Ask / Collect
- Business overview & critical processes
- Current IT provider details & issue history
- Key business applications (ERP, POS, CRM, etc.)
- Peak hours, downtime tolerance
- Existing documentation (network map, admin credentials, diagrams)
- Compliance requirements (ISO, GDPR, etc.)
Collect
- Number of employees
- Desktops, laptops, printers, scanners
- List of endpoint devices
- OS versions & licensing status
- Admin vs standard accounts
- Domain-joined vs local devices
- Asset tags, serial numbers
- Antivirus/EDR installed
Ask
- Onboarding/offboarding workflow
- Password policy & MFA rules
- Remote workers & devices used
Inspect & Document
- Server list (physical + virtual)
- Server roles (AD, DNS, DHCP, File Server, 3CX, etc.)
- OS versions
- Hardware specs (CPU/RAM/Storage)
- RAID setup
- Virtualization platform (Hyper‑V/VMware/Azure)
- Domain functional level
- Backup agents installed
- Disk usage & health
- Server rack, cooling, UPS
Ask
- Admin users with server access
- Critical legacy apps
- Past downtime incidents
Inspect & Document
- Firewall model & configuration
- Switches (managed/unmanaged)
- VLANs
- Access points (Aruba/Ubiquiti/Cisco)
- Guest Wi‑Fi segregation
- Routing rules
- Port forwarding list
- DHCP scopes
- ISP details & redundancy
- Static IP assignments
- Network diagram (physical & logical)
- Cable quality & rack condition
Ask
- Internet downtime history
- Network expansion plans
Collect / Inspect
- Firewall configuration backup
- IPS/IDS status
- Web filtering
- Antivirus/EDR status
- Patch management
- Admin access policy
- MFA on all services
- Audit logs & retention
- Remote access methods (VPN/RDP)
- Exposed IP list
Ask
- Previous security incidents
- Access approval process
Inspect
- Acronis portal setup
- Backup schedules
- Retention policies
- Last backup success/fail logs
- Restore test history
- Cloud vs on‑prem backup solutions
- RPO/RTO expectations
Ask
- Last restore test
- Critical data locations
Collect
- Azure AD structure
- Subscriptions & resources
- Virtual machines
- NSGs & firewall rules
- Active licenses
- Admin users
- MFA & conditional access
- DKIM/DMARC/SPF setup
- Email security
- 3CX cloud configuration
Ask
- Who administers cloud environment
- Shadow IT or unmanaged systems
Collect
- Installed business applications
- Licensing info
- SQL databases
- 3CX (SIP provider, call flows)
- Camera/NVR system details
- Access control systems
- Shared folders & permissions
Ask
- Mission‑critical applications
- Planned upgrades or replacements
Inspect
- Server room cleanliness & layout
- Cooling/ventilation
- UPS battery health
- Camera system hardware
- Cable management
- Power grounding
- Fire suppression system
- Security access to IT rooms
Ask
- Power/temperature issues history
Request
- Network diagram
- Admin credentials
- Firewall login
- Switch login
- Server admin login
- Azure/O365 global admin
- 3CX admin
- Access control system login
- Camera/NVR login
- Acronis login
Ask
- SLA expectations
- Working hours vs after-hours support
- Urgent incident procedures
- Approval process for purchases
- Approval process for access changes
- Approval process for new accounts
- Approval process for network changes
Ask
- Expansion plans
- New branches / relocations
- Planned new systems
- Cloud migration interest
- Security project plans
- Network topology diagram
- Infrastructure health report
- Security assessment
- Asset inventory list
- Recommendations & roadmap
- Backup validation report
- SLA draft