder.
Digital Binder preview
Binder preview
easy to read • ready to share
Digital Binder preview
60S CLIP
Evidence Trace
clear answers • evidence attached
We look at
Accounts & accessEmail protectionFiles & sharingData managementDevices (if in scope)Audit logsTeams & collaborationApplication permissions

Three steps (measure → fix → keep current)

First we measure and package the evidence. Then (if you want) we fix issues. Then we keep your evidence current over time.

PROVE
Snapshot evidence binder

We export evidence (read-only), map it to compliance standards, and package it into a binder you can hand to a reviewer.

  • Scope agreed up front
  • Evidence Binder + Evidence Index (easy to share)
  • Governance Worklist (policy/process items)
Details →
SECURE
Short, fixed-scope fix sprint

If you want fixes, we make only the changes you approve, document them, and validate the new state.

  • Fixed scope (not open-ended helpdesk)
  • Changes only where needed
  • Re-run PROVE to show new evidence
Details →
ASSURE
Keep it current

We re-run PROVE on a schedule and keep your binder up to date. Fixes are separate (SECURE).

  • Scheduled refresh runs
  • What changed since last time
  • Executive-ready check-ins
Details →

When this helps most

These are the moments when having receipts matters.

Renewal window
30–120 days out

An insurer asks for proof. You need something you can hand over quickly.

Cyber insurance proof →
Client questionnaires
Due diligence

Stop rewriting the same answers. Reuse the same evidence packet.

Questionnaire-ready →
MSP transitions
Independent baseline

Get an independent baseline before or after an MSP change.

For MSPs →

Pricing

Launch pricing applies to the first 10 clients or until 2026‑03‑31 (whichever comes first). ASSURE is governance-only (no helpdesk). Fix work is separate (SECURE).

PROVE Snapshot
One-time evidence binder

Evidence Binder + Evidence Index + Governance Worklist. Optional Evidence Pack available.

Launch: $995 (≤25 users)$1,495 (26–100)$1,995 (101–250)
See PROVE Snapshot
SECURE Sprint
Fixed-scope fixes

Short sprint to fix specific items from PROVE. Changes are logged and validated.

Launch: from $3,500
See SECURE Sprint
ASSURE Governance
Keep evidence current (governance-only)

Quarterly PROVE refresh + governance check-ins so you always have current evidence.

Launch: $995/mo (≤25 users)$1,495/mo (26–100)$1,995/mo (101–250)
See ASSURE Governance
Launch window: first 10 paying clients or through 2026‑03‑31. ASSURE requires a recent PROVE baseline. Discounts (if any) require a trade: annual prepay or permission for an anonymized, redacted testimonial.

What you get

You get a clean, shareable set of files a reviewer can read and verify.

Digital Binder
Digital Binder

A clear binder (PDF-style) with results and links back to the evidence.

  • Scope declared and agreed up front
  • Clear outcomes (Compliant / Non‑Compliant / Evidence Required / Attestation Required / Capability Gap / Out of Scope)
  • Evidence Index references (where the receipts are)
Evidence Pack
Optional Evidence Pack

Optional add-on. Raw exports delivered to a named custodian, with an Evidence Index.

  • Delivered only to a named custodian
  • Integrity checks (so it’s tamper-evident)
  • Simple retention guidance
Governance worklist
Governance Worklist

Used when a reviewer will expect policy/process proof. These are marked “Evidence Required” or “Attestation Required.” Each item tells you exactly what to show.

  • Who owns it + what to provide
  • What counts as “done”
  • Stays open until verified
Want to see an example?
Request a redacted sample (no client names, no tenant identifiers).
Request sample excerpt
Want the 60-second version?
Check access → Export evidence → Build the binder.

Quick previews

Short clips that show what the binder looks like and how PROVE works.

JGS Overview
90S OVERVIEW
Digital Binder preview
60S CLIP
PROVE in action
60S CLIP

How it works

We follow a simple, repeatable process. We agree on scope, export evidence, and package it. If evidence is blocked, we stop and document the blocker.

01
Quick preflight

We confirm access and scope before we start. No surprises.

02
Export evidence (read-only)

We export evidence from Microsoft 365 and record where it came from.

03
Build the binder

We mark each item clearly: Compliant, Non‑Compliant, Evidence Required, Attestation Required, Capability Gap, or Out of Scope, then package everything.

No guessing.

If we cannot collect required evidence, we stop and deliver a Blocker Report that explains what is missing and what to do next. We do not ship a binder built on gaps.

Fail-closedNo partial truth
Governance worklist

Book a quick call

On a short call we confirm fit (PROVE, SECURE, or ASSURE), confirm access prerequisites, and confirm your deadline (renewal, questionnaire, onboarding). If it’s a match, we schedule the run.

Book
Quick call
Email
support@cloudjgs.com
Office
(619) 202-1105
What we cover on the call
  • Confirm which package fits (PROVE, SECURE, or ASSURE).
  • Lock scope: what we are checking and what we are not.
  • Confirm prerequisites: access level and any constraints.
  • Schedule the run window and send preflight steps.
Book the quick callEmail support
Calendar-led by default. If you email, include your firm name and Microsoft 365 tenant primary domain; we respond within one business day.·More contact options →
FAQ

Common questions

Plain-English answers.

What is PROVE?
PROVE is a defensible governance evidence system for Microsoft 365. It collects objective evidence, maps it to controls across multiple compliance standards, and packages deterministic outcomes in a reviewer-friendly Evidence Binder.
Is PROVE a penetration test or a “hack test”?
No. PROVE is a read-only snapshot of your Microsoft 365 settings and logs, packaged into an Evidence Binder you can hand to a reviewer. If you need penetration testing or vulnerability scanning, do that separately.
What access do you need?
Read-only admin access, just enough to export evidence. If in-scope evidence cannot be collected, those items are Evidence Unavailable and PROVE stops with a Deliverability Blocker Report instead of guessing.
Do you change anything during PROVE?
No. PROVE is “show me.” If you want fixes, that is SECURE (a separate, approved change sprint).
What does "Evidence Required" or "Attestation Required" mean?
Some controls need human-provided documentation (a policy, procedure, or export) or a signed client statement to complete the governance determination. These are flagged as Evidence Required or Attestation Required — they are governance by design, not a tool failure. We give a short checklist of what a reviewer will expect.
Is this a certification or an audit?
No. PROVE provides point-in-time evidence and governance determinations. It is not a certification, legal attestation, or guarantee of outcomes. Auditors apply independent judgment. We organize evidence so your insurer, client, auditor, or counsel can review it faster.
We already have dashboards (Secure Score, etc.). Why PROVE?
Dashboards help you manage work. Reviewers need something they can read and verify. PROVE produces a portable Evidence Binder and Evidence Index that holds up outside your tenant — with integrity artifacts so it is tamper-evident.