The Value of a Technology Assessment3 May, 2013 By: Eric Stavola, Witt Company
Regarding Professional Services, most dealers understand the importance of such value added services for their cliental, but as I talk with dealers across the United States, there is one constant theme that all dealer principles are saying “How to I expand this portion of my business?” It is abundantly clear in our industry today that we have moved away from selling a commodity to now selling services.
We see that as hardware becomes less and less expensive and margins decrease via competition, companies are learning to sell their knowledge and services to stay on top of their marketplace. One key aspect in selling services is that from the onset we should teach our / your reps to push for an assessment not just an appointment.
Appointments are great yet will likely go nowhere after the first one if not moved towards an assessment. By pushing for an assessment it will allow for you and your team to gain a complete understanding of your potential customer's workflow, business systems and business environments to allow for more opportunities of services and support which you can offer.
Let's talk about doing an overall technology assessment and some key aspects to doing them.
-WHY DO A TECHNOLOGY ASSESSMENT?
A Technology assessment will support a company or institution in addressing their needs for providing direction, training, and growth to as it pertains to the integration of technology in their respective business and Institutions. For small to medium size business a technology assessment will provide an onramp for a long term technology plan.
-HOW DO I DO A CREDIBLE TECHNOLOGY ASSESSMENT?
Over the last year, I have been doing a number of Technology assessments for schools or businesses in order to help them create or enhance their technology plan.
A Technology Assessment should incorporate the following:
-Internal Controls Review and Assessment
The objective of the engagement is to examine the risk of the general controls and the policies and procedures related to the companies information systems.
-Consider to do the following :
• Interview any IT personnel or Administration/Leadership personnel.
• Review selected documentation and documented processes/procedures in regard to IT.
• Review Network Infrastructure
• Define and report overall risk in the Technology area.
-Scope of Procedures
Testing should be performed to the extent necessary to confirm the understanding of the risk levels represented in the controls. In evaluating the IT/Network general controls as a basis of providing recommendations, you should consider:
• Setting a baseline risk, which will be based on the complexity of Information Systems.
• The relative effectiveness of existing controls that support the objectives.
When performing controls reviews, you should take into account the institution’s size, complexity, and overall risk profile while considering following issues when evaluating the IT audit function:
• Identify areas of greatest IT risk exposure to the institution in order to focus audit resources
• Determine the effectiveness of management’s planning and oversight of IT activities
• Evaluate the adequacy of operating processes and internal controls;
• Determine the adequacy of enterprise-wide compliance efforts related to IT policies and internal control procedures
• Expertise and size of the audit staff relative to the IT environment;
• Processes in place to ensure timely tracking and resolution of reported weaknesses; and documentation of IT audits, including work papers, audit reports, and follow-up.
The following is a list of all of the sections that should be included in the final report (as they pertain to your customer):
REPORT SHOULD INCLUDE:
• Business Continuity Planning
• Information Security
• Outsourcing (if any)
• Technology Service Providers
Remember, as our industry expands so must we as companies with our offerings and expertise, Providing a technology a assessment s a service for your customers is a great on ramp for residual income and earnings through managed services.
Author Eric Stavola, M.ED, MS.CIS, MCSE,MCSA,CDIA+, N++ is Chief Operating Officer at WITT-COMPANY. Contact info is: (619) 379-3009 cell / and email is: firstname.lastname@example.org