🔍

How to Choose an MSP: The Due Diligence Checklist - MSP Guide Australia

Business Strategy 2026-06-10 🕐 4 min 822 words

Choosing a Managed Service Provider is one of the most consequential IT decisions an Australian business can make. Get it wrong, and you're locked into a 3-year contract with a provider that overpromises and underdelivers. Get it right, and you gain a genuine technology partner.

This guide gives you the framework to make that decision with your eyes open.

Step 1: Define What You Actually Need

Before you talk to a single MSP, write down:

  • What's broken? What specific IT problems are you trying to solve?
  • What's your budget? Be honest. If you're spending $5K/month now, an MSP quoting $2K/month should raise questions, not excitement.
  • What's your growth trajectory? Are you adding 5 people or 50 in the next year?
  • What's your compliance burden? Do you handle sensitive data? Regulated industries?

MSPs are not one-size-fits-all. A provider excellent at supporting a 20-person law firm may be terrible for a 200-person manufacturer.

Step 2: The Shortlist (3-5 Providers)

Don't go with the first quote. Don't go with the cheapest. Get 3-5 proposals and compare them side by side.

Where to find them: - Ask peers in your industry (word of mouth is gold) - Check the MSP Ledger for profiles and red flags - Industry associations (AISA, ACS) - Referrals from your accountant or lawyer

Step 3: The Questions That Matter

Most MSP sales pitches focus on what they can do. You need to focus on how they actually operate. Ask these:

Financial Health

  • "Are you privately held or backed by private equity?" (PE-backed MSPs often prioritize cost-cutting)
  • "What's your annual revenue?" (Gives you a sense of scale)
  • "What's your staff turnover rate in the last 12 months?" (High turnover = culture problems)

Service Delivery

  • "How many clients does each technician support?" (More than 30-40 = stretched thin)
  • "What's your average ticket response time?" (Under 15 minutes for critical is good)
  • "What happens if my primary engineer leaves?" (Knowledge transfer process)
  • "Can I see your NOC/SOC setup?" (Who's watching your systems at 2am?)

Contracts

  • "What's the minimum contract term?" (12 months is reasonable, 36 is a red flag)
  • "Is there a break clause?" (If they're confident in their service, they'll offer one)
  • "What are the exit terms?" (Data ownership, transition support, knowledge transfer)
  • "Can you cap price increases?" (Annual CPI-linked is fair, 15% per year is not)

Technical

  • "What's your cybersecurity stack?" (Endpoint, SIEM, backup, MFA - all non-negotiable)
  • "Do you follow the Essential 8 framework?" (If they don't know what that is, run)
  • "What's your Microsoft partnership tier?" (Gold/Solutions Partner indicates investment)

Step 4: Check Their References

MSPs will always give you their happiest clients. You need to talk to:

  1. A current client (they'll say nice things)
  2. A client who left (they'll tell you the truth)
  3. A client in your industry (similar needs to yours)

Questions to ask references: - "What's the biggest frustration with your MSP?" - "How quickly do they resolve critical issues?" - "Have they ever missed a commitment?" - "Would you sign the same contract again?"

Step 5: The Proposal Red Flags

Watch for these in proposals:

Red Flag Why It Matters
36+ month lock-in They're not confident you'd stay voluntarily
"All-you-can-eat" pricing Sounds good, but someone's paying for those 3am calls
No SLA or vague SLA If it's not measured, it's not managed
"Dedicated team" but no names They might not exist yet
Price significantly below market They'll cut corners to stay profitable
No mention of security Your data is at risk
No exit terms defined You're trapped

Step 6: The Pilot Period

Never sign a 3-year deal without a pilot. Ask for: - A 30-60 day paid pilot on a limited scope - Clear success criteria defined upfront - The right to walk away if criteria aren't met

A good MSP will agree to this. A bad one will pressure you to commit immediately.

Step 7: The Contract

Before signing, have your lawyer review it. Key things to negotiate:

  • Exit terms: 30-60 day notice, full data export, knowledge transfer
  • Price escalation: CPI-linked, not arbitrary
  • SLA remedies: Service credits for missed targets
  • Data ownership: 100% yours, always
  • IP ownership: Any custom scripts or solutions you paid for
  • Subcontracting limits: Who can they outsource to?

The Bottom Line

Choosing an MSP is choosing a technology partner. It's not a procurement exercise—it's a relationship. The right MSP will grow with you, protect your data, and make your IT a competitive advantage. The wrong one will drain your budget, frustrate your staff, and leave you exposed.

Take the time to do this right. Your future self will thank you.

Frequently Asked Questions

How do I choose the right MSP for my business?
Start by defining your needs, get 3-5 proposals, ask tough questions about staffing ratios and financial health, check references, and insist on a pilot period. Our Due Diligence Checklist walks through each step.
What questions should I ask an MSP before signing?
Ask about client-to-technician ratios, staff turnover, financial ownership (especially PE backing), exit terms, and cybersecurity capabilities. Our MSP Due Diligence Checklist has the complete list.
What are red flags when choosing an MSP?
Watch for 36+ month lock-in, vague SLAs, no exit terms, prices significantly below market, and no mention of security. See our MSP Contract Red Flags for the full list.
Should I use an MSP broker or choose directly?
Brokers can save time but may have MSP biases. If you go direct, use our MSP Directory to research providers and our MSP Health Score to evaluate them.

Related Reading

Operations
MSP Due Diligence Checklist: What to Verify Before Signing
6 min read
Tools
Compare MSPs Side by Side
1 min read
Business Strategy
MSP Pricing Models Explained: How MSPs Charge and What You Should Pay
6 min read