IT Checklist Small Business 2011

8/3/2019 IT Checklist Small Business 2011

1/12

IT checklist orsmall businessMarch 2011


2/122

Introduction

A small business is unlikely to have a dedicated IT Department or Help Desk. But all the tasks that a large organisation

requires o its IT Department and Help Desk are also needed by a small business. A small business needs to make sure that

those tasks are allocated either to someone within the business, or to an outside provider.

Since the frst version o this checklist was released, several trends have been observed. Firstly, small businesses are

increasingly turning to an outside provider to manage their IT services (Lee & Gongming, 2007). Secondly, the use o online

social media (Facebook, Twitter and so on) has increased exponentially. Finally, there is a need to close the loop by ensuring

that the business is thinking about its own requirements and monitoring its strategy and service providers to ensure business

needs continue to be met.

This is a checklist or small business owners and managers to help them make sure they dont orget the important items.

Each checklist item is designed to ensure the small business owner thinks clearly about their own requirements and prompts

them or urther action.

Checklist items marked with a star are essential i IT is to be delivered well. However, at all times a business owner should

respond to each checklist item as appropriate or their needs.

Using this checklist

There are our activities a small business needs to ocus on to keep IT working. All businesses need to plan, build, manage

and run IT (Gillies & Broadbent, 2005).

This checklist considers areas o IT management by looking at each ocus activity in turn. Each checklist item is intended as a

practical tool to stimulate the business owners thinking.

The checklist is designed or use by small businesses, but draws upon internationally accepted standards where appropriate.

The principle resources drawn upon are Gillies (2008), Gillies & Broadbent (2005), Axelsen (2008), and COBIT 4.1 (Inormation

Technology Governance Institute, 2007).This material is available or ree online either through the CPA Australia website

(www.cpaaustralia.com.au) or the IT Governance Institute website (www.itgi.org).

Supporting material is provided where appropriate or users that need this support, however, the checklist is designed to be

useul on its own.

Plan

Have a plan or managing

your IT investment or now

and in the uture

Build

Build new systems and

buy sotware to support

your needs

Manage

Manage IT operations

so that they support and

deliver upon your IT needs

Run

Keep an eye on your IT

operations through review

and evaluating


3/123

IT checklist or small business

Plan

1. Set out a general strategic direction or your IT

It is hard to get to where you are going i you dont have a roadmap to get there. Make sure that you have at least a rough

direction o what your IT needs to do, how this is to be achieved, and when it will be done.

[See COBIT 4.1 PO1, PO3 and DS6 (Inormation Technology Governance Institute, 2007); the CPA Australia publication Business Management o IT (Gillies, 2008) mayalso be valuable.]

You have a short plan that outlines why you need IT, what it is or, and how it is to be used in support o the business.

You know what sort o technology you need to have, what it needs to be compatible with, and what you might need in

the uture. Dont just buy what another company wants to sell you.

* You have an IT budget or the next 12 months that replaces out-o-warranty equipment and buys new technology you need.2. Manage and mitigate IT risks

Like all aspects o business IT has risks to be dealt with. Be sure to have at least thought about the major risks to your business

and how you might cope with them.

[See COBIT 4.1 PO9 (Inormation Technology Governance Institute, 2007); see also the Risk Management Standard rom Standards Australia (2009)]

You know how long your business can survive without IT beore you cant catch up is it a week? 3 days? 1 day? 1 hour?

You have written down the risks that might occur (rom likely to unlikely) and how bad they might be i they

do occur (rom insignifcant to catastrophic).

You have a risk register detailing the worst o these risks, how they aect the key business unction

(e.g. sending invoices), how you reduce the likelihood o the risk arising, and regular tasks to reduce this risk.

3. Deliver upon the IT projects you set yoursel

Being in small business you may have noticed a wish l ist is not always enough to get things done. Make sure the IT projects you

sign up or are ones you need and can achieve.

[See COBIT 4.1 PO10 (Inormation Technology Governance Institute, 2007); or extensive and complex guidance reer to the Project Management Body o Knowledge(Project Management Institute, 2008)]

Your IT projects are never done because they are un but because they support the business.

Your IT projects have a rough business case beore implementing.

* IT projects have an outline o how they are going to be achieved, when they are to be achieved, and what they need to deliver.

Build

4. Installing new equipment (servers, PCs, laptops, printers, scanners etc. along with their related drivers)

In a small business it is tempting to buy new equipment without having thought about how it will be installed. You dont want the

entire business to come to a stop as fve people try to install a new scanner just like the one we have at home.

