The 10 Best High-Level Questions for an IT RFP


January 3, 2022

The RFP process for IT services needs a makeover, and these are the IT RFP questions that can transform the process.

If you’ve ever been on the receiving end of an RFP, there’s an instant sense that a tremendous amount of time is about to go down the drain as you compete for a “deal” that will probably go nowhere.

This is especially true if your offering is a professional service like commercial real estate, finance, insurance, architecture, legal, accounting, and managed IT. Unlike commodity products, these services are much more complex than ball-bearings or food coloring.

The truth is most RFPs are copies of other RFPs that have been circulating on the Internet for over a decade. These questionnaires are usually generic and rarely provide enough information for the recipient to determine the cost of the best solution.

Even worse, most answers to typical RFP questions already appear on Managed IT Service Provider (MSP) websites.

This article is for companies seeking a new MSP who want to flip the script and focus on the best partner for the journey. To do this, you’ll need the WHY behind a carefully curated set of questions to narrow your search criteria. 

Nitty-gritty details can wait until you download our Free RFP Template.

For now, let’s focus on helping you find the best IT provider for the long haul. Their responses will provide rich qualitative insights that are impossible to extrapolate from a spreadsheet. (These questions will also help you fine-tune your priorities.)


IT RFP Question #1 – What does client success look like to you?

Ideally, the MSP’s idea of client success should align with yours. If you wish to grow, the right MSP will supercharge this endeavor and will cite the following aspirations for their clients:

  • Improve operations
  • Reduce cyber liability and compliance risk
  • Maximize your ability to respond to clients
  • Enhance workforce morale

MSPs with higher levels of operating maturity favor a strategic approach rather than a reactive one. A wise prospect once said, “When it comes to IT services, success is defined by a series of non-events.” 

If the MSP and client agree on the strategy piece, client IT systems serve the business with a much lower rate of disruption.

Learn More: Five Simple MSP Truths and The Importance of Cultural Fit


Question #2 – Describe your process for migrating new clients to your IT services platform?

Setting up or onboarding new clients is much easier said than done. Many clients are so exhausted after several months of talking to various MSPs, supervising multiple site visits, and negotiating rates that they overlook what happens after the deal is finalized.

Once you contract with an MSP, the real work is just beginning. Expect the complete transition to take 30-60 business days. Leaving one provider and going to another requires diligent project management, client participation, and detailed documentation.  

You need concrete evidence of their competence.

Learn More: The Truth About MSP Onboarding


Question #3 – Please provide a general overview of your IT process.

The modern MSP is much more than a support ticket processing factory. Today’s IT service providers are stewards of your digital assets. They’re risk-management partners versed in the most current cybersecurity and compliance frameworks.

This higher level of engagement (and value-add) is only possible with a repeatable IT process based on a sound strategy.

Here is a hypothetical example of a clearly articulated four-step IT process:

  1. We understand your business strategy, IT environment, and budget.
  2. We implement best-in-class IT solutions tailored to your business.
  3. You excel with business optimizing technology and responsive support.
  4. You grow as we guide and refine your digital path to growth.

Learn More: Managing the Process


IT RFP Question #4 – How do you implement IT strategies to benefit our organization?

This question uncovers the MSP’s approach to account management, technology consulting, and vCIO services. These functions converge into one “superpower” role in some instances.

For instance, your Account Manager is a one-stop-shop for all day-to-day details related to your account – except technical support requests. Those matters are the domain of IT specialists, system engineers, network engineers, and project managers in the network operating center ticketing cue.

The Account Manager/VCIO also meets with your technology steering committee monthly, quarterly, or bi-annual for strategic business reviews. In these consulting sessions, your team is presented with recommendations, supported by IT roadmaps, network diagrams, help desk ticket history, upcoming hardware and software renewals, end of life equipment replacement alerts. Each consideration is prioritized by business impact and informed by your budget.

Learn More: Your First Strategic Business Review and World-Class vCIO Overview


Question #5 – Which cybersecurity frameworks do you recommend and support?

There are two kinds of companies: ones that follow cybersecurity frameworks and ones that don’t know they should follow cybersecurity frameworks.

Frameworks not only keep you in the good graces of regulators and plaintiff attorneys, but they also drive agile IT system design. This technical state improves user experience, uptime, quality of service, business continuity, and disaster recovery.

The era of “how fast can you respond when something blows up?” is over. Successful MSPs don’t want to be in fire drill mode and will advise their clients to follow one or several of the following programs and more:

  • CIS v7
  • GDPR
  • ISO 27001
  • NIST
  • PCI
  • SEC

Be sure to inquire which frameworks your prospective MSPs follow. A SOC 2 Type 2 compliant MSP is an excellent choice. This rigorous and ongoing auditing certification is rare among MSPs and signifies a dogged commitment to keeping your data safe.

SOC 2 Type 2 qualification is also expensive, which augers well for the provider’s financial stability.

An MSP with this professional badge of honor is more likely to play a leadership role, ensuring you follow a framework. Why? If you don’t and your network gets breached, their IT systems may be at risk too.

Learn More: The SOC 2 Type 2 MSP


Question #6 – Do you monitor, manage, support, and secure client IT systems 24/7?

This question is somewhat of a feature salad. “Monitor” and “secure” are relatively straightforward because those activities are easy to perform around the clock with various automated brand name remote monitoring, management, and security tools.

