A FY27 IT budget template for a specific persona: a 50-person Melbourne professional services firm, $12 million revenue. Numbered line items, real dollar ranges, IT-spend-as-percentage-of-revenue benchmarks, and the four lines most SMEs forget. Built for CFOs who want defensible numbers, not vendor guesswork.
The persona this budget is built for
Specifics matter; a generic IT budget is useless. The numbers below are sized for:
- 50 staff total (45 desk-based knowledge workers, 5 partners or executives)
- Melbourne-based, single office plus remote work, typical CBD or inner-suburb location
- Professional services (consulting, legal, accounting, architecture, engineering consultancy) – knowledge-worker firm with no manufacturing, no point-of-sale, no production line
- Approximately $12 million annual revenue
- Microsoft 365 stack, hybrid cloud (light on-prem footprint, most workloads in Azure or SaaS)
- Standard cyber insurance requirements; aligned to Essential Eight Maturity Level 1 minimum
- No internal IT staff; engagement with an MSP on per-user fixed monthly pricing
If your business is materially different – 50 staff with a manufacturing plant in Dandenong, or a 50-staff healthcare practice with clinical software, or a 50-staff retailer with 12 store locations – the totals will move significantly. Use this as a baseline to adjust from. Our sector-specific guidance for Melbourne manufacturers, healthcare, and law firms covers the variations.
The benchmark: IT spend as a percentage of revenue
Industry benchmarks vary by sector, but for Australian professional services firms in the 30 to 100 staff band, IT spend as a percentage of revenue typically lands between 1.5% and 3.5%. The drivers of where you sit in that range:
| Position in range | Profile |
|---|
| 1.5% – 2.0% | Mature firm, stable headcount, established systems, no major projects, light security stack |
| 2.0% – 2.5% | Typical steady-state for a well-run firm with appropriate security and a 3-year hardware refresh |
| 2.5% – 3.0% | Growth phase, projects in flight, security uplift, M&A or office relocation |
| 3.0% – 3.5% | Major transformation – platform migration, post-incident rebuild, compliance project, AI rollout |
| 3.5%+ | Either temporary spike or something is wrong; investigate |
For our persona ($12 million revenue), the FY27 budget should land between $240,000 and $360,000 in steady state, or up to $420,000 in a project-heavy year. The template below targets the middle of that range and produces a defensible $295,000 to $345,000 total. If your number is above this, look first at the projects line; if it is well below, look first at security and backup.
The line-itemed FY27 template
All numbers are in AUD, annual, for the persona above. Ranges reflect actual variance across our managed book in Melbourne; the midpoint is what we would budget for a typical firm in this segment.
1. Microsoft 365 licensing
The single largest recurring line for most professional services firms.
| Item | Per user / month | Annual (50 users) |
|---|
| Microsoft 365 Business Premium (recommended baseline) | $32.10 | $19,260 |
| OR Microsoft 365 E3 + Entra ID P2 + Defender for Office P2 | $54 – $62 | $32,400 – $37,200 |
| Copilot for M365 (selected users, typically 30-50%) | $45 | $8,100 – $13,500 (for 15-25 users) |
| Power BI Pro (for analyst users) | $15 | $1,800 (for 10 users) |
Subtotal for M365: $29,000 – $52,000. For our persona, $35,000 is realistic – Business Premium across the firm, Copilot for 20 selected users, Power BI for the analyst pool. The Business Premium vs E3 conversation hinges on whether you need the deeper compliance and identity protection of E3+P2; for most 50-staff professional services firms, Business Premium is sufficient.
2. Security stack (beyond what is included in M365)
Microsoft 365 Business Premium includes Defender for Business, Intune, and Entra ID P1. That is a strong baseline. Additional security tooling for a 50-staff firm typically covers:
| Item | Annual |
|---|
| SIEM / managed detection and response (MDR) service | $18,000 – $36,000 |
| Email security additional layer (Mimecast, Proofpoint, Avanan) | $6,000 – $10,000 |
| DNS filtering (Cisco Umbrella, DNSFilter) | $1,800 – $3,000 |
| Password manager (1Password Business, Bitwarden Enterprise) | $3,000 – $4,500 |
| Vulnerability scanning / external attack surface monitoring | $3,000 – $7,000 |
Subtotal for additional security: $32,000 – $60,000. For our persona, $42,000 is realistic – MDR through the MSP, additional email security, DNS filtering, password manager, light external attack surface monitoring. This line item is where SMEs traditionally underspent and where the post-2023 cyber insurance market has forced the conversation. Our Melbourne cyber security services wrap most of these into a managed stack.