[See COBIT AI3 and AI4 (Inormation Technology Governance Institute, 2007)]

*

Make sure that the equipment you buy is suitable or a business network environment. Not all equipment suitable

or home use will run on a business network.

Make sure that new equipment has an appropriate warranty while not always good value, extended warranties

can reduce the impact on your business i equipment does break unexpectedly.


4/124

I you dont have an onsite IT proessional, when you buy new equipment consider arranging or the vendor to install it.

While it may cost a little, it may be cheaper than having your sta umbling at a task that is not their area o expertise.

To reduce complexity, consider limiting your purchases to a ew brands and types o equipment that you trust and

are amiliar with.

Make sure that new drivers (e.g. printer drivers) are installed when you buy new equipment. Even i the new printer

seems to work with the old drivers make sure that everyone is using the same drivers or the same printer.

5. Customising sotware to suit the needs o the business

Customising can mean lots o things: writing a quick macro in PowerPoint; creating a stand-alone application based on Excel;

or writing customisations that live within your line o business application or accounting system. Sooner or later most small

businesses will do one o these. Some can be done in-house by power users but i its something that is important to the

business (and not just important to the user) you need a proessional.

[See COBIT 4.1 AI1, AI2, AI5 and AI6 (Inormation Technology Governance Institute, 2007); or a good overview also reer to the CPA Australia publication Delivering inormationand communications technology services to small to medium enterprises (Axelsen, 2008)]

You have decided what customisations are appropriate or your business and decided, in general terms, how they

will be created. When is it appropriate to let the in-house power user have a week or two to work on some Word

macros and when you will call in an expert?

You have clear and exclusive rights to the intellectual property o sotware developed by third party contractors

where that sotware is key to your business.

*Beore customising sotware and building your own, you ask a mentor to be sure that you really need this

customisation as you know that sotware customisations are oten more expensive and take longer than

initially thought.

6. Deploying existing sotware to new users, setting up new sotware and deploying new sotware to existing users

This task needs to be undertaken with some care. First, to ensure that the sotware is installed and set up appropriately andsecond, to ensure that licensing arrangements are ollowed.

[See COBIT 4.1 AI7 (Inormation Technology Governance Institute, 2007)]

I you have an IT proessional in-house then you have discussed how sotware is to be deployed and set up.

I you do not have an IT proessional in-house then you have established a working relationship with a proessional

who can guide you in deploying and setting up sotware.

You have a frm understanding within the business o when tasks will be done in-house and when you will call in

outside help.

7. Downloading, assessing and deploying security patches or operating system and applications

As long as malicious users try to breach systems through security holes in sotware, sotware vendors will be issuing securitypatches. In 2003, hundreds o thousands o machines were inected by the Slammer virus even though Microsot had issued a

security patch that prevented inection over six months earlier.

[See COBIT AI7 (Inormation Technology Governance Institute, 2007)]

You have considered and decided on a policy or installing security patches. For example, you may decide to

install all security patches as soon as they are made available. Or, i your line o business or back ofce systems

are old, uncommon or heavily customised, you may have a policy o testing each security patch against your

sotware to ensure that it will still work properly.

You have allocated responsibility to one person or downloading, assessing (i necessary) and deploying security

patches or the operating system and applications (line o business applications, back ofce systems and desktop

applications).

You have a process in place (perhaps a routine security audit by an external person) to check that security

patches are being deployed appropriately.


5/125

8. Administration: maintaining records o sotware licences, domain names, service contracts or peripheralslike printers, liaising with vendors

Your sotware licences are valuable. Its easy to install sotware on a machine and orget that it is there. It is also easy to orgetwhat service contracts you have in place or your equipment. Finally, it is easy to orget to renew a domain name. Domain names

are cheap, but very valuable. I you dont renew your domain name someone else can register it and you will struggle to get it

back.

[See COBIT AI7 (Inormation Technology Governance Institute, 2007); or a good overview also reer to the CPA Australia publication Delivering inormation and communicationstechnology services to small to medium enterprises (Axelsen, 2008)]

*You have allocated responsibility to someone to keep a list o what sotware is installed on every machine, with what

licence to ensure that the business is complying with the licence agreements and is protecting the businesss assets.

You have allocated responsibility to someone to keep a list o what domain names and web hosting arrangements

you have, with expiry dates. You have a system in place to remind you o when to renew domain names (you

should renew them about three months in advance o the deadline).

