Merge pull request #100 from CriticalSolutionsNetwork/Whatif-Bugfix

fix: whatif

.github/workflows/powershell.yml

@@ -36,10 +36,11 @@ jobs:
         with:
           # Check https://github.com/microsoft/action-psscriptanalyzer for more info about the options.
           # The below set up runs PSScriptAnalyzer to your entire repository and runs some basic security rules.
-          path: .\
+          path: .\source
           recurse: true
           # Include your own basic security rules. Removing this option will run all the rules
-          includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText"'
+          includeRule: '"PSAvoidGlobalAliases", "PSAvoidUsingConvertToSecureStringWithPlainText", "PSAvoidUsingPlainTextForPassword", "PSAvoidUsingInvokeExpression", "PSUseApprovedVerbs", "PSAvoidUsingPositionalParameters", "PSAvoidUsingEmptyCatchBlock", "PSAvoidUsingDeprecatedManifestFields", "PSAvoidUsingUserNameAndPasswordParams", "PSAvoidUsingCmdletAliases"'
+
           output: results.sarif
 
       # Upload the SARIF file generated in the previous step

CHANGELOG.md

@@ -6,6 +6,69 @@ The format is based on and uses the types of changes according to [Keep a Change
 
 ### Added
 
+- Added output type to functions.
+
+### Fixed
+
+- Whatif support for `Invoke-M365SecurityAudit`.
+- Whatif module output and module install process.
+
+## [0.1.7] - 2024-06-08
+
+### Added
+
+- Added pipeline support to `Sync-CISExcelAndCsvData` function for `[CISAuditResult[]]` input.
+
+### Changed
+
+- Updated `Connect-M365Suite` to make `TenantAdminUrl` an optional parameter.
+- Updated `Invoke-M365SecurityAudit` to make `TenantAdminUrl` an optional parameter.
+- Improved connection handling and error messaging in `Connect-M365Suite`.
+- Enhanced `Invoke-M365SecurityAudit` to allow flexible inclusion and exclusion of specific recommendations, IG filters, and profile levels.
+- SupportsShoudProcess to also bypass connection checks in `Invoke-M365SecurityAudit` as well as Disconnect-M365Suite.
+
+## [0.1.6] - 2024-06-08
+
+### Added
+
+- Added pipeline support to `Sync-CISExcelAndCsvData` function for `[CISAuditResult[]]` input.
+
+## [0.1.5] - 2024-06-08
+
+### Added
+
+- Updated test definitions for CIS Microsoft 365 Foundations Benchmark for better error handling and object output when errors occur.
+- Added a parameter to the `Initialize-CISAuditResult` function to allow for a static failed object to be created when an error occurs.
+- Refactored `Invoke-M365SecurityAudit` to include a new private function `Invoke-TestFunction` for executing test functions and handling errors.
+- Added a new private function `Measure-AuditResult` to calculate and display audit results.
+- Enhanced error logging to capture failed test details and display them at the end of the audit.
+- Added a private function `Get-RequiredModule` to initialize the `$requiredModules` variable for better code organization in the main script.
+- Updated `Test-MailboxAuditingE3` and `Test-MailboxAuditingE5` functions to use `Format-MissingAction` for structuring missing actions into a pipe-separated table format.
+- Added more verbose logging to `Test-BlockMailForwarding` and improved error handling for better troubleshooting.
+- Improved `Test-RestrictCustomScripts` to handle long URL lengths better by extracting and replacing common hostnames, and provided detailed output.
+- Added sorting to output.
+- Created new functions for improved modularity.
+- Parameter validation for Excel and CSV path in sync function.
+- Added Output type to tests.
+- Added `M365DomainForPWPolicyTest` parameter to `Invoke-M365SecurityAudit` to specify testing only the default domain for password expiration policy when '1.3.1' is included in the tests.
+
+### Fixed
+
+- Ensured the `Invoke-TestFunction` returns a `CISAuditResult` object, which is then managed in the `Invoke-M365SecurityAudit` function.
+- Corrected the usage of the join operation within `$details` in `Test-BlockMailForwarding` to handle arrays properly.
+- Fixed the logic in `Test-RestrictCustomScripts` to accurately replace and manage URLs, ensuring compliance checks are correctly performed.
+- Updated the `Test-MailboxAuditingE3` and `Test-MailboxAuditingE5` functions to handle the `$allFailures` variable correctly, ensuring accurate pass/fail results.
+- Fixed the connections in helper CSV and connect function.
+- Removed verbose preference from `Test-RestrictCustomScripts`.
+- Ensured that the output in `Test-BlockMailForwarding` does not include extra spaces between table headers and data.
+- Fixed output in `Test-MailboxAuditingE3` and `Test-MailboxAuditingE5` to correctly align with the new table format.
+- Added step 1 and step 2 in `Test-BlockMailForwarding` details to ensure comprehensive compliance checks.
+- Fixed the issue with the output in `Test-RestrictCustomScripts` to ensure no extra spaces between table headers and data.
+
+## [0.1.4] - 2024-05-30
+
+### Added
+
 - Test definitions filter function.
 - Logging function for future use.
 - Test grade written to console.

SECURITY.md

@@ -0,0 +1,18 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 0.1.4   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.

helpers/Build-Help.ps1

@@ -4,7 +4,7 @@ Import-Module .\output\module\M365FoundationsCISReport\*\*.psd1
 
 
 <#
-    $ver = "v0.1.3"
+    $ver = "v0.1.7"
     git checkout main
     git pull origin main
     git tag -a $ver -m "Release version $ver refactor Update"
@@ -14,4 +14,72 @@ Import-Module .\output\module\M365FoundationsCISReport\*\*.psd1
     # git tag -d $ver
 #>
 
+# Refresh authentication to ensure the correct scopes
+gh auth refresh -s project,read:project,write:project,repo
 
+# Create the project
+gh project create --owner CriticalSolutionsNetwork --title "Test Validation Project"
+
+$repoOwner = "CriticalSolutionsNetwork"
+$repoName = "M365FoundationsCISReport"
+$directoryPath = ".\source\tests"
+$projectName = "Test Validation Project"
+
+# Function to create GitHub issues
+function Create-GitHubIssue {
+    param (
+        [string]$title,
+        [string]$body,
+        [string]$project
+    )
+
+    # Create the issue and add it to the specified project
+    $issue = gh issue create --repo "$repoOwner/$repoName" --title "$title" --body "$body" --project "$project"
+    return $issue
+}
+
+# Load test definitions from CSV
+$testDefinitionsPath = ".\source\helper\TestDefinitions.csv"
+$testDefinitions = Import-Csv -Path $testDefinitionsPath
+
+# Iterate over each .ps1 file in the directory
+Get-ChildItem -Path $directoryPath -Filter "*.ps1" | ForEach-Object {
+    $fileName = $_.Name
+    $testDefinition = $testDefinitions | Where-Object { $_.TestFileName -eq $fileName }
+
+    if ($testDefinition) {
+        $rec = $testDefinition.Rec
+        $elevel = $testDefinition.ELevel
+        $profileLevel = $testDefinition.ProfileLevel
+        $ig1 = $testDefinition.IG1
+        $ig2 = $testDefinition.IG2
+        $ig3 = $testDefinition.IG3
+        $connection = $testDefinition.Connection
+
+        $issueTitle = "Rec: $rec - Validate $fileName, ELevel: $elevel, ProfileLevel: $profileLevel, IG1: $ig1, IG2: $ig2, IG3: $ig3, Connection: $connection"
+        $issueBody = @"
+# Validation for $fileName
+
+## Tasks
+- [ ] Validate test for a pass
+  - Description of passing criteria:
+- [ ] Validate test for a fail
+  - Description of failing criteria:
+- [ ] Add notes and observations
+  - Placeholder for additional notes:
+"@
+
+        # Create the issue using GitHub CLI
+        try {
+            Create-GitHubIssue -title "$issueTitle" -body "$issueBody" -project "$projectName"
+            Write-Output "Created issue for $fileName"
+        } catch {
+            Write-Error "Failed to create issue for $fileName : $_"
+        }
+
+        # Introduce a delay of 2 seconds
+        Start-Sleep -Seconds 2
+    } else {
+        Write-Warning "No matching test definition found for $fileName"
+    }
+}

helpers/CIS 365 v3.0.0 Controls/Test-MailboxAuditingE3_6.1.2_E3L1_IG1_IG2_IG3.ps1

@@ -60,7 +60,7 @@ function Test-MailboxAuditingE3_6.1.2_E3L1_IG1_IG2_IG3 {
                     }
 
                     if ($missingActions) {
-                        $formattedActions = Format-MissingActions $missingActions
+                        $formattedActions = Format-MissingAction $missingActions
                         $allFailures += "$userUPN`: AuditEnabled - True; $formattedActions"
                     }
                     # Mark the user as processed
@@ -83,7 +83,7 @@ function Test-MailboxAuditingE3_6.1.2_E3L1_IG1_IG2_IG3 {
     }
 }
 
-function Format-MissingActions {
+function Format-MissingAction {
     param ([array]$missingActions)
 
     $actionGroups = @{

helpers/CIS 365 v3.0.0 Controls/Test-MailboxAuditingE5_6.1.3_E5L1_IG1_IG2_IG3.ps1

@@ -60,7 +60,7 @@ function Test-MailboxAuditingE5_6.1.3_E5L1_IG1_IG2_IG3 {
                     }
 
                     if ($missingActions) {
-                        $formattedActions = Format-MissingActions $missingActions
+                        $formattedActions = Format-MissingAction $missingActions
                         $allFailures += "$userUPN`: AuditEnabled - True; $formattedActions"
                     }
                     else {
@@ -92,7 +92,7 @@ function Test-MailboxAuditingE5_6.1.3_E5L1_IG1_IG2_IG3 {
     }
 }
 
-function Format-MissingActions {
+function Format-MissingAction {
     param ([array]$missingActions)
 
     $actionGroups = @{

source/Private/Assert-ModuleAvailability.ps1

@@ -1,29 +1,33 @@
 function Assert-ModuleAvailability {
+    [OutputType([void]) ]
     param(
         [string]$ModuleName,
         [string]$RequiredVersion,
-        [string]$SubModuleName
+        [string[]]$SubModules = @()
     )
 
     try {
         $module = Get-Module -ListAvailable -Name $ModuleName | Where-Object { $_.Version -ge [version]$RequiredVersion }
 
-        if ($null -eq $module) {$auditResult.Profile
-            Write-Host "Installing $ModuleName module..."
+        if ($null -eq $module) {
+            Write-Information "Installing $ModuleName module..." -InformationAction Continue
             Install-Module -Name $ModuleName -RequiredVersion $RequiredVersion -Force -AllowClobber -Scope CurrentUser | Out-Null
         }
         elseif ($module.Version -lt [version]$RequiredVersion) {
-            Write-Host "Updating $ModuleName module to required version..."
+            Write-Information "Updating $ModuleName module to required version..." -InformationAction Continue
             Update-Module -Name $ModuleName -RequiredVersion $RequiredVersion -Force | Out-Null
         }
         else {
-            Write-Host "$ModuleName module is already at required version or newer."
+            Write-Information "$ModuleName module is already at required version or newer." -InformationAction Continue
         }
 
-        if ($SubModuleName) {
-            Import-Module -Name "$ModuleName.$SubModuleName" -RequiredVersion $RequiredVersion -ErrorAction Stop | Out-Null
+        if ($SubModules.Count -gt 0) {
+            foreach ($subModule in $SubModules) {
+                Write-Information "Importing submodule $ModuleName.$subModule..." -InformationAction Continue
+                Import-Module -Name "$ModuleName.$subModule" -RequiredVersion $RequiredVersion -ErrorAction Stop | Out-Null
             }
-        else {
+        } else {
+            Write-Information "Importing module $ModuleName..." -InformationAction Continue
             Import-Module -Name $ModuleName -RequiredVersion $RequiredVersion -ErrorAction Stop | Out-Null
         }
     }

source/Private/Connect-M365Suite.ps1

@@ -1,7 +1,8 @@
 function Connect-M365Suite {
+    [OutputType([void])]
     [CmdletBinding()]
     param (
-        [Parameter(Mandatory)]
+        [Parameter(Mandatory=$false)]
         [string]$TenantAdminUrl,
 
         [Parameter(Mandatory)]
@@ -11,13 +12,13 @@ function Connect-M365Suite {
     $VerbosePreference = "SilentlyContinue"
 
     try {
-        if ($RequiredConnections -contains "AzureAD" -or $RequiredConnections -contains "AzureAD | EXO") {
+        if ($RequiredConnections -contains "AzureAD" -or $RequiredConnections -contains "AzureAD | EXO" -or $RequiredConnections -contains "AzureAD | EXO | Microsoft Graph") {
             Write-Host "Connecting to Azure Active Directory..." -ForegroundColor Cyan
             Connect-AzureAD | Out-Null
             Write-Host "Successfully connected to Azure Active Directory." -ForegroundColor Green
         }
 
-        if ($RequiredConnections -contains "Microsoft Graph") {
+        if ($RequiredConnections -contains "Microsoft Graph" -or $RequiredConnections -contains "AzureAD | EXO | Microsoft Graph") {
             Write-Host "Connecting to Microsoft Graph with scopes: Directory.Read.All, Domain.Read.All, Policy.Read.All, Organization.Read.All" -ForegroundColor Cyan
             try {
                 Connect-MgGraph -Scopes "Directory.Read.All", "Domain.Read.All", "Policy.Read.All", "Organization.Read.All" -NoWelcome | Out-Null
@@ -30,7 +31,7 @@ function Connect-M365Suite {
             }
         }
 
-        if ($RequiredConnections -contains "EXO" -or $RequiredConnections -contains "AzureAD | EXO" -or $RequiredConnections -contains "Microsoft Teams | EXO") {
+        if ($RequiredConnections -contains "EXO" -or $RequiredConnections -contains "AzureAD | EXO" -or $RequiredConnections -contains "Microsoft Teams | EXO" -or $RequiredConnections -contains "AzureAD | EXO | Microsoft Graph") {
             Write-Host "Connecting to Exchange Online..." -ForegroundColor Cyan
             Connect-ExchangeOnline | Out-Null
             Write-Host "Successfully connected to Exchange Online." -ForegroundColor Green

source/Private/Disconnect-M365Suite.ps1

@@ -1,4 +1,5 @@
 function Disconnect-M365Suite {
+    [OutputType([void])]
     param (
         [Parameter(Mandatory)]
         [string[]]$RequiredConnections

source/Private/Format-MissingAction.ps1

@@ -0,0 +1,29 @@
+function Format-MissingAction {
+    [CmdletBinding()]
+    [OutputType([hashtable])]
+    param (
+        [array]$missingActions
+    )
+
+    $actionGroups = @{
+        "Admin"    = @()
+        "Delegate" = @()
+        "Owner"    = @()
+    }
+
+    foreach ($action in $missingActions) {
+        if ($action -match "(Admin|Delegate|Owner) action '([^']+)' missing") {
+            $type = $matches[1]
+            $actionName = $matches[2]
+            $actionGroups[$type] += $actionName
+        }
+    }
+
+    $formattedResults = @{
+        Admin    = $actionGroups["Admin"] -join ', '
+        Delegate = $actionGroups["Delegate"] -join ', '
+        Owner    = $actionGroups["Owner"] -join ', '
+    }
+
+    return $formattedResults
+}

source/Private/Format-RequiredModuleList.ps1

@@ -0,0 +1,19 @@
+function Format-RequiredModuleList {
+    [CmdletBinding()]
+    [OutputType([string])]
+    param (
+        [Parameter(Mandatory = $true)]
+        [System.Object[]]$RequiredModules
+    )
+
+    $requiredModulesFormatted = ""
+    foreach ($module in $RequiredModules) {
+        if ($module.SubModules -and $module.SubModules.Count -gt 0) {
+            $subModulesFormatted = $module.SubModules -join ', '
+            $requiredModulesFormatted += "$($module.ModuleName) (SubModules: $subModulesFormatted), "
+        } else {
+            $requiredModulesFormatted += "$($module.ModuleName), "
+        }
+    }
+    return $requiredModulesFormatted.TrimEnd(", ")
+}

