Te Kete Ipurangi Navigation:

Te Kete Ipurangi

Te Kete Ipurangi user options:

Reviewing your school's technical infrastructure

This information is intended for school leaders: BOT, Principals, teacher-leaders, and ICT support people who are tasked with reviewing a school or kura’s ICT infrastructure.

It will provide you with strategies for reviewing the ICT infrastructure of your school, as well as guidance about post-review decision making.

ICT technical infrastructure is the term given to your digital systems as a whole including the hardware, software and configuration of servers, cables, wires, desktops, laptops, and so on, as well as the systems and processes followed by the people who manage them.

Reviewing your ICT infrastructure as part a structured and deliberate ICT plan is necessary because:

  • ICT impacts directly on teaching and learning
  • ICT is a rapidly evolving area
  • ICT directly affects your school’s administration
  • ICT is a significant financial cost to your school
  • Changing your ICT infrastructure is likely to be something that requires significant planning and outside expertise to accomplish
  • ICT may involve staffing or contract considerations

What is the purpose of your review?

Reviewing your school’s technical infrastructure should allow you to determine whether, in the context of your school’s vision, your current infrastructure meet the needs of your learners now and in the foreseeable future.

The review should also be able to determine if your technical infrastructure is:

  • fit for purpose
  • robust
  • reliable
  • secure
  • good value for money
  • compliant with accepted standards and practices.

To benefit most from a review of your technical infrastructure, it should be undertaken as part of a considered strategy for using digital technologies to improve learning. The Strategic Thinking Roadmap  and the e-Learning Planning Framework  are useful resources that will help you to review and plan for how digital technologies are used in your school.

How is a review different to an audit?

A review aims to provide you with the information required to determine whether a piece of equipment or system is fit for purpose now and in the future. An audit typically uses checklists and similar processes to carry out a detailed and thorough inspection, create an inventory, or undertake an evaluation of something specific. Audits tell us how a piece of equipment or system is performing against a given set of criteria.

For example, taking your car for its WoF is performing an audit to determine its road worthiness, whereas a review would uncover if your car is still suitable for your needs.

Your review provides you with the information necessary to make well-informed strategic decisions and may include recommendations that are informed by both pedagogy and technology. You might commission a more detailed audit as part of, or as a result of an overall review.

Types of review

A deliberate strategy for reviewing your technical infrastructure should be in place. We recommend reviewing your technical infrastructure:

  • annually – to fit with your budgeting cycle
  • every three years – as part of a broader strategic planning cycle
  • after a significant ICT-related event – which leads you to question the suitability of your ICT systems (for example, when new technology becomes readily available or following a cyber-security incident).

Annual review

The annual review is best conducted at a time that fits in with your budgeting cycle. Term two is likely to be suitable as it will allow you ample time for any items requiring capital expenditure to be costed fully and considered as part of your school’s planning for the next financial year.

The annual review should include:

  • systems and services delivery — what aspects of delivering technical services and systems went well and what could be improved or added?
  • the ability of current systems to meet the anticipated needs of the next year (for example, due to teaching and learning needs, building projects, items becoming end-of-life or increased demands on the wireless infrastructure due to more devices in use)
  • a quick "health-check" with regards to security, backups, and general system robustness
  • technical support — is it meeting the needs of your school?
  • financial summary and budget for the next year, plus draft budgets for years two and three.

Three-yearly review

The three-yearly review should, in addition to the items in the annual review, consider if the general alignment of ICT infrastructure will meet the future needs of your school. Items that your three-yearly review could consider include:

Cohesive Digital Services
  • Do your digital services (Google’s G Suite for Education, Microsoft Office 365, your Student Management System, financial, library and other packages/services, phone, backup, security camera systems, website, and so on) meet your needs? Are alternatives available that have additional features, are more cost effective, or are cloud-based?
  • Does your technical support meet your anticipated future needs?
  • How will projected roll changes impact on your technical support needs?
  • How will anticipated changes in curriculum provision impact on your technical support needs?
Robust digital infrastructure
  • Are any of your existing servers due for replacement over the next few years? If so, will they be replaced with new servers, moved to a data centre or replaced by functions available in Google's G Suite for Education, Microsoft Office 365, or other services?
  • How will projected roll changes impact on your technical infrastructure?
  • How will anticipated changes in curriculum provision impact on your technical infrastructure?

Significant ICT-related event review

A significant event review tends to be of a narrower scope than a three-yearly review and may focus on a particular event or trigger such as:

  • changes in key personnel or technical support
  • significant technological improvements or opportunities
  • "end-of-life" scenarios
  • security breaches
  • ICT "disaster" events such as a fire, flood, hardware, or software failure.

