Technical GA4 Configuration Audit

How to audit
GA4 configuration
end to end.

A GA4 configuration audit goes beyond checking whether events are firing. It verifies Measurement Protocol integrity, BigQuery export health, cross-domain measurement, server-side tag setup, and the 15 configuration settings that silently corrupt data when left at their defaults.

Run configuration audit — $179 → View all 47 checks
47
Automated checks
7
Audit modules
<60s
Time to report
20+
Page PDF output

What a GA4 configuration
audit actually covers.

Most GA4 configuration issues aren't visible in standard reports. They require API access, network inspection, or cross-referencing multiple Admin settings. Here's what GA4 Health Check checks automatically across the Configuration & Customization module and beyond.

01
Property & Account Configuration
Critical checks
Data retention set to default 2 months
Verified via Admin API. The single most commonly missed setting — user-level data is permanently deleted after 60 days if not changed to 14 months.
!
Reporting Identity configuration
Checks whether Blended, Observed, or Device-based identity is configured — affects whether Consent Mode modelled data surfaces in reports and whether thresholding applies.
!
Attribution model review
Verifies the attribution lookback window and model type. Cross-channel data-driven attribution requires minimum event volume thresholds — flagged if not met.
Timezone and currency settings
Confirmed against property settings. UTC timezone is flagged — session boundaries and report dates shift when timezone doesn't match business location.
02
Data Streams & Tag Configuration
Critical checks
Referral exclusion list completeness
Checks for payment processor domains missing from unwanted referrals list. Missing entries cause attribution overwriting on every purchase — affects stripe.com, paypal.com, shop.app, and others.
Internal traffic filter status
Verifies an active internal traffic filter exists. Filter in "Testing" mode is flagged — does not actually exclude internal sessions.
!
Cross-domain measurement configuration
Checks whether domains are configured for cross-domain measurement. Properties with checkout subdomains or third-party booking flows require explicit configuration.
!
Enhanced Measurement event review
Reviews which Enhanced Measurement events are enabled — scroll, outbound clicks, site search, video engagement, file downloads. Each should be intentionally enabled, not left at defaults.
03
BigQuery Export & Integrations
High priority
!
BigQuery export link status
Checks whether BigQuery export is configured. Properties without export have no data archive beyond 14 months and no access to raw unsampled event data for SQL analysis.
Google Ads link verification
Confirms Google Ads is linked and the link is active (not pending or errored). A broken link silently stops conversion import and audience sharing.
Search Console link status
Verifies Search Console integration for organic search query data in GA4 reports.
04
Privacy & Consent Configuration
Critical checks
Consent Mode v2 signal verification
Checks for all 4 required v2 signals: analytics_storage, ad_storage, ad_user_data, ad_personalization. Missing signals mean EEA traffic goes unmodelled.
Default consent state verification
Confirms signals default to "Denied" before user interaction — required for GDPR/UK-GDPR legal compliance. "Granted" default violates consent regulations.
!
Google Signals configuration review
Checks Google Signals status alongside Reporting Identity — the combination that determines whether data thresholding affects your reports.

The configuration checks that
require API access to find.

Many critical configuration issues are invisible in the GA4 interface. They only surface when querying the Admin API directly. These are the checks manual audits most commonly miss.

Measurement Protocol validation
Server-side and offline event submissions via the Measurement Protocol bypass GTM entirely. Checks for missing required parameters (client_id, session_id), incorrect API secret usage, and event payload structure violations that cause silent data loss.
Custom dimension & metric audit
Reviews all registered custom dimensions and metrics against recent event data. Unused registrations consuming quota slots, scope mismatches between parameter and dimension, and dimensions registered but never populated by tags are all flagged.
Event deduplication check
Analyses purchase and conversion event patterns for duplicate firing signatures. A conversion firing twice per session or a transaction_id appearing multiple times in the same day indicates double-counting that inflates revenue figures.
Session fragmentation detection
Identifies UTM parameters on internal links, missing cross-domain configuration, and payment processor redirect patterns that fragment single user journeys into multiple sessions — inflating session counts and breaking funnel analysis.
UTM consistency validation
Reviews the distribution of utm_medium values against GA4's default channel group rules. Non-standard values like social-media, Social, or EMAIL cause sessions to fall into (Unassigned) — invisible until you query the data directly.
Conversion event health check
Checks every conversion-marked event for recent firing data. "Zombie" conversions — events marked as conversions with zero data in the last 30 days — indicate broken implementations that often went unnoticed because no alert fired.

Who needs a technical
GA4 configuration audit.

A configuration audit is most valuable at specific decision points — before a major spend, after a technical change, or when something in the data doesn't add up and you need to know why.

The checks above go deeper than what most GA4 setup guides cover — and deeper than what most agencies include in a standard setup. That's not a criticism; it's the nature of configuration drift over time.

See the complete 47-point checklist →
CTOs & Lead Developers
Before approving GA4 as the source of truth for business decisions. Configuration issues at the data layer affect every downstream dashboard and report.
Data Architects
Before connecting GA4 to BigQuery or a data warehouse. Configuration errors in the source property produce unreliable raw event data that corrupts downstream models.
Analytics Agencies
When onboarding a new client — to understand what was inherited and provide a documented baseline before any work begins.
In-house Analytics Teams
After any significant site migration, GTM restructure, or CMS change that could have disrupted tag execution or cross-domain measurement.
Marketing Directors
When channel performance data looks inconsistent or when ROAS figures from GA4 don't match ad platform reports — configuration is almost always the root cause.

Run the configuration
audit on your property.

47 automated checks via the Google Analytics Admin API. Full configuration review, scored PDF report, step-by-step fix instructions. Results in under 60 seconds.

View all 47 checks first Run audit — $179 →