The First 90 Days of a Managed IT Engagement, Honestly - North Star IT Insights
North Star IT
Free Assessment
HomeInsightsManaged IT
Managed IT

The First 90 Days of
a Managed IT Engagement, Honestly

If you've never used an MSP, the first 90 days can feel chaotic. Here's what the work actually looks like when it's being done properly.

Managed IT 2026-03-24 9 min read

If you've never used an MSP, the first 90 days can feel chaotic. Here's what the work actually looks like when it's being done properly.

Week 1: Discovery and access

The first week is about access and inventory. The MSP needs admin access to everything you have, and they need to document everything. Expect a lot of meetings, a lot of password resets, and a lot of questions about systems you forgot you had.

Week 2 to 3: Tools deployment

RMM agent on every device. EDR on every device. Backup agents where applicable. Identity provider integration. Helpdesk portal stood up. Expect some user-facing prompts and a few support tickets. This is the foundation.

Week 4: First report

End of month one, you should get the first real report: what they found, what they fixed already, what the risks are, and what the first 90 days will focus on. If you don't get this, ask.

Weeks 5 to 8: Quick wins

MFA enforcement if it wasn't there. Conditional access. Patch baseline. Backup verification. Quick wins that lower risk without big projects. Most clients see real improvement in this window.

Weeks 9 to 12: Project planning

By week 9 the MSP should have proposed a remediation roadmap for the big stuff: M365 migration, server refresh, firewall replacement, whatever the gaps are. Sequenced by risk and budget. Approved by you before any of it starts.

Week 12: Quarterly review

First QBR (quarterly business review) at the 90-day mark. Review the discovery findings, the work done, the work planned, and the budget. This sets the cadence.

What good looks like at 90 days

Inventory complete. MFA on everyone. EDR on every device. Backups verified. Patches current. Conditional access tier 1 deployed. First report delivered. Roadmap approved. Helpdesk live. Identity provider integrated.

What 'late' looks like at 90 days

If at 90 days you still don't have MFA on everyone, EDR everywhere, or a verified backup, the engagement is behind. Some delay is normal. Months of delay is a yellow flag.

What you should be doing

Approve things promptly. Make staff available for short interviews. Update credentials with the IT contact. Tell the MSP what feels wrong. The relationship works when communication is short and frequent, not when it's saved up.

← Back to Insights Get a Free Assessment →

Want this in your inbox?

We send a short monthly note with one cybersecurity or IT topic that BC business owners should know about. No sales pitch.

Get the monthly note Read more Insights