We have created this comprehensive IT outsourcing due diligence checklist for you as you look to outsource your IT to help guide you as you look to make the right choice for your new IT Partner.
Most businesses are reliant on an effective IT function to keep them operational and their team productive. If you don’t outsource your technology delivery already, adopting outsourcing can be a significant decision for your organisation. The benefits are well known an obvious, from access to skilled expertise, to improved flexibility and cost savings, but choosing the wrong IT support partner could be a costly error that could have an incredibly detrimental effect on the health of your business.
Take a moment to think how much would it cost to have your network and emails down for a day? What about a week? What if your firewall isn’t configured properly and your network is breached, with your data stolen, destroyed or held to ransom?
Risks can be high, and it is often hard to compare service providers, so ensuring that the IT businesses that you engage with can answer the following questions to your satisfaction should give you the peace of mind that you need and should help ensure that your IT outsourcing process is a successful one. At the end of the process, you should be able to choose an IT partner that has the necessary frameworks, experience, people and safeguards in place to keep your IT running seamlessly.
With over 20 years of experience and as we successfully serve a myriad of clients in different industries, all with high expectations and demands, we often get approached when an existing IT provider hasn’t been able to deliver or their current in-house IT team isn’t able to cope with increased demands. In some cases, they don’t get the service quality they had hoped for and the expected IT-related savings are nowhere to be seen. In other cases, their business growth has greatly exceeded the capabilities of their in-house IT team and they are struggling to scale their IT operation to meet.
In light of this we have created this comprehensive IT outsourcing due diligence checklist that will help you find the IT Support provider that is best suited for your needs.
This 3 step IT Outsourcing due diligence checklist will cover:
- Step 1: Understanding your IT needs
- Step 2: Data gathering
- Step 3: Reviews and references
Step 1 – Understanding your IT needs
It’s really important to take the time to analyse your IT delivery and fully understand your needs and what exactly it is that you would require from an IT Support provider. You may find that you need to adapt your stance as you learn more, but by having a base understanding of what you are looking for will help save a lot of valuable time and will ensure that the process is structured well.
Here are the questions that you need to be ask yourself before you start your search:
What is the scope of work that you would like to outsource?
You may want to outsource the entirety of your IT, or just sub elements of it. It is important you understand from the outset what you feel would best be outsourced and anything that you feel you would like to keep ‘on-house’.
Are you looking to save money?
Cost savings are often a catalyst for outsourcing your IT Support, especially if your business has outgrown the capabilities of your existing IT team or if you have discovered that you are paying over the odds for limited service from your current supplier. It is useful to note how much you are currently spending on IT related activity to come up with as a true a number as possible. That should include everything from salaries and hardware purchases, to backups, internet connectivity and communication costs.
What is your budget?
Having a specific budget will help you narrow down your focus when it comes to selecting an IT provider. Using your existing total cost of IT delivery numbers you worked out above, you can then work out a budget and then use that to benchmark any potential outsourced provider, bearing in mind potential service delivery improvements and efficiencies. Bear in mind that buying purely based on cost can be a mistake that ends up costing you more in the long run, with potential service issues or additional costs for services that are ‘out of the original scope’.
Are you looking for better support?
If you’re looking for better support, it is worth explaining to the shortlisted IT Support companies what your current experience is, when that is from your internal team or an incumbent IT Support provider and what improvements you would be looking for in any new relationship. Being open and honest now will help get your relationship off to the best possible start. This will give them a better idea of how to help you and what your needs are. It will also help you both determine if you are the right fit for each other.
Are you looking to improve your focus on your core activity?
Is IT and technology taking too much time away from your and your senior team’s focus on your core business? Is your team being held back by issues that you can’t get on top of yourself?
Are you looking to reduce risk?
If you are looking to reduce risk, you should first identify that risk. Once identified, you can then look for an IT Support provider with experience managing those risks and be clear how important mitigating those risks is in your communications. For example, if you’re worried about out-of-hours support, you should seek out IT Support companies that offer true 24×7 support.
Do you need 24×7 or out-of-hours support?
If your business operates extended hours then you may benefit from 24×7 support, with a team of experienced engineers available to help you overcome your technology challenges, both day and night.
Determine the kind of IT support you feel that you need?
That could include a range of options from the following list:
- 24×7 Service Desk Support
- 24×7 Network Monitoring
- IT Service Delivery Management
- Proactive IT Support
- Remote IT Support
- Onsite IT Support
- Out of Hours IT Support
- Dedicated Service Desk
- Network Support
- IT Strategy
- IT Projects
- IT Security
- Managed Cloud
- Cyber Security
- Communication
Do you have any specific technology that the new IT Company should be proficient with?
If your business fluency relies on particular applications, it would be useful for your new IT Support provider to have experience dealing with those applications, or at least the capability to quickly learn how to work with them.
