In one of my favorite books, “The Checklist Manifesto: How to Get Things Right,” surgeon and author Atul Gawande shares that one of the reasons professionals fail to accomplish what we set out to do is because of “necessary fallibility.” Because we are not omniscient and so many situations involve extreme complexity, some things are just beyond our knowledge or capacity. Frequently, it boils down to mere ignorance or ineptitude; we either don’t have a full understanding of some situations — or, if we do, we may not apply that knowledge correctly. Because of this, Gawande champions the use of task-oriented checklists.
However, we can take on the complexities of each day by embracing simplicity. No matter whether you’re a Certified Public Accountant (CPA), a Registered Investment Advisor (RIA), a legal professional, a manufacturer or distributor, or another professional who handles sensitive client information, it’s imperative to follow a prescribed regimen of steps to ensure you protect their info and keep your business operational. This should entail implementing a technology checklist or even an IT security checklist. The problem isn't in the quality of the checklist. The problem is usually in hiring the right support company who not only uses them, but leverages them throughout the support lifecycle as a way of life!
There are many benefits of using a checklist - too many to list. But, when it comes to IT security and IT services, information technology checklists are a must to ensure you meet or exceed cybersecurity and compliance requirements, as well as maintain an operational system with little to no downtime.
The Two Main Types of Checklists
We take what we view as our own basic knowledge for granted, not realizing that we sometimes forget essential steps that can mean the difference between success and failure. This is where different types of checklists, including business checklists, can be helpful.
According to a Forbes article, there are two main types of checklists: Read-Do and Do-Confirm checklists. Read-Do checklists document and outline specific steps that must be performed to accomplish specific tasks, whereas Do-Confirm checklists are used to ensure that actions aren’t overlooked or skipped in process.
What a Technology Checklist Can Entail for Organizations
Business checklists and information technology checklists are being used every day across a variety of industries — healthcare, aeronautics, finance, legal, construction, and technology (to name a few). Some different types of checklists can include:
- a company due diligence checklist for technology
- a cybersecurity coverage checklist
- a HIPAA technology checklist, HIPAA security rule checklist, or a HIPAA IT compliance checklist
- a technology checklist
- a technology audit checklist
Technology checklists, which provide you with a systematic and calculated approach to situations and processes, can include a variety of points to ensure that:
- Your IT system requirements are up to date to reduce downtime
- Updates and patches are performed regularly
- Daily processes are outlined and are followed
- Best practices are utilized, including lists of “dos” and “don’ts”
- An IT response plan and other written policies and procedures are in place in the event of an emergency
- Employees are trained and have guidance for how to respond in various situations
While it may seem like a no brainer, implementing technology checklists as part of your daily operations should be a must for anyone in our industry. And for FPA, it helps us achieve one of our core values — to “Document and Standardize” every process. This helps us not only deliver our services more consistently, it also enables us to delivery better service to our clients so they can better serve their clients.
Why Your Organizational Culture Benefits from Checklists
We believe a culture that inherently leverages information technology checklists is significantly better than one that doesn't or merely talks about it - and is usually a great indicator for the quality of service in other areas. Why? Having your in-house IT services team use technology checklists as part of your operations demonstrates their care and commitment to the quality and consistency of their work let alone to meeting cybersecurity compliance and best practices. Another of the benefits of using a checklist is that it documents what was done as an additional audit trail showing that you value your clients and/or customers and have done what you can to secure their valuable information.
When working with an IT Managed Service Provider (MSP) or Managed Security Service Provider (MSSP), it’s important to know whether they incorporate technology checklists into their processes. It not only helps you to make sure that your security solutions follow compliance standards, but it also helps you to ensure that vital processes aren’t simply glossed over. This helps to make sure your network and related IT systems are operating in the best condition possible and helps keep your information as secure as possible from malicious users.
How FPA Can Help You Integrate Technology Checklists
At FPA, we have a variety of technology and cyber security checklists that we follow as part of our approach to service for our clients. As a Los Angeles MSP and MSSP with more than 27 years of experience, we take our processes and methodologies seriously because our clients' IT infrastructure performance and data security are of the utmost importance.
What sorts of checklists, if any, do you use within your own organization? What insights do you have to share about your experiences implementing technology checklists? Share your thoughts in the comments section below, or send me an email if you’d like to continue this conversation with me more in-depth.