source/Private/Get-MostCommonWord.ps1

@@ -0,0 +1,24 @@
+function Get-MostCommonWord {
+    [CmdletBinding()]
+    [OutputType([string])]
+    param (
+        [Parameter(Mandatory = $true)]
+        [string[]]$InputStrings
+    )
+
+    # Combine all strings into one large string
+    $allText = $InputStrings -join ' '
+
+    # Split the large string into words
+    $words = $allText -split '\s+'
+
+    # Group words and count occurrences
+    $wordGroups = $words | Group-Object | Sort-Object Count -Descending
+
+    # Return the most common word if it occurs at least 3 times
+    if ($wordGroups.Count -gt 0 -and $wordGroups[0].Count -ge 3) {
+        return $wordGroups[0].Name
+    } else {
+        return $null
+    }
+}

source/Private/Get-RequiredModule.ps1

@@ -0,0 +1,31 @@
+function Get-RequiredModule {
+    [CmdletBinding(DefaultParameterSetName = 'AuditFunction')]
+    [OutputType([System.Object[]])]
+    param (
+        [Parameter(Mandatory = $true, ParameterSetName = 'AuditFunction')]
+        [switch]$AuditFunction,
+
+        [Parameter(Mandatory = $true, ParameterSetName = 'SyncFunction')]
+        [switch]$SyncFunction
+    )
+
+    switch ($PSCmdlet.ParameterSetName) {
+        'AuditFunction' {
+            return @(
+                @{ ModuleName = "ExchangeOnlineManagement"; RequiredVersion = "3.3.0"; SubModules = @() },
+                @{ ModuleName = "AzureAD"; RequiredVersion = "2.0.2.182"; SubModules = @() },
+                @{ ModuleName = "Microsoft.Graph"; RequiredVersion = "2.4.0"; SubModules = @("Groups", "DeviceManagement", "Users", "Identity.DirectoryManagement", "Identity.SignIns") },
+                @{ ModuleName = "Microsoft.Online.SharePoint.PowerShell"; RequiredVersion = "16.0.24009.12000"; SubModules = @() },
+                @{ ModuleName = "MicrosoftTeams"; RequiredVersion = "5.5.0"; SubModules = @() }
+            )
+        }
+        'SyncFunction' {
+            return @(
+                @{ ModuleName = "ImportExcel"; RequiredVersion = "7.8.9"; SubModules = @() }
+            )
+        }
+        default {
+            throw "Please specify either -AuditFunction or -SyncFunction switch."
+        }
+    }
+}

source/Private/Get-TestDefinitionsObject.ps1

@@ -1,4 +1,6 @@
 function Get-TestDefinitionsObject {
+    [CmdletBinding()]
+    [OutputType([object[]])]
     param (
         [Parameter(Mandatory = $true)]
         [object[]]$TestDefinitions,

source/Private/Get-UniqueConnection.ps1

@@ -0,0 +1,28 @@
+function Get-UniqueConnection {
+    [CmdletBinding()]
+    [OutputType([string[]])]
+    param (
+        [Parameter(Mandatory = $true)]
+        [string[]]$Connections
+    )
+
+    $uniqueConnections = @()
+
+    if ($Connections -contains "AzureAD" -or $Connections -contains "AzureAD | EXO" -or $Connections -contains "AzureAD | EXO | Microsoft Graph") {
+        $uniqueConnections += "AzureAD"
+    }
+    if ($Connections -contains "Microsoft Graph" -or $Connections -contains "AzureAD | EXO | Microsoft Graph") {
+        $uniqueConnections += "Microsoft Graph"
+    }
+    if ($Connections -contains "EXO" -or $Connections -contains "AzureAD | EXO" -or $Connections -contains "Microsoft Teams | EXO" -or $Connections -contains "AzureAD | EXO | Microsoft Graph") {
+        $uniqueConnections += "EXO"
+    }
+    if ($Connections -contains "SPO") {
+        $uniqueConnections += "SPO"
+    }
+    if ($Connections -contains "Microsoft Teams" -or $Connections -contains "Microsoft Teams | EXO") {
+        $uniqueConnections += "Microsoft Teams"
+    }
+
+    return $uniqueConnections | Sort-Object -Unique
+}

source/Private/Initialize-CISAuditResult.ps1

@@ -1,19 +1,24 @@
 function Initialize-CISAuditResult {
+    [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         [Parameter(Mandatory = $true)]
         [string]$Rec,
 
-        [Parameter(Mandatory = $true)]
+        [Parameter(Mandatory = $true, ParameterSetName = 'Full')]
         [bool]$Result,
 
-        [Parameter(Mandatory = $true)]
+        [Parameter(Mandatory = $true, ParameterSetName = 'Full')]
         [string]$Status,
 
-        [Parameter(Mandatory = $true)]
+        [Parameter(Mandatory = $true, ParameterSetName = 'Full')]
         [string]$Details,
 
-        [Parameter(Mandatory = $true)]
-        [string]$FailureReason
+        [Parameter(Mandatory = $true, ParameterSetName = 'Full')]
+        [string]$FailureReason,
+
+        [Parameter(ParameterSetName = 'Error')]
+        [switch]$Failure
     )
 
     # Import the test definitions CSV file
@@ -22,6 +27,10 @@ function Initialize-CISAuditResult {
     # Find the row that matches the provided recommendation (Rec)
     $testDefinition = $testDefinitions | Where-Object { $_.Rec -eq $Rec }
 
+    if (-not $testDefinition) {
+        throw "Test definition for recommendation '$Rec' not found."
+    }
+
     # Create an instance of CISAuditResult and populate it
     $auditResult = [CISAuditResult]::new()
     $auditResult.Rec = $Rec
@@ -36,10 +45,18 @@ function Initialize-CISAuditResult {
     $auditResult.Automated = [bool]::Parse($testDefinition.Automated)
     $auditResult.Connection = $testDefinition.Connection
     $auditResult.CISControlVer = 'v8'
+
+    if ($PSCmdlet.ParameterSetName -eq 'Full') {
         $auditResult.Result = $Result
         $auditResult.Status = $Status
         $auditResult.Details = $Details
         $auditResult.FailureReason = $FailureReason
+    } elseif ($PSCmdlet.ParameterSetName -eq 'Error') {
+        $auditResult.Result = $false
+        $auditResult.Status = 'Fail'
+        $auditResult.Details = "An error occurred while processing the test."
+        $auditResult.FailureReason = "Initialization error: Failed to process the test."
+    }
 
     return $auditResult
 }

source/Private/Invoke-TestFunction.ps1

@@ -0,0 +1,35 @@
+function Invoke-TestFunction {
+    [OutputType([CISAuditResult[]])]
+    param (
+        [Parameter(Mandatory = $true)]
+        [PSObject]$FunctionFile,
+
+        [Parameter(Mandatory = $false)]
+        [string]$DomainName
+    )
+
+    $functionName = $FunctionFile.BaseName
+    $functionCmd = Get-Command -Name $functionName
+
+    # Check if the test function needs DomainName parameter
+    $paramList = @{}
+    if ('DomainName' -in $functionCmd.Parameters.Keys) {
+        $paramList.DomainName = $DomainName
+    }
+
+    # Use splatting to pass parameters
+    Write-Verbose "Running $functionName..."
+    try {
+        $result = & $functionName @paramList
+        # Assuming each function returns an array of CISAuditResult or a single CISAuditResult
+        return $result
+    }
+    catch {
+        Write-Error "An error occurred during the test: $_"
+        $script:FailedTests.Add([PSCustomObject]@{ Test = $functionName; Error = $_ })
+
+        # Call Initialize-CISAuditResult with error parameters
+        $auditResult = Initialize-CISAuditResult -Rec $functionName -Failure
+        return $auditResult
+    }
+}

source/Private/Measure-AuditResult.ps1

@@ -0,0 +1,32 @@
+function Measure-AuditResult {
+    [OutputType([void])]
+    param (
+        [Parameter(Mandatory = $true)]
+        [System.Collections.ArrayList]$AllAuditResults,
+
+        [Parameter(Mandatory = $false)]
+        [System.Collections.ArrayList]$FailedTests
+    )
+
+    # Calculate the total number of tests
+    $totalTests = $AllAuditResults.Count
+
+    # Calculate the number of passed tests
+    $passedTests = $AllAuditResults.ToArray() | Where-Object { $_.Result -eq $true } | Measure-Object | Select-Object -ExpandProperty Count
+
+    # Calculate the pass percentage
+    $passPercentage = if ($totalTests -eq 0) { 0 } else { [math]::Round(($passedTests / $totalTests) * 100, 2) }
+
+    # Display the pass percentage to the user
+    Write-Host "Audit completed. $passedTests out of $totalTests tests passed." -ForegroundColor Cyan
+    Write-Host "Your passing percentage is $passPercentage%."
+
+    # Display details of failed tests
+    if ($FailedTests.Count -gt 0) {
+        Write-Host "The following tests failed to complete:" -ForegroundColor Red
+        foreach ($failedTest in $FailedTests) {
+            Write-Host "Test: $($failedTest.Test)" -ForegroundColor Yellow
+            Write-Host "Error: $($failedTest.Error)" -ForegroundColor Yellow
+        }
+    }
+}

source/Private/Merge-CISExcelAndCsvData.ps1

@@ -1,5 +1,6 @@
 function Merge-CISExcelAndCsvData {
-    [CmdletBinding()]
+    [CmdletBinding(DefaultParameterSetName = 'CsvInput')]
+    [OutputType([PSCustomObject[]])]
     param (
         [Parameter(Mandatory = $true)]
         [string]$ExcelPath,
@@ -7,36 +8,31 @@ function Merge-CISExcelAndCsvData {
         [Parameter(Mandatory = $true)]
         [string]$WorksheetName,
 
-        [Parameter(Mandatory = $true)]
-        [string]$CsvPath
+        [Parameter(Mandatory = $true, ParameterSetName = 'CsvInput')]
+        [string]$CsvPath,
+
+        [Parameter(Mandatory = $true, ParameterSetName = 'ObjectInput')]
+        [CISAuditResult[]]$AuditResults
     )
 
     process {
-        # Import data from Excel and CSV
+        # Import data from Excel
         $import = Import-Excel -Path $ExcelPath -WorksheetName $WorksheetName
-        $csvData = Import-Csv -Path $CsvPath
 
-        # Define a function to create a merged object
-        function CreateMergedObject($excelItem, $csvRow) {
-            $newObject = New-Object PSObject
-
-            foreach ($property in $excelItem.PSObject.Properties) {
-                $newObject | Add-Member -MemberType NoteProperty -Name $property.Name -Value $property.Value
-            }
-            $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Connection' -Value $csvRow.Connection
-            $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Status' -Value $csvRow.Status
-            $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Details' -Value $csvRow.Details
-            $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_FailureReason' -Value $csvRow.FailureReason
-            return $newObject
+        # Import data from CSV or use provided object
+        $csvData = if ($PSCmdlet.ParameterSetName -eq 'CsvInput') {
+            Import-Csv -Path $CsvPath
+        } else {
+            $AuditResults
         }
 
-        # Iterate over each item in the imported Excel object and merge with CSV data
+        # Iterate over each item in the imported Excel object and merge with CSV data or audit results
         $mergedData = foreach ($item in $import) {
             $csvRow = $csvData | Where-Object { $_.Rec -eq $item.'recommendation #' }
             if ($csvRow) {
-                CreateMergedObject -excelItem $item -csvRow $csvRow
+                New-MergedObject -ExcelItem $item -CsvRow $csvRow
             } else {
-                CreateMergedObject -excelItem $item -csvRow ([PSCustomObject]@{Connection=$null;Status=$null; Details=$null; FailureReason=$null })
+                New-MergedObject -ExcelItem $item -CsvRow ([PSCustomObject]@{Connection=$null;Status=$null; Details=$null; FailureReason=$null })
             }
         }
 

source/Private/New-MergedObject.ps1

@@ -0,0 +1,22 @@
+function New-MergedObject {
+    [CmdletBinding()]
+    [OutputType([PSCustomObject])]
+    param (
+        [Parameter(Mandatory = $true)]
+        [psobject]$ExcelItem,
+
+        [Parameter(Mandatory = $true)]
+        [psobject]$CsvRow
+    )
+
+    $newObject = New-Object PSObject
+
+    foreach ($property in $ExcelItem.PSObject.Properties) {
+        $newObject | Add-Member -MemberType NoteProperty -Name $property.Name -Value $property.Value
+    }
+    $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Connection' -Value $CsvRow.Connection
+    $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Status' -Value $CsvRow.Status
+    $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_Details' -Value $CsvRow.Details
+    $newObject | Add-Member -MemberType NoteProperty -Name 'CSV_FailureReason' -Value $CsvRow.FailureReason
+    return $newObject
+}

source/Private/Update-CISExcelWorksheet.ps1

@@ -1,4 +1,5 @@
 function Update-CISExcelWorksheet {
+    [OutputType([void])]
     [CmdletBinding()]
     param (
         [Parameter(Mandatory = $true)]
@@ -25,7 +26,7 @@ function Update-CISExcelWorksheet {
 
 
         # Update the worksheet with the provided data
-        Update-WorksheetCells -Worksheet $worksheet -Data $Data -StartingRowIndex $StartingRowIndex
+        Update-WorksheetCell -Worksheet $worksheet -Data $Data -StartingRowIndex $StartingRowIndex
 
         # Save and close the Excel package
         Close-ExcelPackage $excelPackage

source/Private/Update-WorksheetCell.ps1

@@ -0,0 +1,29 @@
+function Update-WorksheetCell {
+    [OutputType([void])]
+    param (
+        $Worksheet,
+        $Data,
+        $StartingRowIndex
+    )
+
+    # Check and set headers
+    $firstItem = $Data[0]
+    $colIndex = 1
+    foreach ($property in $firstItem.PSObject.Properties) {
+        if ($StartingRowIndex -eq 2 -and $Worksheet.Cells[1, $colIndex].Value -eq $null) {
+            $Worksheet.Cells[1, $colIndex].Value = $property.Name
+        }
+        $colIndex++
+    }
+
+    # Iterate over each row in the data and update cells
+    $rowIndex = $StartingRowIndex
+    foreach ($item in $Data) {
+        $colIndex = 1
+        foreach ($property in $item.PSObject.Properties) {
+            $Worksheet.Cells[$rowIndex, $colIndex].Value = $property.Value
+            $colIndex++
+        }
+        $rowIndex++
+    }
+}

source/Private/Update-WorksheetCells.ps1

@@ -1,28 +0,0 @@
-        function Update-WorksheetCells {
-            param (
-                $Worksheet,
-                $Data,
-                $StartingRowIndex
-            )
-
-            # Check and set headers
-            $firstItem = $Data[0]
-            $colIndex = 1
-            foreach ($property in $firstItem.PSObject.Properties) {
-                if ($StartingRowIndex -eq 2 -and $Worksheet.Cells[1, $colIndex].Value -eq $null) {
-                    $Worksheet.Cells[1, $colIndex].Value = $property.Name
-                }
-                $colIndex++
-            }
-
-            # Iterate over each row in the data and update cells
-            $rowIndex = $StartingRowIndex
-            foreach ($item in $Data) {
-                $colIndex = 1
-                foreach ($property in $item.PSObject.Properties) {
-                    $Worksheet.Cells[$rowIndex, $colIndex].Value = $property.Value
-                    $colIndex++
-                }
-                $rowIndex++
-            }
-        }

source/Public/Get-AdminRoleUserLicense.ps1

@@ -25,6 +25,8 @@
     https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Get-AdminRoleUserLicense
 #>
 function Get-AdminRoleUserLicense {
+    # Set output type to System.Collections.ArrayList
+    [OutputType([System.Collections.ArrayList])]
     [CmdletBinding()]
     param (
         [Parameter(Mandatory = $false)]

