Recurring deliverable · Adeo Pulse First business day, every month

The monthly governance document the leadership desk has never had.

On the leadership desk by the first business day of each month: one verdict, scored across five domains — service delivery, commercial discipline, roadmap and governance, security and compliance, and AI adoption and posture. Each one cross-walked to ACSC Essential Eight, ISO 27001, NIST CSF 2.0 and the control set your insurer will hold you to at renewal.

A qualified principal reads every issue and signs it, and stands behind every finding. Pulse measures what your MSP delivers. It does not replace the MSP, and it never touches production. What it gives leadership is an independent monthly record they can table at a board meeting, hand to an insurer, or put in front of a regulator without commissioning a fresh assessment each time.

Start a conversation →

Two ways to subscribe

Essential

Standalone monthly Pulse for smaller organisations. The five-domain scorecard, MSP forward email, glossary, methodology and human sign-off. Also the bundled deliverable on the Lite and Foundation advisory retainers.

Premium

For larger organisations and groups. The full issue with technical appendix and roadmap delta, all integrations, and a quarterly thirty-minute review.

Cadence: Monthly · first business day
Fee: Fixed-fee · set in the written proposal
Setup: One-off · waived on Foundation tier and above

Larger organisations, groups, or those with bespoke insurer cross-walks are scoped on request. The fixed fee is confirmed in the written proposal, with no surprises.

Specimen issue · April 2029

An issue, read end to end.

The full issue as leadership would receive it. Warburton & Field LLP, its MSP and the renewing insurer are invented for this specimen — every name, score, evidence reference, date and figure is synthetic — written to show the document's shape, not any one client's result. A live issue is prepared from authenticated reads against your own tenancy.

Issue 07 · April 2029 · Warburton & Field LLP Commercial in Confidence p. 01 / 06

The April verdict

Insurer-ready — with conditions.

Against the renewing cyber insurer's control set, at the January 2030 renewal.

Overall posture · Amber · ↓ 1

Executive line

April's signal is licence over-assignment in M365 and a slipped restore-test cycle; the latter is the single open item the insurer is most likely to surcharge at renewal. Roadmap remains ahead of original commitment, and identity hardening reached 100% MFA on human accounts in the period.

Five-domain score

Service delivery	86	↑ 1
Commercial	71	↓ 3
Roadmap & governance	82	↑ 3
Security & compliance	78	↓ 3
AI adoption & posture	74	↑ 2

Three for your attention

01. Backup restore-test evidence is 118 days overdue. The renewing insurer expects quarterly evidence. If unactioned at the January renewal, the policy is likely to issue with a 7–15% premium loading against the relevant control — A$3,150 to A$6,750 across the year on the current premium. Owner: MSP.
02. Fourteen Microsoft 365 E3 seats are unused — absent from sign-in logs for more than ninety days. About A$630 per month recoverable, A$7,560 across the year. Ownership sits with leadership; the cleanest commercial decision available this quarter.
03. Two privileged service accounts remain without MFA — both predate 2027. Insurer §3.1 is a control failure if persistent at renewal. Either retire the accounts or enforce certificate-based authentication. Owner: shared between Adeo and the MSP.

This month's wins

MFA coverage reached one hundred per cent of human accounts — the last legacy human identity was retired on 17 April.
Patch compliance moved from ninety-one to ninety-six per cent across the estate.
Eight of fourteen Baseline Audit roadmap items are now closed; full closure is forecast for August 2029, fifteen weeks ahead of original commitment.

Signed off — Adeo, 2 May 2029. Principal · Adeo Partners Pty Ltd. Adeo Partners Pty Ltd · ABN 50 698 595 523

Adeo Pulse · April 2029 Page one · Executive scorecard

Issue 07 · April 2029 · Warburton & Field LLP Technical appendix p. 02 / 06

Finding 01 of 03

Severity highWorsened from amber to red118 days overdue

Backup restore-test evidence is overdue.

Each finding carries evidence, framework cross-walk, ownership and a costed impact.

Evidence

Veeam orchestrated job log records the last successful witnessed restore at 2029-01-04 21:14 ACDT; the subsequent quarterly cycle has not been scheduled. Evidence reference WF-BKP-Q1-2029-RST.

Plain-English impact

Without witnessed restore evidence in the period, the insurer's quarterly evidence requirement is not satisfied. At renewal in January 2030 the policy is likely to issue with conditions or a surcharge against control §4.3.2.

Ownership

MSP for execution. Adeo for evidence capture into Issue 08.

Remediation

Schedule a restore test for the week commencing 12 May. Witness the session with a recorded artefact; lodge the artefact reference into Adeo's evidence vault for inclusion in Issue 08.

Cost of inaction

The insurer's current loading guidance is 7–15% premium loading for non-compliance with restore evidence — A$3,150 to A$6,750 across the year on the current premium. Adeo does not underwrite or bind insurance; the figures are indicative and for your broker to confirm.

