Have You Looked at Your Firm’s IT Lately?by
CPA firms that have experienced IT challenges driven by rapid change and growth should not run out and buy the newest, shiny hardware; hire an expensive IT director; or contract with a managed services partner.
Before your firm can improve, you have to take steps to know what you don’t know, so to speak. You and your leadership sense that clients might be unhappy, security might be behind the eight ball, and employee productivity is down — and your IT performance and use of legacy systems may be driving these challenges.
In essense, you must first ask:
- What are the root causes of your IT challenges?
- What are its strengths?
- Is it a human capital issue?
- Is it a hardware problem?
- Are your various systems not talking to one another?
- Do your employees need to be trained?
Often the first time a legacy IT system is assessed is just before it’s eliminated, which is pretty normal. But an interim step needs to be taken by CPA firm leadership: plan ahead! The first part of planning ahead is conducting a comprehensive self-assessment of the current state of your IT program.
We see this all the time at CPA firms. Its legacy system has become a contorted mess of software, hardware, and data sources that have been added to and altered for years without a deeper, unifying overall strategy.
The first step to building a unified and agile IT ecosystem is doing a deep dive into your legacy system. And yes, this will take time; it might be a bit painful and will require some reprioritization, but this pain is dwarfed by the potential damage caused by a network collapse during tax season or a data security breach that destroys your reputation.
When you put it in that context, examining your program deeply and asking the following questions doesn’t seem so painful, right? So, look at your IT program with the following categories and questions in mind.
Where to Look, Generally Speaking
If your legacy IT system is a tech Frankenstein made up of jammed-together, unrelated parts that barely function, it’s time to take action. Identifying where to look within your IT morass can be paralyzing. However, if you focus on the following broad categories, and apply some of the questions listed above, it will get you started on the right path forward:
- Software and hardware inventory
- Security tools, processes, and documentation
- Patch and update processes
- Required features and functionality (what you have and what you need)
- IT staff performance and capacity
- Downtime tracking and analysis
- Customer experience feedback
- Employee input and surveys
- Employee training
- Cost-benefit analysis of new IT hire versus outsourced partner
What to Next to Ask, Generally Speaking
• What hardware do you have?
• Where is your data housed?
• What software licenses do you hold?
• Where is your documentation and is it up-to-date?
• Is your security software up-to-date?
• Do you have a disaster recovery and business continuity plan and is it tested?
• Are your various software programs and systems communicating properly?
• Do you have a cybersecurity training program and updated guidebook?
• What patches and software updates are outdated?
• When was the last time your CPA firm employees were trained on IT-related subjects?
• How is IT underperformance impacting the customer experience?
• What is the frequency and length of downtime caused by IT-related issues?
• How is your IT person or small team performing? Are they overwhelmed? Is this due to lack of staffing or IT inefficiencies?
These are just a few categories and questions to get you started building a framework for a self-audit of your IT system and how it impacts your business.
Your IT Audit Won’t Give You All the Answers — Do It Anyway
It’s also important to note that your self-assessment will not yield all the answers. In fact, it might raise more questions. That said, if your legacy IT infrastructure is struggling, it’s highly likely you and your team don’t have a view (or maybe not even a clue) into what’s ailing it because the problem has been there so long and is deeply entangled.
But here’s what being proactive and self-assessing your IT will provide: A company-wide recognition that change needs to happen and a stronger (though not complete) awareness of your strengths, weaknesses, and unknowns.
This new awareness will reduce the risk of you spending money on the wrong hardware or software, or, even worse, selecting the wrong outsource IT partner that drains your resources and makes things worse. Your IT audit will empower your team with the knowledge it needs to find a solution that makes the most sense for the organization.