Blog Series – June 2019
Mid‑Year Reality Check: From Reactive IT to Managed Services for NZ SMEs

We’re halfway through 2019. If you’re an SME leader in New Zealand, you’ve likely already felt the pain of unpredictable IT costs, firefighting support requests, and projects slipping because “the tech isn’t ready yet.” Mid‑year is the perfect moment to step back and ask: are we still reacting to problems, or have we built a predictable, proactive IT operating model?

For many SMEs, the answer is uncomfortable. Budgets are tracking over, cyber risks aren’t clearly owned, and the same users are logging the same tickets month after month. This post lays out a practical way to pivot—quickly—from ad‑hoc, reactive support to a managed services model that gives you cost certainty, measurable outcomes, and executive‑level visibility.

Why the reactive model breaks down

Reactive support (a.k.a. break–fix) feels cheap—until it isn’t. Typical red flags we see by June each year include:

• Unplanned spend: Emergencies blow out budgets and distract leadership from strategic work.
• Recurring incidents: The same root causes keep resurfacing because there’s no structured problem management.
• Invisible risk: No one can tell you, in one page, the current state of patching, backups, MFA coverage, or endpoint compliance.
• No roadmap: Projects start in isolation, without a governance framework or rolling 12–24 month plan.

What “managed” really means (beyond a helpdesk)

Managed services isn’t just outsourced support. Done well, it’s a contract for outcomes. That means:

• SLAs & KPIs that matter: Response, resolution, first‑contact resolution, and CSAT are tracked and reported.
• Quarterly business reviews (QBRs): A formal cadence where the partner brings insights, trend data, and a prioritised action plan.
• Security embedded: Patch management, MFA coverage, backup testing, and incident response plans are part of BAU—not “extra.”
• Roadmap & budget alignment: A rolling plan that maps costs, risks, and investments to business goals.

Mid‑year pivot: a 6‑step playbook

1. Baseline where you are: Capture your current estate—endpoints, servers, cloud services, licenses, critical vendors, and support volumes.
2. Quantify the pain: How much did you really spend in H1 on break–fix? How many hours of downtime? What’s your backlog?
3. Define “managed outcomes” you care about: e.g., < 4h resolution for P2s, 100% critical patch compliance, > 90% CSAT, quarterly roadmap.
4. Right‑size the model: Not every SME needs 24/7. Choose tiers (core hours, extended, full) that match risk and budget.
5. Contract for visibility: Insist on monthly dashboards, QBRs, and executive‑level summaries you can share internally.
6. Start with a 90‑day transition plan: Stabilise first (backups, patching, identity), then optimise (automation, policies), then transform (roadmap execution).

Budgeting: turning volatility into a fixed line

One of the biggest benefits NZ SMEs report after shifting to managed services is budget predictability. Instead of lumpy, unplanned costs, you agree on a fixed (or fixed‑plus) monthly fee tied to well‑defined services and SLAs. Major projects are ring‑fenced and scheduled—no more surprise invoices because a server finally died.

Security maturity moves from implicit to explicit

In a reactive world, everyone “assumes” backups work, MFA is on, and patches are applied. In a managed model, you get dashboards, compliance reports, and automated alerts. That matters when you’re talking to your board, your insurer, or a key client doing due diligence.

How to judge if a provider is actually “managed” (and not just rebranded support)

• They bring a defined onboarding and stabilisation plan (30/60/90 days).
• They provide quarterly, executive‑ready reports that map IT to business risk and priorities.
• They talk about roadmaps, governance, KPIs, and service improvement plans—not just tickets.
• They include security baselines (MFA, patching, backups, logging) in the core scope.

What to do this week

• Export the last six months of tickets and classify the top five recurring issues.
• Ask for a one‑page heatmap of your core risks: identity, endpoints, data, network, backups.
• Write the 3–5 outcomes you want IT to deliver by December 2019. Use those to brief or re‑brief your partner.
• Book a QBR (or your first one ever) and make it a standing meeting with an agenda you control.

Eduardo Wnorowski is a Technologist and Director at Virtus Group Ltd.
With over 24 years of experience in IT and consulting, he helps New Zealand SMEs move from ad‑hoc support to structured, outcomes‑driven technology operations.
🔗 Connect on LinkedIn