As the year is coming to an end, this is the time that most businesses and organizations look back on how things went to start planning for the new year. We recently held a seminar for the Canadian Society of Association Executives (www.csae.com) on how to create a Strategic IT Plan. This blog is a break-down of the presentation, so that other businesses and organizations can leverage what was reviewed in order to start their own 2020 IT Business Planning.
First, We began the seminar with a poll to quickly gauge the audience on who felt as if they had a good process around general Business Planning. Quite shockingly, approximately only 2% of the audience felt as though they did. If you don’t have a good process or structure around Business Planning, I have a fantastic free resource that we discovered many years ago, and it has been a key factor in our own business success. The organization is called Gazelles (www.gazelles.com), and they have structured a system for Business Planning and management based on how John D. Rockefeller ran his businesses. We highly recommend reading their book Scaling Up (https://scalingup.com/), written by their CEO, Verne Harnish, and utilizing their free resources (https://gazelles.com/resources/growth-tools) – specifically the One-Page Strategic Plan. In one simple view, you develop the guiding principles of your organization, set long, medium and short-term goals, and the key initiatives and measurable KPI’s that will help you attain them. We really love this subject, so please contact us if you need any assistance. We also had a focus on process for every section of the presentation, and questions for reflection afterwards. For this section we asked:
- What is your current process for Business Planning?
- When do you start the process, what are the key dates, and when is your completion date?
- Who’s responsible for ensuring this gets done?
Second, we discussed conducting an Organizational IT Assessment. This starts with a non-IT review of the organization/business purpose, mission and core values. Overall, we want to ensure that any decisions or strategies around IT are in line with the direction that the organization/business is going. What are the long- and-short-term goals of the organization, and what are the changes that will be happening over the next 1-3 years? (i.e. growing, shrinking, moving, adding new services). We want to ensure that any IT changes will accommodate and prepare for any of those changes. Next, we return to an IT focus that starts with an understanding of the role that IT plays in the organization, and why does it exist?
Obviously, IT was initially introduced into the business-place to help do things better, faster and with fewer resources than your competitors. While that still holds true today, everyone has technology in the workplace. Today, efficiencies come in a different form – technology performance, security and accessibility – all of which significantly affect most organizations biggest expense – their payroll and/or the people using the technology. Next, we look at how important IT is to the organization, what is the cost/risk associated with downtime, data loss, data breach and small-to-large performance issues with staff. All organizations are reliant on IT, but they vary on their tolerance for IT issues. Lastly, we want to review the current IT issues. What are the things slowing down your staff, recurring issues, gaps, security concerns, etc. that are getting in the way of your people getting their jobs done? These should all be documented and assessed with a severity level. For this section, here are some questions for reflection:
- What is the process for identifying the top IT issues slowing down your people?
- What is the process to assess and report to management, any areas of risk with regards to IT?
- What is the process for infrastructure review – how often does it happen, how is it documented and who is involved? Are we really following any structure or process or just reacting to issues as they come along?
The third part of the IT Business Planning process is the Infrastructure review. We’ve created a free template to track inventory (PC’s, laptops, servers, networking equipment, printers, etc.). If you have an internal IT person or outsourced IT company, they should be providing this information to you on a regular basis without you having to ask for it (probably a red flag if they’re not). We want to track all inventory items, basic specs (if you have them), age of the equipment, warranty status and any notes (history, performance issues, flags for replacement, etc.) as well as action items for each entry. All businesses should have a Hardware Life-cycle Plan that defines how and when you replace equipment, otherwise, there’s no control over costs and you’d be replacing equipment as it dies causing disruption and poor performance for your staff. So, here are some questions to ask:
- Do you have a defined process for managing hardware replacements?
- Are you budgeting for hardware replacements and capital costs related to IT?
- Do you keep an up-to-date inventory of your IT equipment? (PC’s, laptops, servers, networking equipment, etc.)
The last part, and certainly not the least, is IT Security and Business Continuity/Disaster Recovery. We tell people all the time that every business in the world now has a firewall and antivirus, yet we still hear of breaches and ransom attacks every day. Why is that? It’s because hackers and cyber-criminals target network vulnerabilities and people. So beyond having some IT security tools like a firewall and antivirus, it is an absolute must to have some security processes in place that regularly check your systems for what we call “blind spots”. These are all the unknowns and unchecked elements of your IT systems. Without a proactive process in place to check for vulnerabilities and unknowns or educating your people on threats and what they look like, your business may be exposed to risks. Together with Security is Business Continuity, which if set up properly with the right solution, can act as a safety net to keep your business up-and-running in any event (fire, flood, theft, breach, etc.). The key here is having the right solution for your business and your expectations. Every business should know what the timeline and process would be for getting back-up-and-running in any event from small to catastrophic. However, we’ve met with many business owners and they don’t know this basic information. Not every backup solution will get you running “right away”, and in fact the average recovery times with many backup solutions is 2-4 days. It’s important to ensure that your business requirements for recovery are met. For this section, here are some questions for reflection:
- Beyond having a firewall and antivirus, what process is in place and reported to management showing the business that there is an alignment to basic security standards?
- What is the process and timeline to recover from a disaster or major server failure?
- If you are running Cloud Services, have you checked the retention rate on data to ensure it meets your requirements? (FYI, many Cloud Services only have a 30-day backup data retention policy)
Remember to download our FREE IT Business Planning Guide here.
We hope this information has inspired you to start your IT Business Planning for 2020. If at some point you get stuck or decide to move forward with a professional solution to manage your IT, then feel free to reach us at 905-763-4443 or email:[email protected] and we’d be happy to assist you with the process.