3. Managed IT services retainer (MSP)
For a 50-staff firm engaging an MSP on per-user fixed monthly pricing, the typical Melbourne market rate in 2026 is $110 to $170 per user per month for a comprehensive engagement that covers unlimited support, security operations, vendor management, and proactive maintenance.
| Item | Per user / month | Annual (50 users) |
|---|
| Comprehensive managed IT (low end) | $110 | $66,000 |
| Comprehensive managed IT (typical) | $140 | $84,000 |
| Comprehensive managed IT (high end / specialist) | $170 | $102,000 |
Subtotal: $66,000 – $102,000. For our persona, $80,000 to $90,000 is realistic. Co-managed models (where you have some internal capability and the MSP fills gaps) typically land 30 to 40% lower; pure break-fix models are cheaper still but rarely advisable at this scale. For the context on what to expect from a Melbourne MSP at this price band, see our guide to choosing an MSP in Melbourne.
4. Hardware refresh sinking fund
The mistake most SMEs make is treating hardware as a lumpy capex purchase every three years. Better: a smooth annual sinking fund that covers the rolling refresh.
| Item | Annual |
|---|
| Laptops (50 units on a 4-year cycle, $2,200 each) | $27,500 |
| Docking stations and monitors (refresh on 5-year cycle) | $3,500 |
| Network equipment refresh (5-year cycle on switches, APs, firewall) | $5,000 |
| Server hardware refresh (if any on-prem footprint) | $2,000 – $4,000 |
Subtotal: $38,000 – $40,000. Hold this as a separate fund; do not blend it into operational expense. When the refresh cycle hits, the fund pays for it without a quarterly cost spike. The 4-year laptop cycle assumes mid-range business laptops (Dell Latitude, HP ProBook, Lenovo ThinkPad mid-tier); premium devices (MacBook Pro, ThinkPad X1) push the per-unit number to $3,500 and the line to $44,000.
5. Projects budget
The line item that gets cut first when revenue softens and then has to be reinstated when something breaks. Better to budget it explicitly:
| Item | Annual |
|---|
| Planned projects (system upgrade, office move, integration) | $25,000 – $50,000 |
| Unplanned or reactive projects | $15,000 – $25,000 |
Subtotal: $40,000 – $75,000. For our persona, $50,000 is realistic. A typical FY27 project list might include a SharePoint information architecture rebuild, an Entra ID conditional access refresh, a CRM integration, and the office Wi-Fi upgrade. Whatever the list is, it should be in the budget at the start of the year, not added quarter by quarter.
6. Cyber insurance
Cyber insurance premiums for Australian professional services SMEs in 2026 land around 0.4% to 0.8% of revenue for $5 million to $10 million of cover with reasonable retentions, assuming the security posture meets the underwriter’s requirements (MFA, EDR, backups, training, vendor risk management).
| Item | Annual |
|---|
| Cyber insurance premium for $5M cover | $28,000 – $52,000 |
| Broker fee (if applicable) | $1,500 – $3,000 |
Subtotal: $30,000 – $55,000. For our persona, $42,000 is realistic. The premium has stabilised after the sharp increases of 2022-2024 but remains sensitive to your control posture; gaps in your security stack will push the premium up materially or trigger a coverage decline. The conversation with the broker is now half technical (controls), half financial (limits and retentions).
7. Training
Easily skipped, easily justified to skip, and the highest-ROI security spend in the budget.
| Item | Annual |
|---|
| Security awareness training platform (KnowBe4, Phriendly Phishing, MetaCompliance) | $3,500 – $6,000 |
| Microsoft 365 / Copilot productivity training | $3,000 – $8,000 |
| Role-specific training (project management, technical skills) | $3,000 – $6,000 |
Subtotal: $9,500 – $20,000. For our persona, $12,000 is realistic. Phriendly Phishing has strong Australian content and is our default recommendation for clients who want locally relevant training.
8. Contingency
10% of the total budget as a contingency reserve, held against unexpected events that the projects line cannot absorb (an early hardware failure outside the refresh cycle, a regulatory change forcing a tooling addition, a vendor that hikes prices unexpectedly).
Subtotal: $25,000 – $35,000.
The four line items most SMEs forget
Across hundreds of budget reviews with Melbourne SMEs, four line items show up in good budgets and are missing from average ones.
1. Vendor risk tooling and process
Either a dedicated platform (rarely justified at SME scale) or the time cost of running the lite vendor risk programme. We typically include this within the MSP retainer for our managed clients, but if you are running it internally, budget for 8 to 16 hours per month of someone’s time. For a 50-staff firm, this is $8,000 to $15,000 a year that often shows up nowhere.
2. AI licences you already pay for
Most firms now have Copilot for M365, ChatGPT Team or Enterprise, Claude.ai for Work or Teams, a specialised AI tool for their sector, and one or two pilots that grew into production. The cumulative AI line is rarely consolidated; it lives in expense claims, in a marketing budget, in a partner’s personal spend. Sum it up. For our persona, total AI tooling is typically $15,000 to $35,000 a year by FY27.
