Our work

Context

Management wanted to meet the GDPR and Qualiopi requirements of their European clients while overhauling an IT system inherited from a previous provider. No centralised inventory, no MFA, no unified antivirus, default firewall rules. The need was not a cosmetic audit. It was an operational roadmap.

What we did

Six areas covered in two weeks, on site and remote.

• Identity and authentication management. State of accounts, admin passwords, MFA.
• Hardware inventory. Listing, naming convention, replacement cycle, spare stock.
• Windows updates. Current process, patch windows, exposed delays.
• Network security. Firewall, segmentation, fixed IPs, internal HR application.
• Endpoint security. Antivirus, USB devices, backups.
• IT processes and documentation. Onboarding and offboarding, equipment loss, IT charter.

What we delivered

An audit report with findings, risks and a costed action plan. Six prioritised work streams, security first, infrastructure next, processes in parallel. A 12-month vision, a secure, efficient, compliant and structured IT system. The client started implementation the following month, beginning with MFA and antivirus.

Context

Leadership spent their day in Teams without being able to measure what was happening. Who attended meetings, which staff were overloaded with video calls, which slots were lost. The data existed in Microsoft 365 but was scattered and invisible at the leadership level.

What we did

• Azure AD application with dedicated Microsoft Graph permissions, read-only.
• Power Automate triggering nightly collection, with email alert on failure.
• SQL database with five tables. Sessions, participants, attendance, calculated KPIs, execution logs.
• Five-page Power BI dashboard. Overview, call analysis, meeting analysis, employee view, trends.
• Manual on-demand trigger for ad-hoc refresh.

What we delivered

An interactive dashboard accessible to leadership and managers, with filters by period, by employee, by session type. Visible trends, measured delays, calculated attendance rates. The infrastructure runs on the client's Microsoft 365 tenant. No data is retained by Hexona. The client can take full ownership of the system at any time.

Context

The procedures existed but no one could find them. When a staff member needed to know how to carry out a specific task, they interrupted a colleague or a manager. Operational knowledge stayed oral, fragile, dependent on whoever happened to be in their seat. Leadership wanted an assistant accessible directly inside Teams, able to answer any operational question by drawing on the company's actual procedures.

What we did

Three workstreams in parallel. Structure the procedures, deploy the copilot, automate SOP creation.

• Full audit of existing documentation. Inventory, classification, identification of missing procedures.
• Single SOP template. Mandatory structure for every procedure, applicable across all teams.
• Documentation of missing SOPs with the operational teams, then approved by managers.
• Microsoft Copilot with indexed memory of all approved SOPs, accessible inside Teams to every staff member.
• AI agent able to draft a new SOP from a business description, strictly following the template.
• Two-step approval workflow. Only managers can approve a new SOP before it is published into the searchable knowledge base.

What we delivered

An internal copilot accessible to 300+ staff directly inside Teams. Immediate answers to operational questions, grounded in the company's approved SOPs. A library of up-to-date procedures, queryable in natural language. An SOP creation mechanism that lifts load off managers while keeping mandatory human approval. Operational knowledge becomes a shared asset rather than an individual dependency.