source/Public/Invoke-M365SecurityAudit.ps1

@@ -4,9 +4,9 @@
     .DESCRIPTION
     The Invoke-M365SecurityAudit cmdlet performs a comprehensive security audit based on the specified parameters. It allows auditing of various configurations and settings within a Microsoft 365 environment, such as compliance with CIS benchmarks.
     .PARAMETER TenantAdminUrl
-    The URL of the tenant admin. This parameter is mandatory.
-    .PARAMETER DomainName
-    The domain name of the Microsoft 365 environment. This parameter is mandatory.
+    The URL of the tenant admin. If not specified, none of the SharePoint Online tests will run.
+    .PARAMETER M365DomainForPWPolicyTest
+    The domain name of the Microsoft 365 environment to test. This parameter is not mandatory and by default it will pass/fail all found domains as a group if a specific domain is not specified.
     .PARAMETER ELevel
     Specifies the E-Level (E3 or E5) for the audit. This parameter is optional and can be combined with the ProfileLevel parameter.
     .PARAMETER ProfileLevel
@@ -28,22 +28,77 @@
     .PARAMETER NoModuleCheck
     If specified, the cmdlet will not check for the presence of required modules.
     .EXAMPLE
-    PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -ELevel "E5" -ProfileLevel "L1"
-
+    PS> Invoke-M365SecurityAudit
+    Performs a security audit using default parameters.
+    Output:
+    Status      : Fail
+    ELevel      : E3
+    ProfileLevel: L1
+    Connection  : Microsoft Graph
+    Rec         : 1.1.1
+    Result      : False
+    Details     : Non-compliant accounts:
+                Username        | Roles                  | HybridStatus | Missing Licence
+                user1@domain.com| Global Administrator   | Cloud-Only   | AAD_PREMIUM
+                user2@domain.com| Global Administrator   | Hybrid       | AAD_PREMIUM, AAD_PREMIUM_P2
+    FailureReason: Non-Compliant Accounts: 2
+    .EXAMPLE
+    PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -ELevel "E5" -ProfileLevel "L1"
     Performs a security audit for the E5 level and L1 profile in the specified Microsoft 365 environment.
+    Output:
+    Status      : Fail
+    ELevel      : E5
+    ProfileLevel: L1
+    Connection  : Microsoft Graph
+    Rec         : 1.1.1
+    Result      : False
+    Details     : Non-compliant accounts:
+                Username        | Roles                  | HybridStatus | Missing Licence
+                user1@domain.com| Global Administrator   | Cloud-Only   | AAD_PREMIUM
+                user2@domain.com| Global Administrator   | Hybrid       | AAD_PREMIUM, AAD_PREMIUM_P2
+    FailureReason: Non-Compliant Accounts: 2
     .EXAMPLE
-    PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -IncludeIG1
-
+    PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -IncludeIG1
     Performs an audit including all tests where IG1 is true.
+    Output:
+    Status      : Fail
+    ELevel      : E3
+    ProfileLevel: L1
+    Connection  : Microsoft Graph
+    Rec         : 1.1.1
+    Result      : False
+    Details     : Non-compliant accounts:
+                Username        | Roles                  | HybridStatus | Missing Licence
+                user1@domain.com| Global Administrator   | Cloud-Only   | AAD_PREMIUM
+                user2@domain.com| Global Administrator   | Hybrid       | AAD_PREMIUM, AAD_PREMIUM_P2
+    FailureReason: Non-Compliant Accounts: 2
     .EXAMPLE
-    PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com" -SkipRecommendation '1.1.3', '2.1.1'
-
+    PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -SkipRecommendation '1.1.3', '2.1.1'
     Performs an audit while excluding specific recommendations 1.1.3 and 2.1.1.
+    Output:
+    Status      : Fail
+    ELevel      : E3
+    ProfileLevel: L1
+    Connection  : Microsoft Graph
+    Rec         : 1.1.1
+    Result      : False
+    Details     : Non-compliant accounts:
+                Username        | Roles                  | HybridStatus | Missing Licence
+                user1@domain.com| Global Administrator   | Cloud-Only   | AAD_PREMIUM
+                user2@domain.com| Global Administrator   | Hybrid       | AAD_PREMIUM, AAD_PREMIUM_P2
+    FailureReason: Non-Compliant Accounts: 2
     .EXAMPLE
-    PS> $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -DomainName "contoso.com"
+    PS> $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com"
     PS> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation
-
     Captures the audit results into a variable and exports them to a CSV file.
+    Output:
+    CISAuditResult[]
+    auditResults.csv
+    .EXAMPLE
+    PS> Invoke-M365SecurityAudit -WhatIf
+    Displays what would happen if the cmdlet is run without actually performing the audit.
+    Output:
+    What if: Performing the operation "Invoke-M365SecurityAudit" on target "Microsoft 365 environment".
     .INPUTS
     None. You cannot pipe objects to Invoke-M365SecurityAudit.
     .OUTPUTS
@@ -63,11 +118,13 @@ function Invoke-M365SecurityAudit {
     [CmdletBinding(SupportsShouldProcess = $true, DefaultParameterSetName = 'Default')]
     [OutputType([CISAuditResult[]])]
     param (
-        [Parameter(Mandatory = $true)]
+        [Parameter(Mandatory = $false, HelpMessage = "The SharePoint tenant admin URL, which should end with '-admin.sharepoint.com'. If not specified none of the Sharepoint Online tests will run.")]
+        [ValidatePattern('^https://[a-zA-Z0-9-]+-admin\.sharepoint\.com$')]
         [string]$TenantAdminUrl,
 
-        [Parameter(Mandatory = $true)]
-        [string]$DomainName,
+        [Parameter(Mandatory = $false, HelpMessage = "Specify this to test only the default domain for password expiration policy when '1.3.1' is included in the tests to be run. The domain name of your organization, e.g., 'example.com'.")]
+        [ValidatePattern('^[a-zA-Z0-9-]+\.[a-zA-Z]{2,}$')]
+        [string]$M365DomainForPWPolicyTest,
 
         # E-Level with optional ProfileLevel selection
         [Parameter(Mandatory = $true, ParameterSetName = 'ELevelFilter')]
@@ -120,43 +177,29 @@ function Invoke-M365SecurityAudit {
         [switch]$NoModuleCheck
     )
 
-
-
     Begin {
         if ($script:MaximumFunctionCount -lt 8192) {
             $script:MaximumFunctionCount = 8192
         }
         # Ensure required modules are installed
-        # Define the required modules and versions in a hashtable
-        if (!($NoModuleCheck)) {
-            $requiredModules = @(
-                @{ ModuleName = "ExchangeOnlineManagement"; RequiredVersion = "3.3.0" },
-                @{ ModuleName = "AzureAD"; RequiredVersion = "2.0.2.182" },
-                @{ ModuleName = "Microsoft.Graph"; RequiredVersion = "2.4.0"; SubModuleName = "Authentication" },
-                @{ ModuleName = "Microsoft.Graph"; RequiredVersion = "2.4.0"; SubModuleName = "Users" },
-                @{ ModuleName = "Microsoft.Graph"; RequiredVersion = "2.4.0"; SubModuleName = "Groups" },
-                @{ ModuleName = "Microsoft.Graph"; RequiredVersion = "2.4.0"; SubModuleName = "DirectoryObjects" },
-                @{ ModuleName = "Microsoft.Graph"; RequiredVersion = "2.4.0"; SubModuleName = "Domains" },
-                @{ ModuleName = "Microsoft.Graph"; RequiredVersion = "2.4.0"; SubModuleName = "Reports" },
-                @{ ModuleName = "Microsoft.Graph"; RequiredVersion = "2.4.0"; SubModuleName = "Mail" },
-                @{ ModuleName = "Microsoft.Online.SharePoint.PowerShell"; RequiredVersion = "16.0.24009.12000" },
-                @{ ModuleName = "MicrosoftTeams"; RequiredVersion = "5.5.0" }
-            )
+        $requiredModules = Get-RequiredModule -AuditFunction
+
+        # Format the required modules list
+        $requiredModulesFormatted = Format-RequiredModuleList -RequiredModules $requiredModules
+
+        # Check and install required modules if necessary
+        if (!($NoModuleCheck) -and $PSCmdlet.ShouldProcess("Check for required modules: $requiredModulesFormatted", "Check")) {
             foreach ($module in $requiredModules) {
-                Assert-ModuleAvailability -ModuleName $module.ModuleName -RequiredVersion $module.RequiredVersion -SubModuleName $module.SubModuleName
+                Assert-ModuleAvailability -ModuleName $module.ModuleName -RequiredVersion $module.RequiredVersion -SubModules $module.SubModules
             }
         }
 
-
-        # Loop through each required module and assert its availability
-
-        # Establishing connections
-
         # Load test definitions from CSV
         $testDefinitionsPath = Join-Path -Path $PSScriptRoot -ChildPath "helper\TestDefinitions.csv"
         $testDefinitions = Import-Csv -Path $testDefinitionsPath
         # Load the Test Definitions into the script scope for use in other functions
         $script:TestDefinitionsObject = $testDefinitions
+
         # Apply filters based on parameter sets
         $params = @{
             TestDefinitions       = $testDefinitions
@@ -167,81 +210,84 @@ function Invoke-M365SecurityAudit {
             SkipRecommendation    = $SkipRecommendation
         }
         $testDefinitions = Get-TestDefinitionsObject @params
-        # End switch ($PSCmdlet.ParameterSetName)
         # Extract unique connections needed
         $requiredConnections = $testDefinitions.Connection | Sort-Object -Unique
-
-        # Establishing connections if required
-        if (!($DoNotConnect)) {
-            Connect-M365Suite -TenantAdminUrl $TenantAdminUrl -RequiredConnections $requiredConnections
+        if ($requiredConnections -contains 'SPO') {
+            if (-not $TenantAdminUrl) {
+                $requiredConnections = $requiredConnections | Where-Object { $_ -ne 'SPO' }
+                $testDefinitions = $testDefinitions | Where-Object { $_.Connection -ne 'SPO' }
+                if ($null -eq $testDefinitions) {
+                    throw "No tests to run as no SharePoint Online tests are available."
+                }
+            }
         }
         # Determine which test files to load based on filtering
         $testsToLoad = $testDefinitions.TestFileName | ForEach-Object { $_ -replace '.ps1$', '' }
-
-        # Display the tests that would be loaded if the function is called with -WhatIf
-
         Write-Verbose "The $(($testsToLoad).count) test/s that would be loaded based on filter criteria:"
         $testsToLoad | ForEach-Object { Write-Verbose " $_" }
+        # Initialize a collection to hold failed test details
+        $script:FailedTests = [System.Collections.ArrayList]::new()
     } # End Begin
 
     Process {
-        $allAuditResults = [System.Collections.ArrayList]::new() #@()  # Initialize a collection to hold all results
-
+        $allAuditResults = [System.Collections.ArrayList]::new() # Initialize a collection to hold all results
         # Dynamically dot-source the test scripts
         $testsFolderPath = Join-Path -Path $PSScriptRoot -ChildPath "tests"
         $testFiles = Get-ChildItem -Path $testsFolderPath -Filter "Test-*.ps1" |
         Where-Object { $testsToLoad -contains $_.BaseName }
 
+        $totalTests = $testFiles.Count
+        $currentTestIndex = 0
+
+        # Establishing connections if required
+        $actualUniqueConnections = Get-UniqueConnection -Connections $requiredConnections
+        if (!($DoNotConnect) -and $PSCmdlet.ShouldProcess("Establish connections to Microsoft 365 services: $($actualUniqueConnections -join ', ')", "Connect")) {
+            Write-Information "Establishing connections to Microsoft 365 services: $($actualUniqueConnections -join ', ')" -InformationAction Continue
+            Connect-M365Suite -TenantAdminUrl $TenantAdminUrl -RequiredConnections $requiredConnections
+        }
+
+
+        Write-Information "A total of $($totalTests) tests were selected to run..." -InformationAction Continue
         # Import the test functions
         $testFiles | ForEach-Object {
+            $currentTestIndex++
+            Write-Progress -Activity "Loading Test Scripts" -Status "Loading $($currentTestIndex) of $($totalTests): $($_.Name)" -PercentComplete (($currentTestIndex / $totalTests) * 100)
             Try {
+                # Dot source the test function
                 . $_.FullName
             }
             Catch {
+                # Log the error and add the test to the failed tests collection
                 Write-Error "Failed to load test function $($_.Name): $_"
+                $script:FailedTests.Add([PSCustomObject]@{ Test = $_.Name; Error = $_ })
             }
         }
 
+        $currentTestIndex = 0
         # Execute each test function from the prepared list
         foreach ($testFunction in $testFiles) {
+            $currentTestIndex++
+            Write-Progress -Activity "Executing Tests" -Status "Executing $($currentTestIndex) of $($totalTests): $($testFunction.Name)" -PercentComplete (($currentTestIndex / $totalTests) * 100)
             $functionName = $testFunction.BaseName
-            $functionCmd = Get-Command -Name $functionName
-
-            # Check if the test function needs DomainName parameter
-            $paramList = @{}
-            if ('DomainName' -in $functionCmd.Parameters.Keys) {
-                $paramList.DomainName = $DomainName
-            }
-
-            # Use splatting to pass parameters
             if ($PSCmdlet.ShouldProcess($functionName, "Execute test")) {
-                Write-Host "Running $functionName..."
-                $result = & $functionName @paramList
-                # Assuming each function returns an array of CISAuditResult or a single CISAuditResult
-                [void]($allAuditResults.add($Result))
+                $auditResult = Invoke-TestFunction -FunctionFile $testFunction -DomainName $M365DomainForPWPolicyTest
+                # Add the result to the collection
+                [void]$allAuditResults.Add($auditResult)
             }
         }
     }
 
     End {
-        if (!($DoNotDisconnect)) {
+        if (!($DoNotDisconnect) -and $PSCmdlet.ShouldProcess("Disconnect from Microsoft 365 services: $($actualUniqueConnections -join ', ')", "Disconnect")) {
             # Clean up sessions
             Disconnect-M365Suite -RequiredConnections $requiredConnections
         }
-        # Calculate the total number of tests
-        $totalTests = $allAuditResults.Count
-
-        # Calculate the number of passed tests
-        $passedTests = $allAuditResults.ToArray() | Where-Object { $_.Result -eq $true } | Measure-Object | Select-Object -ExpandProperty Count
-
-        # Calculate the pass percentage
-        $passPercentage = if ($totalTests -eq 0) { 0 } else { [math]::Round(($passedTests / $totalTests) * 100, 2) }
-
-        # Display the pass percentage to the user
-        Write-Host "Audit completed. $passedTests out of $totalTests tests passed." -ForegroundColor Cyan
-        Write-Host "Your passing percentage is $passPercentage%."
+        if ($PSCmdlet.ShouldProcess("Measure and display audit results for $($totalTests) tests", "Measure")) {
+            # Call the private function to calculate and display results
+            Measure-AuditResult -AllAuditResults $allAuditResults -FailedTests $script:FailedTests
             # Return all collected audit results
-        return $allAuditResults.ToArray()
-        # Check if the Disconnect switch is present
+            return $allAuditResults.ToArray() | Sort-Object -Property Rec
+        }
     }
 }
+

