How often you do an AD assessment

We are doing some AD assessment in the company I work for and we would like to make this assessment regularly.
This is not a real AD Pentest but rather get bloodhound and try to find few ways to highly privileged users or users with higher privileges than needed.
How often would you do this? Any other ideas how to tackle this?

assessment bloodhound cybersecurity doing find higher pentest privileged privileges real the company try work