A significant event review should enable you to answer the following questions:

  • What has happened?
  • What opportunities are being presented to you and what do you need to do to take advantage of them?
  • Do you need any outside help with understanding the issues?
  • What do you need to do to mitigate any future risk?
  • How does the significant event change previous ICT planning?

How to carry out a review

There are several ways to carry out a review of your ICT infrastructure. You will need to consider who does the review and how it is done.

A team approach

Just like any strategic planning process, a team approach is recommended as you identify your needs, create a plan, oversee the review and consider the implications. Having senior leadership involvement throughout the review process will help to ensure that it is part of the school’s overall strategic planning.

Ensure learning and teaching is a priority

Keep the ability of ICT systems to support teaching and learning in the foreground of the review at all times. This can be done by ensuring the review’s focus questions have a clear link back to learning and teaching and your school-wide strategic plan.

Who does the review

Your review can be done by one or more of:

  • a knowledgeable person or group at your school
  • a peer or group from another school
  • your technical support provider
  • an outside contractor.

Whoever does your review, it is best to declare conflicts of interest, particularly where the reviewer may have been involved in previous ICT decisions or could benefit from purchasing decisions that you may make as a result of your review. Consider a peer review conducted with a knowledgeable person from another school or organisation. Peer reviews help build the capacity for good decision making within your school’s community.

No matter who does the review, the cost, if any, should be agreed beforehand.

How to carry out your review

Prior to the review being carried out you will need to agree with stakeholders on a set of questions to be answered and what format the review will be in. The questions will be decided by the type of the review: annual, three-yearly, or significant event. These questions should be made explicit so that they can be referred back to.

It is likely that the review team will need to gather data from several sources. These may include:

  • accessing ICT equipment and observing software/systems in use
  • reading documentation (strategic plans and technical support documentation)
  • interviewing and/or surveying key stakeholders:
    • technical support providers
    • school leaders
    • teachers
    • students
    • parents/caregivers.

Review questions should link teaching and learning to technological systems, for example:

  1. Are teachers and students able to access technology when and where they need it?
  2. Are users confident that systems will be reliable enough to use regularly?
  3. Does the technology support your school’s vision for pedagogy?
The review report

The review report should be written up and be as succinct as possible. The focus of the report should be the review questions, what evidence has been considered, and what the next steps should be. Alternative solutions should be considered and recommendations justified. The report should be written in a way that a layperson can understand it.

Your review report will follow on from the technical audit and should include:

  • comments, judgements, recommendations, and pertinent observations such as the risks associated with the current infrastructure and the implications for the future. For example, will the current infrastructure be most effective in enabling your school’s future direction?
  • suggested actions to take along with priorities. For example, you could rate each recommendation:
    • Immediate – Some urgent action is needed in this area.
    • Pressing – Improvements should be made in this area in the near future.
    • Long-term – Start planning ahead to address this area in the long terms.

Post-review decision making

Each recommendation of the report will need to be considered in terms of impact upon teaching and learning. To do this, it is important that stakeholders are confident that they understand the report. 

Finally, the report should be used to inform your school’s strategic planning and budgeting. This will require a set of actions to be managed in terms of people, costs, and time.

The nature of technology means that some of the report’s recommendations may appear to need immediate attention (for example, the report may have identified security concerns or highlighted that backups are not taking place) while other recommendations may indicate longer term projects, for example, the need to consider changing your Student Management System.

Even though recommendations may be flagged as immediate, resist the temptation to "rubber stamp" them. All decisions and actions that are made as a result of the report should be considered thoroughly and prioritised based upon:

  • impact on teaching, learning, and administration
  • a robust understanding of the problem or concern
  • the alternative possible solutions
  • the limitations of the solutions
  • good financial planning
  • input from stakeholders
  • alignment with your whole-school strategic planning
  • a critical friend’s consideration of the report will be useful in helping you make good decisions. 

Example technical audit template

The items on the following template are indicative of the areas that a technical audit will typically need to cover. Your particular circumstances (for example, purposes, priorities, and environment) will influence the details. So, while it is likely that each main area will need to be considered, the details and questions that you might need to answer will be specific to your situation and the template should be tailored accordingly.

It is not intended as an exhaustive list of questions.

Your technical audit should address:

  • What is the current situation? Look for hard facts and evidence rather than assumptions and opinions, for example, “we measured it took 10 minutes to log in to a laptop”.
  • Does it currently perform as well as it could? This might be in terms of functionality, speed, ease of use, access, security, efficiency, and so on, “10 minutes to log in to a laptop is unacceptable”.

