12-Month IT Roadmap Template
Print this template and fill it in to turn a vague sense of 'we should improve our IT' into a prioritized, quarter-by-quarter plan. Work top to bottom: assess where you are, find the gaps, rank the fixes, then schedule them.
ClayGen Consulting
12-Month IT Roadmap Template
How to use this template
- Print this page or save it as a PDF.
- Complete each section in order. Earlier sections feed the later ones.
- Rank initiatives by business impact, urgency, and cost. A critical security gap that is cheap to fix outranks a costly nice-to-have.
- Schedule the ranked work into the quarterly plan with an owner and a budget.
- Review quarterly and refresh the whole roadmap once a year.
Step 1: Current state assessment
You cannot plan where you are going without knowing where you are. Inventory the environment.
| Area | What you have today | Age / status | Risk or concern |
|---|---|---|---|
| Hardware (laptops, desktops, servers) | |||
| Software and licenses | |||
| Cloud services and backup | |||
| Network and connectivity | |||
| Security tools (EDR, MFA, filtering) | |||
| Current annual IT spend |
Step 2: Gap analysis
Compare current state against where you need to be. Each gap becomes a candidate project.
| Gap | Current state | Target state | Consequence if ignored |
|---|---|---|---|
Step 3: Prioritize the projects
Score each initiative. Rank high impact, high urgency, lower cost items first. Use the priority column to sequence them.
| Initiative | Business impact (H/M/L) | Urgency (H/M/L) | Estimated cost | Priority (1, 2, 3...) |
|---|---|---|---|---|
Step 4: 12-month quarterly plan
Schedule the prioritized initiatives across four quarters. Assign an owner and an estimated budget to each so the plan is accountable.
| Quarter | Planned initiatives | Owner | Estimated budget |
|---|---|---|---|
| Q1 | |||
| Q2 | |||
| Q3 | |||
| Q4 |
Step 5: Security and compliance checkpoints
Weave regulatory requirements through the roadmap rather than bolting them on. For Canadian businesses that includes PIPEDA, cyber insurance prerequisites, and any sector rules (PHIPA for healthcare, and others).
| Requirement | Applies to us? | Current status | Action and quarter |
|---|---|---|---|
| PIPEDA / privacy obligations | |||
| Cyber insurance prerequisites (MFA, EDR, backups) | |||
| Sector-specific rules (PHIPA, etc.) | |||
| Records retention policy in place |
For the full explanation of each step, read Why Your Business Needs an IT Roadmap. To budget the work, use our IT Budget Worksheet and read IT Budget Planning for Small Businesses. ClayGen builds roadmaps like this as part of IT consulting.
Prepared by ClayGen Consulting, claygen.ca. This resource is general information, not legal, tax, or accounting advice. Confirm the requirements that apply to your business with your advisors and the relevant regulator before relying on it.
Want a hand putting this into practice?
ClayGen helps Ontario businesses turn templates like this into a working plan. No pressure, no obligation, just a real conversation about your environment.
Book a Free Consultation