3. M365 backup
As discussed at length in our buyer’s guide on the topic, Microsoft does not back up your M365 data in a way that helps you recover from real incidents. Third-party M365 backup for 50 users is $1,800 to $3,600 a year. Cheap, essential, and missing from most budgets.
4. Exit and transition reserve
The unpleasant truth: at some point in the next 5 to 10 years, you will change MSPs, change your primary cloud platform, or be acquired. The cost of a clean exit is real – typically 4 to 12 weeks of overlap, documentation work, data extraction fees, and project management. Budget 5% of annual IT spend in a reserve, held separately, that exists for this purpose. For our persona, that is $15,000 a year sitting in a reserve account. You may not need it in any given year, but when the day comes, you will be glad it is there.
The CapEx vs OpEx question for FY27
The classic SME CFO question – ‘should we buy the laptops outright or lease them, should we buy the server or rent the cloud workload’ – has shifted meaningfully in the SaaS era. For most line items in this budget, the choice has been made for you: there is no CapEx option. Microsoft 365 is OpEx. The MSP retainer is OpEx. Cyber insurance is OpEx. The MDR service is OpEx.
The remaining CapEx choices are:
- Laptops: Buy outright is usually cheaper over a 4-year cycle than Device-as-a-Service, but DaaS smooths cash flow and includes refresh management. For a 50-staff firm, the financial difference is around $4 to $6 per device per month either way; the operational difference is more meaningful.
- Network equipment: Almost always CapEx. The lifespan is 5 to 7 years, and the rental models for switches and APs don’t make financial sense at this scale.
- Server hardware (if any): If you still run on-prem servers, CapEx remains the norm. The question to ask annually is whether the workload should be in Azure rather than on the server at all.
Our default recommendation for FY27 is to keep laptops and network equipment as CapEx with a sinking fund, and treat everything else as OpEx. Don’t over-engineer this.
The FY27 total
Adding the midpoints together for our persona:
| Line item | FY27 budget |
|---|
| 1. Microsoft 365 licensing | $35,000 |
| 2. Security stack (beyond M365) | $42,000 |
| 3. MSP retainer | $85,000 |
| 4. Hardware refresh sinking fund | $38,000 |
| 5. Projects | $50,000 |
| 6. Cyber insurance | $42,000 |
| 7. Training | $12,000 |
| 8. Contingency | $30,000 |
| Forgotten items (vendor risk, AI, M365 backup, exit reserve) | $22,000 |
| Total | $356,000 |
$356,000 against $12 million revenue is 2.97% – in the upper half of the steady-state range. If FY27 is genuinely a steady-state year with no major projects, you could pull this back toward $300,000 by trimming the projects line. If FY27 has a major piece of work (M&A integration, platform migration, office relocation), the projects line should grow and the total can reasonably push past $400,000.
A real-world worked example
A 48-staff consulting firm in Collingwood approached us in 2025 with an FY26 IT budget of $185,000 that they suspected was too low. The reality check confirmed it: their security stack was a few years out of date, their MSP retainer was a break-fix arrangement that produced a constant stream of unbudgeted incidents, and there was no projects line.
The rebuild brought them to $310,000 for FY26, then approximately $330,000 for FY27 (this template). The increase landed in three categories: an additional $35,000 in security tooling and MDR, a $40,000 increase in the MSP retainer for a comprehensive managed model, and the previously-invisible projects budget at $50,000. Their cyber insurance premium dropped $9,000 the following year because the upgraded posture qualified them for a better rate. Net true cost increase: about $116,000, or just under 1% of revenue.
The conversation with the partners took two meetings. The first meeting was about why the number was going up; the second was about what they got for it (a defensible security posture, predictable monthly costs, no more invoice surprises, a real DR position, alignment with Essential Eight Maturity Level 1). The decision was unanimous after the second meeting. The lesson: SMEs underspend on IT because the value of the spend is invisible. Make it visible and the budget conversation gets easier.
How TechAssist works with the FY27 budget
For managed clients on our per-user fixed monthly pricing, the MSP retainer line on this template covers our entire engagement: the sub-15-minute P1 response from our 24/7 NOC at Tecoma, the same-business-day on-site response across Melbourne metro from either our Tecoma office or our 575 Bourke Street CBD office, and the work of our 13 Australian engineers across helpdesk, projects, security operations and vendor management. Founded in 2014, we have built the engagement model specifically for SMEs like the persona in this template: 30 to 150 staff, professional services or similar, Microsoft-aligned, Essential Eight focused.
The security tooling line, the M365 licensing, the cyber insurance premium and the hardware are direct vendor relationships that we manage on behalf of the client but bill at vendor cost. The projects line is scoped separately at the start of the financial year. The result is a budget that is predictable to within 5% across the year, which is what makes the CFO conversation work. For the broader picture of how the engagement is structured, see our MSP Melbourne page or reach the team through contact.
