The IT Support and Cybersecurity Checklist

IT Support and Cybersecurity Checklist

A tool to help you assess any IT or Managed IT Service Provider



1. What percentage of calls are answered versus going to a voicemail?

You should expect at least 98% of calls to get answered by a live human being. But even more importantly, if your IT company can’t quickly give you their percentage, that
is a problem.


2. How quickly does a tech start working on the ticket?

Most IT companies have a triage person who answers the phone, takes all your info, and then schedules a tech to call you back. The problem is that it can take 5 minutes,
three hours, or three days.


3. First Call Resolution: What percentage of calls are fully resolved on the first call?

Typically, the call is transferred to someone, and if that person can’t fix it, you will be sent to an “Escalation Engineer.” Which is great. Although most often, the escalation
tech is unavailable, so your issue won’t be resolved until the next day.


4. How is the information from a support call documented during and after a call?

You should never have to repeat yourself to a different technician. All notes from your call and anyone who worked the ticket should be in front of this new technician.


5. What are the communication standards that are used to determine the “urgency” of a support call? The tech must ask you; How quickly do you need this resolved?

There needs to be a clear method of communicating the urgency of the situation. Saying that something is “important” does not clearly identify the urgency of the call.Unfortunately, most IT companies don’t have a communication standard. Those expectations must be addressed on every call.


6. What are the communication standards while an issue is being resolved?

The user should know the status of a ticket. The user should never be confused and ask themselves, “Are they waiting for me to test it … are they testing it, etc.?” The IT company must have a standard for updating the status of all open tickets.


7. How is the resolution of an issue communicated to the end user?

The IT provider must follow up with you and confirm that the issue has been resolved. The end user should also be asked to test the resolution to ensure the issue is resolved.


8. What tool is used to remotely access and monitor end-user machines?

Most IT companies can remotely access computers, but some do it using tools that are not secure. Cybercriminals have gained access to client networks through tools used by some IT companies.


9. Do you provide support for mobile devices, including tablets and smartphones?

In the post-Covid world many, many workers are working remotely. This puts an even greater emphasis on mobile devices. Therefore, keeping these devices secure and up
to company standards is crucial


Cyber Security




1. Do you have an intrusion detection system (IDS)?

Cybercriminals are using new methods to extort money. An intrusion detection system protects you after the criminals are in your system and help immediately identify the
systems that have been compromised. This allows for quick and decisive recovery from a breach.


2. Are you doing cyber-security awareness training, like monthly phishing tests?

Humans are still the most vulnerable part of your cyber security protections. Over 80% of breaches are the result of human error. Therefore, it is imperative that your team
receives consistent cyber awareness training (for example, monthly “test” phishing email campaigns) to ensure they know the latest methods used by cybercriminals.


3. Are your cyber security protections integrated to form a UTM (Unified Threat Management) system?

With a Unified Threat System, one plus one is greater than two. In a UTM environment, your firewall, SPAM filtering, Content Monitoring, and Antivirus work together to be
stronger and more effective than separately


Next Steps

If you have any questions, please email Collin Weekly at

Thank you for your referral!


new look,
same great service.