A 12-month operating record from a real Evisent client — a mid-sized accounting practice with an affiliated financial advisory arm under an external AFSL. 117 tickets — all resolved — an always-on security stack across 23 endpoints, 1,176 vulnerabilities tracked, 125 patch cycles deployed, 4 Quarterly Business Reviews, and a sustained licensee compliance program for the financial advisory practice. This is what shows up when the helpdesk queue is quiet — and what the per-user managed services fee actually funds.
117 tickets across 12 months sounds light for a 12-person firm — and that's the point. The ticket count is a function of what doesn't get raised: endpoints that don't get compromised, patches that don't get missed, identities that don't get phished, mail rules that don't sneak in. Every ticket raised in FY26 has been resolved. At the moment the annual report was cut, 116 had closed and 1 remained in progress (since closed). We don't carry tickets. The four cards below cover what landed in the queue. The two sections after that cover what didn't.
The mix you'd expect from a well-run small practice. The biggest single bucket is incident response. Only one ticket all year originated from a user-raised vulnerability — the rest of the vulnerability surface is handled in the always-on stack, below. Every ticket raised in FY26 has resolved.
Provisioning of accounts, devices, M365 licences and security policies — and the reverse on the way out. Identity, access and data don't drift in a firm running this process. No abandoned accounts. No unprovisioned starters waiting on access.
Windows and third-party application updates deployed, monitored and reported across all 23 endpoints, on a defined schedule. Current state at year-end: zero missing critical updates, zero missing standard updates on sampled endpoints.
Continuous vulnerability scanning across the endpoint fleet. One critical CVE (CVE-2025-55182, React Server Components) was escalated via the licensee in 2025 and remediated as a tracked piece of work — most of the rest landed in the weekly automated patch run. The absence of incidents is the system working.
The per-user managed services fee funds an integrated security and operations stack that runs continuously across every device and user account — not just helpdesk response. At $181.50/user/month ex GST, that works out to roughly $6 per user per day for round-the-clock coverage. The eight components below are active 24/7 whether or not a ticket is raised.
24/7 threat detection on every endpoint, backed by a Security Operations Centre that triages, contains and remediates incidents on Evisent's behalf. Active threat hunting — not passive AV signatures.
Zero-trust application execution policy. Only approved software runs; ransomware, droppers and living-off-the-land attacks are blocked by default rather than detected after the fact. Approval requests are reviewed and actioned by Evisent.
OS and third-party application updates deployed, monitored and reported across all devices on a defined schedule. Closes the vulnerability window that drives most breach activity.
Outbound DNS filtering blocks access to malicious, phishing and command-and-control domains before a connection is established.
Ongoing tuning of conditional access, device compliance, sign-in risk policies, mailbox rule review, sharing and retention policies, and tenant hardening. This is where most of the invisible admin time lands.
Continuous scanning across monitored endpoints with automated weekly patch deployment. Vulnerability surface actively managed even when no ticket is raised.
Daily monitoring of Microsoft 365 and endpoint backups, with alerting on failures.
Microsoft Defender for Office 365 active across protected mailboxes, with policy tuning and incident review.
Evisent's bills separate the service fee from Microsoft licensing from hardware-at-cost. Every line item is visible; nothing is hidden inside an all-in number. Microsoft licensing is provisioned through our CSP at competitive rates. Hardware is supplied at cost plus a small handling fee.
The accounting firm's affiliated financial advisory practice operates under an external AFSL licensee, and is subject to ongoing cyber compliance audits by the licensee's corporate risk team. Across FY26 Evisent acted as the advisory practice's nominated IT/cyber representative through that program. None of this work appears as helpdesk tickets — but it's a significant share of the year's effort, and it's what keeps the advisory practice on the right side of its licensee's controls.
A condensed view of the licensee-driven workstreams Evisent delivered against this account in FY26.
Multi-stage written response to the licensee's mandatory "Cyber — next steps for your practice" audit. Covered managed service provider requirements, cyber insurance evidence, documented policies, and AFSL mandatory IT controls. Supporting certificates and evidence prepared and supplied for submission by the licensee's deadline.
Designed and quoted a ZTNA solution to replace the legacy VPN / VPN-exemption arrangement. Responded to two rounds of detailed follow-up questions from the licensee covering DNS protection, conditional access, identity controls and scope across related practices. Implementation completed mid-April 2026.
Deployed Microsoft Entra ID P2 on the advisory practice's privileged admin identity, with conditional access policies extending across the wider shared tenant. Directly addresses the licensee's identity protection requirements.
SSO clarification with the licensee's cyber team, OneDrive admin support and offshore-operator access reviews, archive email reviews, and ongoing liaison with the licensee on evolving controls.
In addition to the always-on stack and the licensee compliance program, FY26 included four Quarterly IT Reviews with the firm's leadership, a 13-attendee live cyber awareness training session (covering the 2025 threat landscape, phishing trends and practical defences), business process automation discovery sessions, a Copilot AI introduction, and dedicated time on SharePoint storage strategy.
Jul 2025, Oct 2025, Jan 2026, Apr 2026. Roadmap, vendor management, licensing posture and security maturity reviewed each quarter with firm leadership.
1-hour live session, October 2025. 13 attendees including the affiliated advisory practice. 2025 threat landscape, phishing trends, practical defences.
Multi-session business process automation discovery (Aug–Sep 2025), Copilot AI introduction (Oct 2025), and SharePoint storage planning (Dec 2025).
Most small accounting and advisory firms can name the helpdesk number their MSP gives them. Very few can name the eight things in the security stack, or the patch cadence, or the vulnerability count, or the licensee evidence they'd need on day one of an AFSL audit. That's the gap Evisent is built to close. You should know exactly what you're paying for, and it should hold up under audit.
Evisent Managed IT covers the always-on security and operations stack, M365 configuration, patch and vulnerability management, backup, and a real Quarterly Business Review cadence. Onboarding fee varies on complexity. Microsoft licensing passed through at cost.