You have allocated responsibility to someone or maintaining a list o all service contracts. Only one person ispermitted to call a vendor or service.

Manage

9. Manage your IT is it adequate?

Much as wed like it to be, IT is not set and orget. Keep an eye on IT to be sure that the hardware you have is up to the task,

and that your service providers continue to perorm. Regularly review whether your IT needs are better met by an external IT

service provider or in-house, depending on your business growth.

[See COBIT 4.1 DS1, DS3 and ME1 (Inormation Technology Governance Institute, 2007); or a good overview also reer to the CPA Australia publication Delivering inormationand communications technology services to small to medium enterprises (Axelsen, 2008)]

You regularly review your IT or out-o-warranty equipment and replace such equipment when the technology is

key to the business.

You have an independent mentor to discuss your IT needs with rom time to time.

You regularly (at least every three years) test the market to be sure that your IT service providers are still the best

ft or your business.

When sta expectations o IT service providers are not met, the sta know they have someone to raise the issues with.

10. Meet your legal requirements

There are all sorts o requirements businesses have to meet. Be sure to meet yours or you may have unexpected fnes whentransgressions occur.

[See COBIT 4.1 ME2 and ME3 (Inormation Technology Governance Institute, 2007); also reer to the Privacy Commissioners Privacy Impact Guide (Ofce o the PrivacyCommissioner, 2010)]

*You have reviewed your small businesss privacy obligations at the Ofce o the Australian Inormation

Commissioners website (www.privacy.gov.au and www.oaic.gov.au) and identifed your legal obligations.

* You have policies to ensure that your privacy obligations are met.

*You have reviewed your small businesss record-keeping obligations as set out by the Australian Taxation Ofce

(www.ato.gov.au) and identifed your record-keeping obligations.
http://www.privacy.gov.au/http://www.oaic.gov.au/http://www.oaic.gov.au/http://www.privacy.gov.au/


6/126

Run

11. Downloading and deploying daily data les or anti-virus sotware

Viruses are invented daily so you need to ensure that data fles or your anti-virus sotware are downloaded and installed daily.

Viruses in this context include all orms o malware, viruses, Trojans, spyware etc.

[See COBIT DS4 (Inormation Technology Governance Institute, 2007)]

You have set up the anti-virus sotware to update hourly and to send an email alert to the responsible person or, i

that person is away on leave or or illness, alerts go to someone else.

I your business runs seven days a week then you have someone to receive and respond to alerts on all seven days.

*Your anti-virus sotware addresses viruses, Trojans, spyware, key-logging sotware and warns against suspect

web pages.

12. Disaster recovery (e.g. ater prolonged power ailure, re, food, thet)

Your business may depend on your IT system and so you need to know that the business will survive even i the IT system is

destroyed or damaged.

[See COBIT DS4 (Inormation Technology Governance Institute, 2007)]

You have acted to prevent disasters by installing surge protectors, power conditioning and uninterruptible power

supplies. You have sotware in place to enable a controlled shutdown o servers and you have tested these systems.

*You have a plan in place or how to get your business up and running again. For example, some businesses make

an arrangement with a similar business to act as a warm site so that there is at least one computer in their ofce

that you could use to load your backup and get your business running again.

You have written out the steps to be ollowed ater a disaster. Remember that as owner or manager you may not

be available ater a disaster to perorm work like this, or even direct it.

You have ensured that the relevant employees in the business know where to fnd the disaster recovery

instructions and how to ollow them. That probably means that the procedures are printed out and are preerably

ar away rom the disaster area.

You have practised your disaster recovery steps at least once with the current team o people.

13. Creating and maintaining in-house rules about access, permissions, passwords and other saety, securityand administrative rules

Intruders, old employees and kids hacking or un can access your businesss inormation unless you have rules or who can

access what data.

[See COBIT 4.1 DS5 (Inormation Technology Governance Institute, 2007)]

You have written rules (perhaps only one page) on who is allowed to access what data, how passwords or pass

phrases are to be ormatted, how oten they expire, at what intervals they can be recycled and other security issues.

Your rules mean that no-one ever has to share their password with another user. I users share a computer each

person has an individual profle, user name and password. People in the ofce know that using someone elses

password is like orging their signature.

The businesss rules address saety issues such as ensuring that cables do not run across hallways or walkways,

appropriate numbers o power outlets are available or IT equipment and that sta ollow appropriate practices in

using IT equipment to prevent accidents or injury.