source/Public/Sync-CISExcelAndCsvData.ps1

@@ -1,54 +1,83 @@
 <#
-    .SYNOPSIS
-    Synchronizes data between an Excel file and a CSV file and optionally updates the Excel worksheet.
-    .DESCRIPTION
-    The Sync-CISExcelAndCsvData function merges data from a specified Excel file and a CSV file based on a common key. It can also update the Excel worksheet with the merged data. This function is particularly useful for updating Excel records with additional data from a CSV file while preserving the original formatting and structure of the Excel worksheet.
-    .PARAMETER ExcelPath
-    The path to the Excel file that contains the original data. This parameter is mandatory.
-    .PARAMETER WorksheetName
-    The name of the worksheet within the Excel file that contains the data to be synchronized. This parameter is mandatory.
-    .PARAMETER CsvPath
-    The path to the CSV file containing data to be merged with the Excel data. This parameter is mandatory.
-    .PARAMETER SkipUpdate
-    If specified, the function will return the merged data object without updating the Excel worksheet. This is useful for previewing the merged data.
-    .EXAMPLE
-    PS> Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -WorksheetName "DataSheet" -CsvPath "path\to\data.csv"
-    Merges data from 'data.csv' into 'excel.xlsx' on the 'DataSheet' worksheet and updates the worksheet with the merged data.
-    .EXAMPLE
-    PS> $mergedData = Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -WorksheetName "DataSheet" -CsvPath "path\to\data.csv" -SkipUpdate
-    Retrieves the merged data object for preview without updating the Excel worksheet.
-    .INPUTS
-    None. You cannot pipe objects to Sync-CISExcelAndCsvData.
-    .OUTPUTS
-    Object[]
-    If the SkipUpdate switch is used, the function returns an array of custom objects representing the merged data.
-    .NOTES
-    - Ensure that the 'ImportExcel' module is installed and up to date.
-    - It is recommended to backup the Excel file before running this script to prevent accidental data loss.
-    - This function is part of the CIS Excel and CSV Data Management Toolkit.
-    .LINK
-    https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Sync-CISExcelAndCsvData
+.SYNOPSIS
+Synchronizes data between an Excel file and either a CSV file or an output object from Invoke-M365SecurityAudit, and optionally updates the Excel worksheet.
+.DESCRIPTION
+The Sync-CISExcelAndCsvData function merges data from a specified Excel file with data from either a CSV file or an output object from Invoke-M365SecurityAudit based on a common key. It can also update the Excel worksheet with the merged data. This function is particularly useful for updating Excel records with additional data from a CSV file or audit results while preserving the original formatting and structure of the Excel worksheet.
+.PARAMETER ExcelPath
+The path to the Excel file that contains the original data. This parameter is mandatory.
+.PARAMETER WorksheetName
+The name of the worksheet within the Excel file that contains the data to be synchronized. This parameter is mandatory.
+.PARAMETER CsvPath
+The path to the CSV file containing data to be merged with the Excel data. This parameter is mandatory when using the CsvInput parameter set.
+.PARAMETER AuditResults
+An array of CISAuditResult objects from Invoke-M365SecurityAudit to be merged with the Excel data. This parameter is mandatory when using the ObjectInput parameter set. It can also accept pipeline input.
+.PARAMETER SkipUpdate
+If specified, the function will return the merged data object without updating the Excel worksheet. This is useful for previewing the merged data.
+.EXAMPLE
+PS> Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -WorksheetName "DataSheet" -CsvPath "path\to\data.csv"
+Merges data from 'data.csv' into 'excel.xlsx' on the 'DataSheet' worksheet and updates the worksheet with the merged data.
+.EXAMPLE
+PS> $mergedData = Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -WorksheetName "DataSheet" -CsvPath "path\to\data.csv" -SkipUpdate
+Retrieves the merged data object for preview without updating the Excel worksheet.
+.EXAMPLE
+PS> $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://tenant-admin.url" -DomainName "example.com"
+PS> Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -WorksheetName "DataSheet" -AuditResults $auditResults
+Merges data from the audit results into 'excel.xlsx' on the 'DataSheet' worksheet and updates the worksheet with the merged data.
+.EXAMPLE
+PS> $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://tenant-admin.url" -DomainName "example.com"
+PS> $mergedData = Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -WorksheetName "DataSheet" -AuditResults $auditResults -SkipUpdate
+Retrieves the merged data object for preview without updating the Excel worksheet.
+.EXAMPLE
+PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://tenant-admin.url" -DomainName "example.com" | Sync-CISExcelAndCsvData -ExcelPath "path\to\excel.xlsx" -WorksheetName "DataSheet"
+Pipes the audit results into Sync-CISExcelAndCsvData to merge data into 'excel.xlsx' on the 'DataSheet' worksheet and updates the worksheet with the merged data.
+.INPUTS
+System.String, CISAuditResult[]
+You can pipe CISAuditResult objects to Sync-CISExcelAndCsvData.
+.OUTPUTS
+Object[]
+If the SkipUpdate switch is used, the function returns an array of custom objects representing the merged data.
+.NOTES
+- Ensure that the 'ImportExcel' module is installed and up to date.
+- It is recommended to backup the Excel file before running this script to prevent accidental data loss.
+- This function is part of the CIS Excel and CSV Data Management Toolkit.
+.LINK
+https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Sync-CISExcelAndCsvData
 #>
-
 function Sync-CISExcelAndCsvData {
-    [CmdletBinding()]
+    [OutputType([void], [PSCustomObject[]])]
+    [CmdletBinding(DefaultParameterSetName = 'CsvInput')]
     param (
         [Parameter(Mandatory = $true)]
+        [ValidateScript({ Test-Path $_ })]
         [string]$ExcelPath,
 
         [Parameter(Mandatory = $true)]
         [string]$WorksheetName,
 
-        [Parameter(Mandatory = $true)]
+        [Parameter(Mandatory = $true, ParameterSetName = 'CsvInput')]
+        [ValidateScript({ Test-Path $_ })]
         [string]$CsvPath,
 
+        [Parameter(Mandatory = $true, ParameterSetName = 'ObjectInput', ValueFromPipeline = $true)]
+        [CISAuditResult[]]$AuditResults,
+
         [Parameter(Mandatory = $false)]
         [switch]$SkipUpdate
     )
 
     process {
-        # Merge Excel and CSV data
+        # Verify ImportExcel module is available
+        $requiredModules = Get-RequiredModule -SyncFunction
+        foreach ($module in $requiredModules) {
+            Assert-ModuleAvailability -ModuleName $module.ModuleName -RequiredVersion $module.RequiredVersion -SubModuleName $module.SubModuleName
+        }
+
+        # Merge Excel and CSV data or Audit Results
+        if ($PSCmdlet.ParameterSetName -eq 'CsvInput') {
             $mergedData = Merge-CISExcelAndCsvData -ExcelPath $ExcelPath -WorksheetName $WorksheetName -CsvPath $CsvPath
+        } else {
+            $mergedData = Merge-CISExcelAndCsvData -ExcelPath $ExcelPath -WorksheetName $WorksheetName -AuditResults $AuditResults
+        }
 
         # Output the merged data if the user chooses to skip the update
         if ($SkipUpdate) {

source/helper/TestDefinitions.csv

@@ -18,8 +18,8 @@
 17,Test-RestrictTenantCreation.ps1,5.1.2.3,Ensure 'Restrict non-admin users from creating tenants' is set to 'Yes',E3,L1,0,Explicitly Not Mapped,FALSE,FALSE,FALSE,TRUE,Microsoft Graph
 18,Test-PasswordHashSync.ps1,5.1.8.1,Ensure password hash sync is enabled for hybrid deployments,E3,L1,6.7,Centralize Access Control,FALSE,TRUE,TRUE,TRUE,Microsoft Graph
 19,Test-AuditDisabledFalse.ps1,6.1.1,Ensure 'AuditDisabled' organizationally is set to 'False',E3,L1,8.2,Collect Audit Logs,TRUE,TRUE,TRUE,TRUE,Microsoft Graph
-20,Test-MailboxAuditingE3.ps1,6.1.2,Ensure mailbox auditing for Office E3 users is Enabled,E3,L1,8.2,Collect audit logs.,TRUE,TRUE,TRUE,TRUE,AzureAD | EXO
-21,Test-MailboxAuditingE5.ps1,6.1.3,Ensure mailbox auditing for Office E5 users is Enabled,E5,L1,8.2,Collect audit logs.,TRUE,TRUE,TRUE,TRUE,AzureAD | EXO
+20,Test-MailboxAuditingE3.ps1,6.1.2,Ensure mailbox auditing for Office E3 users is Enabled,E3,L1,8.2,Collect audit logs.,TRUE,TRUE,TRUE,TRUE,AzureAD | EXO | Microsoft Graph
+21,Test-MailboxAuditingE5.ps1,6.1.3,Ensure mailbox auditing for Office E5 users is Enabled,E5,L1,8.2,Collect audit logs.,TRUE,TRUE,TRUE,TRUE,AzureAD | EXO | Microsoft Graph
 22,Test-BlockMailForwarding.ps1,6.2.1,Ensure all forms of mail forwarding are blocked and/or disabled,E3,L1,0,Explicitly Not Mapped,FALSE,FALSE,FALSE,TRUE,EXO
 23,Test-NoWhitelistDomains.ps1,6.2.2,Ensure mail transport rules do not whitelist specific domains,E3,L1,0,Explicitly Not Mapped,FALSE,FALSE,FALSE,TRUE,EXO
 24,Test-IdentifyExternalEmail.ps1,6.2.3,Ensure email from external senders is identified,E3,L1,0,Explicitly Not Mapped,FALSE,FALSE,FALSE,TRUE,EXO

source/tests/Test-AdministrativeAccountCompliance.ps1

@@ -1,26 +1,43 @@
 function Test-AdministrativeAccountCompliance {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
-        # Aligned
         # Parameters can be added if needed
     )
 
     begin {
-        #. .\source\Classes\CISAuditResult.ps1
         $validLicenses = @('AAD_PREMIUM', 'AAD_PREMIUM_P2')
+        $recnum = "1.1.1"
     }
 
     process {
+        try {
+            # Retrieve all necessary data outside the loops
             $adminRoles = Get-MgRoleManagementDirectoryRoleDefinition | Where-Object { $_.DisplayName -like "*Admin*" }
+            $roleAssignments = Get-MgRoleManagementDirectoryRoleAssignment
+            $principalIds = $roleAssignments.PrincipalId | Select-Object -Unique
+
+            # Fetch user details using filter
+            $userDetailsList = @{}
+            $licensesList = @{}
+
+            $userDetails = Get-MgUser -Filter "id in ('$($principalIds -join "','")')" -Property "DisplayName, UserPrincipalName, Id, OnPremisesSyncEnabled" -ErrorAction SilentlyContinue
+            foreach ($user in $userDetails) {
+                $userDetailsList[$user.Id] = $user
+            }
+
+            # Fetch user licenses for each unique principal ID
+            foreach ($principalId in $principalIds) {
+                $licensesList[$principalId] = Get-MgUserLicenseDetail -UserId $principalId -ErrorAction SilentlyContinue
+            }
+
             $adminRoleUsers = @()
 
             foreach ($role in $adminRoles) {
-            $roleAssignments = Get-MgRoleManagementDirectoryRoleAssignment -Filter "roleDefinitionId eq '$($role.Id)'"
-
-            foreach ($assignment in $roleAssignments) {
-                $userDetails = Get-MgUser -UserId $assignment.PrincipalId -Property "DisplayName, UserPrincipalName, Id, OnPremisesSyncEnabled" -ErrorAction SilentlyContinue
+                foreach ($assignment in $roleAssignments | Where-Object { $_.RoleDefinitionId -eq $role.Id }) {
+                    $userDetails = $userDetailsList[$assignment.PrincipalId]
                     if ($userDetails) {
-                    $licenses = Get-MgUserLicenseDetail -UserId $assignment.PrincipalId -ErrorAction SilentlyContinue
+                        $licenses = $licensesList[$assignment.PrincipalId]
                         $licenseString = if ($licenses) { ($licenses.SkuPartNumber -join '|') } else { "No Licenses Found" }
 
                         $adminRoleUsers += [PSCustomObject]@{
@@ -50,23 +67,27 @@ function Test-AdministrativeAccountCompliance {
             $failureReasons = $nonCompliantUsers | ForEach-Object {
                 $accountType = if ($_.HybridUser) { "Hybrid" } else { "Cloud-Only" }
                 $missingLicenses = $validLicenses | Where-Object { $_ -notin ($_.Licenses -split '\|') }
-            "$($_.UserName)|$($_.Roles)|$accountType|Missing: $($missingLicenses -join ',')"
+                "$($_.UserName)|$($_.Roles)|$accountType|$($missingLicenses -join ',')"
             }
             $failureReasons = $failureReasons -join "`n"
+
             $details = if ($nonCompliantUsers) {
-            "Non-Compliant Accounts: $($nonCompliantUsers.Count)`nDetails:`n" + ($nonCompliantUsers | ForEach-Object { $_.UserName }) -join "`n"
-        }
-        else {
+                "Non-compliant accounts: `nUsername | Roles | HybridStatus | Missing Licence`n$failureReasons"
+            } else {
                 "Compliant Accounts: $($uniqueAdminRoleUsers.Count)"
             }
 
+            $failureReason = if ($nonCompliantUsers) {
+                "Non-Compliant Accounts: $($nonCompliantUsers.Count)`nDetails:`n" + ($nonCompliantUsers | ForEach-Object { $_.UserName }) -join "`n"
+            } else {
+                "N/A"
+            }
+
             $result = $nonCompliantUsers.Count -eq 0
             $status = if ($result) { 'Pass' } else { 'Fail' }
-        $failureReason = if ($nonCompliantUsers) { "Non-compliant accounts: `nUsername | Roles | HybridStatus | Missing Licence`n$failureReasons" } else { "N/A" }
 
-        # Create the parameter splat
             $params = @{
-            Rec            = "1.1.1"
+                Rec           = $recnum
                 Result        = $result
                 Status        = $status
                 Details       = $details
@@ -75,9 +96,18 @@ function Test-AdministrativeAccountCompliance {
 
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
 
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
     end {
-        # Output the result
         return $auditResult
     }
 }

source/tests/Test-AntiPhishingPolicy.ps1

@@ -1,5 +1,6 @@
 function Test-AntiPhishingPolicy {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -10,9 +11,12 @@ function Test-AntiPhishingPolicy {
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
         #$auditResults = @()
+        $recnum = "2.1.7"
     }
 
     process {
+
+        try {
             # 2.1.7 Ensure that an anti-phishing policy has been created
 
             # Retrieve and validate the anti-phishing policies
@@ -61,7 +65,7 @@ function Test-AntiPhishingPolicy {
 
             # Parameter splat for Initialize-CISAuditResult function
             $params = @{
-            Rec            = "2.1.7"
+                Rec           = $recnum
                 Result        = $nonCompliantItems.Count -eq 0
                 Status        = if ($isCompliant) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -71,6 +75,19 @@ function Test-AntiPhishingPolicy {
             # Create and populate the CISAuditResult object
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-AuditDisabledFalse.ps1

@@ -1,5 +1,6 @@
 function Test-AuditDisabledFalse {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     # Aligned
     param (
         # Parameters can be added if needed
@@ -9,9 +10,12 @@ function Test-AuditDisabledFalse {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "6.1.1"
     }
 
     process {
+
+        try {
             # 6.1.1 (L1) Ensure 'AuditDisabled' organizationally is set to 'False'
 
             # Retrieve the AuditDisabled configuration
@@ -35,7 +39,7 @@ function Test-AuditDisabledFalse {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "6.1.1"
+                Rec           = $recnum
                 Result        = $auditNotDisabled
                 Status        = if ($auditNotDisabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -43,6 +47,19 @@ function Test-AuditDisabledFalse {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-AuditLogSearch.ps1

@@ -1,5 +1,6 @@
 function Test-AuditLogSearch {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,12 @@ function Test-AuditLogSearch {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "3.1.1"
     }
 
     process {
+
+        try {
             # 3.1.1 (L1) Ensure Microsoft 365 audit log search is Enabled
 
             # Retrieve the audit log configuration
@@ -35,14 +39,26 @@ function Test-AuditLogSearch {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "3.1.1"
+                Rec           = $recnum
                 Result        = $auditLogResult
                 Status        = if ($auditLogResult) { "Pass" } else { "Fail" }
                 Details       = $details
                 FailureReason = $failureReasons
             }
             $auditResult = Initialize-CISAuditResult @params
+        }
+        catch {
+            Write-Error "An error occurred during the test: $_"
 
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
     }
 
     end {

source/tests/Test-BlockChannelEmails.ps1

@@ -1,5 +1,6 @@
 function Test-BlockChannelEmails {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added here if needed
@@ -9,9 +10,12 @@ function Test-BlockChannelEmails {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "8.1.2"
     }
 
     process {
+
+        try {
         # 8.1.2 (L1) Ensure users can't send emails to a channel email address
 
         # Retrieve Teams client configuration
@@ -35,7 +39,7 @@ function Test-BlockChannelEmails {
 
         # Create and populate the CISAuditResult object
         $params = @{
-            Rec            = "8.1.2"
+            Rec            = $recnum
             Result         = -not $allowEmailIntoChannel
             Status         = if (-not $allowEmailIntoChannel) { "Pass" } else { "Fail" }
             Details        = $details
@@ -43,6 +47,19 @@ function Test-BlockChannelEmails {
         }
         $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-BlockMailForwarding.ps1

@@ -1,7 +1,7 @@
 function Test-BlockMailForwarding {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
-        # Aligned Compare
         # Parameters can be added if needed
     )
 
@@ -9,34 +9,59 @@ function Test-BlockMailForwarding {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "6.2.1"
     }
 
     process {
+        try {
             # 6.2.1 (L1) Ensure all forms of mail forwarding are blocked and/or disabled
 
