How to Assess IT Effectiveness

by

January 7, 2022

Our simple framework to assess IT effectiveness will help you improve the performance of your IT department.

C-level executives don’t always know if their IT team has everything covered. That’s why these questions are top of mind:

  • “Are we protected against the latest security vulnerabilities?”
  • “Do we have a foolproof backup and disaster recovery plan?”
  • “Is my team qualified to manage Microsoft 365?”
  • “Can they confidently answer questions on our cybersecurity policy renewal application?”

With in-house IT, an IT director, and a support specialist, call all the shots and outsource anything they can’t figure out to an independent break-fix IT guy or a very small IT service provider.

Does this sound familiar? It should. This arrangement is commonplace in SMBs with 25-100 employees.

 

What’s the problem?

If your IT systems are easy to access, fast, and your employees aren’t complaining, it’s reasonable to assume you don’t have any major problems.

However, it’s impossible to verify you have the best people, processes, and technology to advance your strategic goals without detailed reporting, including KPIs.

Naming conventions will vary from one company to the next. And so will the contents, thanks to APIs and customizations. But one plot point remains constant: anything worth investing in is worth measuring, documenting, and refining for increased accountability.

The following pillar categories appear in many popular IT reports. And you don’t have to be technical to grasp the business rationale for each topic quickly.

 

Assess IT Effectiveness with a Strategic IT Roadmap

Business leaders can quickly assess IT effectiveness with a strategic IT roadmap.

This executive report usually includes everything else we mention below. It’s a comprehensive and dynamic “medical IT record” for your organization.

A roadmap is an action planning tool that integrates your budget and strategy to address three primary concerns: What business outcomes are we trying to achieve? What technologies do we need to accomplish these outcomes? How should we make our technology selection decisions?

These questions should be reviewed with C-Level executives and IT Steering Committees monthly, quarterly, or bi-annually. (Annual reviews are not frequent enough, but this is a good start if you’re a newbie. Better late than never!)

 

Stay Ahead of Projects

Initiatives are presented and prioritized according to business risk (low, medium, and high) and business impact (lower risk, improve efficiency, strengthen compliance, and reduce cost). Think of this as a colored-coded punch list.

With increasing pressure from cybersecurity insurance providers, companies constantly review hardware and Software as a Service (SaaS) options to harden security.

Are you procrastinating on any projects? Do you understand the impact of waiting?

Learn More: Minimizing Cybersecurity Insurance Gaps

 

Assess IT Effectiveness with a Network Diagram

Current PowerPoint or Visio exhibits of your network make complex, far-flung IT system interdependencies accessible for all audiences to understand.

A network diagram may initially include three icons representing bare metal servers. Two years later, three cloud icons may appear in their place because more secure, flexible SaaS alternatives have supplanted the machines.

Learn More: Network Diagram Examples

 

Keep a record of Managed Assets & Warranties

Network elements like firewalls, storage appliances, backup devices, Wireless Access Points, switches, printers, servers, VMs, cloud apps, and user devices are continuously tracked, monitored, replaced, and upgraded according to their useful life. Each is cataloged by:

  • Site
  • Device Class
  • Device Name
  • Make/Model
  • Serial Number
  • Operating System & Service Pack Status & Age
  • Purchase Date
  • Expiration Due Date
  • Last Logged In User
  • Warranty Expiration
  • Last Discovery Date

 

Ensure your Microsoft User Directory is up to date

Employees come and go especially today’s younger workforce. When someone leaves, they should be immediately removed from the domain. This practice enhances security, reduces clutter, and lowers expenses for unused subscriptions.

Microsoft charges different rates depending on the licenses you select. And the rates just went up on March 1, 2022!

Some users need Microsoft 365 Business Standard, while others require Microsoft 365 Business Basic. The former is $7.50 more per month. See why it pays to get these subscriptions right?

Learn More: Microsoft 365 Business Licenses

 

Assess IT Effectiveness with Ticketing Reports

Every IT activity should be categorized, prioritized, and remediated according to its business severity. Everything from automated system updates (that happen behind the scenes), IT planning, procurement, project management, and just-in-time user support should be charted and presented in an Executive Summary for review.

Is your IT department efficient? One measure of this is the rate they open and close tickets from one month to the next.

Are they attentive? If the average time to acknowledge a request is trending lower from one month to the next, that’s a good sign. Do you know how they spend the majority of their time? Down to nitty-gritty percentages?

  • Audio Visual
  • Applications
  • Cloud Servers
  • Compliance
  • Cyber Security Awareness Training
  • Internet
  • Infrastructure
  • Printers/Copiers
  • Remote Support – Work From Home
  • Security Vulnerability Events
  • Server & Workstation Patching
  • VoIP Support
  • Wireless Access
  • Workstations/User Support

Every one of these line items fits into a pie chart to help answer the burning question: What have you done for me lately?

For example, data that reflects 100% up-to-date workstation and server patch status is a security hot button that will instantly increase everyone’s peace of mind.

(Since much of this activity is automated and automatic, it may appear as a lower percentage on the chart.)

However, workstation support is a different matter. If your ticket volume for user support is trending higher every month, and its root cause is a file share on a server approaching its expiration date, IT can make a strong business case for replacing that asset.

Learn More: Client IT Reporting

 

Utilize a Client Sign-Off Form

Finally, every plot point and proposal needs to be recorded. It’s easy to forget what you didn’t approve and easy to get mad when something blows up because you didn’t authorize a replacement recommended by IT.

 

What’s Next?

Are you confident you can trust your IT team? Do they have any of the reporting capabilities we just presented? They may be working with some fantastic third-party resources but not taking full advantage of their offerings.

There may be several reasons for this. However, don’t discount the role of self-interest. IT Departments lacking confidence in their professional capabilities may be reluctant to highlight vendors who may make them look bad.

There’s another challenge with building an in-house IT team. You may have recruited engineers and directors from a best-in-class MSP, but their skill sets will need updating every eighteen months.

And with the current labor shortage affecting the tech workforce, especially cybersecurity, it’s impossible to prevent employees from jumping ship for an instant $25,000 annual increase somewhere else.

Forward-thinking MSPs aren’t out to replace in-house IT. They have service plans and consulting services to make your IT department stronger.

Learn More: vCISO Consulting

Jed is a Solution Advisor at Integris who has specialized in MSP solution development, sales, and marketing communications since 2003.

Keep reading

Signs an Email is Phishing: 5 Signs of Phishing in Your Inbox

Signs an Email is Phishing: 5 Signs of Phishing in Your Inbox

For years we've read articles teaching us to identify the signs an email is phishing. We all know the signs, yet we still miss the blatant indicators and take the bait. According to Security Magazine, citing SlashNext, "The first six months of 2022 saw more than 255...

Leveraging Shared Values to Build Company Culture

Leveraging Shared Values to Build Company Culture

Leveraging shared values is a powerful way to build a company culture around employee and client success. Reaching this goal is challenging in an industry known for overpromising and underdelivering quality IT support. Yes, the MSP business is complicated. Several...

A Personal Twist on Zero Trust Security

A Personal Twist on Zero Trust Security

The massive Australian data breach in late September inspires me to share a personal twist on Zero Trust Security. What makes this incident colossal? BBC News Australia reports, "Australian telecommunications giant Optus revealed about 10 million customers - about 40%...