92/100
IT Health Score
β² +4 vs last period96.2%
SLA Attainment
β² +1.8 pts4.6/5
CSAT (30-day)
β² +0.214
Critical Vulnerabilities
βΌ -9 this month98.6%
EDR Coverage
β stable$128k
Monthly Cloud Spend
βΌ -6.4% (optimized)Risk & Service Trend open critical+high vulns vs SLA attainment
IT Health Composition
92
Composite
Composite
Security posture Β· 90
Infrastructure Β· 94
Service delivery Β· 93
Asset hygiene Β· 89
Weighted composite of 22 signals
AI Executive Assessmentgenerated from live telemetry
Attention Required auto-prioritized
| Item | Domain | Owner | Age | Priority |
|---|---|---|---|---|
| CVE-2026-30187 β Ivanti EPMM RCE on 3 mobile-mgmt servers | Vulnerability | Infra | 2d | Critical |
| Ransomware behavior blocked β LAPTOP-4821, contained by EDR | EDR | Security | 6h | Critical |
| SLA breach risk β 7 P2 tickets >80% of resolution window | ITSM | Service Desk | 1d | High |
| Orphaned Azure resources β 41 unattached disks ($3.1k/mo) | Cloud | Infra | 5d | Medium |
| SAN latency degradation β AUS storage array, NOC ackβd (PagerDuty) | Monitoring | NOC | 18m | High |
| 388 endpoints exit hardware warranty within 90 days | Assets | IT Ops | β | Medium |
Ask the Command Centernatural-language queries across every connected system
7,902
Agents Deployed
98.6% of fleet3
Active Threats (contained)
βΌ from 111,284
Threats Blocked Β· 30d
auto-remediated 94%112
Agents Outdated
rollout in progressDetections by Day malware Β· PUA Β· behavioral Β· ransomware
Agent Coverage by Platform
Recent High-Severity Detections
| Endpoint | Detection | Classification | Action | Status |
|---|---|---|---|---|
| LAPTOP-4821 | Behavioral: mass file encryption attempt | Ransomware | Kill + quarantine + isolate | Contained |
| WKS-AUS-0233 | Cobalt Strike beacon signature | C2 | Kill + network isolate | Contained |
| MAC-VAN-1107 | Unsigned kernel extension load | Suspicious | Blocked | Resolved |
| SRV-DC-04 | Credential dumping attempt (LSASS) | CredTheft | Kill + alert SOC | Investigating |
14
Critical Open
βΌ -9 MoM97
High Open
βΌ -31 MoM11.4d
Mean Time to Remediate (crit)
βΌ 3.2 days faster-27%
Backlog vs Q1
automation-drivenBacklog Burn-Down open vulns by severity Β· 6 months
Open by Severity
Top Open Vulnerabilities click a row β AI assessment
| CVE | Affected | CVSS | Exposure | Severity |
|---|---|---|---|---|
| CVE-2026-30187 | Ivanti EPMM Β· 3 servers | 9.8 | Critical | |
| CVE-2026-21412 | Windows SmartScreen Β· 214 endpoints | 8.1 | High | |
| CVE-2025-52799 | Chrome (V8) Β· 1,893 endpoints | 8.8 | High | |
| CVE-2026-0281 | OpenSSL 3.2 Β· 47 servers | 7.4 | Medium | |
| CVE-2025-48991 | Adobe Acrobat Β· 622 endpoints | 7.8 | Medium |
AI Vulnerability Assessmentcontextual risk Β· blast radius Β· action
AZ
Microsoft Azure
1,842 resources Β· 3 subscriptions Β· 2 regions
$74.2kmonthly spend
AWS
Amazon Web Services
1,204 resources Β· 4 accounts Β· 3 regions
$53.8kmonthly spend
Spend Trend & Optimization 6 months Β· combined
Cloud Hygiene Flags
| Finding | Count | Est. Waste | Priority |
|---|---|---|---|
| Unattached managed disks (Azure) | 41 | $3.1k/mo | Medium |
| Idle EC2 instances <3% CPU 30d | 17 | $4.8k/mo | Medium |
| Public S3 buckets (non-static-site) | 2 | β | Critical |
| Untagged resources (no owner/cost-center) | 203 | β | Low |
| Snapshots >180 days | 96 | $1.2k/mo | Low |
8,014
Total Managed Assets
endpoints + servers + mobile96.8%
Inventory Accuracy (CMDB)
β² reconciliation automated388
Warranty Expiring β€90d
refresh plan drafted214
OS End-of-Support
βΌ migration wave 3 of 4Fleet Composition by type & OS
Hardware Age Distribution
Lifecycle Watchlist
| Segment | Count | State | Plan |
|---|---|---|---|
| MacBook Pro 2021 fleet | 1,240 | Entering year 5 FY27 | Phased refresh Β· budget submitted |
| Windows 10 holdouts | 214 | EOL | Win11 wave 3 in progress |
| Conference room systems | 86 | Mixed vendors | Standardization RFP |
| Lab / build servers | 312 | On-prem | Cloud-migration assessment |
1,214
Hosts Monitored Β· 18.4k checks
Checkmk distributed99.96%
Infra Availability (30d)
β² target 99.9%6
Active Alerts Β· 2 critical
both acknowledged4m 12s
MTTA Β· PagerDuty
βΌ 38s faster38m
MTTR Β· P1/P2 (30d)
βΌ from 51mIncident Flow β PagerDuty weekly Β· triggered vs resolved Β· by urgency