Frequently Asked Questions
We are smaller than 50 staff – how do we scale this down?
The fixed costs (cyber insurance, baseline security stack) don’t scale linearly with headcount. A 25-staff firm typically spends 3.0% to 4.0% of revenue on IT – higher than the 50-staff number – because the fixed costs are spread across fewer users. The per-user costs (M365 licensing, MSP retainer per user, hardware sinking fund) scale linearly. Apply the same template, adjust for size, and expect the percentage of revenue to be higher.
What about firms larger than 100 staff?
Past 100 staff, the conversation usually splits: an internal IT manager or director appears in the org chart, the security stack moves toward enterprise tooling, and the MSP relationship becomes co-managed rather than fully outsourced. Total IT spend as a percentage of revenue typically drops to 1.5% to 2.5% as scale efficiencies kick in.
How much of this should be CapEx versus OpEx for tax purposes?
This template lands roughly 90% OpEx and 10% CapEx (the hardware sinking fund). The OpEx-heavy mix is structurally favourable for cash flow but means the depreciation argument for tax is smaller than it was a decade ago. Talk to your accountant; the tax treatment of cloud and SaaS spend changes most years.
Should we budget for AI separately?
Yes. The AI line will grow meaningfully through FY27 and into FY28 as Copilot, agent-based tools, and sector-specific AI products scale up. Separating the AI line makes the growth visible and lets the leadership team make explicit decisions about it rather than discovering it on the credit card statement.
What is the most common budget mistake for a firm this size?
Underspending on security and overspending on premium hardware. We see firms with $3,500 MacBooks for every user but no MDR service and a self-managed Microsoft tenant. Inverting that ratio – mid-tier hardware, comprehensive security – produces a more defensible posture for the same total spend.
How do we benchmark our actual spend against this template?
Pull together your actual line items, map them to the eight categories above, calculate the percentage of revenue, and compare. If you would like an external review, we run IT budget assessments as a discrete piece of work for non-clients, with a one-page summary and a remediation list. Reach the team through the contact page.
������������������������������������������������������������������������������������������������
The ‘just one more year’ laptop is the most expensive computer in your business. Once you account for warranty cost, ticket volume, productivity drag, and the security exposure of out-of-support hardware, the five-year-old machine in accounts is costing more than a new one would. Real numbers and a clean decision tree follow.
The honest TCO of a business laptop
Most SMEs assess endpoint refresh by looking at the purchase price. That is the wrong number. The right number is total cost of ownership across the working life of the device, which for a business laptop includes hardware acquisition, extended warranty, helpdesk tickets attributable to the device, productivity loss from slowness or failure, and the security risk premium of running unsupported software.
We have been tracking this data across our managed endpoint base since founding TechAssist in 2014, and the pattern is consistent. A Dell Latitude 5450 or Lenovo ThinkPad T14 purchased today at around $2,200 with a 3-year ProSupport or Premier warranty will deliver, on average:
- Year 1: 0.8 tickets per device, mostly setup and configuration issues
- Year 2: 1.4 tickets per device, mostly software and minor performance issues
- Year 3: 2.1 tickets per device, with the first hardware failures appearing
- Year 4: 3.6 tickets per device, often a battery or SSD swap, plus rising ‘this thing is slow’ complaints
- Year 5: 5.8 tickets per device, mostly performance complaints and software compatibility issues
At an average internal cost of $85 per ticket (including the user’s time, not just the helpdesk’s), a year-5 device is costing about $493 in support, plus the productivity hit from a user who is fighting their machine instead of doing their job. That productivity hit is the largest hidden cost, and it is what most SMEs miss when they decide to extend an endpoint refresh cycle.
Windows 11 changes the calculation
Until 2024, the SME endpoint refresh debate was mostly a productivity and support cost conversation. From October 2025, when Windows 10 reached end of support, the conversation became a hard security question. Microsoft will not issue free security patches for Windows 10 after that date. Extended Security Updates (ESU) for SMEs are available but priced to discourage them: USD $61 per device for year one, doubling each year for up to three years, on top of your existing licence costs.
The Windows 11 hardware requirement is the bigger issue. TPM 2.0, Secure Boot, and a compatible CPU are required. Most laptops sold before mid-2018 cannot run Windows 11 at all. Many laptops sold between 2018 and 2020 can technically run it but lag on performance. If you have devices in your fleet older than five years, the choice is no longer ‘replace or repair’, it is ‘replace, pay ESU, or accept the risk of unpatched endpoints’.
For Essential Eight alignment, running out-of-support operating systems fails the Patch Operating Systems control immediately. If you have any aspiration toward cybersecurity maturity or working with clients who require it, this is non-negotiable.
