Designing a Sustainable IT Infrastructure

Over the past few years, the construction industry has seen an increase in technology adoption. However, with so many options available — from the cloud to digital twin (a virtual representation of the physical project), BIM, drones, and wearables — it can be easy to get hung up on the latest technology trends without stopping to consider where each fits in a company’s broader IT strategy.

In fact, more than one-third of contractors surveyed in AGC & Sage’s 2022 Construction Hiring and Business Outlook either don’t have a formal IT plan in place or don’t know if they do.1  

Every construction business must have a solid IT infrastructure to fully realize the benefits of their technology solutions and maximize the return on their technology investment.

This article examines what an IT infrastructure is and why it’s important, how businesses can benefit from an IT audit, the importance of developing an effective IT strategy, and the need for building an IT infrastructure that is both scalable and sustainable.

What Makes Up a Strong IT Infrastructure?

A strong IT infrastructure is critical in today’s business environment, as it sets a solid foundation for a construction business to operate in a hyperconnected, technology-dependent environment. Without the right infrastructure in place, a company could be missing out on opportunities to streamline processes and improve productivity.

An IT infrastructure is the hardware, software, network resources, and services required for the operation and management of an enterprise IT environment.2 In short, the infrastructure is everything needed to deploy your company’s technology. In order to build a strong IT infrastructure, it’s important to first understand all of the aspects.

Hardware includes all of the physical elements that make up a computer or electronic system, including the monitor, hard drive, memory, and central processing unit.3

Software is the functional aspects of a computer that do not refer to its hardware — scripts, applications, programs, operating systems, and anything else that “runs” on a computer, phone, tablet, or other smart device.4

Network resources are essential to establish internal and external communication of all elements and devices. The network includes all of the hardware and software elements previously mentioned as well as other resources necessary to ensure business-critical needs such as network enablement, internet connectivity, firewall protection, and security measures are met. It also helps establish controls so that data is stored and accessed safely to reduce the risk of theft or damage.5

Services include such personnel as developers, designers, network administrators, and users, as well as the processes that help the IT infrastructure function.

Traditionally, most IT infrastructure was owned and managed by a business on its premises; however, many aspects can now be managed through third-party vendors. The growing popularity of cloud-based technology enables companies to rent software and services that are remotely hosted and managed in cloud servers that employ their own IT infrastructures.6 For example, software as a service (SaaS) is licensed on a subscription basis, and all hosting, updates, and security are centrally managed by the technology provider.

Conducting an IT Audit

An IT audit can help determine if the company has a solid IT infrastructure. It involves examining the organization’s IT infrastructure, applications, data use, and security policies and protocols and evaluates the safety as well as effectiveness in furthering the company’s goals. The process is beneficial in assessing current IT strengths as well as areas that need improvement.

Selecting an Auditor

While the processes and outcomes of an IT audit are different from that of a financial audit, a good IT audit should be treated as seriously as a financial audit and include the same general steps:

  • Planning — The planning phase will determine who will conduct the audit, when it will take place, the scope of the audit, and what you hope to gain from it
  • Fieldwork — The auditor will conduct the audit to assess the IT infrastructure and all other items outlined in the planning phase
  • Report — The auditor will summarize all notes and findings into an actionable report with recommendations and next steps
  • Follow-up — It’s important to follow up regularly with teams to ensure that recommendations were implemented successfully and that things are running smoothly

An IT audit should be conducted by an experienced third-party company that has industry knowledge. The Information Systems Audit and Control Association (ISACA) is the standard body for IT auditors, so looking for auditors who are ISACA certified is a good place to start.

Some questions to consider when selecting an auditor include:

  • What experience and qualifications do they have?
  • What is the auditor’s background?
  • Have they worked with construction businesses?
  • Do they understand the company’s needs?
  • What are their quality assurance processes?
  • What is the auditor’s reputation from reliable references?
  • What are their fees?
  • What deliverables are included?
  • Do they provide ongoing support?

The auditor should be a trusted advisor to ensure that recommendations are a good fit and will be accepted and implemented by the company’s leaders.

What to Expect

When conducting an IT audit, consider the current and future technology needs. The audit should assess where a business stands today and where it wants to be in the future, as well as provide a road map for how to get there. The audit should also provide insight into areas such as how a business compares to industry best practices and how a company’s technology is helping (or hindering) the achievement of its goals. This will result in a list of actionable items and recommendations that will help a business get closer to where it wants to be with its IT infrastructure.

A detailed IT audit report should include:

  • A plan for improving certain areas that need work
  • Process and policy recommendations
  • Identification of key data points within IT processes
  • Suggestions for new IT infrastructure components (including hardware, software, resources, and services)
  • An implementation timeline
  • Budget considerations

Getting buy-in from key stakeholders, including organizational management, financial leaders, IT staff, and other decision-makers before selecting an auditor and beginning the process is critical; it gives them a chance to provide input and help ensure everyone’s needs are addressed. It also increases the chances that they will support making the suggested changes when the time comes.

If you are a CFMA member login to continue reading this article. If you aren't a member yet and would like unlimited access to all of the content on cfma.org, plus a variety of other benefits, join CFMA today!