Host States β Checkmk
Current Service Problems Checkmk Β· live board
| Host | Service | State | Duration | Handled |
|---|---|---|---|---|
| SAN-AUS-01 | Datastore latency > 25ms | CRIT | 18m | Ack β NOC investigating |
| FW-VAN-02 | HA sync degraded | CRIT | 42m | Ack β vendor case open |
| SRV-BLD-07 | CPU load 15-min > 90% | WARN | 2h 10m | Build queue β expected |
| UPS-LV-01 | Battery runtime < 12 min | WARN | 6h | Replacement scheduled |
| ESX-AUS-11 | Host unreachable (ping) | UNREACH | 9m | Ack β remote hands dispatched |
NOC On-Call β PagerDuty follow-the-sun rotation
| Tier | On call now | Region | Until |
|---|---|---|---|
| Primary | NOC β R. Alvarez | AUS | 08:00 CT |
| Secondary | NOC β D. Cho | VAN | 08:00 CT |
| Escalation | Infra Lead β M. Okafor | AUS | Mon |
| Executive | Director, IT β T. Abbassi | β | standing |
Escalation policy: 5m β secondary Β· 15m β lead
Incidents this month: 31 Β· 0 SLA breaches
241
Open Tickets
βΌ -12% WoW96.2%
SLA Attainment (30d)
β² +1.8 pts3.4h
Median First Response
target 4h4.6/5
CSAT Β· 1,182 surveys
β² +0.231%
Auto-Resolved / Deflected
β² AI + self-serviceTicket Volume & Deflection weekly Β· created vs auto-resolved
Open Ticket Aging
SLA Watch β At-Risk Tickets >80% of resolution window consumed
| Ticket | Summary | Priority | Open | SLA Used |
|---|---|---|---|---|
| INC0048112 | VPN auth failures β Vancouver office | P2 | 1d 21h | |
| INC0048096 | Shared drive permissions β Finance | P2 | 1d 14h | |
| REQ0031877 | Contractor onboarding β badge + accounts | P3 | 3d 2h | |
| INC0048071 | Conference AV failure β HQ boardroom | P3 | 2d 6h |
CSAT Trend & Drivers
Top praise: speed of resolution
Top friction: hardware turnaround
Phased Plan
Days
1β30
1β30
Listen & assess
Understand the environment before changing it. Earn the team's trust first.
- βΈ1:1s with every member of the IT team β what works, what's broken, what they'd fix first.
- βΈMeet the business stakeholders β Security, People, Finance, Legal, Engineering β and ask how IT is failing them.
- βΈBaseline the numbers: ticket volume, SLA attainment, CSAT, open vulnerabilities, asset accuracy, spend.
- βΈInventory the stack and the contracts β what we own, what we pay for, what overlaps.
- βΈDeliver a written current-state assessment to the President with a recommended 90-day plan.
Days
31β60
31β60
Stabilize & make it visible
Fix what's on fire, then put IT on a measured footing so leadership can see it.
- βΈClose the critical security gaps found in week one β patch, MFA coverage, offboarding hygiene.
- βΈStand up SLAs and a reporting cadence β this dashboard, reviewed monthly with leadership.
- βΈFix the top 3 employee pain points identified in the listening tour (usually onboarding, hardware, access).
- βΈEstablish change management β a lightweight CAB so we stop breaking things accidentally.
- βΈStart the SaaS/vendor rationalization pass β find the overlap and the shelfware.
Days
61β90
61β90
Build & automate
Scale the function through systems, not headcount. Make IT quiet.
- βΈShip automated onboarding/offboarding β HRIS β identity β access β device, hands-off.
- βΈLaunch AI-assisted support β deflect the repetitive tickets so the team works on higher-value problems.
- βΈPublish the 12-month roadmap and budget β with the government-contract security requirements sequenced in.
- βΈDefine the team's growth plan β who's ready for more, where we need to hire.
- βΈReport against the day-1 baseline. Show the delta.
Success Metrics baseline β 90-day target
SLA attainmentbaselineβ95%+
CSATbaselineβ4.5+
Critical vulnerabilitiesbaselineβzero >30d
Onboarding time-to-productivemanualβday one
Ticket deflectionββmeasured & rising
Tool spendbaselineβrationalized
Operating Principles
Make technology quiet. When IT is done right, nobody thinks about it β people open their laptop and do their best work.
Automate before you hire. Headcount should go to hard problems, not repetitive ones.
Measure everything, report honestly. Leadership can't support what it can't see β including the bad news.
IT is a partner, not a gate. Security and speed aren't opposites if the controls are designed well.
Build the team, not just the systems. The function outlives any one project.