The replace-vs-repair decision tree
For every device in your fleet, the decision tree is:
- Is the device Windows 11 compatible? If no, replace. The exceptions are devices that will be repurposed for a non-Windows use case (signage, kiosks, dedicated Linux workstations).
- Is the device under warranty? If yes, repair through warranty for hardware failures. If no, move to step 3.
- Is the device older than 4 years? If yes, replace rather than repair almost any hardware failure.
- What is the failure? Battery and SSD swaps are usually repair-economic up to year 4. Motherboard, screen, or keyboard failures past warranty are almost always replace-economic.
- Is the user a heavy use case? Developers, designers, video editors, and finance staff running large models tend to outgrow consumer-grade machines faster. For these users, lean toward earlier replacement.
The single most important question is the first one. Windows 11 compatibility is binary. There is no halfway. A device that cannot run Windows 11 is on borrowed time and every month of extension increases your security exposure.
The 3-year vs 4-year cycle debate
For years, the standard SME refresh cycle was 4 years, often stretched to 5. The recent move by most progressive MSPs has been toward 3 years, and the reasoning is worth understanding.
The case for a 3-year cycle
- Manufacturer warranties typically cover 3 years out of the box (extending to 4 or 5 adds noticeable cost)
- Tickets jump significantly from year 3 to year 4 (1.4 to 3.6 in our data)
- Resale value at 3 years is meaningfully higher than at 4, especially for ThinkPad and Latitude business lines
- Battery degradation past 36 months affects user productivity even when the device is technically working
- Operating system and software requirements creep upward; a 3-year-old device is current, a 5-year-old device is fighting Teams
The case for a 4-year cycle
- Higher capital cost per year averaged out, but lower total spend if devices truly are healthy at year 4
- Light-use users (front-of-house, occasional office users) often genuinely do not need a refresh at year 3
- Lease structures often align to 36 or 48 month terms; 48 spreads the cost more
Our recommendation
Run a 3-year cycle for heavy users and a 4-year cycle for light users, with the cohort defined explicitly during procurement, not retrospectively. Mixed cycles within a fleet are fine as long as the policy is documented and the lifecycle dates are tracked.
Lease vs buy in a high-AUD or volatile-AUD environment
The AUD has been volatile against the USD through 2025 and into 2026, and hardware pricing reflects it. Dell, Lenovo, and HP price in USD and adjust Australian list prices on a delayed basis. For an SME refreshing 30+ endpoints, the lease vs buy decision needs revisiting.
| Factor | Buy outright | Lease (DOA, equipment finance) | Hardware-as-a-Service (HaaS) |
|---|
| Year-1 cash impact | Full capital outlay | Monthly payment | Monthly payment, often bundled with support |
| Tax treatment | Depreciation over effective life | Operating lease often fully deductible | Operating expense, fully deductible |
| Refresh discipline | Often deferred past optimal cycle | Enforced at lease end | Enforced at refresh date |
| Asset disposal | Business problem | Returned to financier | Managed by provider |
| Best fit | Cash-rich, low staff growth | Predictable growth, capex-averse | Fast growth, low IT bandwidth |
The instant asset writeoff has changed several times over the last few years and remains a moving target through the 2026 federal budget cycle. As at writing, the current rules support certain small business write-offs, but the thresholds and the eligible business turnover bands change frequently. Talk to your accountant before committing to an EOFY hardware purchase based on a write-off assumption.
For a Box Hill accounting firm we work with, 28 staff, the move from a buy-and-stretch model (5-year average device age) to a leased 3-year cycle through a major financier reduced their year-on-year IT support cost by 22% and removed the year-4 productivity drag entirely. The lease cost was higher in nominal monthly terms than the depreciation on the previous model, but the total cost was lower once support and productivity were included.
The ‘one device class, one image’ policy
One of the highest-leverage decisions an SME can make about endpoints has nothing to do with the refresh cycle. It is the decision to standardise on one device class with one operating system image.
What standardisation actually means
One business laptop SKU for everybody who needs a laptop (with a workstation-class SKU for the heavy users who genuinely need it). One desktop SKU for fixed-desk roles. One Windows 11 image, one set of pre-installed applications, one configuration baseline managed through Intune or your MDM of choice.
Why it matters
- Bulk pricing improves significantly when you buy 10 of one SKU instead of 2 each of five SKUs
- Spares and loaners are interchangeable, so a broken device can be swapped in 15 minutes
- Driver and firmware management becomes a single workflow instead of five
- Support tickets resolve faster because the helpdesk has seen this exact configuration a hundred times
- Security baselines are testable across the entire fleet
For a Port Melbourne logistics company we manage, the move from a mixed fleet (Dell, Lenovo, HP, a few MacBooks) to a single Lenovo ThinkPad SKU with one image reduced their endpoint ticket volume by 31% in the first year of the new policy. Not because the hardware was better, but because the standardisation killed an entire class of compatibility and driver problems.
