365 Permission manager offers built-in reporting functionality for 3 types of reports which will be in CSV format which will be sent by email to the administrator in encrypted .zip archives.
Full Site Permissions Report: This report informs about all permissions of all users and groups for all elements of a OneDrive, SharePoint or Microsoft Teams site.
User & Group Access Report: This report informs about all permissions that a specific user or group has for the elements of all sites of an organization.
External Access Report: This report informs about all sharing links that have been created for all OneDrive, SharePoint and Microsoft Teams sites of an Microsoft 365 organization.
Important: To unzip the .zip archive, a password is required. The password is only displayed
once before the report is generated. In order to be able to access the content
of the .zip archive later, ensure you copy the password and store it in a secure place before you click on Generate Report.
Pro Tip: An audit log of all actions performed by all users (which can be filtered by specific action types or by user account) is also available in the Activity Log module; this can also be exported to CSV. The different action types in the activity log are explained below:
Security: This action type refers to adding Office 365 organizations.
Account: This action type refers to actions that have resulted in the activation and deactivation of subscriptions and the start of a trial period.
Management: This action type refers to actions for managing permissions.