Optizap logo

IT Discovery
& Audit

Clear IT risks and priorities you can act on.

Book a consult
Remote-first
Vendor-neutral
IT Discovery & Audit

What’s included

Environment inventory

Document systems, apps, integrations, and data flows so everyone knows what exists and how it connects.

Risk assessment (CIA)

Summarise confidentiality, integrity, and availability risks with business impact and likelihood.

Access & identity review

Map who has access to what, evaluate SSO/MFA, and identify risky accounts and shared credentials.

Credential clean-up

Consolidate sign-ins into a secure vault, remove unused accounts, and fix unsafe sharing.

Workflow mapping

Observe how teams actually work; highlight bottlenecks, manual steps, and unclear ownership.

Project backlog

Deliver a prioritised list of scoped projects with estimates and assumptions your team can accept or defer.

How we work

Scope & intake

Align on objectives and in-scope systems; gather existing docs and context.

Collect & validate

Pull configs, logs, and asset lists; sanity-check for gaps.

Findings review

Walk through issues in plain English, discuss options and trade-offs.

Plan & handoff

Provide the project backlog and risk-reduction recommendations.

Frequently Asked
Questions (FAQs)

We know you have questions. We have
answers to some of them.

Do you provide fixed quotes?
Yes. For clearly defined pieces of work we can provide a fixed quote up front, so you have certainty on cost before we start. For more open-ended engagements we'll agree an estimate range and keep you updated as we progress.
What is your minimum and how do you round time?
The minimum billing is one hour. Time is rounded to the nearest fifteen minutes.
What counts as billable time?
Billable time includes any work we do on your behalf: investigation, implementation, configuration, documentation, meetings, and coordination with third parties. We don't bill for general sales conversations or high-level scoping before you've approved work.
How is the estimate tolerance set?
For each scoped piece of work we'll agree an estimate with a tolerance band (for example ±20%) based on the information available at the time. If we discover material changes or risks that could move us outside that band, we'll flag it early and re-confirm scope and budget with you before proceeding.

What forward thinking execs say

Recommended

Optizap gave us clarity on what we had, what was at risk, and a realistic plan to fix it. Roadmaps and reviews mean IT is now part of our planning, not an afterthought.

Brooklyn Simmons
Brooklyn Simmons
CTO · December 7, 2024
Recommended

Having a virtual IT director means one accountable owner for vendors, projects and budgets. We finally have a joined‑up view of technology and risk.

Dianne Russell
Dianne Russell
CEO · December 7, 2024
Recommended

Backups, continuity and access controls used to be a worry. Now we have evidence, tests and documentation that stand up to scrutiny from auditors and insurers.

Leslie Alexander
Leslie Alexander
CFO · December 7, 2024

Certifications

Certified Information Systems Security Professional - CISSP
Certified Information Systems Security Professional - CISSP June 2025
Project Management Professional - PMP
Project Management Professional - PMP March 2025
Azure Solutions Architect Expert - Microsoft
Azure Solutions Architect Expert - Microsoft November 2024
Azure Administrator Associate - Microsoft
Azure Administrator Associate - Microsoft October 2024
Solutions Architect Associate - AWS
Solutions Architect Associate - AWS April 2024
Google Cloud - Professional Cloud Architect
Google Cloud - Professional Cloud Architect August 2023