IT Due Diligence Checklist for Evaluating Managed Service Providers

by: Align on Jan, 23, 2018

Align_Due-Diligence

Photo Credit: © Egor - stock.adobe.com

Business technology requirements are continuously growing and evolving. As your business expands, you may find that you need to outsource management of particular IT functions and employ the help of a managed services provider (MSP). An MSP can deliver innovative, secure and flexible technology solutions tailored to your business needs.

However, that means placing a crucial aspect of your business in the hands of a third-party. Before retaining an MSP, you need to perform your due diligence to ensure you are working with the proper IT partner who has the right experience, credentials, processes, expertise and services. 

Services

First and foremost, define the services that you require before selecting and committing to an IT managed services provider. Do you need help running daily IT operations or end user IT support? Are you considering cloud services or looking to implement cloud security? Perhaps you’re just looking for infrastructure management support. Whatever the service that you require, make sure the MSP can deliver it!

  • What is the MSPs scope of services?
  • Has the MSP worked with businesses similar in size, scope and industry?
  • Do the MSP's solutions match your needs — both present and future?

IT requirements differ significantly between small, mid-size and large organizations. There are also compliance regulations that need to be followed according your industry, such as HIPAA, PCI DSS or FFIEC-IT. To remain in compliance, you may need to implement auditing/monitoring/reporting; ensure that your MSP can accommodate.

GENERAL

Check for demonstrable experience, like client testimonials, technical certifications or partnerships; some may even list awards recognizing exemplary services

  • How long has the company has been in business?
  • Does the MSP have a documented corporate organization chart, no older than 12 months? 
  • Does the company have client testimonials available?
  • Does the MSP have client references who you can contact?
  • What technical certifications does the MSP hold? 
  • Does the MSP have established partnerships with other technology vendors? What are the details of those relationships? 517-496842-edited-571183-edited

Terms

Once you know the services you require and confirm the MSP can deliver, ask questions about service coverage and guarantees. 

  • Does the MSP clearly define Service Level Agreements (SLAs) and termination clauses? 
  • What does the contract cover?
  • What is the duration of the contract?
  • Do they have insurance? If so, what kind?

The contract and SLAs should illustrate the level of service that a customer should expect from their provider. This agreement details the areas of maintenance included, the speed of response to requests, the monitoring and reporting services and the punitive consequences for the provider not meeting SLAs, which may include reimbursement to customers. 

SUPPORT and monitoring

  • Does the MSP offer 24x7x365 support?
  • Will they offer a dedicated account manager or support manager for your business?
  • How many people do they have on their help desk?
  • What is the response time for IT issues? 
  • What is the guaranteed uptime? 
Ideally, an MSP can offer you zero downtime, but you have to be prepared for the rare outage exception. Align's Managed IT Services, for example, provides 99.99% availability, giving our customers peace of mind. 

Security and disaster recovery

In addition to bolstering your own internal systems, verify that the MSP has documented and tested security processes and systems
  • Do they offer penetration testing as part of their services?
  • Do they offer security awareness training for your employees? 
  • Does the MSP have a formal, documented cybersecurity plan?
  • What physical security protocols and systems do they have in place?
  • What network security protocols and systems have been implemented? Are they aligned with company requirements?
  • Does the MSP have documented internal security policies for employees? 
  • How often do patch and system updates occur? Is this an automated process?
  • What is the Mean Time to Recovery (MTTR)? This is an average of how long it would take to recover systems in the event of an outage.
  • Does the provider have a fully-tested disaster recovery plan in place? 
Additionally, verify that the provider will take the appropriate steps to mitigate risks to your infrastructure, and that they maintain a robust security posture.

Transition

Finally, once you’re fully-informed about your MSP, ask if your top choice provides cloud migration or transition services.

  • What does cloud migration process/transition entail?
  • Will they be able to migrate necessary data or systems for you?

Another factor to consider is if the MSP can continue to deliver services to scale with your growing business. Running successful IT operations and mitigating risk is complicated, and new requirements will arise as your organization evolves. Ensure that you select the right IT managed service provider who can provide cutting-edge solutions, and allow you to focus on strategic priorities.

While the due diligence process requires both time and effort, finding the right partner to meet your precise technology needs will make a significant difference. Reach out for a complimentary assessment of your organization and find out what you can gain from a trusted managed services provider.

Contact us by clicking here (https://www.align.com/speak-to-a-consultant-lp). 

Learn More About Align's Managed IT Services 

Contact Us ➜

 

Tags: Due Diligence, Managed Services

Leave A Comment