-        # Retrieve the transport rules that redirect messages
+            # Step 1: Retrieve the transport rules that redirect messages
             $transportRules = Get-TransportRule | Where-Object { $null -ne $_.RedirectMessageTo }
-        $forwardingBlocked = $transportRules.Count -eq 0
+            $transportForwardingBlocked = $transportRules.Count -eq 0
+
+            # Step 2: Check all anti-spam outbound policies
+            $outboundSpamPolicies = Get-HostedOutboundSpamFilterPolicy
+            $nonCompliantSpamPolicies = $outboundSpamPolicies | Where-Object { $_.AutoForwardingMode -ne 'Off' }
+            $nonCompliantSpamPoliciesArray = @($nonCompliantSpamPolicies)
+            $spamForwardingBlocked = $nonCompliantSpamPoliciesArray.Count -eq 0
+
+            # Determine overall compliance
+            $forwardingBlocked = $transportForwardingBlocked -and $spamForwardingBlocked
 
             # Prepare failure reasons and details based on compliance
-        $failureReasons = if ($transportRules.Count -gt 0) {
-            "Mail forwarding rules found: $($transportRules.Name -join ', ')"
+            $failureReasons = @()
+            $details = @()
+
+            if ($transportRules.Count -gt 0) {
+                $failureReasons += "Mail forwarding rules found: $($transportRules.Name -join ', ')"
+                $details += "Transport Rules Details:`nRule Name|Redirects To"
+                $details += $transportRules | ForEach-Object {
+                    "$($_.Name)|$($_.RedirectMessageTo -join ', ')"
                 }
-        else {
-            "N/A"
+                $details += "`n"
             }
 
-        $details = if ($transportRules.Count -gt 0) {
-            $transportRules | ForEach-Object {
-                "$($_.Name) redirects to $($_.RedirectMessageTo)"
-            } -join " | "
+            if ($nonCompliantSpamPoliciesArray.Count -gt 0) {
+                $failureReasons += "Outbound spam policies allowing automatic forwarding found."
+                $details += "Outbound Spam Policies Details:`nPolicy|AutoForwardingMode"
+                $details += $nonCompliantSpamPoliciesArray | ForEach-Object {
+                    "$($_.Name)|$($_.AutoForwardingMode)"
                 }
-        else {
-            "Step 1: No forwarding rules found. Please proceed with Step 2 described in CIS Benchmark."
             }
 
+            if ($failureReasons.Count -eq 0) {
+                $failureReasons = "N/A"
+                $details = "Both transport rules and outbound spam policies are configured correctly to block forwarding."
+            }
+            else {
+                $failureReasons = $failureReasons -join " | "
+                $details = $details -join "`n"
+            }
+
+            # Populate the audit result
             $params = @{
-            Rec            = "6.2.1"
+                Rec           = $recnum
                 Result        = $forwardingBlocked
                 Status        = if ($forwardingBlocked) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -44,6 +69,19 @@ function Test-BlockMailForwarding {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-BlockSharedMailboxSignIn.ps1

@@ -1,5 +1,6 @@
 function Test-BlockSharedMailboxSignIn {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,12 @@ function Test-BlockSharedMailboxSignIn {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "1.2.2"
     }
 
     process {
+
+        try {
             # 1.2.2 (L1) Ensure sign-in to shared mailboxes is blocked
 
             # Retrieve shared mailbox details
@@ -37,7 +41,7 @@ function Test-BlockSharedMailboxSignIn {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "1.2.2"
+                Rec           = $recnum
                 Result        = $allBlocked
                 Status        = if ($allBlocked) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -45,6 +49,19 @@ function Test-BlockSharedMailboxSignIn {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-CommonAttachmentFilter.ps1

@@ -1,5 +1,6 @@
 function Test-CommonAttachmentFilter {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,11 @@ function Test-CommonAttachmentFilter {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "2.1.2"
     }
 
     process {
+        try {
             # 2.1.2 (L1) Ensure the Common Attachment Types Filter is enabled
 
             # Retrieve the attachment filter policy
@@ -35,7 +38,7 @@ function Test-CommonAttachmentFilter {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "2.1.2"
+                Rec           = $recnum
                 Result        = $result
                 Status        = if ($result) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -43,6 +46,19 @@ function Test-CommonAttachmentFilter {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-CustomerLockbox.ps1

@@ -1,5 +1,6 @@
 function Test-CustomerLockbox {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here if needed
@@ -9,9 +10,12 @@ function Test-CustomerLockbox {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "1.3.6"
     }
 
     process {
+
+        try {
         # 1.3.6 (L2) Ensure the customer lockbox feature is enabled
 
         # Retrieve the organization configuration
@@ -35,7 +39,7 @@ function Test-CustomerLockbox {
 
         # Create and populate the CISAuditResult object #
         $params = @{
-            Rec            = "1.3.6"
+            Rec            = $recnum
             Result         = $customerLockboxEnabled
             Status         = if ($customerLockboxEnabled) { "Pass" } else { "Fail" }
             Details        = $details
@@ -43,6 +47,19 @@ function Test-CustomerLockbox {
         }
         $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-DialInBypassLobby.ps1

@@ -1,5 +1,6 @@
 function Test-DialInBypassLobby {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -9,9 +10,12 @@ function Test-DialInBypassLobby {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "8.5.4"
     }
 
     process {
+
+        try {
             # 8.5.4 (L1) Ensure users dialing in can't bypass the lobby
 
             # Retrieve Teams meeting policy for PSTN users
@@ -35,7 +39,7 @@ function Test-DialInBypassLobby {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "8.5.4"
+                Rec           = $recnum
                 Result        = $PSTNBypassDisabled
                 Status        = if ($PSTNBypassDisabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -43,6 +47,19 @@ function Test-DialInBypassLobby {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-DisallowInfectedFilesDownload.ps1

@@ -1,5 +1,6 @@
 function Test-DisallowInfectedFilesDownload {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here if needed
@@ -10,9 +11,12 @@ function Test-DisallowInfectedFilesDownload {
         #. .\source\Classes\CISAuditResult.ps1
 
         # Initialization code, if needed
+        $recnum = "7.3.1"
     }
 
     process {
+
+        try {
             # 7.3.1 (L2) Ensure Office 365 SharePoint infected files are disallowed for download
 
             # Retrieve the SharePoint tenant configuration
@@ -36,14 +40,26 @@ function Test-DisallowInfectedFilesDownload {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "7.3.1"
+                Rec           = $recnum
                 Result        = $isDisallowInfectedFileDownloadEnabled
                 Status        = if ($isDisallowInfectedFileDownloadEnabled) { "Pass" } else { "Fail" }
                 Details       = $details
                 FailureReason = $failureReasons
             }
             $auditResult = Initialize-CISAuditResult @params
+        }
+        catch {
+            Write-Error "An error occurred during the test: $_"
 
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
     }
 
     end {

source/tests/Test-EnableDKIM.ps1

@@ -1,5 +1,6 @@
 function Test-EnableDKIM {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,12 @@ function Test-EnableDKIM {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "2.1.9"
     }
 
     process {
+
+        try {
         # 2.1.9 (L1) Ensure DKIM is enabled for all Exchange Online Domains
 
         # Retrieve DKIM configuration for all domains
@@ -36,7 +40,7 @@ function Test-EnableDKIM {
 
         # Create and populate the CISAuditResult object
         $params = @{
-            Rec            = "2.1.9"
+            Rec            = $recnum
             Result         = $dkimResult
             Status         = if ($dkimResult) { "Pass" } else { "Fail" }
             Details        = $details
@@ -44,6 +48,19 @@ function Test-EnableDKIM {
         }
         $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-ExternalNoControl.ps1

@@ -1,5 +1,6 @@
 function Test-ExternalNoControl {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -10,9 +11,12 @@ function Test-ExternalNoControl {
         #. .\source\Classes\CISAuditResult.ps1
 
         # Initialization code, if needed
+        $recnum = "8.5.7"
     }
 
     process {
+
+        try {
         # 8.5.7 (L1) Ensure external participants can't give or request control
 
         # Retrieve Teams meeting policy for external participant control
@@ -36,7 +40,7 @@ function Test-ExternalNoControl {
 
         # Create and populate the CISAuditResult object
         $params = @{
-            Rec            = "8.5.7"
+            Rec            = $recnum
             Result         = $externalControlRestricted
             Status         = if ($externalControlRestricted) { "Pass" } else { "Fail" }
             Details        = $details
@@ -44,6 +48,19 @@ function Test-ExternalNoControl {
         }
         $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-ExternalSharingCalendars.ps1

@@ -1,5 +1,6 @@
 function Test-ExternalSharingCalendars {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -10,9 +11,12 @@ function Test-ExternalSharingCalendars {
         #. .\source\Classes\CISAuditResult.ps1
 
         # Initialization code, if needed
+        $recnum = "1.3.3"
     }
 
     process {
+
+        try {
             # 1.3.3 (L2) Ensure 'External sharing' of calendars is not available (Automated)
 
             # Retrieve sharing policies related to calendar sharing
@@ -45,7 +49,7 @@ function Test-ExternalSharingCalendars {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "1.3.3"
+                Rec           = $recnum
                 Result        = $isExternalSharingDisabled
                 Status        = if ($isExternalSharingDisabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -53,6 +57,19 @@ function Test-ExternalSharingCalendars {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-GlobalAdminsCount.ps1

@@ -1,5 +1,6 @@
 function Test-GlobalAdminsCount {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here if needed
@@ -10,16 +11,20 @@ function Test-GlobalAdminsCount {
         #. .\source\Classes\CISAuditResult.ps1
 
         # Initialization code, if needed
+        $recnum = "1.1.3"
     }
 
     process {
+        try {
             # 1.1.3 (L1) Ensure that between two and four global admins are designated
 
             # Retrieve global admin role and members
             $globalAdminRole = Get-MgDirectoryRole -Filter "RoleTemplateId eq '62e90394-69f5-4237-9190-012177145e10'"
             $globalAdmins = Get-MgDirectoryRoleMember -DirectoryRoleId $globalAdminRole.Id
-        $globalAdminCount = $globalAdmins.AdditionalProperties.Count
-        $globalAdminUsernames = ($globalAdmins | ForEach-Object { $_.AdditionalProperties["displayName"] }) -join ', '
+            $globalAdminCount = $globalAdmins.Count
+            $globalAdminUsernames = ($globalAdmins | ForEach-Object {
+                "$($_.AdditionalProperties["displayName"]) ($($_.AdditionalProperties["userPrincipalName"]))"
+            }) -join ', '
 
             # Prepare failure reasons and details based on compliance
             $failureReasons = if ($globalAdminCount -lt 2) {
@@ -36,7 +41,7 @@ function Test-GlobalAdminsCount {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "1.1.3"
+                Rec           = $recnum
                 Result        = $globalAdminCount -ge 2 -and $globalAdminCount -le 4
                 Status        = if ($globalAdminCount -ge 2 -and $globalAdminCount -le 4) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -44,6 +49,19 @@ function Test-GlobalAdminsCount {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-GuestAccessExpiration.ps1

@@ -1,5 +1,6 @@
 function Test-GuestAccessExpiration {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here if needed
@@ -10,9 +11,12 @@ function Test-GuestAccessExpiration {
         #. .\source\Classes\CISAuditResult.ps1
 
         # Initialization code, if needed
+        $recnum = "7.2.9"
     }
 
     process {
+
+        try {
         # 7.2.9 (L1) Ensure guest access to a site or OneDrive will expire automatically
 
         # Retrieve SharePoint tenant settings related to guest access expiration
@@ -31,7 +35,7 @@ function Test-GuestAccessExpiration {
 
         # Create and populate the CISAuditResult object
         $params = @{
-            Rec            = "7.2.9"
+            Rec            = $recnum
             Result         = $isGuestAccessExpirationConfiguredCorrectly
             Status         = if ($isGuestAccessExpirationConfiguredCorrectly) { "Pass" } else { "Fail" }
             Details        = $details
@@ -39,6 +43,19 @@ function Test-GuestAccessExpiration {
         }
         $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-GuestUsersBiweeklyReview.ps1

@@ -1,5 +1,6 @@
 function Test-GuestUsersBiweeklyReview {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here if needed
@@ -10,9 +11,11 @@ function Test-GuestUsersBiweeklyReview {
         #. .\source\Classes\CISAuditResult.ps1
 
         # Initialization code, if needed
+        $recnum = "1.1.4"
     }
 
     process {
+        try {
             # 1.1.4 (L1) Ensure Guest Users are reviewed at least biweekly
 
 
@@ -38,7 +41,7 @@ function Test-GuestUsersBiweeklyReview {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "1.1.4"
+                Rec           = $recnum
                 Result        = -not $guestUsers
                 Status        = if ($guestUsers) { "Fail" } else { "Pass" }
                 Details       = $details
@@ -46,6 +49,19 @@ function Test-GuestUsersBiweeklyReview {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-IdentifyExternalEmail.ps1

@@ -1,5 +1,6 @@
 function Test-IdentifyExternalEmail {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -10,9 +11,12 @@ function Test-IdentifyExternalEmail {
         #. .\source\Classes\CISAuditResult.ps1
 
         # Initialization code, if needed
+        $recnum = "6.2.3"
     }
 
     process {
+
+        try {
             # 6.2.3 (L1) Ensure email from external senders is identified
 
             # Retrieve external sender tagging configuration
@@ -31,7 +35,7 @@ function Test-IdentifyExternalEmail {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "6.2.3"
+                Rec           = $recnum
                 Result        = $externalTaggingEnabled
                 Status        = if ($externalTaggingEnabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -39,6 +43,19 @@ function Test-IdentifyExternalEmail {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-LinkSharingRestrictions.ps1

@@ -1,5 +1,6 @@
 function Test-LinkSharingRestrictions {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -10,9 +11,11 @@ function Test-LinkSharingRestrictions {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "7.2.7"
     }
 
     process {
+        try {
             # 7.2.7 (L1) Ensure link sharing is restricted in SharePoint and OneDrive
 
             # Retrieve link sharing configuration for SharePoint and OneDrive
@@ -31,13 +34,27 @@ function Test-LinkSharingRestrictions {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "7.2.7"
+                Rec           = $recnum
                 Result        = $isLinkSharingRestricted
                 Status        = if ($isLinkSharingRestricted) { "Pass" } else { "Fail" }
                 Details       = $details
                 FailureReason = $failureReasons
             }
             $auditResult = Initialize-CISAuditResult @params
+
+        }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
     }
 
     end {

source/tests/Test-MailTipsEnabled.ps1

@@ -1,5 +1,6 @@
 function Test-MailTipsEnabled {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -11,9 +12,11 @@ function Test-MailTipsEnabled {
         # Initialization code, if needed
 
         $auditResult = [CISAuditResult]::new()
+        $recnum = "6.5.2"
     }
 
     process {
+        try {
             # 6.5.2 (L2) Ensure MailTips are enabled for end users
 
             # Retrieve organization configuration for MailTips settings
@@ -38,7 +41,7 @@ function Test-MailTipsEnabled {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "6.5.2"
+                Rec           = $recnum
                 Result        = $allTipsEnabled -and $externalRecipientsTipsEnabled
                 Status        = if ($allTipsEnabled -and $externalRecipientsTipsEnabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -46,6 +49,19 @@ function Test-MailTipsEnabled {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-MailboxAuditingE3.ps1

@@ -1,8 +1,7 @@
 function Test-MailboxAuditingE3 {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
-        # Aligned
-        # Create Table for Details
         # Parameters can be added if needed
     )
 
@@ -15,19 +14,20 @@ function Test-MailboxAuditingE3 {
         $DelegateActions = @("ApplyRecord", "Create", "FolderBind", "HardDelete", "Move", "MoveToDeletedItems", "SendAs", "SendOnBehalf", "SoftDelete", "Update", "UpdateFolderPermissions", "UpdateInboxRules")
         $OwnerActions = @("ApplyRecord", "Create", "HardDelete", "MailboxLogin", "Move", "MoveToDeletedItems", "SoftDelete", "Update", "UpdateCalendarDelegation", "UpdateFolderPermissions", "UpdateInboxRules")
 