Standardisation is also what enables sub-15-minute P1 response. When a director’s laptop dies on the way to a board meeting, our team can dispatch an identically configured loaner from our Tecoma or 575 Bourke Street CBD office, and a same-business-day on-site swap is achievable across Melbourne metro. None of that works if the fleet is heterogeneous.
The EOFY tax timing question
The Australian financial year boundary at 30 June makes endpoint refresh a tax-timing question every year. Should you bring forward purchases to claim depreciation or instant asset write-offs in the current FY? Should you defer to spread cost?
The current state of instant asset write-off
The instant asset write-off has been a moving target since the original $20,000 limit was raised, extended, contracted, and reset multiple times through COVID-era stimulus and subsequent budgets. As at the 2025-26 financial year, the threshold and eligibility rules sit at a different level than they did during the peak stimulus period. Do not rely on this post for current numbers; check with your accountant in the month you are planning to purchase.
The strategic question
Tax timing should be a tiebreaker, not a driver. If you genuinely need to refresh devices, the right time is when the devices need refreshing. Bringing forward a purchase by two months to capture a write-off can be smart. Deferring a needed refresh by six months to align with FY26 is almost never smart, because the support cost and productivity drag of the extra six months exceeds the tax benefit.
Bulk timing
For businesses on a 3-year cycle, batching refreshes once a year (typically May or June, into the new FY) is administratively cleaner than rolling refreshes throughout the year. Procurement is a single negotiation, deployment is a single project, and the depreciation schedule is clean. The downside is that a year-1 cohort all ages out together, but in practice the cohort approach also makes succession planning easier.
What to do with the old devices
Endpoint refresh is not finished until the old devices are properly disposed. Three options, with very different risk profiles.
Resale
Through a refurbisher or platform like Grays. Requires certified data destruction before transfer. Acceptable for devices in good condition with no sensitive role history. Capture the resale value against the new device cost.
Donation
To schools, charities, or community programs. Still requires certified data destruction. Generates goodwill and sometimes a tax deduction. The administrative overhead is non-trivial.
Certified destruction
For devices that held sensitive data, devices that failed, or devices with no resale value. Use a certified e-waste processor with a documented chain of custody. For businesses pursuing ISO 27001 capability or aligned to the Essential Eight, this is the only defensible disposal path for devices that handled regulated data.
For healthcare and legal practices in particular, the data on a returned laptop is the same data that triggered the Privacy Act compliance work. Treat disposal as a data security event, not an asset disposal event. Our healthcare IT practice and legal IT practice both build certified destruction into the refresh workflow as standard.
Putting it all together
A working endpoint refresh policy for a typical Melbourne SME looks like this:
- 3-year cycle for knowledge workers, 4-year cycle for light users, documented at procurement
- One device class (e.g. Lenovo ThinkPad T-series or Dell Latitude 5000-series) for all standard knowledge workers
- One workstation-class SKU (e.g. ThinkPad P-series or Latitude 7000-series) for heavy users
- Windows 11 Pro, one image, managed through Intune
- 3-year manufacturer warranty (ProSupport or Premier) bundled at purchase
- Annual batch refresh, typically May or June
- Lease structure for businesses with predictable growth or capex sensitivity
- Certified destruction or platform resale at end of life, with documented chain of custody
This is the kind of policy that lives inside a managed IT services arrangement with per-user fixed monthly pricing, because the MSP carries the refresh planning, the procurement leverage, and the deployment execution. For businesses that prefer to keep procurement in-house, the policy still works; you just need to run it yourselves.
Frequently Asked Questions
How do we handle devices for staff who travel constantly?
Heavy travellers are heavy users by definition; their devices take more wear, drop damage, and battery cycles. Move travellers to the 3-year cohort regardless of seniority, and consider upgrading to a workstation-class device with a longer battery and a heavier-duty chassis. The TCO maths almost always favours the more expensive device for users who live out of a bag.
What about Macs?
Macs have a different lifecycle pattern. Hardware tends to last longer (battery and SSD are the main issues), but macOS support tails off after about 7 years and Apple does not offer extended security updates the way Microsoft does. For Mac-using teams, a 4-year refresh cycle is realistic, and the resale value at 4 years is typically strong enough to materially offset the next purchase.
Are refurbished devices a viable option?
For light-use roles, yes. Certified refurbished business-class devices from a reputable refurbisher with warranty can be a sensible choice for 5% to 15% of a typical fleet, particularly for casual users or temporary staff. We do not recommend refurbs for knowledge workers, finance, or any role that lives on the device 8 hours a day.
What is the policy on bring-your-own-device?
BYOD has security and support cost implications that almost always exceed the savings. For staff who genuinely need it (contractors, casual freelancers, board members), use a managed app model on personal devices with Intune App Protection or similar. For employees, issue a managed device. The exception is mobile phones, where BYOD with corporate app containerisation is the more common pattern.
