
It’s the question every owner asks and every consultant dodges: what should we be spending on IT?
You’ll find surveys quoting anywhere from 2% to 7% of revenue depending on industry, and those numbers aren’t useless, but they answer the wrong question. The right question isn’t “how much?” It’s “on what, and in what order?”
Here’s the framework we use.
First: the floor
There’s a minimum below which you’re not saving money, you’re borrowing it from a future crisis. Whatever your size, the floor includes:
- Working, tested backups of anything you couldn’t operate without
- MFA on every account that touches company data
- Supported software: if your operating system or key apps stopped getting security updates, you’re running on borrowed time
- A way to get help that doesn’t depend on one specific human being available
If any of those are missing, that’s where the next pound goes. Nothing else on this page matters until the floor is in.
Second: spend where downtime hurts
Work out your cost of downtime: roughly, what an hour without systems costs you in wages and lost sales. A ten-person office losing email for an hour is annoyed. A business that can’t take payments for an hour is losing real money in real time.
This number tells you where resilience is worth buying: a backup internet line, a spare payment terminal, cloud systems that keep working when the office doesn’t. Spend on resilience in proportion to what failure actually costs, not on gut feel.
Third: audit before adding
Before any new spending, look at what you already pay for. In cost reviews we regularly find:
- Licences for staff who left months ago
- Two tools doing the same job because nobody joined the dots
- Premium tiers bought “to be safe” and never used
- Features already included in existing licences, bought again as separate products
It’s common for those findings to fund a meaningful chunk of whatever improvement was needed. Freeing up money you’re already spending beats asking for new budget every time.
Fourth: buy outcomes, not kit
The most expensive IT decisions are distress purchases and shiny objects. The cheapest are planned ones. A simple 12-month roadmap (what gets replaced when, what gets improved next quarter, what we’re deliberately not doing) turns IT spend from a series of surprises into a line item you control.
That’s also the honest answer to the percentage question: businesses with a plan consistently spend less than businesses without one, because they stop paying the panic premium.
The short version
- Fix the floor: backups, MFA, supported software, reliable help.
- Buy resilience in proportion to your real cost of downtime.
- Audit existing spend before adding anything new.
- Plan a year ahead so nothing is a distress purchase.
If you’d like to know where your business stands against that list (including what you’re currently spending that you don’t need to), our free 30-minute IT health check is the fastest way to find out.
