What's The Nature Of A Good IT Assessment?
We often hear about organizations who call in a consulting firm or an outside expert to perform an “IT Assessment”, where the target audience is generally the CEO, President, or Board of Directors. In addition to checking the temperature of an organization’s IT operations and overall soundness, technology assessments are an important component of due diligence in mergers and acquisitions.
So, what does a “good” IT assessment consist of?
In my experience, a solid IT assessment results in:
A shared understanding of the key technology in use at the organization
Current capabilities of the technology
Stability of the technology
Ability to expand on the technology (or not)
Current costs to operate and support
Nature of the support, and its reliability
Relative dependency the organization has on the technology in use
Operational risks associated with the technology
Planned upgrades and projects
A thorough review of current staff and the organizational structure
Capabilities of the IT management team in place
Capabilities of the technical staff
Strengths and weaknesses of the organization and staff
Depth of the current staff
Who the key staff members are that drive success
Who the most likely staff members are to take a better position elsewhere
A thorough review of information security policies and practices
Tools and technologies in place to protect the organization from security incidents
Policies and procedures for information security incident response
Quality of staff supporting information security operations and strategy
Effectiveness of current information security awareness programs
An examination of
Vendor contracts - are they favorable or unfavorable?
Cost trends and capital improvement plans
Licensing and ownership of components
Investments needed to grow the business
Business continuity plans
Opportunities for growth and/or improvement
Of course, organizational culture also plays a significant role in an IT assessment. For example, whether the current IT organizational model in place is a “fit” for the type of company that it supports. Whether the IT staff are engaged with the mission and vision of the organization. And, perhaps most importantly, whether there is a meaningful and effective governance model in place to fully capitalize on the strategic benefits of technology.
If you’re struggling with an IT assessment, and need a clear roadmap to help your organization advance, contact me for further information and assistance.