In IT, gap analysis is an assessment that helps identify differences between information systems or applications. A gap can be looked at as “the space between where we are, and where we want to be.” Gap analysis helps bridge that space by highlighting requirements that are being met, and those that are not.
In software development for instance, IT gap analysis can be used to document services or functions that have been accidentally left out, those that have been deliberately eliminated and those still to be developed. In compliance, a gap analysis can be used to compare what is required by law, with what is currently being done.
IT gap analysis provides vital inputs for the optimal use of IT infrastructure and improvement of current service levels to match defined service levels. For example, suppose that the IT department’s vision is to achieve 100% server virtualization, but currently only 70% of the servers are virtualized. Using an IT gap analysis template, the current infrastructure feasibility to achieve the 100% server virtualization goal will be analyzed and recommendations to achieve it will be provided. The IT gap analysis, including SWOT analysis, should be carried out for the current IT infrastructure, security measures and disaster recovery (DR) procedures at the business unit level as well as the enterprise level.
The following processes that are incorporated into the IT gap analysis template are helpful in identifying and bridging the gaps in an organization. Download our IT gap analysis template for more details.
- Identify teams from various business units as well as a team from higher management to conduct the IT gap analysis assessment.
- Every organization has an IT infrastructure vision. The IT gap analysis team should study the vision and identify gaps with respect to their business units, from an IT standpoint. For example, if for the HR department, IT has a vision of providing an online portal with 99.999% availability to employees, the fact that the existing portal is down for maintenance on weekends would be identified as a gap.
- All observations of IT gap analysis teams must be documented for each business unit.
- As detailed in the downloadable IT gap analysis template, the document should also contain the following information with regards to each service being offered by IT:
Ø Background: Detail the purpose, consumers and SLAs for all services.
Ø Strengths: Define the measures in place to provide the services with least disruption as per the SLAs.
Ø Weaknesses: Define shortcomings in current services or factors that affect service availability.
Ø Threats: Define the threats that can lead to unavailability of services, and describe control procedures in place to counter the threats.
Ø Gap analysis: Map the current service-level parameters to the vision-defined parameters, with complete details of the identified gap and why it exists.
Ø Recommendations: Draft recommendations to bridge the gap using the existing infrastructure or by introducing new equipment. Stress upon optimal use of current resources.
- Based on the IT gap analysis template, the document should also detail the current DR setup of the organization, including the following:
Ø Analysis and documentation of the current DR infrastructure.
Ø Details of recovery point objective (RPO) and recovery time objective (RTO) requirements of the business applications.
Ø Mapping of current RPO and RTO values to the desired values.
Ø If the current and desired values do not match, identification of gaps and drafting of recommendations to achieve the desired values.
- The IT gap analysis document should also detail the current information security procedures in place. Threats should be identified along with the controls in place to tackle them. Any loopholes found should be drafted, along with recommendations to eliminate them.
- Using the IT gap analysis template, the document should also list the governance risk and compliance (GRC) regulations that the organization needs to follow. The current compliance status should be documented along with the recommendations, if any, for strict enforcement of GRC.
- IT gap analysis should document the vision of the organization’s IT department from a technology standpoint, comprising details of the current IT infrastructure, and where the organization aims to be from a technology standpoint. Recommendations to bridge any gaps should be documented.
Once all the above factors have been analyzed, the IT gap analysis report can be presented to top management to determine the required course of action to bridge all identified gaps.
Download the attached IT gap analysis template for more details.
About the author: Anuj Sharma is an EMC Certified and NetApp accredited professional. Sharma has experience in handling implementation projects related to
SAN, NAS and BURA. He also has to his credit several research papers published globally on SAN and BURA technologies.