MSP migration guide

Post-migration validation playbook

A practical post-migration validation playbook for MSP teams running tenant migrations, consolidations, and other high-stakes cutovers. Use it to capture the right baseline before changes start, run the validation pass after, and hand the client an evidence packet they can read without asking ‘can you send proof?’

// last updated · 2026-05-07

1) What you're proving in validation

  • Define what ‘success’ looks like in writing before any change is touched.
  • List the workloads that must keep working, and the signals that prove they are.
  • Name the owner who signs off on the baseline definition before execution begins.
  • Capture the ‘deferred’ list explicitly: the things that are out of scope and won't be validated.

2) Pre-cutover baseline capture

  • Snapshot mailbox flow, delegation, and shared mailbox access for every in-scope user.
  • Record OneDrive and SharePoint permissions, sharing links, and external access scope.
  • Capture conditional access posture, MFA enrollment state, and license assignments per user.
  • Log any client-visible integration (PSA, CRM, line-of-business apps) that touches the workloads in scope.
  • Include this baseline in the tenant migration approval gate. Nothing moves until it's signed off.

3) Post-cutover validation tests

  • Run the same signal checks against post-cutover state: mailbox flow, file access, conditional access, integrations.
  • Log every regression with owner, severity, remediation status, and target close date.
  • Gate the client closeout on a clean validation result, or an explicit, signed-off list of known issues.
  • Re-run validation after each remediation pass, not just once.

4) Evidence packet for client closeout

  • Baseline snapshot and after-snapshot, side-by-side, for every workload in scope.
  • Decision log with rationale: what was migrated, what was deferred, what was rolled back, and why.
  • Sign-off names and dates on the baseline, the validation results, and the closeout itself.
  • One-page client summary on top, readable without asking ‘can you send proof?’

Frequently asked questions

When should we start the validation pass?

Validation starts before changes begin; that's when the baseline gets captured. The post-cutover pass is the second half of a process that began on day one.

What goes in the evidence packet?

Baseline snapshot, after-snapshot, decision log, and a clean statement of what migrated, what was deferred, and who signed off. Enough that the client can read it without asking follow-up questions.

Do we need approval gates inside validation?

Yes. Two gates minimum: sign-off on the baseline before changes start, and sign-off on the validation results before the client packet ships.

// related guides

Microsoft 365 tenant-to-tenant migration checklist
Cross-tenant scope, sequencing, approval gates, validation.
M365 tenant consolidation playbook
Phased consolidation strategy for M&A.
MSP project governance checklist
Approval gates, decision rationale, evidence trails.