Blog / Efficiency
Efficiency

Before You Buy Another Platform: A Technology Audit Checklist

Gerald Augustine
Gerald Augustine
November 2025
7 min read

Every year, organisations invest in new technology platforms. New tools to improve productivity. New systems to solve problems. New software to modernise operations. And every year, a significant proportion of that investment is wasted, not because the technology is wrong, but because nobody stopped to ask whether it was actually needed.

In my experience working across technology estates of varying size and complexity, one finding is almost universal: most organisations are sitting on significant untapped value in what they already own. Licences paid for but barely used. Platforms doing the same job as something else already in the estate. Cloud services running without an owner. Hardware on support contracts for systems that should have been decommissioned two years ago.

Before you sign the next contract, do the audit first. What follows is the checklist I use when assessing a technology estate, distilled from years of doing this work as part of broader transformation and efficiency programmes.

What You Typically Find

Technology audits rarely produce surprises in isolation. What they produce is a complete picture, often for the first time, and that picture is almost always more expensive than the organisation realised.

Most Common Discoveries
Duplicate software
Two or more tools doing the same job, often adopted by different teams at different times with no central visibility.
Unused licences
Licences purchased for a peak headcount or a project that ended, still being renewed automatically on annual contracts.
Shadow IT
Tools adopted outside of the procurement process, often because approved tools were too slow or too cumbersome for the job.
Unowned cloud services
Cloud subscriptions running without an active owner, often because the person who set them up has left the organisation.
Outdated hardware
Devices and infrastructure still on support contracts, sometimes for systems that have already been replaced in practice.
Expired or lapsing contracts
Vendor agreements auto-renewing without review, often at rates that could be significantly improved with active negotiation.

The best technology investment you can make is often understanding what you already have.

The Checklist

This is not an exhaustive IT audit framework. It is a practical starting point for any organisation that wants to understand its technology estate before committing to new investment. Work through each section honestly. The findings will tell you where to focus.

Your Progress
0 of 25 items reviewed
01
Software and Licences
What are you paying for, and is it being used?
Compile a complete software inventory ?Start with procurement and IT records, then go further. Review corporate credit card statements and personal employee expense claims for software subscriptions or ancillary technology services. Query network or DNS logs for domains being accessed. Check your email platform for OAuth-connected third party apps. Run an anonymous staff survey asking what tools people actually use day to day. Shadow IT exists precisely because people have found workarounds, so the approved list alone will never tell the full story.
Every application in use across the organisation, including those not on the approved list.
Real-World Example

A member of staff held a personal Microsoft Azure subscription, claimed back through monthly expenses, and used it to run a Power BI dashboard that an entire commercial team had become operationally dependent on. The IT team had no visibility of the application, no control over the data flowing through it, and no awareness of the business dependency until the subscription lapsed. This is shadow IT at its most consequential: not malicious, entirely well-intentioned, and potentially devastating if it disappears without warning or falls outside regulatory data controls.

Audit licence counts against actual usage
How many licences are you paying for versus how many are actively used? Many vendors provide usage reporting. Use it.
Identify functional duplicates
Are multiple tools doing the same job? Map each tool to its primary function and flag where overlap exists.
Review renewal dates and auto-renewals
List every contract renewal date. Flag any auto-renewing agreements that have not been actively reviewed in the last 12 months.
Identify shadow IT tools
Survey teams directly. Ask what tools they use day to day, not just what is on the approved list. The answers are usually illuminating.
02
Cloud Services
What is running, who owns it, and what is it costing?
Inventory all cloud subscriptions
Include SaaS, IaaS, and PaaS. Check corporate credit card statements and expense reports as well as procurement records.
Assign an owner to every cloud service
If a service has no named owner, it has no accountability. Flag unowned services for immediate review.
Review cloud resource utilisation
Are provisioned cloud resources appropriately sized? Over-provisioned compute and storage is one of the most common sources of avoidable cloud spend.
Check for dormant or unused cloud environments
Development, test, and staging environments that were spun up and never decommissioned. They accumulate cost quietly.
Review data egress and storage costs
Cloud storage and data transfer costs are frequently underestimated. Understand what you are storing, where, and whether it still needs to be there.
03
Hardware and Infrastructure
What are you maintaining, and does it still serve a purpose?
Audit all physical hardware assets
Servers, networking equipment, end-user devices. Include anything still on an active support or maintenance contract.
Identify end-of-life equipment
Hardware past its vendor-supported life is a security risk as much as an operational one. Flag and prioritise for replacement or decommissioning.
Review support contracts against actual need
Are you paying for premium support on equipment that is already scheduled for replacement? Support tiers can often be renegotiated.
Identify hardware with no active purpose
Equipment kept "just in case" has a cost. If it is not serving a defined function, assess whether it needs to be retained.
04
Vendor Relationships
Are your supplier arrangements still fit for purpose?
Review all active vendor contracts
When did you last actively review each contract? Are the terms still competitive? Has the scope of service changed since the contract was signed?
Assess vendor performance against contracted SLAs
Are your vendors delivering what they are contracted to deliver? Poor performance that goes unchallenged sets a precedent and reduces your negotiating position at renewal.
Identify single points of supplier dependency
Where is the organisation critically dependent on a single supplier with no viable alternative? These dependencies represent both commercial and operational risk.
Review supplier access rights
Do all active suppliers have appropriately scoped access? Have access rights for former suppliers been fully revoked?
05
People and Processes
Is your technology estate supported by the right capabilities?
Identify technology skills gaps in the team
Are there platforms or systems in the estate that the internal team cannot adequately support? Skills gaps often go undisclosed until a problem surfaces.
Review documentation currency
Is your technology documentation up to date? Undocumented systems and integrations are a risk that compounds over time.
Assess onboarding and offboarding processes
When someone joins or leaves, are access rights granted and revoked consistently and promptly? This is one of the most common security control failures.

