IT Assessment Services

We recommend that a complete IT Assessment be done at least once per year with quarterly IT Assessments being done to verify the ongoing organizational state. All things change over time and this is a way to verify your predictions and estimates. It will allow the organization to modify it's plans.

Periodic IT Assessments are also needed as part of any ongoing Disaster Recovery Process Plans.

Our assessment methodology can be summarized by checking out the following major areas:

An outline of a complete IT Technical Assessment:

Current State of IT

  • Organization
    • Identify senior IT managers and determine respective job functions;
    • Determine size, skill level and organizational distribution of IT staff;
    • Identify linkages between staff and business, operations counterparts;
    • Identify location of IT departments.
    • Analyze product/service support structure and identify personnel.
  • Infrastructure
    • Compile current hardware inventory;
    • Document and analyze network infrastructure and topology;
    • Document and analyze telecommunications infrastructure and topology;
    • Document and analyze data center infrastructure and support;
    • Document external data links.
  • Systems
    • Compile manifest of operating systems, databases and development platforms;
    • Compile manifest of deployed application systems, determine level of integration and supporting entity;
    • Review and analyze excerpts of internally developed code and compare to best practices;
    • Evaluate company's web site for customer experience, interface design, usability and performance;
    • Conduct surveys, interviews with internal and external users of IT services to determine level of satisfaction.
  • Current Budget
    • Review and analyze current budget allocations;
    • Compare budget to current burn rate;
    • Review consulting, outsourcing contracts;
    • Identify existence of excess capacity, redundant resources

IT Initiatives and Planning

  • Planned systems
    • Analyze development projects currently underway.  Determine timeliness, viability, staffing and cost of each;
    • Review pending proposals to ensure requirements and specifications are well documented;
  • Existing Systems
    • Ensure adequate capacity planning and support.
  • Pending Budget
    • Review and compare proposed budget with analysis of current budget, burn rate;
    • Review capital budget requirements;
    • Evaluate opportunities for cost savings such as data center, server, project consolidation;
    • Ensure the inclusion of required future support and service contracts.

Risk Profile

  • Business Continuity
    • Analyze data backup/recover practices.  Determine whether well documented, implemented and tested;
    • Analyze disaster recovery plan and determine vulnerabilities and omissions;
    • Examine relationships with third-party vendors to identify potential sources of risk in case of catastrophe.
  • Data Security
    • Analyze data security measures and determine vulnerabilities:
    • Network security measures;
    • Database security measures;
    • Platform security measures;
    • Application security measures;
    • Employee permission, password policies;
    • Physical access to critical assets.
    • Analyze change management policies and procedures.
  • Personnel
    • Determine key resources which must be retained;
    • Determine vulnerabilities to attack by displaced personnel.

    How does your organization measure up? If you need assistance in these areas, please contact us.