Thursday, March 25, 2010

Why should we audit our IT environment?

If you run a business with more than a handful of computers, you are already spending money on IT and are probably doing so in one of two ways:

1. You react to problems and spend money as the need arises; or
2. You have a strategic plan for IT that aligns to your business plan.

If you fall into the second category, then a regular audit every year or two will ensure you maintain accountability, and deliver and maintain your systems according to plan. This already makes sense to you as you are organised, and can see the benefit of checks and measures in your business.

If, like most of the SME community, you are in the first category and are sick of the instability of your IT environment and the reactive fashion in which you manage it, then an audit is the perfect bridging tool to let you take stock of where you are – and where you need to be. The audit will allow you to make plans and set budgets, meaning you can stop being reactive and start being strategic.

Having clarity in terms of how your IT environment should be functioning means you can write an IT plan for the future, and start working proactively to build the systems your business needs; according to that plan.

Your audit must take into account your business plans for the future, and ensure the scale of projected business growth will be facilitated by a solution that already exists, or is being developed.

We offer our clients and prospects audits as a way of clarifying expectations on both sides of the fence. After all, computers are business productivity tools and work best to support a business when there is accountability on both sides for requirements and deliverables.

To be thorough, an audit must consider the following areas of your technology:

  • External networks and communications, internet connection, private networks and phone.
  • Internal networks for speed and segmentation.
  • Security between the public and private networks.
  • Security within your network for connections between departments and access to files and digital assets.
  • Storage architecture and capacity planning.
  • Server capacity and scalability (this may include virtualisation and consolidation).
  • Data and system backup resources for on-site and off-site backup.
  • Disaster recovery capabilities.
  • PC capabilities and requirements.
  • Application suitability and fit for purpose for each business unit (this may require extensive business analysis and is not a trivial component for many organisations).
  • Online strategies and requirements for applications, communications and marketing.
  • Software licensing.

To be able to do this well, your IT team needs to know a bit about your plans for the business, including:

  • What does the business do?
  • What markets does it sell to?
  • What expansion plans are there for the next three to five years?
  • Will the business expand locally, nationally or internationally?
  • How many new sites will be opened with how many staff at each?
  • What applications are you already considering deploying?
  • What reporting requirements do you have?

When getting an audit done, make sure you use a supplier that is capable of working at the strategic level your business requires – this will ensure that the advice you receive is not too tactical or too basic to be of value.

So, what have been your experiences with IT audits?

David Markus is the founder of Combo - the IT services company that ensures IT is never an impediment to growth.

No comments:

Post a Comment