Initial application connectivity check with minimum permissions (as described above) works fine. Not sure if there will be any impact later but seems to be working for initial integration step.
Initial DB connectivity check with minimum permissions (assigned both 'public' and 'db_datareader') to both the master and ePO databases) failed, with 'Test connection unsuccessful. (2) Unable to connect to mssql server (check credentials)'. Now this later failure could be down to me as I am not an expert with SQL Server, and have previously been testing with the DB credentials used by ePO itself (/core/config) which work fine!