Last month, we talked about risks and the need for an IT assessment. Let’s say you aren’t aware of risks within IT. Why spend the time or money on an assessment?
Maybe you wish IT would provide better business value? Aren’t sure what questions to ask your staff or vendor? Judging IT competence can be difficult for business leaders. Perhaps you are hearing from managers about difficulties relating to IT that don’t seem to make sense. Maybe you are new to your CEO position and are interested in a third party opinion. All of these are valid reasons for an IT assessment, also known as an IT evaluation.
How do you know what you should expect from an IT evaluation? Here are a few tips:
A good IT Evaluation starts with understanding the organization’s strategy. A manufacturing facility growing at 2% a year has different IT requirements than an insurance agency growing by acquisition. Healthcare entities have special considerations, including current meaningful use incentives and regulation. Non profits have unique revenue streams that can be unpredictable.
We tend to think of IT as the technology – the software and hardware piece of the equation. Yes, poor hardware and software is a big risk to the organization. But the people side of things is just as important if not more so.
Communication between IT and the business is critical, and project, analytical and technical skills can make or break the organization. Inadequate processes within IT create difficulties even with the best people and technology.
This three-legged stool is critical for the success of an IT department and its ability to support the business’ growth and productivity. A good IT evaluation should cover all three – people, process and technology.
Here are a few items that should be included in any recommendations document coming out of an IT evaluation.
- Current talent review – internal staff and outsourced support
- Capability requirements – what is needed to support the business and IT strategies?
- Optimal organizational structure – internal and outsourced personnel
- Applicable best practices
- IT policy and procedure improvements
- High-level risk assessment
- Technology strategy – infrastructure (servers, networks, phones, etc) and software
- Streamlined architecture plan
- Vendor and contract recommendations
The recommendations should have priorities and risk levels attached. Once you have those, you can shore up the IT foundation issues in the short term, and make plans to build what you need to support the organization at its next level.
Copyright © 2012 by Laura Pettit Rusick