Actionable Detail and the 80/20 Rule

We’ve seen too many third-party IT and security assessments that are very high level and offer only general recommendations. That’s not what we do. An assessment project should yield a clear gap analysis and actionable recommendations with specific projects and costs. Yet this doesn’t need to require a lot of time and expense. The key is knowing where to look to get 80% of the value for 20% of the cost. KalioTek’s 20-year focus on emerging life science and technology companies has tuned our sensibilities for these companies.

Most emerging companies have little to no documentation of their IT, security systems and processes that are critical for stability and scalability. While we’re reviewing the details, we document the infrastructure and processes in a living document we call a Run Book, with all the information needed to support the IT environment. When key processes lack definition (new-hire setup, termination, IT procurement, backup, escalation procedures…) we recommend best practices and provide templates to speed the process.

Don’t Forget The Cloud Apps

A key deliverable of this project is the documentation of all cloud applications used by the company, denoting business owners, approval authority for access and other relevant details. With the proliferation of cloud services used by different roles and departments, these now constitute a big part of the complexity of managing IT and security.


At the conclusion of the project KalioTek will present an executive summary with our gap analysis and recommendations, including estimates for any recommended projects, along with the completed Run Book. Resulting initiatives form the basis of an IT+Security Plan, which should be kept current as business conditions and priorities change.

Sound interesting? Contact us for a quick estimate.