You have developed a communications strategy and have allocated responsibility to someone in the ofce or

ensuring that new employees know about the rules.

You have allocated responsibility to someone in the ofce to keep the rules up-to-date.


7/127

14. Creating, maintaining and deleting users rom the network

New employees need to be added as new users to the network, and just as importantly, old employees need to be removed as

soon as they leave the business.


You have allocated responsibility to one or two people to add new users to the network (this will be the

network administrator.

You have a system in place where a new user can be added to the network so they can be productive rom the

day they start work (without having to use someone elses password to access the network).

You have a process in place to maintain a central registry o passwords to business-critical fles or applications,

or to retrieve passwords rom departing employees. For example, an accounts clerk may have passwords to the

online banking, or employees may have password-protected individual documents that the business will need.

The person who calculates the fnal pay or an employee leaving the business is responsible or inorming the

network administrator that the employee is leaving. The network administrator is responsible or disabling that user

rom the network as soon as they receive notice.

15. Creating and re-setting the network passwords

All new users on the network will need a password that they can change or their own needs. And whether we like it or not users

orget passwords and can be locked out o the network.


The network has a three strikes and youre out policy: i a user gets the password wrong three times in a row, the

user is locked out o the network.

The network administrator can re-set the password o someone who is locked out within a very short time (say, 10

minutes). Someone is allocated as backup or this task to cover meal breaks, leave and other absences.

The network operating system is set up so as to require users to change their network password regularly (say,

every month or every three months).

Password rules (e.g. how long a password must be, and how requently it must be changed) are appropriate to

the circumstances but are not so difcult that users are tempted to write them down.

16. Setting up shared olders, granting / reducing permissions and managing disk quotas

Shared olders allow groups o employees to access the same fles. Disk quotas restrict the amount o data that one employee

can store on a server. There are security and perormance implications or both.


*

The business has appropriate rules in place so that people can see the data they need or their job, but data is

generally secured.

Someone (the network administrator) has been allocated the job o managing shared olders and granting

permission to individuals or groups to see the fles in those shared olders.

Permissions to access shared olders are reviewed regularly (quarterly?) and permissions are deleted when they

are no longer needed (perhaps because someone changed roles within the business).

I appropriate, disk quotas are in place that limits the space that employees fles can take up on servers. The

business server is not the place or employees to store large fles they have downloaded rom the web.

All business data should be stored on the server where it can be secured and backed up.


8/128

17. Training users in how to use new sotware and hardware

The more your users know about the sotware they use every day, the more productive they can be. You dont want ofce sta

wasting time on page numbers every time they have to produce a Word document when a ew hours o training would teachthem how to do it once and or all. Few users manage to teach themselves anything beyond the basics but sending people to

generalist Introduction to X or Intermediate Y courses oten dont help. To be eective you have to specifc.


You have talked with the sta o the business and written down what tasks they need to perorm using their sotware.

You have made plans to get appropriate inormation or training or them to perorm those tasks eectively and efciently.

You have a way o checking back with employees soon ater training about whether they can now perorm the

relevant tasks. I skills learned in training are not used on the job immediately they may be lost and the training will

have been wasted.

18. Acceptable use policy

Computers are powerul tools and increasingly their use or purposes unrelated to your business may aect you. Be clear to all

your sta what they may use your computers or (and what they may not).


*You have an acceptable use policy that has been reviewed by, or provided by, an industrial relations expert that

sets out what users can and cannot do with your IT equipment.

The rules in place identiy what personal use o computers and internet access is reasonable in the circumstances

or this business.

Online Social Media tools such as Facebook and Twitter may be used by employees and inadvertently aect your

business reputation. Your acceptable use policy makes it clear to employees what they can and cannot do whenusing online social media like Facebook and Twitter.

19. Cleaning up machines that have been inected with viruses, Trojans, worms or other malware

In spite o your best eorts some machines will get inected with viruses or other malware (laptops are more vulnerable than

desktop machines). You need them cleaned up properly, and in the case o severe inection, this is a job or an expert.


You have decided how you will isolate inected machines rom the network and employees know when to tackle

the clean-up job themselves and when to call in an expert.

*I you dont have an IT proessional on sta you have established a working relationship with an IT proessional

who can be available to clean machines at relatively short notice.