What to Do With Your Findings

Working through the checklist will generate a list of findings. Without a framework to prioritise them, that list can feel overwhelming. The following two-axis approach keeps it simple and actionable. For each finding, assess it against two questions: what is the cost impact, and what is the risk impact?

โšก
High Cost. Low Risk.
Quick Wins

Act immediately. Unused licences, auto-renewing contracts, and oversized cloud resources fall here. These can typically be resolved without significant change management or business disruption. The savings are real and often immediate.

๐Ÿ”ด
High Risk. Low Cost.
Immediate Action

Address urgently. Unowned cloud services, former supplier access rights, and end-of-life hardware typically sit here. The financial cost of fixing them is modest. The cost of not fixing them can be significant.

๐Ÿ“‹
High Cost. High Risk.
Board-Level Decision

Escalate with a clear business case. These findings require investment and carry material risk if deferred. They need board visibility, a named owner, and a defined timeline. Present them in business terms: what is the cost of action versus the cost of inaction?

๐Ÿ‘
Low Cost. Low Risk.
Monitor

Log and review periodically. Not everything requires immediate action. Items in this quadrant should be documented, assigned an owner, and revisited at the next audit cycle rather than consuming resource now.

The goal is not to resolve everything at once. It is to have a clear, prioritised view of your estate so that every investment decision is made with full information rather than incomplete knowledge. The audit is the foundation. What you build on it depends on what you find.

What the Audit Reveals

From Experience

In almost every organisation I have worked with, a structured technology audit has uncovered savings that more than covered the cost of conducting it. The most common finding is not dramatic. It is mundane: licences renewing automatically for users who left months ago, cloud environments provisioned for a project that completed, support contracts covering hardware already scheduled for replacement.

The less common but more significant finding is duplicate platforms. Two teams solving the same problem independently, each paying separately for tools that do essentially the same job, neither aware the other exists. This happens more often in larger organisations, but I have seen it in surprisingly small ones too. The cause is almost always the same: no central visibility of the technology estate, and no governance process that would have caught it at the point of purchase.

The audit is not the end of the process. It is the beginning. What it produces is a prioritised picture of where money is being wasted, where risk is accumulating, and where the organisation has capability it is not fully using. That picture is the foundation for every investment decision that follows. Without it, you are making those decisions in the dark.

Before You Sign the Next Contract

The audit checklist above is a starting point. The discipline it represents is ongoing. Before any new technology investment is approved, three questions should be mandatory:

First: do we already own something that does this? The answer is more often yes than most organisations expect. Second: if we do not own it, does it integrate cleanly with what we have, or does it add to the complexity we are already managing? Third: who will own it, maintain it, and be accountable for its performance once it is live?

These questions will not eliminate all poor technology investment decisions. But they will eliminate most of the avoidable ones. And in most organisations, the avoidable ones represent a significant proportion of the total.

Not sure what your technology estate is actually costing you?

I work with organisations to conduct honest technology estate assessments, identify where value is being lost, and build the governance processes that prevent it recurring. If this resonates, I would welcome a conversation.

Start a Conversation
Efficiency Technology Audit Cost Reduction Governance Cloud