9-Point IT Strategy Self-Assessment Quiz
As we continue into the new year, many organizations are busy charting a course they believe will help them reach their 2019 goals. An important part of this process is an honest assessment of your current situation. After all, you can’t chart a path to your destination if you don’t know where you are now.
To help you get started, we’ve put together a 9-point IT self-assessment quiz. If you’re a C-level executive or leader on the business side of things, you can also use these questions as a foundation for your annual review with IT leadership.
1/ How well are we fulfilling our compliance requirements (HIPAA, GDPR, PCI DSS, etc.)? If we were audited, could we prove it?
You may think you’re in compliance, but if you can’t prove it to the auditors, you’re not.
2/ How well prepared are we to handle a disaster such as flood or fire? If our systems and building were rendered unusable, how quickly could we resume business, and how would that impact our bottom line?
Thankfully, these types of disasters don’t happen that often, but they do happen. Your disaster recovery plan needs to include contingencies for how you’ll recover if your facilities (and systems) are completely wiped out.
3/ How well-prepared are we for a disaster such as a long-term power outage? Could we continue doing business?
Power outages are a far more common occurrence, and they need to be included as a contingency in your disaster recovery plan. According to Ponemon research data, UPS failure accounts for roughly a quarter of all data center downtime. But even if your UPS is working just fine, remember that a UPS isn’t intended to be a long-term source of power. What will you do if your need for power during an outage outstrips the capacity of your UPS?
4/ How much downtime have we experienced in the past year for whatever reason? Is that level acceptable?
The Uptime Institute found that a third of all data centers had experienced an outage in the past year, but 80% said their most recent outage was preventable. You should assess your downtime annually for both your on-premises data centers as well as any resources you’ve housed in the cloud. Then, look for ways to prevent the most common types of outages. Migrating workloads to a reputable cloud provider is one way to reduce downtime.
5/ Are we asking our IT staff to take on so many responsibilities that they don’t have the time to develop expertise in any specific area? Or can’t respond quickly in a crisis?
More than three-quarters of respondents to a recent IT job satisfaction survey said they considered their job stressful. That leads to errors and things left undone. Human error was the cause of another quarter of data center downtime incidents in Ponemon’s latest study.
6/ Are we having difficulty attracting and retaining the right IT talent?
Stress and lack of a career path can also lead to low morale and high turnover. This is especially troublesome when it comes to retaining IT security talent. A study conducted by (ISC)², the world’s largest membership association of certified cybersecurity professionals, found that 84% of cybersecurity workers were open to new employment opportunities in 2018 and 46% were contacted weekly by recruiters, regardless of whether they were actively looking for a job.
7/ Do we have people dedicated to IT security and ensuring our systems and data are kept safe? Are they well-versed on the latest attack vectors and techniques as well as the latest prevention and remediation strategies?
Cybersecurity professionals are also some of the most expensive. It’s tempting to task an employee who is not in IT security with part of the responsibility, and there is some benefit to that as it can provide them with highly valuable career experience. (Which, hopefully, they continue to apply on your behalf.) But unless they have a more experienced security professional on hand to guide them, the risks to your business may be too great.
8/ Does our IT team have enough time to address the really important things like disaster recovery planning?
What’s the one thing on your priority list that never seems to get done? For many it’s disaster recovery planning, but for you, it may be something else. If there’s something on your list that’s too important to ignore but that you never seem to get to, consider outsourcing it. You’ll sleep better at night.
9/ Do we have enough time to focus on the initiatives that can move our business forward?
These days, IT is seen as a competitive advantage, and CIOs and CTOs need to be prepared to be strategic leaders in their organizations. If you don’t have the time to be strategic because you’re too busy putting out fires, consider outsourcing some of the daily IT responsibilities to a qualified managed service provider.
There are many more questions we could probably get into, but hopefully, our nine-point quiz got your thoughts rolling. May 2019 be your best year ever, and if there’s any way we might be able to contribute to that, give us a call!