20. Answering basic questions rom users about how to use the sotware and hardware and troubleshootingminor problems

Your investment in desktops, laptops and sotware licences is signifcant. It is no use investing in these unless your people can make use

o the hardware and the sotware. And, while support and advice rom colleagues is a good way to learn, you dont want the entire ofce

to stop work while everyone crowds round one persons desk as they try to create a table o contents in Word.

[See COBIT 4.1 DS8 and DS10 (Inormation Technology Governance Institute, 2007)]

You have allocated responsibility to one person (with a backup i necessary) to replenish stocks o paper, toner

etc. or printers and ax machines.

You have devised a process or users to get help in using sotware and hardware and troubleshooting minor

problems (such as a printer not working). For example, the process might be that an employee frst asks your

in-house power user or advice and, i that person cant help, the employee seeks ree help (rom online

newsgroups) or paid help (e.g. rom an external advisor or trainer).

Everyone in the business knows the process and you encourage them to use that process by ollowing it yoursel.

New employees are told about the system and encouraged to use it.


9/129

21. Maintaining physical security over IT equipment, backup tapes or disks etc.

I someone steals your computers or your backup tapes you lose not only the equipment but all the data on it. Physical threat is

as likely to come rom careless or malicious sta as well as outsiders. Make sure you have your hardware and backup tapes ordisks secured.


You have a secure, locked, air conditioned or well ventilated space or servers and other equipment that does not

have to be out in the open. As ew people as possible have access to this space.

Someone in the ofce has been allocated responsibility or locking up the area where servers and backup tapes

are stored. A backup person is organised to cover times when the primary person is unavailable because o

holidays, illness etc.

* Backup tapes and disks are routinely stored o-site in a secure location.

Where equipment is out in the open, or is let unattended or periods o time, desktop machines are locked to thedesk or to a portion o the building structure.

The business has a policy on security o laptops and mobile devices when out o the ofce (or example,

employees may not leave laptops in a car).

22. Making, testing and restoring backups (rom whole servers to single les)

What is your data worth? I you lost everything how long would it take the business to be up and running again? What would it

cost, in time or money, i your business lost the last months data? A backup is only as good as what you can restore.


*

You have a documented backup process and you have allocated responsibility to someone or backing up data

rom servers every day. This includes reviewing the backup log or any issues relating to the success or ailure o

the backup, and responding to those issues. Someone is available, and is trained, to cover or your main person ithey are away or a day.

*You have a documented restore process and you regularly (monthly? quarterly?) test that you can restore data

rom your backups.

At least some backup media are stored o-site. For example, i you back up every day you might store every

second days data o-site. It may be appropriate to keep regular permanent backups o-site, such as a backup o

fnancial data ater each end-o-month procedure is completed.

You have a policy that requires users to store data that is crucial to the business on the server. I a user stores a

fle on a desktop computer, that fle will not be backed up during the normal backup process.

23. Database administration (e.g. SQL server)

Very small, or micro, businesses may not run a signifcant database but most line o business applications and medium-to-large

accounting systems rely on an underlying database. Database administration is a specialist skill and ew small businesses would

have an in-house expert.


You have consulted with an expert administrator o your database (e.g. Microsot SQL Server, MySQL etc.) to

write out the routine steps to ollow or good administration o the database including securing the database and

backing it up.

You have appointed someone as responsible or undertaking those routine steps.

You know what you can do in-house and when to call in an expert and have communicated this to sta.

You have established a working relationship with an external specialist who is amiliar with your business and your

database set up. You have arranged or that specialist to run brie regular (quarterly? six monthly?) checkups and

be available to fx urgent database problems.


10/1210

24. Setting up and maintaining the connection to the internet and liaising with the ISP when there areconnection problems

For most businesses, the connection to the Internet is vital. The market remains volatile and ISPs are routinely dropping prices,increasing service speeds and broadening service oerings. You may not want to change ISP every six months but you should

stay aware o changes in this market.


In choosing an ISP you explore a wide range o possible vendors to get the services you need and the best

value or money.

Someone has been allocated responsibility o managing the technical aspects o connecting to the Internet. This

might be the network administrator. This person deals with the ISP about problems with the connection.

Someone has been allocated responsibility or regularly checking competitive pricing and service oerings rom ISPs.

25. Troubleshooting network problems involving the WAN or LAN (including routers, rewalls, bridges,switches, cabling, wireless access points and devices etc.) and setting up and maintaining systems orremote users to log in to the network rom home or while travelling

Perhaps the most rustrating IT problem is when the network goes down. It can be difcult to pin point the source o the problem

and unless you have a networking expert in-house you may need external help.


