Performing IT audits for law firms and corporate legal departments is one of the consulting services that I offer. You would think that this type of service would largely sell itself. However, lawyers are a hard-sell group. In many firms, even an initial assessment will likely help stop the bleeding of cash. I wrote about this topic in “Seven Easy Ways for Law Firms to Throw Away Money on Technology.”
But you don’t have to take my word for it. Bob Violino’s article “You Bought It, Now Audit It” does an excellent job of making the case for IT audits, with some great practical examples and some tips for getting the most benefit from the process.
The money quote:
“IT audits frequently begin with a risk assessment, in which an organization obtains an overview of the major systems and applications used to support critical business processes. The intent is to identify existing or potential areas of risk that should be addressed in future IT audits, says Paul Rozek, director of technology services at Jefferson Wells International, a Brookfield, Wisconsin, consulting firm that has seen its IT-audit work increase by 40 percent between 2002 and 2003. Organizations can then prioritize the audits based on the level of risk. That initial assessment can also give executives a good sense of the systems the organization has in place, and whether the company has sufficient expertise and staff resources to conduct subsequent, more-focused audits.”
The article also notes that audits can cover a variety of specific areas, including the commonly-overlooked area of software license management. Not to belabor the obvious, but I believe that my combination of tech expertise and my law practice that concentrates on software licensing and IT contracts makes a dynamite combination in the IT audit area, especially when you consider that many organizations seem to prefer to cast a blind eye to these issues, at least until they receive a BSA software audit letter.