blog

Top Considerations for Outsourcing a Strategic IT Review

IT Strategy

Having personally conducted and also been involved in a number of strategic IT reviews over the course of the last few years, I thought it was worth providing some pointers on what I think works well, in the context of what I think many mid-market businesses are looking to achieve.

Most reviews of an IT environment are initiated in response to some sort of compelling event – a systems outage, a data breach, concerns over personnel, issues with an incumbent supplier – being some of those commonly observed.

The most successful strategic reviews of IT are successful because due consideration is given to the chosen consultancy organisation undertaking the work. Many Board executives instigating a review are rightly concerned that such ‘consultancy’ is essentially paid for presales consultancy work, which many companies would provide for no charge as part of a sales process. In many cases this is a valid concern, and only those exercises which go significantly deeper than a typical review conducted as part of a sales process, really add value to most mid-market businesses looking to understand the direction their IT should be moving in.

The scope of such a review should include at least some of the following areas:

Findings

  • The infrastructure, including the local and wide-area networks, server infrastructure, back-up and business continuity arrangements and the security of the entire environment, as well as potentially the applications also;
  • The existing strategy and management arrangements and the overall view of the manner in which the current IT department is operated;
  • The existing support arrangements for users, and the overall view of the users’ views of the existing set-up and their future requirements;
  • The policies in place, along with the existing contractual and commercial arrangements with third parties.

Risk analysis

  • An easy to understand benchmarking of each area of the scope of your review, which is often rated using a Red, Amber, Green (RAG) colour code, showing the comparison of your IT with your peer group – companies of a similar size in a similar sector to your organisation. Ideally, such a RAG should show where you are now on each area assessed, and show where you will be after an agreed period – the clear intention being that the colour code improves markedly over this period!

Recommendations

  • This section should show what is being recommended to achieve whatever outcomes have been agreed, and would normally be broken down by section of the scope of the review – i.e. separate recommendations for server infrastructure, IT support arrangements, LAN/WAN, etc.
  • Each recommendation should be justified as to why it is being recommended, and it is worth checking always from the outset a set of typical recommendations which the company reviewing has recommended previously, so you know you are not simply paying for presales work for the company to recommend largely the same on premise IT infrastructure with largely the same hardware vendors, or the same private hosted service, which happens to coincide with the fact that they have invested heavily in their own private cloud service!

Here are my Top 10 Considerations – areas it would always be worth having in mind from the outset of a Strategic IT Review to ensure it is most likely to achieve the outcomes you require:

  1. Strategy – it is key that any review starts by understanding your organisation’s objectives. What is the process for this? How much time will be dedicated to it, and who will be undertaking it? It is impossible to align a technology strategy to an organisation without first having understood in some detail their direction of travel.
  2. Cost – such a review is typically chargeable. If the work is being given away for free or heavily discounted, it is probably not going to the level of detail you will need as a mid-market organisation, and it normally suggests that the supplier in question is just not busy enough and is looking to fill excess capacity.
  3. Independence – when was the last time that the supplier recommended something other than just a variation of their own/preferred product set? Check this – as for a review to be most valuable in the mid-market, it needs to be genuinely independent, taking into account the many offerings available in the market, not just their own products. In addition, look at the skillset of the company – for example what skills do they have in reviewing applications as well as infrastructure?
  4. Format – is the Strategic IT Review going to be delivered back to you in the right format for you? Do you really need a long, wordy report document? Will someone read it, and will it prove useful? If so, get it. If not, agree the right format for you to spend your time efficiently and really understand the output.
  5. Board – it is key that such a review has Board involvement and sponsorship from the outset. This means that the results/recommendations will be aligned to your goals, so will ensure that they are most likely to be successfully implemented.
  6. Method – how will the review be conducted? Will it be on-site or remotely undertaken, or a combination of the two? How much time will be required of personnel in your organisation, and for what?
  7. Interviews – for a review to have most impact, it will need to involve some one to one interviews with users of the IT, along with where relevant, some focus groups. This helps understand the existing situation from the IT users’ perspectives, and also helps understand what users most need to do their jobs efficiently and effectively.
  8. Information – what supporting information will you be provided with? Is the review of the technology being conducted manually or using automation, and what additional information on the existing IT environment will you be provided with?
  9. Timescale – how long will such a review take, and what are the contingencies involved in its preparation? Is there for example, information required from third parties (e.g. existing suppliers of IT services), and if so you will need to give some thought to how and when you obtain this.
  10. Follow Up – what is the feedback loop process, and the ongoing management of the engagement with your organisation to ensure that the recommendations are successfully implemented? Aspects of delivering your company strategy may shift over time, and it useful to reconsider the implementation of the roadmap as time goes by.

Good luck with your IT Strategy Review, and do not hesitate to contact us if we can help in any way.

Tim Walker, February 2018