-
         $allFailures = @()
         $allUsers = Get-AzureADUser -All $true
         $processedUsers = @{}  # Dictionary to track processed users
+        $recnum = "6.1.2"
     }
 
     process {
+        try {
             foreach ($user in $allUsers) {
                 if ($processedUsers.ContainsKey($user.UserPrincipalName)) {
                     Write-Verbose "Skipping already processed user: $($user.UserPrincipalName)"
                     continue
                 }
-            try {
+
                 $licenseDetails = Get-MgUserLicenseDetail -UserId $user.UserPrincipalName
                 $hasOfficeE3 = ($licenseDetails | Where-Object { $_.SkuPartNumber -in $e3SkuPartNumbers }).Count -gt 0
                 Write-Verbose "Evaluating user $($user.UserPrincipalName) for Office E3 license."
@@ -47,32 +47,33 @@ function Test-MailboxAuditingE3 {
                         foreach ($action in $OwnerActions) {
                             if ($mailbox.AuditOwner -notcontains $action) { $missingActions += "Owner action '$action' missing" }
                         }
+
+                        if ($missingActions.Count -gt 0) {
+                            $formattedActions = Format-MissingAction -missingActions $missingActions
+                            $allFailures += "$userUPN|True|$($formattedActions.Admin)|$($formattedActions.Delegate)|$($formattedActions.Owner)"
+                        }
                     }
                     else {
-                        $allFailures += "$userUPN`: AuditEnabled - False"
-                        continue
+                        $allFailures += "$userUPN|False|||"
                     }
 
-                    if ($missingActions) {
-                        $formattedActions = Format-MissingActions $missingActions
-                        $allFailures += "$userUPN`: AuditEnabled - True; $formattedActions"
-                    }
                     # Mark the user as processed
                     $processedUsers[$user.UserPrincipalName] = $true
                 }
             }
-            catch {
-                Write-Warning "Could not retrieve license details for user $($user.UserPrincipalName): $_"
-            }
-        }
 
             # Prepare failure reasons and details based on compliance
             $failureReasons = if ($allFailures.Count -eq 0) { "N/A" } else { "Audit issues detected." }
-        $details = if ($allFailures.Count -eq 0) { "All Office E3 users have correct mailbox audit settings." } else { $allFailures -join " | " }
+            $details = if ($allFailures.Count -eq 0) {
+                "All Office E3 users have correct mailbox audit settings."
+            }
+            else {
+                "UserPrincipalName|AuditEnabled|AdminActionsMissing|DelegateActionsMissing|OwnerActionsMissing`n" + ($allFailures -join "`n")
+            }
 
             # Populate the audit result
             $params = @{
-            Rec           = "6.1.2"
+                Rec           = $recnum
                 Result        = $allFailures.Count -eq 0
                 Status        = if ($allFailures.Count -eq 0) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -80,35 +81,29 @@ function Test-MailboxAuditingE3 {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
+        #$verbosePreference = 'Continue'
+        $detailsLength = $details.Length
+        Write-Verbose "Character count of the details: $detailsLength"
+
+        if ($detailsLength -gt 32767) {
+            Write-Verbose "Warning: The character count exceeds the limit for Excel cells."
+        }
+        #$verbosePreference = 'SilentlyContinue'
         return $auditResult
     }
 }
-
-function Format-MissingActions {
-    param ([array]$missingActions)
-
-    $actionGroups = @{
-        "Admin"    = @()
-        "Delegate" = @()
-        "Owner"    = @()
-    }
-
-    foreach ($action in $missingActions) {
-        if ($action -match "(Admin|Delegate|Owner) action '([^']+)' missing") {
-            $type = $matches[1]
-            $actionName = $matches[2]
-            $actionGroups[$type] += $actionName
-        }
-    }
-
-    $formattedResults = @()
-    foreach ($type in $actionGroups.Keys) {
-        if ($actionGroups[$type].Count -gt 0) {
-            $formattedResults += "$($type) actions missing: $($actionGroups[$type] -join ', ')"
-        }
-    }
-
-    return $formattedResults -join '; '
-}

source/tests/Test-MailboxAuditingE5.ps1

@@ -1,8 +1,7 @@
 function Test-MailboxAuditingE5 {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
-        # Aligned
-        # Create Table for Details
         # Parameters can be added if needed
     )
 
@@ -15,23 +14,24 @@ function Test-MailboxAuditingE5 {
         $DelegateActions = @("ApplyRecord", "Create", "FolderBind", "HardDelete", "MailItemsAccessed", "Move", "MoveToDeletedItems", "SendAs", "SendOnBehalf", "SoftDelete", "Update", "UpdateFolderPermissions", "UpdateInboxRules")
         $OwnerActions = @("ApplyRecord", "Create", "HardDelete", "MailboxLogin", "Move", "MailItemsAccessed", "MoveToDeletedItems", "Send", "SoftDelete", "Update", "UpdateCalendarDelegation", "UpdateFolderPermissions", "UpdateInboxRules")
 
-
-
         $allFailures = @()
         $allUsers = Get-AzureADUser -All $true
         $processedUsers = @{}  # Dictionary to track processed users
+        $recnum = "6.1.3"
     }
 
     process {
+        try {
             foreach ($user in $allUsers) {
                 if ($processedUsers.ContainsKey($user.UserPrincipalName)) {
+                    Write-Verbose "Skipping already processed user: $($user.UserPrincipalName)"
                     continue
                 }
 
-            try {
                 $licenseDetails = Get-MgUserLicenseDetail -UserId $user.UserPrincipalName
                 $hasOfficeE5 = ($licenseDetails | Where-Object { $_.SkuPartNumber -in $e5SkuPartNumbers }).Count -gt 0
                 Write-Verbose "Evaluating user $($user.UserPrincipalName) for Office E5 license."
+
                 if ($hasOfficeE5) {
                     $userUPN = $user.UserPrincipalName
                     $mailbox = Get-EXOMailbox -Identity $userUPN -PropertySets Audit
@@ -47,38 +47,33 @@ function Test-MailboxAuditingE5 {
                         foreach ($action in $OwnerActions) {
                             if ($mailbox.AuditOwner -notcontains $action) { $missingActions += "Owner action '$action' missing" }
                         }
+
+                        if ($missingActions.Count -gt 0) {
+                            $formattedActions = Format-MissingAction -missingActions $missingActions
+                            $allFailures += "$userUPN|True|$($formattedActions.Admin)|$($formattedActions.Delegate)|$($formattedActions.Owner)"
+                        }
                     }
                     else {
-                        $allFailures += "$userUPN`: AuditEnabled - False"
-                        continue
+                        $allFailures += "$userUPN|False|||"
                     }
 
-                    if ($missingActions) {
-                        $formattedActions = Format-MissingActions $missingActions
-                        $allFailures += "$userUPN`: AuditEnabled - True; $formattedActions"
-                    }
-                    else {
-                        Write-Verbose "User $($user.UserPrincipalName) passed the mailbox audit checks."
-                    }
+                    # Mark the user as processed
                     $processedUsers[$user.UserPrincipalName] = $true
                 }
-                else {
-                    # Adding verbose output to indicate the user does not have an E5 license
-                    Write-Verbose "User $($user.UserPrincipalName) does not have an Office E5 license."
-                }
-            }
-            catch {
-                Write-Warning "Could not retrieve license details for user $($user.UserPrincipalName): $_"
-            }
             }
 
             # Prepare failure reasons and details based on compliance
             $failureReasons = if ($allFailures.Count -eq 0) { "N/A" } else { "Audit issues detected." }
-        $details = if ($allFailures.Count -eq 0) { "All Office E5 users have correct mailbox audit settings." } else { $allFailures -join " | " }
+            $details = if ($allFailures.Count -eq 0) {
+                "All Office E5 users have correct mailbox audit settings."
+            }
+            else {
+                "UserPrincipalName|AuditEnabled|AdminActionsMissing|DelegateActionsMissing|OwnerActionsMissing`n" + ($allFailures -join "`n")
+            }
 
             # Populate the audit result
             $params = @{
-            Rec            = "6.1.3"
+                Rec           = $recnum
                 Result        = $allFailures.Count -eq 0
                 Status        = if ($allFailures.Count -eq 0) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -86,35 +81,29 @@ function Test-MailboxAuditingE5 {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
+        #$verbosePreference = 'Continue'
+        $detailsLength = $details.Length
+        Write-Verbose "Character count of the details: $detailsLength"
+
+        if ($detailsLength -gt 32767) {
+            Write-Verbose "Warning: The character count exceeds the limit for Excel cells."
+        }
+        #$verbosePreference = 'SilentlyContinue'
         return $auditResult
     }
 }
-
-function Format-MissingActions {
-    param ([array]$missingActions)
-
-    $actionGroups = @{
-        "Admin"    = @()
-        "Delegate" = @()
-        "Owner"    = @()
-    }
-
-    foreach ($action in $missingActions) {
-        if ($action -match "(Admin|Delegate|Owner) action '([^']+)' missing") {
-            $type = $matches[1]
-            $actionName = $matches[2]
-            $actionGroups[$type] += $actionName
-        }
-    }
-
-    $formattedResults = @()
-    foreach ($type in $actionGroups.Keys) {
-        if ($actionGroups[$type].Count -gt 0) {
-            $formattedResults += "$($type) actions missing: $($actionGroups[$type] -join ', ')"
-        }
-    }
-
-    return $formattedResults -join '; '
-}

source/tests/Test-ManagedApprovedPublicGroups.ps1

@@ -1,5 +1,6 @@
 function Test-ManagedApprovedPublicGroups {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,10 +10,11 @@ function Test-ManagedApprovedPublicGroups {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
-
+        $recnum = "1.2.1"
     }
 
     process {
+        try {
             # 1.2.1 (L2) Ensure that only organizationally managed/approved public groups exist (Automated)
 
             # Retrieve all public groups
@@ -36,7 +38,7 @@ function Test-ManagedApprovedPublicGroups {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "1.2.1"
+                Rec           = $recnum
                 Result        = $null -eq $allGroups -or $allGroups.Count -eq 0
                 Status        = if ($null -eq $allGroups -or $allGroups.Count -eq 0) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -44,6 +46,19 @@ function Test-ManagedApprovedPublicGroups {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResults

source/tests/Test-MeetingChatNoAnonymous.ps1

@@ -1,5 +1,6 @@
 function Test-MeetingChatNoAnonymous {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -9,9 +10,11 @@ function Test-MeetingChatNoAnonymous {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "8.5.5"
     }
 
     process {
+        try {
             # 8.5.5 (L2) Ensure meeting chat does not allow anonymous users
 
             # Connect to Teams PowerShell using Connect-MicrosoftTeams
@@ -32,7 +35,7 @@ function Test-MeetingChatNoAnonymous {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "8.5.5"
+                Rec           = $recnum
                 Result        = $chatAnonDisabled
                 Status        = if ($chatAnonDisabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -40,6 +43,19 @@ function Test-MeetingChatNoAnonymous {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-ModernAuthExchangeOnline.ps1

@@ -1,5 +1,6 @@
 function Test-ModernAuthExchangeOnline {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -9,6 +10,7 @@ function Test-ModernAuthExchangeOnline {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "6.5.1"
     }
 
     process {
@@ -30,7 +32,7 @@ function Test-ModernAuthExchangeOnline {
 
             # Create and populate the CISAuditResult object
             $params = @{
-                Rec            = "6.5.1"
+                Rec           = $recnum
                 Result        = $orgConfig.OAuth2ClientProfileEnabled
                 Status        = if ($orgConfig.OAuth2ClientProfileEnabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -40,8 +42,18 @@ function Test-ModernAuthExchangeOnline {
 
         }
         catch {
-            Write-Error "An error occurred while testing modern authentication for Exchange Online: $_"
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
         }
+
     }
 
     end {

source/tests/Test-ModernAuthSharePoint.ps1

@@ -1,5 +1,6 @@
 function Test-ModernAuthSharePoint {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -9,9 +10,11 @@ function Test-ModernAuthSharePoint {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "7.2.1"
     }
 
     process {
+        try {
             # 7.2.1 (L1) Ensure modern authentication for SharePoint applications is required
             $SPOTenant = Get-SPOTenant | Select-Object -Property LegacyAuthProtocolsEnabled
             $modernAuthForSPRequired = -not $SPOTenant.LegacyAuthProtocolsEnabled
@@ -28,7 +31,7 @@ function Test-ModernAuthSharePoint {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "7.2.1"
+                Rec           = $recnum
                 Result        = $modernAuthForSPRequired
                 Status        = if ($modernAuthForSPRequired) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -36,6 +39,19 @@ function Test-ModernAuthSharePoint {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-NoAnonymousMeetingJoin.ps1

@@ -1,5 +1,6 @@
 function Test-NoAnonymousMeetingJoin {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -9,9 +10,11 @@ function Test-NoAnonymousMeetingJoin {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "8.5.1"
     }
 
     process {
+        try {
             # 8.5.1 (L2) Ensure anonymous users can't join a meeting
 
             # Connect to Teams PowerShell using Connect-MicrosoftTeams
@@ -31,7 +34,7 @@ function Test-NoAnonymousMeetingJoin {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "8.5.1"
+                Rec           = $recnum
                 Result        = -not $allowAnonymousUsersToJoinMeeting
                 Status        = if (-not $allowAnonymousUsersToJoinMeeting) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -39,6 +42,19 @@ function Test-NoAnonymousMeetingJoin {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-NoAnonymousMeetingStart.ps1

@@ -1,5 +1,6 @@
 function Test-NoAnonymousMeetingStart {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -9,9 +10,11 @@ function Test-NoAnonymousMeetingStart {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "8.5.2"
     }
 
     process {
+        try {
             # 8.5.2 (L1) Ensure anonymous users and dial-in callers can't start a meeting
 
             # Connect to Teams PowerShell using Connect-MicrosoftTeams
@@ -31,7 +34,7 @@ function Test-NoAnonymousMeetingStart {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "8.5.2"
+                Rec           = $recnum
                 Result        = $anonymousStartDisabled
                 Status        = if ($anonymousStartDisabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -39,6 +42,19 @@ function Test-NoAnonymousMeetingStart {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-NoWhitelistDomains.ps1

@@ -1,5 +1,6 @@
 function Test-NoWhitelistDomains {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -9,9 +10,11 @@ function Test-NoWhitelistDomains {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "6.2.2"
     }
 
     process {
+        try {
             # 6.2.2 (L1) Ensure mail transport rules do not whitelist specific domains
 
             # Retrieve transport rules that whitelist specific domains
@@ -35,7 +38,7 @@ function Test-NoWhitelistDomains {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "6.2.2"
+                Rec           = $recnum
                 Result        = -not $whitelistedRules
                 Status        = if ($whitelistedRules) { "Fail" } else { "Pass" }
                 Details       = $details
@@ -43,6 +46,19 @@ function Test-NoWhitelistDomains {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-NotifyMalwareInternal.ps1

@@ -1,5 +1,6 @@
 function Test-NotifyMalwareInternal {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,11 @@ function Test-NotifyMalwareInternal {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "2.1.3"
     }
 
     process {
+        try {
             # 2.1.3 Ensure notifications for internal users sending malware is Enabled
 
             # Retrieve all 'Custom' malware filter policies and check notification settings
@@ -44,7 +47,7 @@ function Test-NotifyMalwareInternal {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "2.1.3"
+                Rec           = $recnum
                 Result        = $result
                 Status        = if ($result) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -52,6 +55,19 @@ function Test-NotifyMalwareInternal {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-OneDriveContentRestrictions.ps1

@@ -1,5 +1,6 @@
 function Test-OneDriveContentRestrictions {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -9,9 +10,11 @@ function Test-OneDriveContentRestrictions {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "7.2.4"
     }
 
     process {
+        try {
             # 7.2.4 (L2) Ensure OneDrive content sharing is restricted
 
             # Retrieve OneDrive sharing capability settings
@@ -35,7 +38,7 @@ function Test-OneDriveContentRestrictions {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "7.2.4"
+                Rec           = $recnum
                 Result        = $isOneDriveSharingRestricted
                 Status        = if ($isOneDriveSharingRestricted) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -43,6 +46,19 @@ function Test-OneDriveContentRestrictions {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-OneDriveSyncRestrictions.ps1

@@ -1,5 +1,6 @@
 function Test-OneDriveSyncRestrictions {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -9,9 +10,11 @@ function Test-OneDriveSyncRestrictions {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "7.3.2"
     }
 
     process {
+        try {
             # 7.3.2 (L2) Ensure OneDrive sync is restricted for unmanaged devices
 
             # Retrieve OneDrive sync client restriction settings
@@ -35,7 +38,7 @@ function Test-OneDriveSyncRestrictions {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "7.3.2"
+                Rec           = $recnum
                 Result        = $isSyncRestricted
                 Status        = if ($isSyncRestricted) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -43,6 +46,19 @@ function Test-OneDriveSyncRestrictions {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-OrgOnlyBypassLobby.ps1

@@ -1,5 +1,6 @@
 function Test-OrgOnlyBypassLobby {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -9,9 +10,11 @@ function Test-OrgOnlyBypassLobby {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "8.5.3"
     }
 
     process {
+        try {
             # 8.5.3 (L1) Ensure only people in my org can bypass the lobby
 
             # Connect to Teams PowerShell using Connect-MicrosoftTeams
@@ -37,7 +40,7 @@ function Test-OrgOnlyBypassLobby {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "8.5.3"
+                Rec           = $recnum
                 Result        = $lobbyBypassRestricted
                 Status        = if ($lobbyBypassRestricted) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -45,6 +48,19 @@ function Test-OrgOnlyBypassLobby {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-OrganizersPresent.ps1

@@ -1,5 +1,6 @@
 function Test-OrganizersPresent {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -9,9 +10,11 @@ function Test-OrganizersPresent {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "8.5.6"
     }
 
     process {
+        try {
             # 8.5.6 (L2) Ensure only organizers and co-organizers can present
 
             # Connect to Teams PowerShell using Connect-MicrosoftTeams
@@ -37,7 +40,7 @@ function Test-OrganizersPresent {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "8.5.6"
+                Rec           = $recnum
                 Result        = $presenterRoleRestricted
                 Status        = if ($presenterRoleRestricted) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -45,6 +48,19 @@ function Test-OrganizersPresent {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-PasswordHashSync.ps1

@@ -1,5 +1,6 @@
 function Test-PasswordHashSync {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,11 @@ function Test-PasswordHashSync {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "5.1.8.1"
     }
 
     process {
+        try {
             # 5.1.8.1 (L1) Ensure password hash sync is enabled for hybrid deployments
             # Pass if OnPremisesSyncEnabled is True. Fail otherwise.
 