How does this fit with the rest of our IT strategy?
Endpoint refresh policy is one of the foundational decisions that sits underneath cybersecurity, productivity, and IT support cost. A coherent policy makes everything else easier. An incoherent policy or no policy makes everything else harder. If you are evaluating an MSP, ask them what their default endpoint policy looks like and how they enforce it. The answer tells you a lot about how they run their other operations.
Can we just keep extending the warranty?
Most major manufacturers will extend warranty by 1 or 2 years past the original 3-year term, but the cost ramps quickly and the warranty does not cover battery, productivity, or the security exposure of older hardware. For most SMEs, extending warranty past year 4 is more expensive than refreshing the device. If you want a deeper conversation about the right policy for your business, get in touch; this is the kind of question we work through with clients in onboarding.
��������������������������������������
Before 30 June 2026, Melbourne SMEs should verify backups, reconcile the IT asset register with finance, audit software licences, decide on any pre-EOFY hardware purchases with your accountant, and decommission anything you’re paying for but not using. The rest is detail.
EOFY isn’t just a tax event. For most Melbourne businesses we look after, it’s the one time of year where finance and IT actually sit down together and tally up what’s been bought, what’s been retired, what’s still being paid for, and what needs replacing. If you skip that conversation, you end up paying for ghost subscriptions in July, missing depreciation entries in August, and scrambling to buy laptops in September when supply tightens.
This EOFY IT checklist is the same one our engineers run with clients across Hawthorn, Box Hill, Dandenong and the CBD every June. It mixes operational housekeeping with the finance-side items your bookkeeper or CFO will thank you for. Nothing fancy. Just the stuff that actually moves the needle before the books close.
Why EOFY matters for IT, not just finance
Two reasons. First, your tech estate drifts over a year. People leave, projects start and stall, trials become forgotten subscriptions, and hardware quietly ages past its useful life. EOFY is a natural forcing function to clean that up. Second, if you’re planning capital spend on technology, the timing of the purchase, the install, and the in-service date can matter for how your accountant treats it. We don’t give tax advice, but we do give you a clean asset list and accurate purchase dates so your accountant can do their job properly.
A Hawthorn accounting firm we work with had 47 active Microsoft 365 licences on the books in May last year. After we ran their EOFY audit, the real headcount needing licences was 38. Nine licences at $30+/month each had been quietly billing since two staff turnovers and a contractor project that wrapped in October. That’s around $3,200 a year in pure waste, caught in a 90-minute review.
The EOFY IT checklist: 10 items to work through before 30 June 2026
Work through these in order. Most can be done in a single afternoon with your IT provider; a few need finance involvement. If you’re a TechAssist managed client, your account engineer will already have most of this scheduled into your June service calendar.
1. Verify your backups actually restore
Having backups isn’t the same as having recoverable data. Before 30 June, pick at least one critical system (your file server, your accounting database, your shared mailbox) and do a test restore to an isolated location. Time how long it takes. Compare that to your recovery time objective. If you don’t have an RTO documented, this is the moment to write one down.
We see at least two or three clients a year discover their “working” backups had been silently failing for weeks because nobody read the alert emails. A test restore is the only proof that matters. More on our approach at data backup and recovery.
2. Reconcile the IT asset register with finance
Your finance team has a fixed asset register. Your IT provider has an inventory list. These almost never match. EOFY is when you sit them next to each other and resolve every discrepancy: laptop serial numbers, monitor counts, server hardware, network gear, even the licences attached to specific people.
The output is a single reconciled asset list with purchase dates, supplier invoices, current location, and assigned user. Your accountant uses this for depreciation. Your IT provider uses it for warranty and refresh planning. Both of you stop chasing ghosts.
3. Audit every software subscription and licence
Pull a report of every SaaS subscription you pay for. Microsoft 365, Adobe, Xero, Dropbox, ChatGPT Team, Canva, Zoom, the random Trello upgrade somebody bought in 2023. For each one, answer three questions: who uses it, do they still need it, and is the licence tier right?
Common findings: Microsoft 365 E3 seats assigned to people who only need Business Premium; per-user tools paid for ex-staff; duplicate tools (two project management apps, two e-signature platforms). Cancelling or right-sizing before 30 June means the saving starts in FY27 rather than mid-year.
4. Decommission unused services and shadow IT
This is the cousin of item 3. Subscription audits catch the things on your credit card. Decommissioning catches the things that aren’t, like that VPS somebody spun up four years ago, the test SharePoint site nobody touches, the legacy line-of-business app running on a Windows Server 2012 box in the corner. Each one is an attack surface, a compliance headache, and in some cases a recurring cost.
Make a list. Tag each item: keep, migrate, decommission. Set a date for each decommission. Get sign-off from a business owner so nothing critical disappears by surprise.
