09 Feb Don’t Migrate Without This: The Ultimate Office 365 Migration Checklist
You don’t want to make a Microsoft Office 365 migration checklist only after something goes wrong. Most Office 365 migrations go sideways for the same reasons: rushed decisions, unclear scope, and poor communication. Microsoft 365 is usually fine. The project plan is not.
If you are a maintenance or repair provider, the impact is immediate. Your field teams need mobile access. Your service inbox cannot go dark. Your job photos, manuals, and compliance docs have to stay available, even on cutover day.
This checklist is built to help you avoid outages and missing data by treating the migration like a controlled change, rather than a late-night gamble.
Success is simple: mail works, files are where people expect, access is right, and security is baseline-solid. If that is the outcome you need, the rest of this Office 365 migration checklist gives you the steps to get there.
If you’re coming from Google Workspace, the email side has its own common traps, so it’s worth following a process built for that starting point: How to Seamlessly Migrate Emails from Google Workspace to Office 365.
Checklist A: Scope + Ownership
The goal here is to stop scope creep and eliminate “who owns this?” moments.
Start by listing exactly what is in and out.
- Email (user mailboxes and shared mailboxes)
- Calendars and contacts
- Files (file server, SharePoint, OneDrive)
- Teams, and realistic expectations for chat history in Microsoft Teams
- Devices (mobiles, shared PCs, workshop PCs)
Confirm the migration path early, because it changes the runbook and the migration method.
- Exchange to Microsoft 365
- Google to Microsoft 365
- Tenant-to-tenant (mergers, divestments, rebrands)
If you have been handed a Microsoft Office 365 migration checklist, make sure it matches your actual starting point. If you are looking for a G Suite to Office 365 migration checklist, treat it as its own runbook with its own assumptions, not a copy-paste of an Exchange plan.
Identify the business workflows that can break quietly and hurt loudly.
- For example, service@ and jobs@ shared inbox access, delegation, and permissions
- After-hours escalation and mailbox access on mobile
- Quote approvals and booking confirmations driven by inbox rules
- Integrations that send email alerts (job systems, CRMs, vendor portals)
Assign roles in writing.
- Technical owner (IT)
- Business owner (ops or maintenance)
- Comms and training owner
- Decision-maker for go or no-go
Finally, agree on outage tolerance.
- What can pause, what cannot (service desk vs admin functions)
- When the business is least exposed (avoid peak call volumes, invoicing runs, and compliance deadlines)
If you do nothing else in this section, do this: write the scope down, assign owners, and get agreement on the cutover window before anyone starts clicking buttons.
Checklist B: Pre-migration Audit + Clean-up + Backup + Comms
This is where you shorten the migration. If you want a practical migration to Office 365 checklist, this section is where most of the real risk lives.
Inventory what you have, not what you think you have.
- Mailbox sizes, shared mailboxes, delegates, groups
- Aliases, distribution lists, external forwards
- File shares: top-level structure, owner by folder, permission groups
- On-premises Exchange Server details (version, hybrid, and what is still in use)
If you are coming from Exchange, confirm who has access to the Exchange admin center and document what has been customised.
Clean up now, not during cutover week.
- Stale accounts, orphaned mailboxes, duplicate folders
- Decisions on old PSTs and legacy archives
Put a backup and rollback plan in place, and validate it.
A sensible approach is to confirm mail and file coverage, test a restore, and document what “rollback” means in plain terms. Make sure you have a tested rollback plan. Backup is the difference between a manageable issue and a long outage, especially when you need to restore mail or files fast.
Checklist C: Migration Execution
The goal here is a controlled change with checkpoints.
Pilot migration:
- Confirm mail flow works end-to-end
- Confirm mobile sign-in works for pilot users
- Confirm shared mailbox access works
- Confirm file access and permissions with real users
Email migration:
For an exchange to Office 365 migration checklist, decide upfront whether you are running a cutover migration or a staged migration, and write the runbook accordingly. The point is not the label, it is keeping the email migration controlled and predictable.