Month-on-month

Worsened from amber (Issue 06) to red (Issue 07). The restore window is now twenty-eight days past the insurer's ninety-day expectation.

Framework cross-walk

ACSC Essential Eight: ML2 — Regular backups; restoration testing required.
ISO 27001:2022: A.5.30 — ICT readiness for business continuity. A.8.13 — Information backup.
NIST CSF 2.0: RC.RP-04 (Recovery plan execution) and PR.DS-11 (Backups maintained).
Insurance policy: §4.3.2 — quarterly witnessed restore validation.

Findings 02 (M365 E3 over-assignment) and 03 (privileged service-account MFA) follow this same evidence pattern in the full issue.

Adeo Pulse · April 2029 Page 2 of 6 · Technical appendix

Issue 07 · April 2029 · Warburton & Field LLP Forward without edit p. 03 / 06

For your MSP

A pre-written email to your account manager.

Your monthly job becomes hit forward.

To: account-manager@msp.example
Cc: Adeo
From: James Warburton, Managing Partner
Subject: Pulse 07 — three items flagged for action by 9 May

Hi [account manager],

Adeo's monthly Pulse for Warburton & Field, April 2029, has flagged three items where action is requested from your side. Evidence references in the attached PDF; brief summaries below.

Backup restore-test evidence overdue. The last witnessed restore was 4 January. The renewing cyber insurer expects quarterly evidence and we are now 118 days past the last test. Can you schedule a restore test for the week commencing 12 May, with a witnessed session captured for inclusion in next month's Pulse? Evidence reference WF-BKP-Q1-2029-RST.
Two privileged accounts without MFA. Service accounts svc-app-warburton and svc-mgmt-warburton — both long-standing legacy. Can either be retired, or MFA enforced via certificate-based authentication, by 23 May? Evidence reference WF-IDM-PRIV-2029-04.
External sharing up 31% in the period. Recognised as the matter-management rollout. Can you forward the SharePoint external-sharing log so Pulse can confirm the increase is bounded to the rollout and not unrelated drift? Evidence reference WF-SP-EXT-2029-04.

A response by 9 May would help close these items in next month's Pulse. Happy to discuss any of these on a fifteen-minute call.

Thanks,
James — Warburton & Field LLP
cc'd: Adeo — oversight

Written to be pasted into Outlook word for word. Adeo does not send it — the relationship with your MSP stays direct, and Adeo is cc'd so the response is captured into next month's Pulse.

Adeo Pulse · April 2029 Page 3 of 6 · For your MSP

Issue 07 · April 2029 · Warburton & Field LLP Roadmap delta p. 04 / 06

Baseline Audit roadmap

57% closed at six months in.

Delivered 1 November 2028. Forecast full closure 30 August 2029 — fifteen weeks ahead of the original December 2029 commitment.

Total items

Closed

In progress

Open

Closed on or ahead of target

Conditional access ruleset hardening14 Apr
Entra sign-in log export automation22 Apr
Defender for Endpoint estate coverage09 Apr
Guest account quarterly review03 Mar
SafeLinks & SafeAttachments enforcement27 Feb
Privileged Identity Management rollout11 Feb
HIBP credential monitoring on-domain22 Jan
Documentation currency audit14 Jan

In progress checkpoint dates set

Windows 11 migration · six endpoints remainingTgt 20 May
Backup immutability enforcementTgt 30 May
Matter-management external sharing reviewTgt 23 May
Insurer control crosswalk · 2030 cycleTgt 30 Jun

Open both surfaced as findings on page 1

Privileged service-account MFA enforcement87 d open
Disaster-recovery tabletop exercise118 d open

Adeo Pulse · April 2029 Page 4 of 6 · Roadmap delta

Issue 07 · April 2029 · Warburton & Field LLP Glossary p. 05 / 06

Plain English

For when this document is forwarded.

This issue gets forwarded — to the CFO, the board, the insurer. This page is here so the language in it holds up wherever it lands.

MFA coverage: The percentage of accounts with multi-factor authentication enforced. Insurer expectation: 100% of privileged identities; 95% or higher across all human accounts. Pulse counts enforced, not registered, because a registered-but-not-enforced control fails at audit.
Conditional Access drift: When the rules controlling who can sign in — from where, on what device — change without a documented approval. Drift is a governance risk: a rule that opens up access without leadership knowing is the rule that breaks at the wrong moment.
Immutable backup: A backup that cannot be deleted or altered for a defined retention period, even by an administrator. The defence against ransomware that encrypts the backups along with the production data.
Restore-test evidence: Witnessed proof that backups can actually be restored within the agreed window. A backup that has not been tested is not a backup — it is an assertion. Insurers know this; they require quarterly evidence.
Insurer §: The specific clause in your cyber-insurance policy that maps to a Pulse finding. Cited so a claim is not refused on a technicality at the moment you need to make it.
Pulse delta: The month-on-month change in posture. Resolved means closed since last issue; New red means newly flagged this month; Worsened means the score moved down vs. the prior period.

