T-OML Self-Assessment

Thanks for your interest in the T-OML Self-Assessment!

As we mentioned, this assessment presents each of the 14 core traits from the Technology Operational Maturity Model. For each trait, we’ll present the main characteristics of a firm operating at high maturity.

Your task is to run through each characteristic and see if it resonates as something your firm is doing now. Then determine if you exhibit none, some, or all of those traits.

As you work through the assessment, try not to dwell on your answers; your gut instinct is what we want to work with here. (In other words, if you aren’t sure whether you exhibit a certain characteristic, the answer is “no.”)

Let’s get started!


How smooth are your routine IT processes?
  • We have documented IT processes to keep our systems secure and running well.
  • Our processes include daily, weekly, and monthly checklists that are followed by our IT team.
  • We have clear technology standards that are driven by our IT strategy.
  • We’ve invested in centralized management of our IT infrastructure (e.g., server monitoring, workstation patching, etc.).
  • We have clear onboarding and offboarding procedures.
  • New attorneys and staff are fully functional the day they walk through the door, and properly terminated the moment they leave.


How well does your firm execute on security needs?
  • Our CIO (internal or external) has full ownership of the firm's security protocol and reports regularly to our Managing Partner and Firm Administrator.
  • We have specific IT security policies in place to cover all elements of our internal security and the privacy of our client data.
  • We have a clear, tested disaster recovery plan.
  • We have a written business continuity plan.
  • We have all standard technical defenses in place (and monitored), including a business-level firewall, malware protection, centralized patching, backups, and a spam filter.
  • We’ve also implemented more advanced defenses, such as VPNs, laptop encryption, advanced endpoint protection, and periodic security risk assessments with remediation plans.
  • We are able to articulate our security and data handling policies in response to external audits without consternation.


How well are your attorneys and staff supported in their daily work?

  • There is a 24/7 helpdesk that we can call or email for help.
  • Our computer issues are tracked and visible in a centralized ticketing system.
  • There are clear targets for what type of support response is expected and when.
  • Complex issues can immediately be escalated to higher-level support personnel for a resolution.
  • All attorneys and staff are treated as “clients” by the IT staff, whose performance is then measured on client satisfaction. 

Project Management

How effective are your upgrade and implementation projects?
  • Each project is planned out well in advance.
  • Every project has specific success criteria that are measured as part of the project review process.
  • Firm downtime is always minimized to maximize our billing.
  • Follow-up support is scheduled in advance.
  • We plan clear communications, demonstrations, and training for any new technology or upgrades that will be implemented during the project.
  • Firm leadership helps set the example on technology adoption.

Technology Lifecycle

Is your technology lifecycle aligned with your firm’s needs?
  • We have a proactive hardware and software refresh cycle that is not dictated by performance issues or by manufacturers ending support.
  • We plan these upgrades into our IT budget cycle.
  • We evaluate each release of our mission-critical software for important features that would enhance our productivity or ability to serve clients.
  • We stay informed about new software that could replace our current software to provide better features. 

Key Software

How well does your firm use key software to its advantage?
  • We have a document management system (DMS), a case management system, a time-and-billing platform, and an eDiscovery package as appropriate.
  • All of our documents (and all versions of them) are stored in the DMS, and we can find important information in seconds.
  • We use email, but only to send links to those documents inside the DMS.
  • All key software is used and understood by everyone in the firm—even the partners. 


How easily can you scale your operations?
  • Our firm has accepted the cloud as a core part of its IT strategy.
  • We back up our data to the cloud.
  • All of our line-of-business applications, including document management and time-and-billing, are in the cloud (public or private).
  • We have very clear policies on what is and is not allowed as far as additional cloud applications.
  • We have paid attention to the security of our data as it pertains to the cloud, and we have properly vetted all of our cloud’s vendors and partners against those policies.
  • We can easily add people without adding to our internal infrastructure.
  • Our attorneys and staff can work from anywhere as if they were in the office. 

Decision Making

To what extent are technology decisions aligned with firm strategy and needs?
  • We have specific, weighted criteria for each important IT decision as it relates to the overall firm strategy and underlying IT strategy.
  • We collect various options from comparable firms.
  • We take guidance from outside consultants as appropriate.
  • Our CIO recommends solutions to us.
  • High-dollar decisions are made by our CIO, Firm Administrator, and Managing Partner together. 

Vendor Management

How well do you utilize outside expertise and services?
  • We seek vendor recommendations from comparable firms and make our selection from there.
  • We have specific selection criteria that are strategic, cultural, and tactical.
  • We engage our vendors with deep multi-year relationships based on specific service levels and business outcomes.
  • We manage these relationships at multiple levels within the firm. 


To what level is your IT overseen?
  • Our IT is run by a CIO-level individual (internal or external).
  • Every person and vendor involved in IT has a clear role, understands how their role fits into the larger picture, and has clear performance expectations.
  • We have a Technology Committee.
  • Our Technology Committee meets on a regular basis to discuss all manner of IT issues.
  • We have regular IT operational reviews.
  • We are well aware of the regulations we must comply with.
  • We execute specific and clear plans to make sure we remain in compliance. 

Internal Communications

How deep and effective are your internal communications about technology?
  • We have a set IT Onboarding Agenda that we follow and present to every new hire.
  • Every project that is implemented in the firm has some training associated with it.
  • Our Technology Committee is charged with talking about technology initiatives with their respective groups.
  • We have a formal Security Awareness Training program.
  • Internal communications take place by phone, video conference, email, and instant messaging or in collaborative applications. 


To what extent is your IT strategy tied to your firm’s business strategy?
  • IT is seen as more than a cost center to be minimized.
  • Our IT strategy is directly tied to the firm’s business strategy.
  • The IT budget is highly predictable with almost no surprises.
  • We account for growth or decline in the firm’s headcount in advance. 


To what extent do you embrace and encourage technological innovation?
  • Implementation of new technologies is a regular topic at the Technology Committee meetings.
  • There is a formal mechanism for anyone in the firm to submit technology improvement ideas.
  • Our IT team is in regular contact with consultants and colleagues at other firms, and members attend conferences to learn about the state of technology for law firms and the innovative improvements they should be planning over the next two to three years. 

Client Interaction

How well do you use technology to interact with your clients?
  • We interact with our clients over the phone, by video, and via email.
  • Each client has their own document repository, where they can access the documents we have created for them, as well as provide comments and collaborate on any document that we are working on together.
  • We have figured out how to text and instant-message with our clients while preserving the chains of communication as needed for regulatory compliance.