It would be incredibly useful to be able to see under 'User Management' who has been set up with 2FA.
Likewise, an option to 'enforce 2FA' with a definable grace period to only allow login when 2FA is enabled would be ideal. EG:
Grace Period 14 days from enabling enforcement - users log in and are immediately prompted to set up 2FA.
After 14 days accounts that have failed to set up with 2FA will need their grace period extending, as their accounts will be locked.