Adeo Pulse · April 2029 Page 5 of 6 · Glossary

Issue 07 · April 2029 · Warburton & Field LLP Methodology & sign-off p. 06 / 06

Methodology

How this document is made.

Data collection

Authenticated APIs to your own systems only — Microsoft Graph, Intune, Defender, Veeam ORC, Exchange Online, and passive OSINT (Shodan, Have I Been Pwned). No third-party agents on your endpoints. No outbound telemetry. Evidence is held on encrypted, access-controlled infrastructure located in Australia, isolated from Adeo's development environment, with per-client separation enforced.

Review & sign-off

Every Pulse issue is read front to back by a qualified principal before release and signed off in their name. The executive line on page 1 is written by hand; the MSP forward email on page 3 is written to be pasted and sent verbatim. A qualified principal stands behind every finding.

Cadence & archive

First business day of each month, 06:00 ACST. Every issue is kept as a durable, secure record your board or insurer can draw on — past issues, trend lines, findings and MSP forward emails all retained, so the evidence travels cleanly without you maintaining the archive.

Signed off, Adeo

2 May 2029

Principal

Adeo Partners Pty Ltd

ABN 50 698 595 523

Issue 07 of an ongoing monthly series prepared for Warburton & Field LLP. Commercial in Confidence.

Adeo Pulse · April 2029 Page 6 of 6 · End of issue

Service delivery

Is your MSP actually delivering?

SLA compliance against contracted P1/P2/P3 terms; ticket reopen rate; MTTR for P1 incidents; recurring-issue clusters; cross-check of your MSP's own monthly report. If the MSP refuses ticket visibility, Pulse surfaces that refusal as a finding in its own right.

Commercial & licensing

Is your spend efficient?

M365 / Entra licence utilisation — unused seats, wrong-tier assignments. Invoice accuracy review against contract and consumption. Contract drift watch. Quarterly third-party markup sanity-check against market baselines. Cost-of-inaction annotated on every commercial finding.

Roadmap & governance

Is the work agreed actually getting done?

Baseline Audit roadmap closure rate by item, age and owner. Change-register hygiene. Documentation currency — can your operation survive an MSP turnover. Progression against the quarterly commitments your MSP made.

Security & compliance

Are the controls your insurer expects in place, every month?

Identity (MFA, privileged role count, Conditional Access drift, guests). Endpoints (Intune/Defender enrolment, patch compliance, EDR). Email (Safe Links, sharing, anomalous mail rules). Backups (last success, restore-test, immutability). External exposure, breached credentials, lookalike domains. Cyber-insurance control-set crosswalk.

AI adoption & posture

Is the AI your team is using defensible to your regulator and your insurer?

AI tool inventory across the firm — sanctioned tooling, shadow usage, and the AI features embedded inside the software your team already pays for. Sector-aligned to AHPRA principles (healthcare), state Law Society guidance (legal), and APES 110 plus ATO modernisation expectations (accounting). Surfaces approval-workflow gaps, supervision-SOP absences, and renewal-questionnaire weak points.

Pulse is monthly oversight, not continuous monitoring. Real-time alerting and operational response stay with the MSP; Pulse measures whether the outcome held.

Does Pulse replace our MSP?

No. Pulse measures what your MSP delivers across five domains and hands you board-defensible evidence each month. Real-time alerting and operational response stay with the MSP; Adeo never touches production systems. In most engagements the MSP stays exactly where it is — the monthly scorecard makes the relationship more accountable, not adversarial, because both sides are working from the same independent read.

How is Pulse priced?

Pulse comes in two forms — Essential for smaller organisations and Premium for larger ones — scoped to your organisation. Larger organisations, groups, or those needing a bespoke insurer cross-walk are scoped on request. The fixed monthly fee is set in the written proposal, with no surprises.

Do we need a baseline audit before starting Pulse?

With an MSP and a baseline assessment already in place, Pulse is usually a same-month start. Where a baseline is missing, Adeo will say so and recommend the narrower engagement first rather than score you against a position no one has established. That is the honest sequence, and it costs less than starting in the wrong place.

Next step

A thirty-minute conversation, before any commitment.

No cost, no obligation, no sales script — a half-hour read on whether Pulse fits your situation, and an honest answer if it does not. With an MSP and a baseline assessment already in place, Pulse is usually a same-month start. Where the baseline is missing, Adeo will say so and point you at the narrower engagement first.

Send your most recent MSP monthly report and your current cyber-insurance renewal questionnaire with the first email, and the first reply will already have something to say. A reply follows within one business day.