AssurePath
Real people, real support, real results

IT Health Check:
27-Point Checklist

Your Complete Guide to Bulletproofing Your Business IT

PROFESSIONAL AUDIT • 2025 EDITION

Prepared for: _________________________

Date: _________________________

IT Health Check Checklist

How to Use This Checklist

Time Required: 15-30 minutes

Who Should Complete: IT Manager, Operations Director, or Business Owner

Frequency: Review quarterly, full audit annually

Instructions

  1. Work through each section systematically
  2. Mark each item as: ✅ Pass, ⚠️ Review Needed, or ❌ Fail
  3. Note any immediate actions required
  4. Calculate your score using the guide on page 8
  5. Prioritize fixes based on risk and impact

⚡ Quick Win Indicator

Items marked with ⚡ are quick wins that can be fixed in under 1 hour with immediate benefits.

Why This Matters

Studies show UK SMBs waste 20-30% of their IT budget on inefficiencies, poor security, and preventable downtime. This checklist helps you identify and fix issues before they impact your bottom line.

Need Help?

Our engineers can complete this audit for you remotely - FREE for qualified businesses.

Email: hello@assurepath.co.uk | Call: +44204 581 8352

Section 1: Security | Page 3

🔒 Section 1: Security (7 Points)

The average SMB data breach costs £8,460 (UK Gov data). Basic security checks help prevent the most common attacks.

1.1 Password Policy Enforcement ⚡
All users have passwords with: 12+ characters, mix of letters/numbers/symbols, changed every 90 days
Action: Enable in Active Directory or use password manager
1.2 Multi-Factor Authentication (MFA)
MFA enabled on: Email, remote access, admin accounts, financial systems
Action: Enable Microsoft Authenticator or similar
1.3 Backup Verification
Backups tested monthly, stored offsite, 3-2-1 rule followed (3 copies, 2 different media, 1 offsite)
Action: Schedule monthly restore tests
1.4 Antivirus & Anti-Malware ⚡
Business-grade protection on all devices, centrally managed, auto-updates enabled
Action: Deploy enterprise solution (not free versions)
1.5 Patch Management
OS and software updates applied within 30 days, critical patches within 7 days
Action: Enable automatic updates or use patch management tool
1.6 Incident Response Plan
Written plan exists, team knows roles, includes: detection, containment, recovery steps
Action: Download template from NCSC.gov.uk
1.7 Access Control Review ⚡
User permissions reviewed quarterly, ex-employees removed immediately, principle of least privilege
Action: Audit user accounts today, remove unnecessary access
NOTES:
Section 2: Cost Optimization | Page 4

💰 Section 2: Cost Optimization (6 Points)

Most businesses waste 20-30% of their IT budget. This checklist helps identify quick wins and cost optimizations.

2.1 Software License Audit ⚡
All licenses documented, unused licenses cancelled, right-sized for actual usage
Action: List all subscriptions, cancel unused (typical saving: 10-20% of software spend)
2.2 Cloud Spend Analysis
Monthly cloud costs reviewed, unused resources identified, reserved instances used where appropriate
Action: Use AWS Cost Explorer or Azure Cost Management
2.3 Telecom & Internet Contracts
Contracts reviewed annually, speeds match needs, redundant lines cancelled
Action: Benchmark against current market rates
2.4 Hardware Lifecycle Management
Equipment age tracked, 3-5 year replacement cycle, warranty status known
Action: Create asset register with purchase dates
2.5 Print Cost Reduction ⚡
Print volumes monitored, default duplex printing, managed print services considered
Action: Set duplex as default (saves 40% on paper costs)
2.6 Energy Efficiency
Power management enabled, servers consolidated/virtualized, old equipment retired
Action: Enable sleep modes on all workstations
POTENTIAL SAVINGS IDENTIFIED: £_________
Sections 3 & 4 | Page 5

⚡ Section 3: Performance (5 Points)

3.1 Network Speed Testing ⚡
Internet speeds meet needs, internal network 1Gbps+, WiFi coverage complete
Action: Run speed test at different times/locations
3.2 Server Performance Monitoring
CPU, RAM, disk usage monitored, alerts configured, capacity planning done
Action: Install monitoring tool (PRTG, Zabbix)
3.3 Application Response Times
Key apps load in <3 seconds, database queries optimized, caching implemented
Action: Time your 5 most-used applications
3.4 Email Performance ⚡
Mailboxes under 5GB, archive policy in place, spam filter effective (>95%)
Action: Enable email archiving, clean large mailboxes
3.5 Storage Optimization
>20% free space on all drives, old files archived, deduplication enabled
Action: Run disk cleanup, move old data to archive

📋 Section 4: Compliance (5 Points)

4.1 GDPR Compliance
Privacy policy updated, data inventory complete, breach procedure documented
Action: Review ICO.org.uk GDPR checklist
4.2 Data Retention Policy
Policy documented, automatic deletion configured, legal requirements met
Action: Define retention periods per data type
4.3 Access Logs & Audit Trails ⚡
Login attempts logged, file access tracked, logs retained 12+ months
Action: Enable Windows audit logging
4.4 Software Licensing Compliance
All software properly licensed, proof of purchase filed, auditable records
Action: Create license spreadsheet with proof
4.5 Cyber Insurance Requirements
Policy requirements met, security controls documented, coverage adequate
Action: Review policy requirements with insurer
Section 5: Future-Proofing | Page 6

🚀 Section 5: Future-Proofing (4 Points)

Planning ahead saves 10x the cost of emergency fixes. These checks ensure you're ready for growth.

5.1 Scalability Assessment
Systems can handle 2x current load, cloud-ready architecture, modular design
Action: Document current capacity vs. 2-year projections
5.2 Technology Roadmap
3-year plan documented, budget allocated, aligned with business strategy
Action: Create simple roadmap with key milestones
5.3 Skills & Training Plan
Team skills assessed, training budget allocated, succession planning done
Action: Identify top 3 skill gaps to address
5.4 Innovation Readiness
AI/automation opportunities identified, API-first approach, data strategy defined
Action: List 3 processes to automate this year

Your Priority Action Plan

Based on your assessment, list your top 5 priorities:

Priority Issue Impact Timeline
1
2
3
4
5
Scoring & Next Steps | Page 7

Calculate Your Score

Scoring System

Mark Points Meaning
✅ Pass 4 points Fully implemented and working well
⚠️ Review 2 points Partially implemented or needs improvement
❌ Fail 0 points Not implemented or critical issues

Your Score

Section Max Points Your Score
Security (7 items) 28 ____
Cost Optimization (6 items) 24 ____
Performance (5 items) 20 ____
Compliance (5 items) 20 ____
Future-Proofing (4 items) 16 ____
TOTAL 108 ____
Score Interpretation | Page 8

What Your Score Means

90-108 points (83-100%): Excellent! Your IT is well-managed. Focus on innovation.

70-89 points (65-82%): Good foundation. Address red flags first, then optimize.

50-69 points (46-64%): Significant gaps. Prioritize security and backups immediately.

Below 50 points (<46%): Critical issues. Consider professional help urgently.

Get Your Free Professional Assessment

Our engineers will complete this audit remotely, provide detailed recommendations, and create a custom action plan.

Normally a paid consultation - FREE for qualified businesses

📧 hello@assurepath.co.uk | 📞 +44204 581 8352 | 🌐 assurepath.co.uk

Thank you for using the AssurePath IT Health Check!

This checklist is updated quarterly. Visit assurepath.co.uk/resources for the latest version.

© 2025 AssurePath Ltd. Share this checklist with colleagues who might benefit.