The technical audit will include the collection and presentation of facts, figures, and findings pertinent to each area such as:

  • inventories – makes, models, ages, specifications, warranty status
  • test results – time taken to perform a task, security assessment
  • video – demonstrating log-in performance
  • logs – error logs
  • diagrams – network diagram, performance charts
  • survey results – staff and student surveys
  • photos – hardware, screenshots.
Download icon
Area Detail Example starting questions
Technical leadership Strategy and decision making

Is there a clear vision for learning?

How effectively do decisions made about digital technologies help achieve the vision for learning?

How is planning for digital technologies carried out?

How do decisions about technical procurement, configurations, maintenance, and so on, get made?

Is this effective for all students, teachers, support staff, and whānau?

  Shared responsibilities

Is there a culture of shared responsibility for decision-making, configuration, maintenance, and use of digital technologies?

How do staff, students, and whānau have agency and voice when it comes to selecting or maintaining technologies?

Technical support and management Support personnel

What level of satisfaction does your technical support provide?

How do you regularly review the satisfaction levels of your technical support?

Who provides technical support? School employees, contractors, students?

How many hours per week for each type of support?

Is good value for money achieved with technical support for:

  • scheduled support
  • ad-hoc support
  • project-based support.

Is the right level of work being done by people with the right level of expertise at the right price?

How effective is the communication between technical support personnel and the people they support?

  Support providers

What external support provider companies does the school use?

Are these providers suitably:

  • qualified
  • available and responsive
  • effective?

Does the advice provided tend to be in the school’s best interest?

How often are other opinions or quotations sought?

Is there clarity around the fixed and variable costs that your technical support provider might charge?

  Support systems

How do people access support when they have technical issues?

Is there a helpdesk system to log and track issues?

Are there tiers of support provided for issues of varying technical difficulty?

How do issues get prioritised?

How is the self-sufficiency of people being developed?

Is it clear for students and staff what they could and should do to troubleshoot technical issues before they escalate them?

What induction processes and documentation for staff and students to be able to understand and use the school’s technical systems are in place?

Is there some kind of knowledge base of how-to’s or FAQs?

  Maintenance procedures

Are there systems for proactive maintenance such as checking error logs, testing emergency procedures, checking administrator accounts, applying security patches, updating firmware?

How up-to-date are the operating systems and software on devices?

Is there up-to-date, thorough technical documentation and inventories (asset registers, list of administration credentials/passwords, copies of configurations)

Is there suitable turnaround time for repairs and maintenance of hardware and software?

  Policies and procedures

Are there policies, procedures, or supporting resources that a new student or staff member could use to become easily familiar with things such as:

  • how to access and use key systems, services, and applications
  • BYOD usage expectations
  • acceptable use
  • copyright.

Who has access to, and ownership of, system passwords, administrative level access and intellectual property?

What is the process for dealing with user accounts, email, files, digital artifacts, and so on, when staff and students leave the school?

Procurement Procurement strategy

How is budget allocated to digital technologies?

Is there a sustainable strategy around procurement?

  Supplier relationships Does the school obtain quotes from a variety of suppliers when procuring digital technologies?
  Procurement processes

How are decisions about procurement choices made?

How are new assets registered and existing assets tracked?

  On-going maintenance

Is there a procurement plan that accounts for old equipment to be retired and replaced?

Is key equipment kept under a manufacturer’s warranty?

How does the school know if equipment is no longer cost-effective to support and maintain?

Infrastructure Internet connectivity

What internet connection is used?

Is this suitable (contact N4L to ascertain the peak data throughputs)?

  Firewalling and security

What firewalling is in place?

Are there any other security measures in place? (Intrusion prevention, application-level content inspection, gateway antivirus)

What open ports are exposed to the internet?

Is more firewalling needed that what N4L provides?

What password policies are there for:

  • staff and students to log-in to their network or cloud system accounts?
  • administration-level accounts?

Is there an understanding of basic security good practices amongst staff and students?

Does staff access to data in the cloud require 2-factor authentication?

Does remote access by staff to data at the school require 2-factor authentication?

  Internet content filtering

How is internet content filtering done?

What could be improved?

How easy is it for staff or students to be able to whitelist or blacklist an online resource?

  Network cabling

What is the state of the network cabling?

Does it meet SNUP standards?

Are all parts of the school able to access the network?

  Network switches

How old are the network switches?

Is there sufficient ports available?

Is the network performance adequate?

Are there any loops?

Is the configuration acceptable (Spanning Tree Protocol)

Are there any VLANs configured?

Is the patching in the switching cabinets neat and tidy?

Is the network topology suitable?

  Wireless networking

What system is in use?

How old is it? When will it need to be replaced?

How many SSIDs?

Are suitable security protocols in place?

Is it easy for staff, students, and guests to access?

Are there any dead spots?

Are there any drop-offs experienced?

Are there any concerns about the reliability, security, coverage, performance?


