IT consultancy lost its meaning somewhere around 2009. Maybe 2010. The term used to describe strategic work. Planning, auditing, aligning technology with what a business actually needs over the next two or three years. Now it’s on the website of every provider who answers the phone when your Outlook stops syncing. That shift didn’t happen by accident, and it’s costing UK businesses real money.
I know this because we keep inheriting the evidence.
A Cabinet, 38 Licences, and Nobody Checking
Last year we took on a client in Holborn. Law firm, 25 people. They’d been paying for 38 Microsoft 365 Business Premium licences for nearly three years. Thirteen of those licences belonged to staff who’d already left. Their previous provider, the one calling themselves an “IT consultant”, invoiced monthly support fees the entire time but never once checked what the client was actually paying Microsoft. That’s roughly £4,700 a year on seats nobody occupied. When we pointed it out, the office manager assumed it was a billing error. It wasn’t. Nobody had looked.
That sort of thing used to shock me. It doesn’t anymore. The pattern repeats with almost boring regularity. Misconfigured cloud environments that nobody documented. Security tools bought on a vendor’s recommendation and never switched on. Backup systems that run every night and save nothing useful because the job was pointed at the wrong directory eight months ago.
The Word Means Whatever Sells
Here’s what bothers me about this. The companies doing break-fix support, the ones whose entire business model depends on things going wrong so they can bill for the fix, they call themselves IT consultants too. And there’s nothing stopping them. No professional body regulates who can use the term. No certification makes it mean something specific. So it means whatever the person writing the proposal wants it to mean.
Vendors benefit from the same fog. Without someone independent reviewing what a business actually needs, procurement decisions get made in sales meetings. The rep recommends the premium tier. The client doesn’t know enough to push back. You end up with three overlapping security products, an Azure tenant that a former employee set up with a personal card, and a monthly bill that nobody can fully explain.
The UK Government’s Cyber Security Breaches Survey found that only about a third of businesses have a formal cyber security strategy. One third. For a country that introduced GDPR enforcement with real teeth, that number is embarrassing. And I’d argue the cause isn’t that business owners don’t care. It’s that the people they hired to care about it for them weren’t doing the strategic part of the job.
What IT Consultancy Should Actually Involve
Real it consultancy doesn’t start with technology. It starts with a conversation about the business. What’s the plan for the next 12 months. Where staff waste time on manual processes that software solved five years ago. What happens operationally if a key system disappears for two days.
Then it splits into unglamorous work that nobody puts on a brochure.
Rationalisation. Cutting the tools and licences that serve no purpose. Every company we audit has at least two products doing the same thing, bought by different people in different years, neither one configured properly. Alignment comes next. Making the tools that survive the cull actually match how people work, not how a demo suggested they should. And then roadmapping. A written plan, 12 to 24 months out, that accounts for growth, for compliance obligations like Cyber Essentials, and for the quiet fact that hardware has a shelf life and pretending otherwise gets expensive.
That roadmapping stage is where most providers go silent. Because it means telling a client they need to budget £12,000 next year for infrastructure that works fine today but won’t survive a migration. Nobody enjoys that meeting. But the alternative is finding out at 7am on a Monday when nothing turns on.
Who’s Actually Responsible for This
I’ll blame two groups and I’ll start with my own industry. Too many providers use “consultancy” as a word that makes a helpdesk contract sound more serious on a PDF. It inflates the perceived value without changing what’s delivered. And every time someone does that, the term loses a bit more meaning for providers who actually do the strategic work. If your IT consultancy provider has never shown you a written technology roadmap, they’re not consulting. They’re waiting for something to break.
But business owners share the responsibility. You’d question your accountant if their entire tax strategy was “we’ll sort it when HMRC writes to you”. The same standard should apply to IT. Ask what you’re paying for versus what you’re using. Ask what the plan is for 18 months from now. Ask when the last time your provider recommended you spend less, not more.
The companies that treat it consultancy as an ongoing strategic conversation, the ones who sit down quarterly with their provider and actually review what’s delivering value, they’re the same ones who don’t scramble when a regulatory change or a new outsourced IT model shows up. They’ve already discussed it. They’ve got a document that says what happens next.
So What Do You Do With This
I won’t pretend the industry is fixing itself quickly enough. The label will keep getting diluted because there’s commercial incentive to keep it vague and no enforcement mechanism to stop it.
But you can do one thing this week. Look at your current IT relationship and ask: when was the last time your provider told you something you didn’t want to hear? If the answer is never, you don’t have a consultant. You have a vendor who’s learned that agreeable people keep their contracts longer.