New trends in information technology (IT) are disrupting every aspect of business. Each day we hear about things like big data, artificial intelligence, blockchain, internet of things, and machine learning, and in the next few years, there’s a good chance one or more of these technologies will find its way into your organization, if it hasn’t already. No matter what industry you are in, having a forward-thinking IT department with the right skills is more critical than ever. Is your organization ready for the challenges ahead? The best way to find out is through an IT assessment conducted by an experienced third party. The following FAQ will get you started.
What can trigger the need for an assessment?
Common reasons for an IT assessment include:
- New C-level leadership: Newly appointed CEOs, CFOs, or CIOs need visibility into how well IT is working. An IT assessment gives them the big picture they need and provides important benchmarks for future initiatives.
- Issues with your Business continuity or disaster recovery plan: The readiness of your organization to handle disruptions caused by floods, earthquakes and pandemics may indicate shortcomings in your technology environment. An IT assessment will give you feedback on your ability to continue business operations during such drastic events.
- Fast-changing IT environment: If your organization is contemplating digital transformation or becoming a digital business, an IT assessment protects future investments by pulling together critical information on the best path forward.
- Aging technology: Technology and best practices are evolving fast, and many organizations are using outdated technology or maintaining in-house software when they could be using newer or cheaper off-the-shelf packages. An IT assessment will identify end-of-life technologies and recommend alternative approaches.
- Ineffective use of technology: Your organization may not be making the best use of the latest technology such as audio and video conferencing or sharing and collaboration tools. Worse — competitors may be adopting new technologies that are leapfrogging you and other industry peers. An IT assessment provides essential IT benchmarks for your organization and industry.
- Performance issues: If your IT department is getting an undue number of complaints about how well it’s performing, an IT assessment can determine whether the complaints are valid and help pinpoint areas for improvement.
- Staff skills: Many IT departments have skill deficiencies or are misaligned with organizational needs. An IT assessment will identify skill mismatches and ensure important areas are adequately covered.
Worse — competitors may be adopting new technologies that are leapfrogging you and other industry peers.
What’s included in an IT assessment?
An IT assessment is more than a quick look at the organization’s technology — it’s a “three-legged stool” of people, process, and technology.
- People: For the first leg — people — the assessment team looks at three broad areas:
- IT leadership and team structure: This examines the IT department’s leadership and management, team structure and skills, and positioning for future needs.
- User satisfaction: An end-user satisfaction survey is conducted to provide a detailed view of how satisfied technology end users are with IT services.
- Governance: This looks at how the IT department prioritizes projects and makes decisions. For example, some departments operate informally with decisions made by a single person such as an IT director versus a formal process which includes wider business representation.
- Process: The second leg of the stool is process. Here, the assessment team considers four broad categories:
- Service delivery: This area looks at the extent to which IT serves as a strategic partner to the business and how well it’s aligned with business objectives. Policies and procedures are also addressed to ensure that all areas are addressed.
- Strategy: The team looks at what standards are in place, how budgets are developed, procurement standards and associated things such as whether your organization uses proprietary software developed in-house versus off-the-shelf products available from outside vendors.
- Disruptive technologies: This looks at the use of disruptive or emerging technologies from a strategy standpoint and provides guidance on what impact they might have on your organization.
- Security: An important aspect of any assessment is how well your organization addresses security, ensuring proper controls and risk management strategies are in place.
- Refresh and life cycle plan: This reviews policies for refreshing technology and whether a life cycle plan is in place for replacement.
- Technology: The third leg of the stool is technology. The assessment team looks at two key items here:
- Technology in place: This looks at the age of current technology and how well it’s supporting the organization. This includes infrastructure, end-user technologies, and data centers.
- Software: This surveys the software applications in place and identifies applications that could be eliminated or “shadow” systems that aren’t included in the department’s inventory. It also looks at processes in place to track software applications and ensure they are updated.
What are the key steps in an IT assessment?
There are four major steps in an IT assessment:
- Determine the goals and project team. Project goals can vary from a simple baseline for comparison against best practices to a detailed assessment. Occasionally, an assessment will have a specific focus such as staffing or how successful your organization is at meeting end-user requests. Once the goals are in place, the project team is selected. In most cases, it’ll be a cross-functional team involving IT, stakeholders, and key users who will help choose who to interview in the assessment, review the observations, consider findings and recommendations, and ensure the project stays on track.
- Determine some benchmarks. The next step is to determine benchmarks on tools, staffing, and spending that could include surveys of peer organizations or industry-published metrics.
- Prepare a communication plan. The communication plan provides details on the assessment process and how the results will be shared. The plan is shared organization-wide and is critical to ensuring buy-in of participants.
- Conduct the assessment and prepare recommendations and a strategic roadmap. The assessment includes items such as document reviews, surveys, interviews with IT staff and stakeholders, peer reviews, and an analysis of industry information for datapoints. The goal is to validate across multiple data sources. The deliverable is a report with recommendations and a strategic roadmap.
What happens after the assessment?
After the completion of the assessment, there are two important follow-up steps.
- Prioritize and implement recommendations. In this phase, the team determines what to do with the assessment results and recommendations. In some assessments, there will be more recommendations than can be implemented immediately, and they’ll need to be phased in over time. If so, the team will choose priority items, implement them first, and monitor performance against them. A scorecard visible to the entire organization is often created showing the implementation timeline and progress against goals.
- Reassess. The strategic roadmap will include guidance for reassessment at frequent intervals. Some organizations choose to do a self-assessment one, two, and three years out, and then after three years have another outside assessment done to see how well they’ve moved forward. The key is to keep the roadmap simple so everyone will use it as a tool in managing the IT organization.
Given the importance of IT, many organizations are adopting the same auditing diligence to their technology that they do to their financial statements.
Every organization, whether a business, educational institution, or government, faces unprecedented digital disruption. IT is no longer an add-on service; it’s deeply rooted in the business and a determining factor for future success. Given the importance of IT, many organizations are adopting the same auditing diligence to their technology that they do to their financial statements. Is yours?
To find out how your organization can secure its digital future, give us a call.