If you are migrating from on-prem Exchange using the cutover method, Microsoft’s cutover migration process provides a clear sequence.
- Pre-stage what you can, where your migration method supports it
- Verify shared mailbox permissions and delegates
- Check mail flow, aliases, and transport rules
File migration:
- Prioritise active data first, move archives later
- Validate permission mapping
- Confirm large file behaviour and sync expectations for OneDrive and SharePoint
Cutover runbook, minute-by-minute:
- What changes when (DNS, routing, final sync)
- How you handle new mail during the cutover window
- Clear go or no-go checkpoints, with rollback criteria
At the end of execution, you should be able to say one thing with confidence: the move followed a runbook, and every critical workflow was tested, not assumed.
If you’re weighing options like staged versus cutover, or planning a tenant move, it helps to step back and make sure the cloud setup fits how your business actually runs. You can use Cloud Computing Services.
Checklist D: Post-migration Verification + Hardening + Adoption
This is where you confirm integrity, secure the environment, and get people working normally again. If you want an Office 365 post migration checklist, this is it.
Verification checklist:
- Mail delivered and searchable
- Shared mailbox access confirmed
- Calendars working as expected
- Files accessible, with spot checks on permissions and key folders
Security and permissions hardening:
Email authentication is easy to miss after migration. Confirm SPF, DKIM and DMARC so mail stays trusted and deliverable, using ASD’s SPF, DKIM and DMARC for Microsoft 365 as your baseline and Microsoft’s email authentication overview to validate how Microsoft evaluates it.
Also confirm:
- MFA and conditional access coverage
- Admin roles reviewed, excess access removed
- Retention basics decided and applied, if required by your business or contracts
Confirm sign-in and access policies in Microsoft Entra ID (Azure AD) are aligned to how your field teams actually work, especially on mobile. If you want help tightening controls without breaking day-to-day access, Cyber Security Services can cover the hardening and ongoing oversight.
If passwords are already a pain point, now’s a good time to tighten things up and reduce support noise, starting with Best Password Managers in Australia: Comparison for SMBs.
User training, short and role-based:
- Field teams: mobile Outlook and Teams, saving job photos and docs correctly, offline expectations
- Office and admin: shared mailbox etiquette, Teams basics, file versioning and sharing
Stabilisation:
- Monitor for sync errors, storage spikes, unexpected forwarding rules
- Decommission legacy systems only after a defined settling period, and only after you have verified mail routing and access patterns
This last step is what turns “we migrated” into “we are stable”, and it is often where rushed projects fall down. It also sets a realistic migration timeline, because stability is a phase, not a moment.
Protect Your Business: Use the Checklist
A Microsoft 365 migration does not have to be painful. The pain usually comes from missed basics: unclear scope, no ownership, no pilot, rushed cutover, and no verification.
At TCT, we see the same patterns in maintenance and repair businesses. When a service inbox goes quiet or a technician cannot sign in on-site, the job stops and the phone starts ringing.
If you want a second set of eyes before you commit, a migration readiness check that covers scope, risk, and a cutover runbook is often the difference between a calm weekend and a messy week. If you do not have internal bandwidth, a managed migration approach is usually cheaper.
If you want this migration planned properly before anyone touches mail flow, permissions, or DNS, talk to a Microsoft Office 365 Consultant.
Frequently Asked Questions
What is included in an Office 365 migration checklist?
Planning (scope, owners, workflows, inventory, backup, comms), execution (pilot, runbook, cutover, support), and stabilisation (verification, security hardening, training, monitoring).
How long does an Office 365 migration take?
It depends on data volume and complexity. The cutover can be short, but prep, pilot testing, and file permissions validation usually take longer than people expect.
What are the risks of not using a checklist?
Outages, missing permissions, broken shared mailboxes, mail flow issues after DNS changes, lost access to business-critical files, and security gaps that create avoidable exposure.
How to handle tenant-to-tenant migrations?
Treat it as a separate project type. Confirm constraints first, plan identity and permissions carefully, test workflows before and after, and use a runbook that includes rollback criteria.