Contact Us

Documentation – Your IT “Canary in a Coal Mine”

Featured

I consistently hear the same technology concerns from business owners and executives: they don’t know what’s happening inside their IT. They trust their MSP or IT team, but without documentation, how can you truly know what’s being done or if it’s even being done at all?

A Simple Test to Check if Your Documentation Is in Order

I call this the “canary in the coal mine” question. Miners’ caged canaries would die if there were dangerous gases in the mine, warning the miners to get out while they still could. And guess what? Do a simple test!

We have an IT canary — ask your IT department (or IT Partner) for documentation and see how long it takes to get it. This question will tell you whether your IT people are on top of things and working for you. If they cannot give you the documentation in close to real-time, they do not have it, and I can guarantee you there will be something that doesn’t smell right about your support and systems.

 

What Should Be Included in Documentation?

The short answer is – everything.

Your IT partner or in-house team should continually document everything from the mundane management of passwords to the more sophisticated troubleshooting of key business systems.

They should also have checklists for regular tasks, like processing new hires/terminations, doing backups, installing programs, etc. Without these procedures documented, something will always get missed.

You have a right to ask your IT team to document everything and have checklists for almost every repeatable task. Documenting the everyday tasks helps to free them up to use their brains for troubleshooting new issues, developing a strategy, and being generally helpful.

 

4 Questions to Ask Yourself:

  • How much documentation do you actually have? In IT, more is usually better.
  • Do you see documentation that looks important to you as a business leader? Look for documents about your key applications, employee new hires and terminations, etc.
  • Is your security posture clearly documented? When a breach happens, are you protected and in a position to recover quickly?
  • Do you see new documentation, something created or updated recently?

 

If you’re wondering what ‘good documentation’ really looks like, here’s a simple checklist. Use it to test your IT.

A Quick Documentation Checklist (or, How Is Your Canary Doing?)

I have:

  • 100 or more pieces of documentation for my environment
  • New documentation within the last month
  • Checklists for repetitive IT tasks like computer setups, new hires, and terminations
  • Real-time access to documentation (not buried PDFs or binders)
  • Disaster Recovery (DR) documentation and playbooks (and I update them regularly)
  • Policies in place (Security, Safe AI use, remote and hybrid work, etc.)
  • Compliance-ready documentation for SOC 2, HIPAA, or industry audits
  • Clearly documented Cyber insurance requirements

    If your MSP can’t check most of these boxes, you’re at risk. And this is how you can choose a new Managed Service Provider (MSP)

    4 Risks of Not Having Updated Documentation

    Here’s something else I know. Most IT people are certain that they are smart and above the tedium of documenting because they can figure anything out “on the fly.” This neglect of process never works long-term. Here are 4 risks of not having your documentation in order (or in place!).

    1. Knowledge out the door: Eventually, someone (Bob) quits, taking all your hard-won knowledge with them. Hello downtime!
    2. Lost time and dollars: Often, the new person (without proper documentation) needs to reengineer the system, which can be costly in terms of both time and money.
    3. Security Blind Spots: Without documentation, you don’t know if security controls are in place, up to date, or even being followed. Not a good place to be in.
    4. Lost Trust: If your MSP or IT team can’t show you documentation, how do you know what they’re actually doing? Without proof, you’re left taking their word for it.

      So, if your IT team gives you documentation that’s a single page with a list of passwords, consider yourself underserved. Your little canary is feet up…

      Conclusion

      Documentation is the cornerstone of everything your technology department is doing for you. If it’s not rock solid, then you have a weak technical foundation, which should undermine your confidence in everything else they are doing for you. Check the health of your IT solutions and ask for your documentation today. If your canary is looking puny, give us a call for a technical assessment — and a little peace of mind.

      Bonus:

      • For healthcare or finance, you need documentation to prove HIPAA or SOC 2 compliance.
      • To get cyber insurance: without documentation, you can’t prove your controls are in place.

       

       

       

       

       

       

       

      John Ahlberg
      CEO, Waident

      CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

      Related posts

      Read more

      Accessibility Toolbar

      Share This