What is your company's name, address, and website?
Who are the main contact people, and what are their roles and contact information?
Can you briefly describe your company's core business?
Please provide the total number of users within your environment?
How many sites are present in your infrastructure today? Please list locations and user count in each location.
Are you opening any new sites in the next 12 months? Please list all new sites that are coming online and how many users will you host in each.
What are your company's strategic goals for the next year?
What are your company's long-term goals (3-5 years)?
How does your current IT infrastructure support these goals?
What limitations does your current IT infrastructure impose on your business goals?
Is your infrastructure primarily on-premise, cloud-based, or a hybrid model?
What kind of IT infrastructure (servers, network, applications, etc.) do you currently have?
How many servers do you have, and what are their purposes?
What virtualization platforms are you using (VMware, Hyper-V, etc.)?
If you are using virtualization technology, what are your primary uses for this infrastructure (server, storage, network, desktop)?
If you are using VMware, please list all VMware products you are currently utilizing? (vSphere, Horizon, NSX, VROPS/Aria, etc.)
What remote management and monitoring solutions are in place currently?
What types of devices are you managing remotely (servers, workstations, etc.)?
How often do you perform remote management activities and maintenance?
Do you have Change Control process in place? If so, what is your change schedule?
How many desktops/laptops do you have in your organization?
What operating systems are in use?
How many mobile device users are there?
Do you have a BYOD (Bring Your Own Device) policy?
How many users need remote access?
How do you provide remote access to your users?
How do you manage user profiles (Roaming Profiles, FSLogix, Ivanti, etc.)
Can you list your major software applications and their purposes?
How do you maintain these applications and how often do you apply security patches?
How are these applications being delivered to your users (e.g., individually installed, web-based, SCCM, VDI (Horizon/Citrix), etc.)?
If cloud is being utilized, which provider(s) do you use?
What workloads or applications are you running in the cloud? Please be as thorough as possible.
How are you managing your cloud environment?
Do you have a hybrid cloud or multi-cloud setup?
If you have multi-cloud environment, are there any current challenges you are facing?
Would you like to migrate more resources to the cloud? If so, please list everything you would like to migrate to cloud in the next months/years and provide timeline. Please also note if there is anything preventing you from cloud migration such as compliance requirements or internal skills?
What kind of network equipment (routers, switches, load balancers, etc.) do you use, and who are the manufacturers?
What type of internet connection does your company use?
Do you have a firewall in place? If so, what brand/model?
What security policies are currently in place (password policies, access controls, etc.)?
Do you conduct regular Pen Tests? If you do, please lists which pen tests are you performing (internal, external, web apps, mobile apps, wi-fi, etc.) and how often?
How many external servers do you have (internet facing)?
What runs on these servers (apps, sites)?
How are you connecting your locations (SD-WAN, MPLS, etc.)?
How many internal IPs do you have on each location (approximately)?
How many external IPs do you have on each location?
How many Wi-Fi Routers and Access Points do you have on each location?
How many SSIDs do you have on each location?
Do you currently have an Intrusion Detection System (IDS) or Intrusion Prevention System (IPS)?
Are you using any Managed Detection and Response (MDR) solutions?
Are you utilizing any Security Operations Center as a Service (SOCaaS) solutions?
What Endpoint Detection and Response (EDR) solutions are you using?
Have you experienced any security incidents in the past year?
If you get breached tonight, who would you call?
What measures are you taking to prevent data loss? If solutions are in place, please list all products/solutions that are currently providing you with DLP.
What data protection policies do you have in place?
Do you have a designated Data Protection Officer (DPO) or equivalent?
Do you currently have a data backup solution in place? If so, what is it?
How often are backups performed?
How much data are you currently backing up?
How much data do you need to add to the current backup pool?
How many endpoint devices do you have that would need backup?
How many Google Workspace/M365 users you are backing up, or need to backup?
Do you backup AD and do you have ability to do granular restore of your Active Directory objects as needed?
What is your current data recovery process?
Have you tested your backup and recovery process recently? If so, were there any issues?
What are your RPO and RTO requirements?
Have you implemented a disaster recovery and business continuity plan?
Who currently manages your IT infrastructure? (For example: Internal IT Team and 2 MSPs).
How many in-house IT employees do you have and what are their IT roles? Example: 2 Systems Engineers, 2 Database Administrators, etc.
Do you currently use MSP services or Staff Augmentation? What are their roles and coverage responsibilities? Example: 2 Help Desk Technicians covering Endpoints Troubleshooting, 2 Systems Engineers covering vSphere and VDI, 2 Database Administrators for SQL and Oracle, etc.
Where are your current MSP resources physically located? (Example: 2 Help Desk technicians in USA and 1 Offshore in Ireland, etc.).
If you utilize MSP or Staff Augmentation, what is your estimated average spend for MSP Services and Staff Augmentation per year?
Are you satisfied with your current IT support? Please let us know if there are any gaps you would like to fill?
How many IT-related issues do you encounter in a typical month?
How long does it usually take to resolve an IT issue?
What is your procedure for handling after-hours support?
Do you have an IT strategic plan for the next 1-3 years?
Are there any planned IT infrastructure upgrades or changes in the near future?
What is your annual IT budget?
What is your annual MSP spending? How is it broken down? Example 150k systems 150k network.
Are you interested in moving more services to the cloud? If so, which services/solutions/apps?
How do you currently handle data backup and recovery?
What industry is your business in and are there specific regulations that you must adhere to? (e.g., HIPAA for healthcare, PCI for credit card handling, NIST, CMMC, etc.)
Which sites within your organization need to fall under your compliance requirements?
What are compliance requirements for your MSP? (Example: NIST compliant tools, encrypted communication, etc.).
Do you conduct regular IT audits?
Have you experienced any data breaches or violations?
Do you have cyber insurance? If so, please lists what cyber insurance policies do you carry?
What are your key concerns or pain points with your current IT setup?
What are your expectations from a Managed Service Provider?
What specific services are you interested in obtaining from an MSP? (e.g., endpoint management and monitoring, help desk, data backup and recovery, network management, etc.)
Would you require 24/7 support and monitoring, or support only during business hours?
What criteria are you using when evaluating MSPs?
Did you know that a high quality MSP can potentially help you lower your cyber insurance premiums?
Is there anything else you feel is important for us to know in order to create a well-rounded proposal?
Please provide feedback about this questionnaire. We are always looking to improve our communication! Thank you in advance!