What physical and virtual servers are in use?

Are they in warranty?

Are any no longer needed?

Are they suitably specified and configured?

Would any of the services be better served from the cloud either now or when the server next needs to be replaced?

  File storage

What local file storage is available?

What cloud-based file storage is available?

Is there clarity around what file storage system is used for what purpose?

  Back-up and disaster recovery

How are essential systems data and configurations backed up?

How effectively is students and staff data backed up?

Do staff and students understand how to avoid having data that is not backed up?

When was the last time the back-ups were checked?

What is the procedure to restore critical data and systems in the event of a failure, how long would this take, and what is the worse case scenario of how much data could be lost in a disaster?

If the internet was unavailable, how would the school know students’ contact details?

  Power management and UPS protection

Is there clarity about what services are essential to keep running in a power outage?

Are the essential devices protected by surge protectors and UPSs?

Are non-essential devices being maintained by UPS unnecessarily?

Do you know how long a UPS will hold up essential equipment for, and is the shutdown procedure manual or automated?

Is power easily available for staff and students to charge devices?

Services Email

Is email appropriately hosted and configured?

Is it easy to access email?


Are printers owned or leased?

Is the mix of black and white/colour printers suitable?

Are cloud print services supported?

How cost-effective is printing?

  DNS Is the configuration suitable?
  DHCP Is the configuration suitable?
  VoIP If in use, is the configuration suitable?
  Directory Is the configuration suitable?
  Identity, IAM, and SSO

How are users and devices identified and authenticated onto the network to gain access to services?

Are the possibilities of making it easier for people to log on to services being explored and deployed?

Systems and applications Student Management System (SMS) and Parent Portal

Can students and parents access their SMS records easily?

Is the configuration and policies for access secure enough?

Can teachers easily access and use the SMS?

Is the SMS the "authoritative source" of information that feeds into other digital systems?

Is there an understanding of what constitutes data quality and is this exemplified in practices?

Is the SMS cloud-based?

  Office productivity/online learning environment (OLE)

What online learning environment is in use?

Is the OLE well used by students, teachers, parents, and administrators?

What areas for development are there when it comes to the OLE?

What alternatives now exist?

  Library Management System

What is in use?

Is it accessible and delivering what is needed?

Is it properly updated and backed-up?

Is it cloud-based?

Is it cost-effective?

What alternatives now exist?

  Significant cloud end-user applications

What are in use?

Are they cost-effective?

What alternatives now exist?

  Significant local server-based, end-user applications

What are in use?

Are they accessible remotely and delivering what is needed?

Are they properly updated and backed-up?

Can they be migrated to become cloud-based?

Are they cost-effective?

What alternatives now exist?

  Significant locally installed end-user applications

What apps are in use?

Are they delivering what is needed?

Are they properly updated and is the data they store backed-up?

Can similar functionality be delivered in a more cloud-based way?

Are they cost-effective?


Technical management applications (for example, Mobile Device Management (MDM) solutions

Device deployment solutions

Endpoint Protection (antivirus, malware, and so on) solutions)

What is in use?

Is it delivering what is needed?

Is it properly updated and backed-up?

Is it cloud-based?

Is it cost-effective?

What alternatives now exist?

User-facing devices Telephones

How is telephony delivered and managed?

How old, reliable, and functional is the system?

Is the telephony system cost-effective?

What alternatives now exist, for example, VoIP?

  Staff devices

What devices are made available to staff?

How old are they?

What specifications are they?

  Student devices

How well do digital devices meet the needs of students?

What devices are made available to students?

How old are they?

What specifications are they?


What is the BYOD experience?

How is BYOD security managed?

How is access to devices and applications made equitable for students?

  Audio visual

How well do audio visual items meet the needs of students and teachers?

Do all available features get used or has expenditure gone into unnecessary features?

What alternatives now exist?


Can people easily print their documents?

Are systems in place to manage printing?

  Other digital devices

What other user-facing devices or peripherals are in use?

How well do these items meet the needs of students and teachers?

Do all available features get used or has expenditure gone into unnecessary features?

What alternatives now exist?

The user experience Remote access to services and applications Is there ability for students, teachers, and support staff to work on any device at any time and at any location with internet connectivity?

How well do devices meet the needs of students and staff in terms of

  • sufficiency: are there enough?
  • suitability: are they the right devices with the right software/applications and appropriate levels of administration?
  • reliability: do they always work well enough?
  • ease of access: can you get access to them?

Is the internet secure, fast, reliable, accessible?

Is the internet filtering in place too restrictive or too open?

Can internet sites and services that are blocked be easily allowed to be accessed?

Can internet sites and services that are allowed be easily blocked if necessary?

Keep informed

Subscribe to the newsletter.