What industry vertical are you in?
It is preferable to seek out an IT Support provider that has direct or in-direct experience with your vertical. IT providers familiar with your vertical will have a much better understanding of your needs and should therefore provide an improved IT Support experience. Alternatively, experience from various verticals can be transferable towards others. For example, Cardonet is a specialist for the hospitality industry and understands the needs of a business which is dependent upon various technological elements to deliver an outstanding service and gain remarkable results.
Does your new IT provider require any certifications to support you?
Some businesses rely on industry accreditations to assure quality of service and to meet their own compliance requirements. A popular requirement is ISO27001, currently the highest information security standard. The ISO27001 provides a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes. It demonstrates how seriously an organisation takes information security and ensures that they have the systems and industry accepted processes to manage and protect both their and their customer’s information assets.
You should now have a better idea of what your IT Support needs truly are and should know what IT Support provider to look for.
Once you have shortlisted 2 or 3 IT Support providers that fit your needs you can move on to Step 2.
Step 2 – Data Gathering
This step requires you to look into the shortlisted IT providers and to get in touch with them. Some of the questions can be answered by looking at the IT provider’s website. However, even if the information you’re looking for is on their website, it is always recommended that you ask the provider to get their responses directly. From their responses, you can gauge their knowledge and experience on all the questions and will be in a good position to compare them like-for-like.
Here are a list of questions that you should be asking:
Have they supported a similar company to yours before?
If they’ve supported a similar company to yours they will most likely have a good understanding of your needs. This is also the perfect opportunity to ask them about the list of risks you noted down in Step 1.
Have they worked with the same or similar technology vendors?
If they already work with vendors that you work with they will most likely have a good understanding on how your technology stack works. This potentially translates to a seamless experience.
Are there any relevant case studies they can show you?
Providing you with case studies can give you an insight into what type of projects the IT provider has been involved with and gives you a grasp of their understanding of your needs, especially if they offer you a case study relevant to your industry vertical.
Will you have a specialist IT Support Team and will you have director-led relationships?
Having your own specialist support team means that you have a group of highly trained engineers who are familiar with your infrastructure and are able to resolve most issues swiftly. Having director-led relationships means that you have a highly experienced and exceptionally technical leader who really understands your business and is able to adapt your specialist IT Support Team according to your needs.
Are they proficient with any technology that you have, especially the ones listed in Step 1?
You want to make sure your new IT provider is proficient with the technology you’re using to reduce the risk of an incident from occurring.
What is the worst disaster that they have faced with one of their clients in the past year or so?
This will show you how resilient the IT Support provider is and how they deal with pressing issues.
Do they have customer service policies in place to ensure your guaranteed satisfaction?
Most IT Support providers will have customer service policies you just have to make sure that they align with your business needs.
Do they have insurance?
Any IT Support company should have business insurance covering a minimum of £1m. It is very unlikely that an expensive disaster could occur and would impact your profits but it is still a possibility. Asking to see an IT company’s business insurance is normal and they would gladly show you their certificate.
Are they certified in the certifications you listed in Step 1?
At this stage you actively look to see if the IT Support provider is accredited for the certifications you need.
Does their company outsource any tech support / help desk services?
This question is particularly important if you need 24/7 support or outside of normal working hours (09:00 – 17:00) support. Some IT Support companies offshore or nearshore their tech and help desk support to cope with demands whilst making a large profit. This could become troublesome as a myriad of issues could arise from this, ranging from under qualified staff to language barrier issues. That is why Cardonet’s support engineers are mostly London-based. We also have engineers in Los Angeles and Spain who service customers in those areas.
Do their IT Professionals receive regular training?
Seamless IT Support is achieved through an efficient and trained IT Support Team that is why it’s important for an IT Support provider to regularly provide training.
What are their response times?
Response times vary depending on the severity and complexity of the issues. Acknowledging a ticket should be an instant action. Solving severe issues which are not complex can take up to 2 hours, issues with a high level of complexity can take up to 16 hours. Cardonet have a system where tickets are prioritised upon agreed definitions with the customer as each customer has different needs.
Is there a living document where IT Support engineers can find solutions to common problems?
Having a living document has the similar function to a Wiki page, it is a reference for all known issues and how to solve them. It especially helps support engineers who have not worked with your systems or have not dealt with that particular issue before.
What are their vendor partner levels? Gold, silver, basic?
The better the vendor level the better the relationship with the vendor. This means that the IT provider is able to offer efficient third party management as they would get quicker response times, news about system updates, etc.
Do they understand PCI and GPDR compliance?
All of the IT provider’s actions have security implications and they have a responsibility to keep your systems and data secure. That is why understanding PCI and GDPR compliance must be a requirement.
How many engineers do they have?
If you have a large number of users you don’t want IT Support from a small IT provider. They wouldn’t be able to cope with your demands in addition to the demands of their existing clients.
