Posted Jul 02, 2009 01:30 am CDT
The premise of an audit is a simple one: How can you know where you are going if you don’t know where you are? Today, cost savings have become a huge concern. And you cannot make good budget, spending and cost-cutting decisions without knowing the facts.
How well do you or the decision-makers at your firm know what technology you already have and use or don’t use?
There are many kinds of audits with varying levels of detail. You can use internal resources to conduct the audit or hire a consultant. You can use an audit to get a quick overview or to get an in-depth snapshot of your current technology or particular aspects. There are also voluntary audits and not-so-voluntary audits, such as when a vendor or the Business Software Alliance comes to you for verification that you have licenses for all of your software. An audit might also serve a specific purpose, such as to identify duplication, investigate possible theft, enforce compliance with usage policies or determine ways people are using the Internet or collaboration tools.
And any of these can affect your firm’s bottom line.
A great first step is to determine exactly what you want to learn from your audit; begin with the end in mind. If your concern is software compliance, your focus will be different than if your concern is managing your backup media. I also like to ask what kind of report is expected at the end of the audit, who will see it and what will be done with it.
Performing a technology audit is not rocket science, but it is hard, painstaking and often frustrating work when done right. It’s a matter of finding, counting and tracking. There are tools that can help.
I recommend the Belarc Advisor (free at belarc.com) for anyone who wants to do an audit on their own computer and software. It runs on your machine and gives you a handy printout of the hardware configuration and all software installed.
In a network setting, there are several diagnostic tools, one or more of which is probably installed as part of your network, such as Microsoft System Center Essentials. Running one or more of these tools is a good first step.
Some firms leave it to the information technology director or an IT consultant to run an audit. If your firm is large enough to have a technology committee, it makes sense to have committee members involved.
At the end of the audit, you will want a written report that helps you understand what your system is composed of in a reasonable degree of detail.
The next step is to turn the report into action. If you do a technology audit and it doesn’t get read by your technology committee, management committee and the ultimate technology decision maker, you are wasting your time.
Technology audits can serve as a basis to:
• Standardize hardware and software configurations and versions.
• Avoid duplication and identify unused or obsolete programs.
• Show opportunities to save money from using volume licensing or other discounts.
• Get your firm into compliance on software licenses.
• Replace aging computers and reveal potential theft or misuse of assets.
• Create a factual, rather than anecdotal, basis for future technology decisions.
Technology audits are essential for making good technology decisions. In these times, and even in good times, regular technology audits should be near the top of your technology to-do list.
Dennis Kennedy is a St. Louis-based computer lawyer and legal technology writer. His website, DennisKennedy.com, is the home of his blog. Contact him at