If your city, county, utility, library, or public agency only hears from your IT provider when something breaks or when it is time to renew, you are not getting enough value.

Technology is not a one-time setup. Your staff changes. Your software changes. Public service expectations change. The cybersecurity risks change too.

That is why a quarterly IT review matters.

Most local government leaders know they should be checking in, but they are not always sure what to ask. That is normal. You are running departments, managing taxpayer resources, serving residents, responding to council or board priorities, and keeping operations moving. You should not have to speak IT for a living.

Here are six simple questions your IT provider should be able to answer every quarter, in plain English.

1. What security problems need attention right now?

Every public organization has weak spots. The goal is not to pretend they do not exist. The goal is to find them early and deal with them before they turn into downtime, fraud, data loss, a public records issue, or a major interruption to services.

For municipalities in Quincy, Adams County, and across West Central Illinois, this matters because local government systems often hold sensitive citizen data. That can include utility billing information, employee records, police or public safety data, building permits, financial records, and internal communications.

Ask your provider:

Are any systems missing security patches?

Have there been unusual login attempts?

Are any users, devices, or processes creating extra risk?

Are there security alerts we should know about?

Are critical government systems being monitored properly?

You do not want a vague answer like everything looks good. You want specifics.

A good IT partner should be able to tell you where your top risks are, what has already been fixed, and what still needs attention. That is how you protect public information, maintain public trust, and reduce the chance of an outage that affects residents.

2. Have our backups been tested recently?

A backup only matters if it works when you need it.

Plenty of organizations think they are covered because a backup system exists. Then a server fails, ransomware hits, a cloud account is compromised, or someone deletes the wrong folder, and everyone finds out the recovery plan was never tested.

That is not the time to figure it out.

Ask:

When was the last full recovery test?

How long would it really take to restore our systems?

Are backups stored separately from our main network?

Are Microsoft 365, Google Workspace, and other cloud apps included?

Who is responsible for restoring what during an outage?

What systems must come back first to keep public services running?

For a city office, county department, public works team, utility department, library, park district, or economic development organization, downtime is not just an inconvenience. It can delay payments, permits, public meetings, work orders, communications, and access to records.

You need a tested plan, not hope.

3. Where is technology slowing our team down?

Not every IT problem feels like an emergency. Some problems just drain time all day long.

A computer takes too long to start. A permitting system freezes. A public works employee cannot access work orders in the field. A board meeting livestream has audio issues. A staff member stops using a system because it is too painful.

Those issues cost money, even if nobody opens a ticket.

Ask your provider:

Are we seeing repeat performance issues?

Are any computers or servers aging out?

Which systems get the most complaints?

Are we outgrowing any software or hardware?

What should be optimized before it becomes a bigger problem?

Are Microsoft 365 tools being used in a way that actually supports staff?

Technology should help government employees serve the public faster and more reliably. It should not train them to work around problems.

That applies whether you are supporting city hall in Quincy, a village office in Camp Point or Payson, a library in Mendon, a county office in Pittsfield or Carthage, or a public agency in Macomb or Canton.

4. Are we still meeting compliance, records, and insurance requirements?

Compliance is not something you check once and forget.

Public agencies have unique responsibilities around records, privacy, public access, cybersecurity, financial controls, and continuity of operations. Depending on the department, you may also have requirements tied to CJIS, HIPAA, PCI, cyber insurance, grant funding, records retention, union agreements, vendor contracts, or state and federal guidance.

Ask:

Have any requirements changed recently?

Do our policies and documentation still line up?

Do employees need updated security training?

Are there controls we need to strengthen?

Would we be ready if an auditor, insurer, board member, or state agency asked for proof?

Are our Microsoft 365 permissions, retention settings, and security controls appropriate?

The cost of falling behind is not just a fine or a failed audit. It can affect insurance claims, legal exposure, public confidence, and the ability to keep essential government operations running.

5. What should we budget for next quarter?

Good IT planning keeps surprises off your desk.

Your provider should be tracking what is coming, not just reacting to what broke this morning.

That includes:

Aging computers and servers

Expiring warranties

Software renewals

Microsoft 365 license changes

Network upgrades

Security improvements

Backup and disaster recovery needs

Upcoming vendor price increases

End-of-life systems

Quarterly planning gives you time to make smart decisions. It lets you spread costs out, avoid rush purchases, support grant planning where possible, and keep technology aligned with department goals.

No city administrator, county official, department head, library director, or elected board likes surprise IT expenses. Most of them can be prevented with better planning.

That matters because technology budgets are taxpayer resources. Every dollar should have a purpose.

6. Where are we falling behind?

This is the question that separates a basic IT vendor from a real partner.

You need someone who can look at your organization and say, here is what is changing, here is what matters, and here is what we recommend next.

Ask:

Are there tools or automations we should consider?

Are we behind on cybersecurity best practices?

Are other public organizations our size doing something we are not?

Have cyber threats changed in a way that affects local government?

Are we using our current systems as well as we could?

Are there ways to improve service delivery without adding unnecessary complexity?

Technology moves fast. Cybercriminals move faster. Local governments are frequent targets because they provide essential services and often operate with limited staffing and tight budgets.

Your IT provider should help you keep up without burying you in technical talk.

If these conversations are not happening, that is a red flag.

If your IT provider cannot answer these questions clearly, or if they are not asking to meet with you quarterly, you may not be getting the support your organization needs.

You need more than someone who shows up after something breaks.

You need a partner who helps prevent the break in the first place.

At Tigerhawk, we believe local government leaders deserve clear answers, practical planning, and local support that understands how public operations really work in Quincy, Adams County, and West Central Illinois. IT should protect citizen data, support employees, preserve public trust, and help you make better decisions with the resources you have.

If you want a second set of eyes on your current setup, we can help.

For more information, schedule time with Tigerhawk.