What is their customer retention rate from the last 7 years?
Knowing their customer retention rate will give you a better idea of how good the company is at sticking to their SLAs. Although there are a lot of variables outside SLAs that could make a company depart from their IT provider the most common one is quality and sticking to the agreed SLAs.
What was their most recent complex on-boarding they’ve had and why was it complex?
This objective of this question is to find out how resilient the IT provider is in terms of their on-boarding process and how efficient their decision making skills are. It also gives you an insight into the IT company’s capabilities of dealing with complex on-boarding issues, providing you further peace of mind.
Are they ISO27001 accredited?
As mentioned in Step 1, ISO27001 provides a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation’s information risk management processes. Nowadays most companies require IT Support providers to have an ISO270001 accreditation.
Are they a member of the CiSP (Cyber Security Information Sharing Partnership)?
The Cyber Security Information Sharing Partnership (CiSP) is a joint industry and government initiative set up to exchange cyber threat information in real time, in a secure, confidential and dynamic environment, increasing situational awareness and reducing the impact on UK business.
Are they Cyber Essentials accredited?
Cyber Essentials is a simple but effective scheme created by the National Cyber Security Centre (NCSC) that will help you to protect your business against a whole range of the most common cyber attacks.Becoming Cyber Essentials accredited reassures organisations that you are working to secure your IT against cyber attacks, that you have cyber security measures in place and that you have a clear picture of your organisation’s cyber security level. If you already have this accreditation or are looking to acquiring it then your IT Support provider must also have a Cyber Essentials accreditation.
What is their employee turnover rate?
If companies have a high turnover rate that probably means they find it difficult to retain staff, which implies that they may spend a lot more time inducting new starters than supporting you.
How long have their senior engineers and their management team been working at their company?
If their senior engineers and management team have worked for the company for a long time that usually means that the culture within the company is pleasant. If there’s a pleasant work environment within the IT provider that usually means that your own team will most likely have an overall enjoyable IT support experience.
Can you visit their premises?
Visiting their premises will really give you a better idea of what their company culture is like, how many engineers they actually have, and overall how friendly and approachable they are.
Do they have any social events where they invite clients?
Sometimes IT Support companies like to host social events and invite their clients to build rapport. It helps with putting faces to the company. Here at Cardonet we like to invite you to our premises for a pizza night, where we indulge in pizza whilst you get to know our team and mention any concerns you might have that our engineers should consider.
Do they have social media pages?
Sometimes companies like to post their social activities online, as well as showing support for equality movements such as equal pay in the work place. This will give you an opportunity to put faces to the business entity and also give you insight into their values.
Now that you’ve got all these questions answered you should be able to move on to Step 3 where you will seek out for testimonials and customer references.
Step 3 – Testimonials and References:
The purpose of this step is to acquire customer reviews and references of the shortlisted IT Support companies. This is an opportunity to really understand what their customers think about them and how they have helped them achieve their objectives. In the IT support world it is perfectly normal for companies to ask if they can speak to the IT Company’s customers in order to gain a reference. In fact, here at Cardonet we encourage our prospects to speak with our customers so they can get a better picture of how we have helped them.
Do they have any customer testimonials that they can share with you?
Seeing what their customers have to say about them will give you a better idea of how good the company is. Especially if the testimonials are from a company that is similar to yours.
Could they provide 2 or 3 customers that you can speak with?
Asking to speak to one of their customers is perfectly normal, after all, you want to make sure you make the right decision and who better to ask than their customers?
Once you get a chance to speak to their customers, ask them the following questions:
- How has this IT provider helped you achieve your business objectives?
You want to find out if the IT provider has actually impacted the company positively and helped them achieve their objectives. - Has your support with them been seamless?
Successful IT Support translates into a seamless IT Support experience. You will want to know what hiccups they faced together and how they were overcame these issues. - How long have you been with them?
This question will tell you if it’s a new customer or if it’s a customer that has been with them for a while. - Overall, how has your experience with them been?
This is an open answer question, the objective is for them to tell you about any negative experience they’ve had with this IT provider.
This outsourcing IT due diligence checklist will help you make the right decision in selecting an IT Support provider, it covers all the important aspects of a successful partnership. The key is for you to weigh up the shortlisted IT providers in context with your business, your brand, and your team. It’s all about a seamless experience, so the more you can do to make sure you receive that seamless experience the better your IT Support will be.
Cardonet have over 20 years of experience within the industry and have helped hundreds of businesses achieve their business objectives through a consistently seamless IT Support experience.
If you would like to talk through outsourcing your IT support and hear what the best way forward is, please do not hesitate to call us on +44 203 034 2244 or +1 323 984 8908 or contact us online. One of our experienced experts would be happy to help guide you through the most effective options for your operation.
You must be logged in to post a comment.