May 26, 2021

IT Due Diligence Checklist for Evaluating Managed Service Providers

by: Align

From startups to mid-sized enterprises, it is critical to have an IT infrastructure that scales with their business. And, as your business expands, you may find that you need to outsource management of particular IT functions and employ the help of a managed services provider (MSP). An MSP can deliver innovative, secure and flexible technology solutions tailored to your business needs.

However, that means placing a crucial aspect of your business in the hands of a third-party. Before retaining an MSP, you need to perform your due diligence to ensure you are working with the proper IT partner who has the right experience, credentials, processes, expertise and services. 


New call-to-actionFirst and foremost, define the services that you require before selecting and committing to an IT managed services provider. Do you need help running daily IT operations or end user IT support?

Are you considering cloud services or looking to implement cloud security? Perhaps you’re just looking for infrastructure management support. Whatever the service that you require, make sure the MSP can deliver it!

  • What is the MSPs scope of services?
  • Has the MSP worked with businesses similar in size, scope and industry?
  • Do the MSP's solutions match your needs — both present and future?

IT requirements differ significantly between small, mid-size and large organizations. There are also compliance regulations that need to be followed according your industry, such as HIPAA, PCI DSS or FFIEC-IT. To remain in compliance, you may need to implement auditing/monitoring/reporting; ensure that your MSP can accommodate.


Check for demonstrable experience, like client testimonials, technical certifications or partnerships; some may even list awards recognizing exemplary services

  • How long has the company has been in business?
  • Does the MSP have a documented corporate organization chart, no older than 12 months? 
  • Does the company have client testimonials available?
  • Does the MSP have client references who you can contact?
  • What technical certifications does the MSP hold? 
  • Does the MSP have established partnerships with other technology vendors? What are the details of those relationships? 


Once you know the services you require and confirm the MSP can deliver, ask questions about service coverage and guarantees. 

  • Does the MSP clearly define Service Level Agreements (SLAs) and termination clauses? 
  • What does the contract cover?
  • What is the duration of the contract?
  • Do they have insurance? If so, what kind?

The contract and SLAs should illustrate the level of service that a customer should expect from their provider. This agreement details the areas of maintenance included, the speed of response to requests, the monitoring and reporting services and the punitive consequences for the provider not meeting SLAs, which may include reimbursement to customers. 


  • Does the MSP offer 24x7x365 support?
  • Will they offer a dedicated account manager or support manager for your business?
  • How many people do they have on their help desk?
  • What is the response time for IT issues? 
  • What is the guaranteed uptime?

Ideally, an MSP can offer you zero downtime, but you have to be prepared for the rare outage exception. Align's Managed IT Services, for example, provides 99.99% availability through a 24x7x365 Help Desk, giving our customers peace of mind. 


In addition to bolstering your own internal systems, verify that the MSP has documented and tested 
security processes and systems
  • Do they offer penetration testing as part of their services?
  • Do they offer security awareness training for your employees? 
  • Does the MSP have a formal, documented cybersecurity plan?
  • What physical security protocols and systems do they have in place?
  • What network security protocols and systems have been implemented? Are they aligned with company requirements?
  • Does the MSP have documented internal security policies for employees? 
  • How often do patch and system updates occur? Is this an automated process?
  • What is the Mean Time to Recovery (MTTR)? This is an average of how long it would take to recover systems in the event of an outage.
  • Does the provider have a fully-tested disaster recovery plan in place?

Additionally, verify that the provider will take the appropriate steps to mitigate risks to your infrastructure, and that they maintain a robust security posture.


Finally, once you’re fully-informed about your MSP, ask if your top choice provides cloud migration or transition services.

  • What does cloud migration process/transition entail?
  • Will they be able to migrate necessary data or systems for you?

Another factor to consider is whether the MSP can continue to deliver services to scale with your growing business. Align's fully packaged Managed Services provide a scalable solutions that encompass everything from managed cloud to managed ITSM and security, enabling businesses flexibility to build their optimal future state. 


Running successful IT operations and mitigating risk is complicated, and new requirements will arise as your organization evolves. Ensure that you select the right IT managed service provider who can provide cutting-edge solutions and allow you to focus on strategic priorities.

While the due diligence process requires both time and effort, finding the right partner to meet your precise technology needs will make a significant difference—from lowering IT spend to saving critical downtime and allowing you to focus on more strategic priorities.

Reach out for a complimentary assessment
of your organization and find out what you can gain from a trusted managed services provider.

Learn More About Align's Managed IT Services 

Contact Us ➜


Continue Reading

Related Articles


“Align is our trusted provider for all our Managed Services and cybersecurity needs. They provide us best-in-class IT services that not only help drive productivity and growth, but ensure we meet both current and evolving compliance and security requirements with ease. As consultants to financial advisors, trust and reliability are indispensable to our operations, which is why we never hesitate to refer Align to our very own client base. Align isn’t just our partner, they are an extension of our team. We look forward to entrusting them with our IT infrastructure for years to come.”

Ed Fasano - Experienced Advisory Consultants LLC