However, “manage” and “support” 24/7 are subject to misinterpretation. It’s critical to understand the scope and specific nature of “management” and “support.”

If your network (cloud servers, physical machines, VMs, switches) crashes in the middle of the night, do “management” and “support” duties cover onsite, “right-now” intervention?

Will they show up and begin remediation, or does the provider wait until the next business day to visit your office to engage manually?



IT RFP Question #7 – Detail the different ways our team can request technical support through your help desk?

The most common channels for technical support include but are not limited to phone, email, website, desktop apps, and chat.

Thanks to artificial intelligence or AI, chat is becoming a popular avenue for quick resolve and “grand central” for routing users to the most appropriate support resource.

Many providers are turning their blogs into online learning centers with search filters and topic drop-down menus to help self-service types quickly locate short videos and articles that address popular inquiries.

User support is typically less expensive if it’s limited to business hours. However, many MSPs can accommodate companies with national or international footprints and time zones. Some are national MSPs, and others are local or regional MSPs who work with partners.


Question #8 – How are service tickets prioritized and escalated?

This inquiry will help you understand the IT provider’s roadmap for success for two areas: backend IT system support and user help desk. Both are managed with a severity index of P1, P2, P3, and P4.

For example, a P1 episode occurs when a critical file share is offline. This disconnect affects the entire company and gets prioritized over a P2 which may be one user’s computer locking up.

Backend systems and user support are mutually interdependent. When backend systems are distressed, users have access issues and help desk tickets stack up.

The former is primarily automated with 24/7 monitoring, system alerts, maintenance windows, and notifications, while the latter is reactive. End users seldom know about opened and closed tickets because they happen around the clock, behind the scenes.

Both categories conform to a Service Level Agreement or SLA with descriptions and timetables for a response.

Learn More: Solving Three IT Trouble Spots and Four Leading Drivers of Responsive IT Support


Question #9 – What are your criteria for recommending infrastructure upgrades (new workstations, switches, SIEM solutions, etc.)?

Strong opinion alert: technology assets require replacement or reimagination well before their expiration or fail date.

The Technology Lifecycle is an immutable timeline followed by MSPs who want their clients to enjoy robust, resilient IT systems less prone to operating glitches and cyberthreats.

Every piece of technology in your IT stack has a finite lifespan, generally speaking, around three years for laptops, four years for servers, and seven years for switches and low voltage wiring.

Security software and layered solution add-ons are even more frequent considering today’s constant state of “cyberwarfare.”

Your MSP will charge you for projects and any related moves, adds, or changes. Some charge a fixed fee. Others bill on a time and materials basis.  While no one likes to absorb extra costs, projects can’t be avoided. Plus, the only alternative is for MSPs to charge more on a monthly basis (in order to afford to not charge for projects).

Learn More: IT Project Examples


IT RFP Question #10 – How is your support team incentivized to deliver an exceptional client experience?

Surveys and gamification with cash prizes incentivize tech support to provide an exceptional client experience.

For instance, after each ticket is closed, the client receives a quick email follow-up to rate the encounter with easy-to-click icons that represent a smiley face, a neutral expression, or a scowl.

Winners are announced weekly and given recognition by their peers. This data is also used in annual reviews to support feedback, professional development, pay raises, and increased responsibility.

MSPs compile statistics on these trends, including exhibits that show a downward trend in reactive tickets as their clients evolve and migrate to more fault-tolerant IT systems.

The best run MSPs want fewer tickets per endpoint which is a sign of higher client satisfaction and greater efficiency for everyone.

Learn More: The Downside of Reactive IT Support


Beyond IT RFP Questions: What’s Next?

Today’s MSP websites are more detailed than ever. Just about every IT provider has the following information in clear view:

  • Managed IT Services
  • Additional Services they offer
  • Blogs/Learning Centers about their solutions
  • Plans and Fees
  • What makes them different
  • Logos of major clients
  • Case Studies/Client Success Stories

For this reason, you don’t want MSP respondents merely cutting and pasting copy from their websites. You need a more meaningful, qualitative way to cut through the clutter.

I hope these high-level questions will help you focus on a much smaller universe of MSPs and find a trusted partnership that serves you for years to come.

Click here to download the Integris Free RFP Template.

Jed is a Solution Advisor at Integris who has specialized in MSP solution development, sales, and marketing communications since 2003.

Keep reading

Retainers for vCIOs and vCISOs: A Comprehensive Guide

Retainers for vCIOs and vCISOs: A Comprehensive Guide

If you're running an IT department at a small to mid-size company, you know— the demands on your infrastructure are greater than ever. Cyber threats are growing at an alarming pace, primarily fueled by the accessibility of AI to hackers. Cloud productivity, system...

Hot Topics for Cybersecurity in 2024

Hot Topics for Cybersecurity in 2024

As we go into 2024, Cybercrime now accounts for $8 Trillion US dollars—enough to make it the third largest "economy" after the US and China.   As scary as that number is, it is the downstream effects of Cybercrime that are so serious. Hacked businesses experience the...

How to Navigate the Cybersecurity Workforce Shortage

How to Navigate the Cybersecurity Workforce Shortage

Cybersecurity stats are in for 2023, and the numbers aren’t pretty. Ransomware attacks are up by 95 percent over 2022, according to the latest analysis by Corvus, a cyber risk insurer. With the inevitable rise in attacks coming in election year 2024, it’s enough to...