@@ -31,7 +34,7 @@ function Test-PasswordHashSync {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "5.1.8.1"
+                Rec           = $recnum
                 Result        = $hashSyncResult
                 Status        = if ($hashSyncResult) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -39,6 +42,19 @@ function Test-PasswordHashSync {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-PasswordNeverExpirePolicy.ps1

@@ -1,44 +1,84 @@
 function Test-PasswordNeverExpirePolicy {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
-        # Aligned
-        [Parameter(Mandatory)]
-        [string]$DomainName # DomainName parameter is now mandatory
+        [Parameter(Mandatory = $false)]
+        [string]$DomainName
     )
 
     begin {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "1.3.1"
+        $overallResult = $true
+        $detailsList = @()
+        $failureReasonsList = @()
+
+        # Add headers for the details
+        $detailsList += "Domain|Validity Period|IsDefault"
     }
 
     process {
-        # 1.3.1 (L1) Ensure the 'Password expiration policy' is set to 'Set passwords to never expire'
-        # Pass if PasswordValidityPeriodInDays is 0. Fail otherwise.
+        try {
+            # Retrieve all domains or a specific domain
+            $domains = if ($DomainName) {
+                Get-MgDomain -DomainId $DomainName
+            } else {
+                Get-MgDomain
+            }
 
+            foreach ($domain in $domains) {
+                $domainName = $domain.Id
+                $isDefault = $domain.IsDefault
                 # Retrieve password expiration policy
-        $passwordPolicy = Get-MgDomain -DomainId $DomainName | Select-Object -ExpandProperty PasswordValidityPeriodInDays
+                $passwordPolicy = $domain.PasswordValidityPeriodInDays
+
+                # Determine if the policy is compliant
+                $isCompliant = $passwordPolicy -eq 0
+                $overallResult = $overallResult -and $isCompliant
 
                 # Prepare failure reasons and details based on compliance
-        $failureReasons = if ($passwordPolicy -ne 0) {
-            "Password expiration is not set to never expire"
-        }
-        else {
+                $failureReasons = if ($isCompliant) {
                     "N/A"
+                } else {
+                    "Password expiration is not set to never expire for domain $domainName. Run the following command to remediate: `nUpdate-MgDomain -DomainId $domainName -PasswordValidityPeriodInDays 2147483647 -PasswordNotificationWindowInDays 30`n"
                 }
 
-        $details = "Validity Period: $passwordPolicy days"
+                $details = "$domainName|$passwordPolicy days|$isDefault"
+
+                # Add details and failure reasons to the lists
+                $detailsList += $details
+                $failureReasonsList += $failureReasons
+            }
+
+            # Prepare the final failure reason and details
+            $finalFailureReason = $failureReasonsList -join "`n"
+            $finalDetails = $detailsList -join "`n"
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "1.3.1"
-            Result         = $passwordPolicy -eq 0
-            Status         = if ($passwordPolicy -eq 0) { "Pass" } else { "Fail" }
-            Details        = $details
-            FailureReason  = $failureReasons
+                Rec           = $recnum
+                Result        = $overallResult
+                Status        = if ($overallResult) { "Pass" } else { "Fail" }
+                Details       = $finalDetails
+                FailureReason = $finalFailureReason
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-ReauthWithCode.ps1

@@ -1,5 +1,6 @@
 function Test-ReauthWithCode {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -9,9 +10,11 @@ function Test-ReauthWithCode {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "7.2.10"
     }
 
     process {
+        try {
             # 7.2.10 (L1) Ensure reauthentication with verification code is restricted
 
             # Retrieve reauthentication settings for SharePoint Online
@@ -30,7 +33,7 @@ function Test-ReauthWithCode {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "7.2.10"
+                Rec           = $recnum
                 Result        = $isReauthenticationRestricted
                 Status        = if ($isReauthenticationRestricted) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -38,6 +41,19 @@ function Test-ReauthWithCode {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-ReportSecurityInTeams.ps1

@@ -1,5 +1,6 @@
 function Test-ReportSecurityInTeams {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -9,9 +10,11 @@ function Test-ReportSecurityInTeams {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "8.6.1"
     }
 
     process {
+        try {
             # 8.6.1 (L1) Ensure users can report security concerns in Teams
 
             # Retrieve the necessary settings for Teams and Exchange Online
@@ -40,7 +43,7 @@ function Test-ReportSecurityInTeams {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "8.6.1"
+                Rec           = $recnum
                 Result        = $securityReportEnabled
                 Status        = if ($securityReportEnabled) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -48,6 +51,19 @@ function Test-ReportSecurityInTeams {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-RestrictCustomScripts.ps1

@@ -1,36 +1,70 @@
 function Test-RestrictCustomScripts {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
-        # Aligned
         # Define your parameters here if needed
     )
 
     begin {
         # Dot source the class script if necessary
-        #. .\source\Classes\CISAuditResult.ps1
+        # . .\source\Classes\CISAuditResult.ps1
+
         # Initialization code, if needed
+        $recnum = "7.3.4"
     }
 
     process {
+
+        try {
             # 7.3.4 (L1) Ensure custom script execution is restricted on site collections
 
             # Retrieve all site collections and select necessary properties
             $SPOSitesCustomScript = Get-SPOSite -Limit All | Select-Object Title, Url, DenyAddAndCustomizePages
 
-        # Find sites where custom scripts are allowed (DenyAddAndCustomizePages is not 'Enabled')
-        $customScriptAllowedSites = $SPOSitesCustomScript | Where-Object { $_.DenyAddAndCustomizePages -ne 'Enabled' }
+            # Replace 'sharepoint.com' with '<SPUrl>'
+            $processedUrls = $SPOSitesCustomScript | ForEach-Object {
+                $_.Url = $_.Url -replace 'sharepoint\.com', '<SPUrl>'
+                $_
+            }
 
+            # Find sites where custom scripts are allowed
+            $customScriptAllowedSites = $processedUrls | Where-Object { $_.DenyAddAndCustomizePages -ne 'Enabled' }
+            #$verbosePreference = 'Continue'
+            # Check the total length of URLs
+            $totalUrlLength = ($customScriptAllowedSites.Url -join '').Length
+            Write-Verbose "Total length of URLs: $totalUrlLength"
+
+            # Extract hostnames from allowed sites if the total length exceeds the limit
+            $mostUsedHostname = $null
+            if ($totalUrlLength -gt 20000) {
+                Write-Verbose "Extracting hostnames from URLs..."
+                $hostnames = $customScriptAllowedSites.Url | ForEach-Object {
+                    if ($_ -match '^https://([^\.]+)\.') {
+                        $matches[1]
+                    }
+                }
+                Write-Verbose "Extracted hostnames: $($hostnames -join ', ')"
+
+                # Find the most used hostname using the Get-MostCommonWord function
+                $mostUsedHostname = Get-MostCommonWord -InputStrings $hostnames
+                Write-Verbose "Most used hostname: $mostUsedHostname"
+            }
+            #$verbosePreference = 'SilentlyContinue'
             # Compliance is true if no sites allow custom scripts
             $complianceResult = $customScriptAllowedSites.Count -eq 0
 
             # Gather details for non-compliant sites (where custom scripts are allowed)
             $nonCompliantSiteDetails = $customScriptAllowedSites | ForEach-Object {
-            "$($_.Title) ($($_.Url)): Custom Script Allowed"
+                $url = $_.Url
+                if ($null -ne $mostUsedHostname -and $url -match "^https://$mostUsedHostname\.<SPUrl>") {
+                    $url = $url -replace "^https://$mostUsedHostname\.<SPUrl>", "https://<corp>.<SPUrl>"
+                }
+                "$(if ($_.Title) {$_.Title} else {"NoTitle"})|$url"
             }
 
             # Prepare failure reasons and details based on compliance
             $failureReasons = if (-not $complianceResult) {
-            "The following site collections allow custom script execution: " + ($nonCompliantSiteDetails -join "; ")
+                "Some site collections are not restricting custom script execution. Review Details property for sites that are not aligned with the benchmark."
             }
             else {
                 "N/A"
@@ -40,12 +74,22 @@ function Test-RestrictCustomScripts {
                 "All site collections have custom script execution restricted"
             }
             else {
-            $nonCompliantSiteDetails -join "; "
+                "Title|Url`n" + ($nonCompliantSiteDetails -join "`n")
+            }
+
+            # Convert details to PSObject and check length
+            $detailsPSObject = $details | ConvertFrom-Csv -Delimiter '|'
+            $detailsLength = ($detailsPSObject | ForEach-Object { $_.Url }).Length
+
+            if ($detailsLength -gt 32767) {
+                # Create a preview of the first 10 results
+                $preview = $detailsPSObject | Select-Object -First 10 | ForEach-Object { "$($_.Title)|$($_.Url)" }
+                $details = "The output is too large. Here is a preview of the first 10 results:`n`n" + ($preview -join "`n") + "`n`nPlease run the test with the following commands to get the full details:`n`nGet-SPOSite -Limit All | Where-Object { `$.DenyAddAndCustomizePages -ne 'Enabled' } | Select-Object Title, Url"
             }
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "7.3.4"
+                Rec           = $recnum
                 Result        = $complianceResult
                 Status        = if ($complianceResult) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -53,8 +97,30 @@ function Test-RestrictCustomScripts {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
+        # Measure the character count of the details
+        #$verbosePreference = 'Continue'
+        $detailsLength = $details.Length
+        Write-Verbose "Character count of the details: $detailsLength"
+
+        if ($detailsLength -gt 32767) {
+            Write-Verbose "Warning: The character count exceeds the limit for Excel cells."
+        }
+        #$verbosePreference = 'SilentlyContinue'
         # Return auditResult
         return $auditResult
     }

source/tests/Test-RestrictExternalSharing.ps1

@@ -1,5 +1,6 @@
 function Test-RestrictExternalSharing {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -9,9 +10,11 @@ function Test-RestrictExternalSharing {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "7.2.3"
     }
 
     process {
+        try {
             # 7.2.3 (L1) Ensure external content sharing is restricted
 
             # Retrieve the SharingCapability setting for the SharePoint tenant
@@ -30,7 +33,7 @@ function Test-RestrictExternalSharing {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "7.2.3"
+                Rec           = $recnum
                 Result        = $isRestricted
                 Status        = if ($isRestricted) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -38,6 +41,19 @@ function Test-RestrictExternalSharing {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-RestrictOutlookAddins.ps1

@@ -1,5 +1,6 @@
 function Test-RestrictOutlookAddins {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters could include credentials or other necessary data
@@ -12,9 +13,11 @@ function Test-RestrictOutlookAddins {
         $customPolicyFailures = @()
         $defaultPolicyFailureDetails = @()
         $relevantRoles = @('My Custom Apps', 'My Marketplace Apps', 'My ReadWriteMailbox Apps')
+        $recnum = "6.3.1"
     }
 
     process {
+        try {
             # 6.3.1 (L2) Ensure users installing Outlook add-ins is not allowed
 
             # Check all mailboxes for custom policies with unallowed add-ins
@@ -62,7 +65,7 @@ function Test-RestrictOutlookAddins {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "6.3.1"
+                Rec           = $recnum
                 Result        = $isCompliant
                 Status        = if ($isCompliant) { "Pass" } else { "Fail" }
                 Details       = $detailsString
@@ -70,6 +73,19 @@ function Test-RestrictOutlookAddins {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-RestrictStorageProvidersOutlook.ps1

@@ -1,5 +1,6 @@
 function Test-RestrictStorageProvidersOutlook {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added here if needed
@@ -9,9 +10,11 @@ function Test-RestrictStorageProvidersOutlook {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "6.5.3"
     }
 
     process {
+        try {
             # 6.5.3 (L2) Ensure additional storage providers are restricted in Outlook on the web
 
             # Retrieve all OwaMailbox policies
@@ -38,7 +41,7 @@ function Test-RestrictStorageProvidersOutlook {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "6.5.3"
+                Rec           = $recnum
                 Result        = $allPoliciesRestricted
                 Status        = if ($allPoliciesRestricted) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -46,6 +49,19 @@ function Test-RestrictStorageProvidersOutlook {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-RestrictTenantCreation.ps1

@@ -1,5 +1,6 @@
 function Test-RestrictTenantCreation {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,11 @@ function Test-RestrictTenantCreation {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "5.1.2.3"
     }
 
     process {
+        try {
             # 5.1.2.3 (L1) Ensure 'Restrict non-admin users from creating tenants' is set to 'Yes'
 
             # Retrieve the tenant creation policy
@@ -30,7 +33,7 @@ function Test-RestrictTenantCreation {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "5.1.2.3"
+                Rec           = $recnum
                 Result        = $tenantCreationResult
                 Status        = if ($tenantCreationResult) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -38,6 +41,19 @@ function Test-RestrictTenantCreation {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-SafeAttachmentsPolicy.ps1

@@ -1,5 +1,6 @@
 function Test-SafeAttachmentsPolicy {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,11 @@ function Test-SafeAttachmentsPolicy {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "2.1.4"
     }
 
     process {
+        try {
             # 2.1.4 (L2) Ensure Safe Attachments policy is enabled
 
             # Retrieve all Safe Attachment policies where Enable is set to True
@@ -35,7 +38,7 @@ function Test-SafeAttachmentsPolicy {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "2.1.4"
+                Rec           = $recnum
                 Result        = $result
                 Status        = if ($result) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -43,6 +46,19 @@ function Test-SafeAttachmentsPolicy {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-SafeAttachmentsTeams.ps1

@@ -1,5 +1,6 @@
 function Test-SafeAttachmentsTeams {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -9,9 +10,11 @@ function Test-SafeAttachmentsTeams {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "2.1.5"
     }
 
     process {
+        try {
             # 2.1.5 (L2) Ensure Safe Attachments for SharePoint, OneDrive, and Microsoft Teams is Enabled
 
