Introduction to a Sitecore Technical Audit

Vasiliy Fomichev

In Best Practices Posted


Over the last decade, Sitecore grew into an omnichannel Digital Experience Platform. If your company is running Sitecore, then you have a powerful tool to deliver consistent personalize experiences across various channels and sky-rocket your digital ROI. If you work with Sitecore, you also know that it is not a turn-key Digital Experience Platform (DXP). It is in leman terms, a framework that allows for enormous flexibility in ways omnichannel experiences can be developed. Sitecore also supports a variety of hosting options, architectures, instance roles, configurations, and finally, search engines. These are all living and moving pieces that change, update, and grow, which, when not checked and tuned regularly, can destabilize the platform. Your website running on Sitecore is also continuously updated with new content and perhaps code. All these moving pieces require monitoring and periodic tuning to make sure Sitecore continues to remain stable, easy to use for content auditors and marketers, and deliver personalized experiences to your end-users with speed and precision. Sitecore audits provide a means of periodic comprehensive reviews, or health-checks, almost like a “physical exam for Sitecore” to uncover two things:

  1. Existing and potential problems
  2. Areas of improvement to make sure Sitecore performs continues to run at its best, and internal and external users continue to have a positive experience

In other words, Sitecore audits help with issue identification and risk mitigation.


When Should Sitecore Audits be Performed?

We find that there are generally four reasons that trigger a Sitecore audit:

  1. Immediate Concerns – this is where there is already a known issue or concern. Something isn’t going right – whether the website pages load slowly, Sitecore unexpectedly restarts, analytics, reporting, and testing aren’t working, or search doesn’t work correctly, to name a few common ones. The internal tech team has already looked into the issue, however, has bigger concerns, or needs help with addressing the risk.
  2. Recent Implementation Check – enterprise web projects are complex, and Sitecore implementations are no exception. Things happen during all projects, and it is not uncommon for an enterprise project to run over budget and timeline for various reasons that may cause Sitecore vendors to take calculated shortcuts or cut scope. Businesses, for the most part, are aware and approve of these shortcuts to meet their goals; however, this results in accumulated “technical debt,” which doesn’t go away and will either come back as a knockout punch or a slow bleed. After a recent implementation or a significant update, clients need help identifying technical debt.
  3. Risk Mitigation – high-profile clients and clients in highly-regulated industries that cannot afford a failure in an upcoming initiative request an audit before making a significant move. Examples of a risk mitigation situation would be a preparation for migration, upgrade, or expansion.
  4. Regular Maintenance – lastly, clients include Sitecore audits as part of their maintenance strategy and these are usually brands that want to maximize their investments in Sitecore and want to make sure they continuously get everything out of the platform. From our experience, we recommend performing a maintenance-type Sitecore audit every 2 to 3 years, in normal maintenance mode without any significant changes in the website or Sitecore. After 2 to 3 years, software and hardware Sitecore dependencies, code maintenance updates, traffic patterns and content expansion tend to accumulate to the amount that requires a reassessment of the Sitecore configuration and processes.


Sitecore Audit Deliverables

It is crucial to receive the right deliverables from the audit. A proper Sitecore audit deliverable must always include a summary of issues, if any, are found. Each issue, in turn, must consist of three major parts: description, risk assessment, and a recommendation. All three have to be specific enough for a Sitecore specialist to estimate the cost for addressing the risks and review it with the business to decide whether to remove or accept them. Although the ability to estimate is a bit subjective, the information in the issue description should be detailed enough to allow creating a high-low estimate range with a spread of about 20%.

Notice the difference between – “Frequent memory-related cycling warnings observed in log files.” vs. “Sitecore memory allocation configuration is under the recommended value based on the caching policy settings. Recommendation: set the value to 100MB” The first example is simply an observation and isn’t worth much, where the second one is a specific recommendation the work for each can be estimated.


Risks have to be clearly identified so that a client can estimate their cost. For instance, taking the previous example of the memory misconfiguration, one potential risk could be “Delays in page load speed.” The potential business gain for improving page speed load can be measured using the Think with Google tool (click on the Evaluate tab, or scroll down). Now that we have the cost of the fix from a Sitecore specialist and the potential gain from implementing the fix, the business can compare the numbers and decide to either remove or accept the highlighted risk.

Proper Sitecore Audit deliverable will allow for an objective approach to any issues found, rather than a subjective “best practice” attempt to upsell.


Interested in a Sitecore Audit?

As 6x Sitecore MVP, I’ve performed audits for companies with various Sitecore environments. I have developed custom processes and audit packages based on the need: trust, stability, cost, and risk -focused audits. If you are interested in learning more about the audit that you don’t have to pay big-agency rates for, yet get the most comprehensive quality audit that will beat what other Sitecore partners offer, take a look at what’s included in my Sitecore Technical Audit and let’s connect!

Introduction to a Sitecore Audit: Reasons and Deliverables
Article Name
Introduction to a Sitecore Audit: Reasons and Deliverables
Learn about what Sitecore audit is and why you want to perform one. Lastly, learn what a proper deliverable from an audit should look like and how to use it moving forward.