You have consulted with an expert in security related to your operating system and are confdent that your

network is secure. This is especially important i you have a wireless network.

The network administrator has written down all the user names, passwords and settings or all network-related

equipment. That inormation is kept securely but is available to those who may need it to repair network problems.

You have arranged that at least one person is available at all times with basic knowledge o how the network

operates. You have arranged or a network expert to write down basic trouble-shooting steps or your in-house

person to ollow in the case o problems.

*You have established a working relationship with an external specialist who is amiliar with your business and how

your network set up and can be available at short notice to fx urgent network problems.

26. Server management (e.g. mail server, web server)

Even micro businesses may run a server to manage mail but many small businesses will run print servers, mail servers and maybe

web servers or intranet or internet sites. Server administration is a specialist skill and ew small businesses would have an in-

house expert.


You have consulted with an expert administrator o your servers to write out the routine steps to ollow or good

administration o the database.

You have appointed someone as responsible or undertaking those routine steps.

You know what you can do in-house and when to call in an expert and have communicated this to sta.

*You have established a working relationship with an external specialist who is amiliar with your business and your

server set up and can be available at short notice to fx urgent server problems.


11/1211

Further reading

Axelsen, M. (2008). Delivering information and communications technology services to small to medium enterprises.

Download rom http://www.cpaaustralia.com.au/cps/rde/xbcr/cpa-site/delivering-ICT-services-SME.pd

Gillies, C. (2008). Business Management of Information Technology.

Download rom http://www.cpaaustralia.com.au/cps/rde/xbcr/cpa-site/business-management-o-IT.pd

Gillies, C., & Broadbent, M. (2005). IT Governance: A Practical Guide for Company Directors and Business Executives.

Download rom http://www.cpaaustralia.com.au/cps/rde/xbcr/cpa-site/ITgovernance-guide-or-company-directors.pd

Inormation Technology Governance Institute. (2007). COBIT 4.1. Rolling Meadows, Illinois: IT Governance Institute.

Lee, L., & Gongming, Q. (2007). Partnership or sel-reliance: prescriptions or small and medium-sized enterprises.

The Journal of Business Strategy, 28(6), 29.

Ofce o the Privacy Commissioner. (2010). Privacy Impact Assessment Guide.

Download rom http://www.privacy.gov.au/materials/types/download/8774/6582

Project Management Institute, r. e. (2008).A Guide to the Project Management Body of Knowledge (3rd ed.).

London: Project Management Institute.

Standards Australia. (2009).AS/NZS ISO 31000:2009 Risk Management - Principles and guidelines: SAI Global.


12/12

Copyright CPA Australia Ltd (CPA Australia) (ABN 64 008 392 452), 2009. All rights reserved. All trade marks and trade names are proprietary to CPA Australia and must notbe downloaded, reproduced or otherwise used without the express consent o CPA Australia.

You may access and display these materials on your computer, monitor or other video display device and make one printed copy o any whole page or pages or your personal useonly. Other than or the purposes o and subject to the conditions prescribed under the Copyright Act 1968 (Cth) (or any other applicable legislation throughout the world), or asotherwise provided or herein, you may not use these materials in any manner without the prior written permission o the copyright owner.

CPA Australia and the author have used reasonable care and skill in compiling the content o these materials. However, CPA Australia makes no warranty as to the accuracy orcompleteness o any inormation contained therein nor does CPA Australia accept responsibility or any acts or omissions in reliance upon these materials. These materials areintended to be a guide only and no part is intended to be advice, whether legal or proessional. All persons are advised to seek proessional advice to keep abreast o any legal orother reorms and developments.

To the extent permitted by applicable law, CPA Australia, its employees, agents and consultants exclude all liability or any loss or damage claims and expenses including butnot limited to legal costs, indirect special or consequential loss or damage (including but not limited to, negligence) arising out o the inormation in the materials. Where any lawprohibits the exclusion o such liability, CPA Australia limits its liability to the resupply o the inormation.

CPA Australia has a range o services tailored to support public practitioners.

For urther inormation please visit cpaaustralia.com.au/practicemanagement or contact your local ofce on 1300 737 373.
http://www.cpaaustralia.com.au/practicemanagementhttp://www.cpaaustralia.com.au/practicemanagementhttp://www.cpaaustralia.com.au/

IT Checklist Small Business 2011

Documents

Transcript of IT Checklist Small Business 2011