             # Retrieve the ATP policies for Office 365 and check Safe Attachments settings
@@ -42,7 +45,7 @@ function Test-SafeAttachmentsTeams {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "2.1.5"
+                Rec           = $recnum
                 Result        = $result
                 Status        = if ($result) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -50,6 +53,19 @@ function Test-SafeAttachmentsTeams {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-SafeLinksOfficeApps.ps1

@@ -1,5 +1,6 @@
 function Test-SafeLinksOfficeApps {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here if needed
@@ -9,9 +10,11 @@ function Test-SafeLinksOfficeApps {
         # Dot source the class script if necessary
         #. .\source\Classes\CISAuditResult.ps1
         # Initialization code, if needed
+        $recnum = "2.1.1"
     }
 
     process {
+        try {
             # 2.1.1 (L2) Ensure Safe Links for Office Applications is Enabled
 
             # Retrieve all Safe Links policies
@@ -49,7 +52,7 @@ function Test-SafeLinksOfficeApps {
 
             # Create and populate the CISAuditResult object
             $params = @{
-            Rec            = "2.1.1"
+                Rec           = $recnum
                 Result        = $result
                 Status        = if ($result) { "Pass" } else { "Fail" }
                 Details       = $details
@@ -57,6 +60,19 @@ function Test-SafeLinksOfficeApps {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return the audit result

source/tests/Test-SharePointAADB2B.ps1

@@ -1,5 +1,6 @@
 function Test-SharePointAADB2B {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -11,15 +12,17 @@ function Test-SharePointAADB2B {
         # Initialization code, if needed
 
         $auditResult = [CISAuditResult]::new()
+        $recnum = "7.2.2"
     }
 
     process {
+        try {
             # 7.2.2 (L1) Ensure SharePoint and OneDrive integration with Azure AD B2B is enabled
             $SPOTenantAzureADB2B = Get-SPOTenant | Select-Object EnableAzureADB2BIntegration
 
             # Populate the auditResult object with the required properties
             $params = @{
-            Rec            = "7.2.2"
+                Rec           = $recnum
                 Result        = $SPOTenantAzureADB2B.EnableAzureADB2BIntegration
                 Status        = if ($SPOTenantAzureADB2B.EnableAzureADB2BIntegration) { "Pass" } else { "Fail" }
                 Details       = "EnableAzureADB2BIntegration: $($SPOTenantAzureADB2B.EnableAzureADB2BIntegration)"
@@ -27,6 +30,19 @@ function Test-SharePointAADB2B {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-SharePointExternalSharingDomains.ps1

@@ -1,5 +1,6 @@
 function Test-SharePointExternalSharingDomains {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -11,16 +12,18 @@ function Test-SharePointExternalSharingDomains {
         # Initialization code, if needed
 
         $auditResult = [CISAuditResult]::new()
+        $recnum = "7.2.6"
     }
 
     process {
+        try {
             # 7.2.6 (L2) Ensure SharePoint external sharing is managed through domain whitelist/blacklists
             $SPOTenant = Get-SPOTenant | Select-Object SharingDomainRestrictionMode, SharingAllowedDomainList
             $isDomainRestrictionConfigured = $SPOTenant.SharingDomainRestrictionMode -eq 'AllowList'
 
             # Populate the auditResult object with the required properties
             $params = @{
-            Rec            = "7.2.6"
+                Rec           = $recnum
                 Result        = $isDomainRestrictionConfigured
                 Status        = if ($isDomainRestrictionConfigured) { "Pass" } else { "Fail" }
                 Details       = "SharingDomainRestrictionMode: $($SPOTenant.SharingDomainRestrictionMode); SharingAllowedDomainList: $($SPOTenant.SharingAllowedDomainList)"
@@ -28,6 +31,19 @@ function Test-SharePointExternalSharingDomains {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-SharePointGuestsItemSharing.ps1

@@ -1,5 +1,6 @@
 function Test-SharePointGuestsItemSharing {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Define your parameters here
@@ -11,16 +12,18 @@ function Test-SharePointGuestsItemSharing {
         # Initialization code, if needed
 
         $auditResult = [CISAuditResult]::new()
+        $recnum = "7.2.5"
     }
 
     process {
+        try {
             # 7.2.5 (L2) Ensure that SharePoint guest users cannot share items they don't own
             $SPOTenant = Get-SPOTenant | Select-Object PreventExternalUsersFromResharing
             $isGuestResharingPrevented = $SPOTenant.PreventExternalUsersFromResharing
 
             # Populate the auditResult object with the required properties
             $params = @{
-            Rec            = "7.2.5"
+                Rec           = $recnum
                 Result        = $isGuestResharingPrevented
                 Status        = if ($isGuestResharingPrevented) { "Pass" } else { "Fail" }
                 Details       = "PreventExternalUsersFromResharing: $isGuestResharingPrevented"
@@ -28,6 +31,19 @@ function Test-SharePointGuestsItemSharing {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-SpamPolicyAdminNotify.ps1

@@ -1,5 +1,6 @@
 function Test-SpamPolicyAdminNotify {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added if needed
@@ -11,9 +12,11 @@ function Test-SpamPolicyAdminNotify {
         # Initialization code, if needed
 
         $auditResult = [CISAuditResult]::new()
+        $recnum = "2.1.6"
     }
 
     process {
+        try {
             # 2.1.6 Ensure Exchange Online Spam Policies are set to notify administrators
 
             # Get the default hosted outbound spam filter policy
@@ -35,7 +38,7 @@ function Test-SpamPolicyAdminNotify {
 
             # Create an instance of CISAuditResult and populate it
             $params = @{
-            Rec            = "2.1.6"
+                Rec           = $recnum
                 Result        = $areSettingsEnabled
                 Status        = if ($areSettingsEnabled) { "Pass" } else { "Fail" }
                 Details       = if ($areSettingsEnabled) { "Both BccSuspiciousOutboundMail and NotifyOutboundSpam are enabled." } else { $failureDetails -join ' ' }
@@ -43,6 +46,19 @@ function Test-SpamPolicyAdminNotify {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-TeamsExternalAccess.ps1

@@ -1,5 +1,6 @@
 function Test-TeamsExternalAccess {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be defined here if needed
@@ -11,9 +12,11 @@ function Test-TeamsExternalAccess {
         # Initialization code, if needed
 
         $auditResult = [CISAuditResult]::new()
+        $recnum = "8.2.1"
     }
 
     process {
+        try {
             # 8.2.1 (L1) Ensure 'external access' is restricted in the Teams admin center
 
             # Connect to Teams PowerShell using Connect-MicrosoftTeams
@@ -30,7 +33,7 @@ function Test-TeamsExternalAccess {
 
             # Create an instance of CISAuditResult and populate it
             $params = @{
-            Rec            = "8.2.1"
+                Rec           = $recnum
                 Result        = $isCompliant
                 Status        = if ($isCompliant) { "Pass" } else { "Fail" }
                 Details       = "AllowTeamsConsumer: $($externalAccessConfig.AllowTeamsConsumer); AllowPublicUsers: $($externalAccessConfig.AllowPublicUsers); AllowFederatedUsers: $($externalAccessConfig.AllowFederatedUsers); AllowedDomains limited: $allowedDomainsLimited"
@@ -38,6 +41,19 @@ function Test-TeamsExternalAccess {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

source/tests/Test-TeamsExternalFileSharing.ps1

@@ -1,5 +1,6 @@
 function Test-TeamsExternalFileSharing {
     [CmdletBinding()]
+    [OutputType([CISAuditResult])]
     param (
         # Aligned
         # Parameters can be added here if needed
@@ -11,9 +12,11 @@ function Test-TeamsExternalFileSharing {
         # Initialization code, if needed
 
         $auditResult = [CISAuditResult]::new()
+        $recnum = "8.1.1"
     }
 
     process {
+        try {
             # 8.1.1 (L2) Ensure external file sharing in Teams is enabled for only approved cloud storage services
             # Connect to Teams PowerShell using Connect-MicrosoftTeams
 
@@ -34,7 +37,7 @@ function Test-TeamsExternalFileSharing {
 
             # Create an instance of CISAuditResult and populate it
             $params = @{
-            Rec            = "8.1.1"
+                Rec           = $recnum
                 Result        = $isCompliant
                 Status        = if ($isCompliant) { "Pass" } else { "Fail" }
                 Details       = if (-not $isCompliant) { "Non-approved providers enabled: $($nonCompliantProviders -join ', ')" } else { "All cloud storage services are approved providers" }
@@ -42,6 +45,19 @@ function Test-TeamsExternalFileSharing {
             }
             $auditResult = Initialize-CISAuditResult @params
         }
+        catch {
+            Write-Error "An error occurred during the test: $_"
+
+            # Retrieve the description from the test definitions
+            $testDefinition = $script:TestDefinitionsObject | Where-Object { $_.Rec -eq $recnum }
+            $description = if ($testDefinition) { $testDefinition.RecDescription } else { "Description not found" }
+
+            $script:FailedTests.Add([PSCustomObject]@{ Rec = $recnum; Description = $description; Error = $_ })
+
+            # Call Initialize-CISAuditResult with error parameters
+            $auditResult = Initialize-CISAuditResult -Rec $recnum -Failure
+        }
+    }
 
     end {
         # Return auditResult

tests/Unit/Private/Format-RequiredModuleList.tests.ps1

@@ -0,0 +1,27 @@
+$ProjectPath = "$PSScriptRoot\..\..\.." | Convert-Path
+$ProjectName = ((Get-ChildItem -Path $ProjectPath\*\*.psd1).Where{
+        ($_.Directory.Name -match 'source|src' -or $_.Directory.Name -eq $_.BaseName) -and
+        $(try { Test-ModuleManifest $_.FullName -ErrorAction Stop } catch { $false } )
+    }).BaseName
+
+
+Import-Module $ProjectName
+
+InModuleScope $ProjectName {
+    Describe Get-PrivateFunction {
+        Context 'Default' {
+            BeforeEach {
+                $return = Get-PrivateFunction -PrivateData 'string'
+            }
+
+            It 'Returns a single object' {
+                ($return | Measure-Object).Count | Should -Be 1
+            }
+
+            It 'Returns a string based on the parameter PrivateData' {
+                $return | Should -Be 'string'
+            }
+        }
+    }
+}
+

tests/Unit/Private/Get-MostCommonWord.tests.ps1

@@ -0,0 +1,27 @@
+$ProjectPath = "$PSScriptRoot\..\..\.." | Convert-Path
+$ProjectName = ((Get-ChildItem -Path $ProjectPath\*\*.psd1).Where{
+        ($_.Directory.Name -match 'source|src' -or $_.Directory.Name -eq $_.BaseName) -and
+        $(try { Test-ModuleManifest $_.FullName -ErrorAction Stop } catch { $false } )
+    }).BaseName
+
+
+Import-Module $ProjectName
+
+InModuleScope $ProjectName {
+    Describe Get-PrivateFunction {
+        Context 'Default' {
+            BeforeEach {
+                $return = Get-PrivateFunction -PrivateData 'string'
+            }
+
+            It 'Returns a single object' {
+                ($return | Measure-Object).Count | Should -Be 1
+            }
+
+            It 'Returns a string based on the parameter PrivateData' {
+                $return | Should -Be 'string'
+            }
+        }
+    }
+}
+

tests/Unit/Private/Get-RequiredModule.tests.ps1

@@ -0,0 +1,27 @@
+$ProjectPath = "$PSScriptRoot\..\..\.." | Convert-Path
+$ProjectName = ((Get-ChildItem -Path $ProjectPath\*\*.psd1).Where{
+        ($_.Directory.Name -match 'source|src' -or $_.Directory.Name -eq $_.BaseName) -and
+        $(try { Test-ModuleManifest $_.FullName -ErrorAction Stop } catch { $false } )
+    }).BaseName
+
+
+Import-Module $ProjectName
+
+InModuleScope $ProjectName {
+    Describe Get-PrivateFunction {
+        Context 'Default' {
+            BeforeEach {
+                $return = Get-PrivateFunction -PrivateData 'string'
+            }
+
+            It 'Returns a single object' {
+                ($return | Measure-Object).Count | Should -Be 1
+            }
+
+            It 'Returns a string based on the parameter PrivateData' {
+                $return | Should -Be 'string'
+            }
+        }
+    }
+}
+

tests/Unit/Private/Get-UniqueConnection.tests.ps1

@@ -0,0 +1,27 @@
+$ProjectPath = "$PSScriptRoot\..\..\.." | Convert-Path
+$ProjectName = ((Get-ChildItem -Path $ProjectPath\*\*.psd1).Where{
+        ($_.Directory.Name -match 'source|src' -or $_.Directory.Name -eq $_.BaseName) -and
+        $(try { Test-ModuleManifest $_.FullName -ErrorAction Stop } catch { $false } )
+    }).BaseName
+
+
+Import-Module $ProjectName
+
+InModuleScope $ProjectName {
+    Describe Get-PrivateFunction {
+        Context 'Default' {
+            BeforeEach {
+                $return = Get-PrivateFunction -PrivateData 'string'
+            }
+
+            It 'Returns a single object' {
+                ($return | Measure-Object).Count | Should -Be 1
+            }
+
+            It 'Returns a string based on the parameter PrivateData' {
+                $return | Should -Be 'string'
+            }
+        }
+    }
+}
+

tests/Unit/Private/Invoke-TestFunction.tests.ps1

@@ -0,0 +1,27 @@
+$ProjectPath = "$PSScriptRoot\..\..\.." | Convert-Path
+$ProjectName = ((Get-ChildItem -Path $ProjectPath\*\*.psd1).Where{
+        ($_.Directory.Name -match 'source|src' -or $_.Directory.Name -eq $_.BaseName) -and
+        $(try { Test-ModuleManifest $_.FullName -ErrorAction Stop } catch { $false } )
+    }).BaseName
+
+
+Import-Module $ProjectName
+
+InModuleScope $ProjectName {
+    Describe Get-PrivateFunction {
+        Context 'Default' {
+            BeforeEach {
+                $return = Get-PrivateFunction -PrivateData 'string'
+            }
+
+            It 'Returns a single object' {
+                ($return | Measure-Object).Count | Should -Be 1
+            }
+
+            It 'Returns a string based on the parameter PrivateData' {
+                $return | Should -Be 'string'
+            }
+        }
+    }
+}
+

tests/Unit/Private/Measure-AuditResult.tests.ps1

@@ -0,0 +1,27 @@
+$ProjectPath = "$PSScriptRoot\..\..\.." | Convert-Path
+$ProjectName = ((Get-ChildItem -Path $ProjectPath\*\*.psd1).Where{
+        ($_.Directory.Name -match 'source|src' -or $_.Directory.Name -eq $_.BaseName) -and
+        $(try { Test-ModuleManifest $_.FullName -ErrorAction Stop } catch { $false } )
+    }).BaseName
+
+
+Import-Module $ProjectName
+
+InModuleScope $ProjectName {
+    Describe Get-PrivateFunction {
+        Context 'Default' {
+            BeforeEach {
+                $return = Get-PrivateFunction -PrivateData 'string'
+            }
+
+            It 'Returns a single object' {
+                ($return | Measure-Object).Count | Should -Be 1
+            }
+
+            It 'Returns a string based on the parameter PrivateData' {
+                $return | Should -Be 'string'
+            }
+        }
+    }
+}
+

tests/Unit/Private/New-MergedObject.tests.ps1

@@ -0,0 +1,27 @@
+$ProjectPath = "$PSScriptRoot\..\..\.." | Convert-Path
+$ProjectName = ((Get-ChildItem -Path $ProjectPath\*\*.psd1).Where{
+        ($_.Directory.Name -match 'source|src' -or $_.Directory.Name -eq $_.BaseName) -and
+        $(try { Test-ModuleManifest $_.FullName -ErrorAction Stop } catch { $false } )
+    }).BaseName
+
+
+Import-Module $ProjectName
+
+InModuleScope $ProjectName {
+    Describe Get-PrivateFunction {
+        Context 'Default' {
+            BeforeEach {
+                $return = Get-PrivateFunction -PrivateData 'string'
+            }
+
+            It 'Returns a single object' {
+                ($return | Measure-Object).Count | Should -Be 1
+            }
+
+            It 'Returns a string based on the parameter PrivateData' {
+                $return | Should -Be 'string'
+            }
+        }
+    }
+}
+