Log Out

Why CPA Firms Should Self-Assess Their IT Legacy Infrastructure

May 27, 2019

A CPA firm that has experienced IT challenges driven by rapid change and growth should  not run out and buy the newest, shiny hardware; hire an expensive IT director; or contract with a managed services partner — though the latter is likely a smart move at the right time. 

Before your organization can improve, you have to take steps to know what you don’t know, so to speak. You and your leadership team sense that clients might be unhappy, security might be behind the eight ball, and employee productivity is down — and your IT performance may be driving these challenges. 

But what are the root causes? What are IT’s biggest challenge areas? What are its strengths? Is it a human capital issue? A hardware problem? Are your various systems not talking to one another? Do your employees need to be trained? 

Before you invest in new products, people, or services, you need to self-assess where your IT program stands so that when you do seek help, you know what you’re looking for and can ask the right questions of vendors, hiring candidates, and IT managed services partners. 

Why Self-Assess? 

In a prior blog, we noted that often the first time a legacy IT system is assessed is just before it’s eliminated. That’s pretty normal. But we’d offer that an interim step needs to be taken by CPA firm leadership: plan ahead. 

The first part of planning ahead is conducting a comprehensive self-assessment of the current state of your IT program. 

We see this all the time at CPA firms: Its legacy system has become a contorted mess of software, hardware, and data sources that have been added to and altered for years without a deeper, unifying overall strategy. 

The first step to building a unified and agile IT ecosystem is doing a deep dive into your legacy system. And yes, this will take time; it might be a bit painful and will require some reprioritization, but this pain is dwarfed by the potential damage caused by a network collapse during tax season or a data security breach that destroys your reputation. 

When you put it in that context, examining your program deeply and asking the following questions doesn’t seem so painful, right? So, look at your IT program with the following categories and questions in mind. 

Where to Look, Generally Speaking 

If your legacy IT system is a tech Frankenstein made up of jammed-together, unrelated parts that barely function, it’s time to take action. Identifying where to look within your IT morass can be paralyzing. However, if you focus on the following broad categories, and apply some of the questions listed above, it will get you started on the right path forward: 

  • Software and hardware inventory 
  • Security tools, processes, and documentation 
  • Patch and update processes 
  • Required features and functionality (what you have and what you need) 
  • IT staff performance and capacity 
  • Downtime tracking and analysis 
  • Customer experience feedback 
  • Employee input and surveys 
  • Employee training 
  • Cost-benefit analysis of new IT hire versus outsourced partner 

What to Ask, Generally Speaking 

  • What hardware do you have? 
  • Where is your data housed? 
  • What software licenses do you hold? 
  • Where is your documentation and is it up-to-date? 
  • Is your security software up-to-date? 
  • Are your various software programs and systems communicating properly? 
  • Do you have a cybersecurity training program and updated guidebook? 
  • What patches and software updates are outdated? 
  • When was the last time your CPA firm employees were trained on IT-related subjects? 
  • How is IT underperformance impacting the customer experience? 
  • What is the frequency and length of downtime caused by IT-related issues? 
  • How is your IT person or small team performing? Are they overwhelmed? Is this due to lack of staffing or IT inefficiencies? 

These are just a few categories and questions to get you started building a framework for a self-audit of your IT system and how it impacts your business. 

Your IT Audit Won’t Give You All The Answers — Do It Anyway 

It’s also important to note that your self-assessment will not yield all the answers. In fact, it might raise more questions. That said, if your legacy IT infrastructure is struggling, it’s highly likely you and your team don’t have a view (or maybe not even a clue) into what’s ailing it because the problem has been there so long and is deeply entangled. 

But here’s what being proactive and self-assessing your IT will provide: A company-wide recognition that change needs to happen and a stronger (though not complete) awareness of your strengths, weaknesses, and unknowns. 

This new awareness will reduce the risk of you spending money on the wrong hardware or software, or, even worse, selecting the wrong outsource IT partner that drains your resources and makes things worse. Your IT audit will empower your team with the knowledge it needs to find a solution that makes the most sense for the organization. 

Cetrom can be the IT partner you need to take what you learn during your self-audit and use it to transform your business. Our client onboarding process includes a comprehensive data and IT infrastructure audit that can build upon your initial audit findings and accelerate the process. 

We’d love to hear more about your CPA firm and its IT needs. Reach out to us today.