5. Plan your hardware refresh cycle
Walk your asset list and identify everything that’s three or more years old. Laptops on their fourth Windows feature update, servers past warranty, switches that haven’t had a firmware update since the Coalition was in power. These don’t all need replacing in June, but you need a plan with dates and budgets.
If you do intend to purchase hardware before 30 June 2026 for tax-timing reasons, talk to your accountant about the current instant asset write-off threshold and whether the asset must be installed and ready for use by 30 June to qualify. The rules change year to year and we won’t pretend to know yours. See the ATO website for current figures.
6. Review your IT spend: capex vs opex
Sit with finance and categorise your IT spend from the past 12 months. How much was capital (hardware purchases, major project work, software licences treated as assets)? How much was operating expense (managed services, subscriptions, cloud)? Most Melbourne SMEs we work with are gradually shifting from capex-heavy to opex-heavy as cloud and managed services replace owned infrastructure.
Whether that shift is right for your business is a tax and cashflow conversation with your accountant. Our job is to give them clean numbers. A per-user fixed monthly model like ours makes the opex side predictable, which is what finance teams want when they’re forecasting FY27.
7. Confirm depreciation schedule with your accountant
Your IT assets depreciate. Laptops, servers, network equipment, sometimes software. The schedule depends on the asset class, the effective life the ATO publishes, and any small business concessions your accountant elects to use. You don’t need to understand the maths. You do need to give your accountant the reconciled asset list from item 2 with accurate purchase dates and disposal dates.
If you disposed of equipment during the year (e-waste, sold a server, scrapped old phones), document it. Disposals affect the depreciation schedule and the asset register both. Photos of the e-waste pickup or the disposal certificate are good evidence to keep.
8. Check renewal dates for the next 12 months
Pull every renewal date that hits between July 2026 and June 2027. Microsoft 365 anniversaries, antivirus, firewall licences, domain renewals, SSL certificates, broadband contracts, your MSP agreement. Put them in a single spreadsheet sorted by month.
This gives finance a cashflow forecast and gives IT a heads-up for negotiation windows. Multi-year deals often have better pricing if you can commit, but only commit on tools you’ve confirmed you still need (item 3).
9. Review cyber security posture and insurance
Cyber insurance renewals usually ask the same questions: MFA on everything, EDR on every endpoint, backup tested in the last 90 days, patching cadence, admin account separation. If you haven’t been measuring yourself against a framework, EOFY is a sensible time to start. The Essential Eight from the ACSC is the practical baseline for Australian SMEs.
Even if you’re not pursuing formal compliance, the Essential Eight maturity levels give you and your insurer a common language. Most cyber policies now ask explicitly about MFA coverage and backup testing. Having documented answers makes renewal cheaper and faster.
10. Set the FY27 IT budget and roadmap
You can’t do this properly without items 1-9. Once you have the asset list, the subscription audit, the renewal calendar, and the refresh plan, the budget almost writes itself. Three buckets: recurring (subscriptions, managed services), planned capex (hardware refreshes, projects), and contingency (10-15 percent for the things you can’t predict).
For most SMEs we work with, IT spend lands between 3 and 6 percent of revenue depending on industry. Professional services and finance firms run higher because of compliance and software costs. Trades and retail tend to run lower. There’s no universal right answer, only what’s right for your business and what’s enabled the year ahead. We help clients build this through IT strategic planning sessions, usually run in late June or early July.
A quick reference table
| Item | Owner | Deadline | Effort |
|---|
| Backup restore test | IT / MSP | Mid-June 2026 | 2-3 hours |
| Asset register reconciliation | IT + Finance | 20 June 2026 | Half day |
| Subscription and licence audit | IT / MSP | 15 June 2026 | 1-2 hours |
| Decommission unused services | IT / MSP | 25 June 2026 | Variable |
| Hardware refresh planning | IT + Business owner | End May 2026 | Half day |
| Capex vs opex review | Finance + IT | 20 June 2026 | 1-2 hours |
| Depreciation schedule handover | Finance + Accountant | 30 June 2026 | Brief |
| Renewal calendar build | IT / MSP | 15 June 2026 | 1 hour |
| Cyber posture review | IT / MSP | End June 2026 | Half day |
| FY27 budget and roadmap | Business owner + IT | 15 July 2026 | Half day |
How TechAssist runs EOFY for our managed clients
We’ve been doing this since 2014. The standard EOFY cycle for our managed IT services in Melbourne clients runs across May and June. Your account engineer schedules the backup test, pulls the licence and subscription report from our PSA, generates the reconciled asset list, and books a 60-minute review with you and your finance lead. We hand the asset register and the FY26 IT spend summary directly to your accountant if you want us to.
For context: TechAssist has 13 engineers, all employed in Australia (no offshoring), and our 24/7 Network Operations Centre runs from Tecoma in the Dandenong Ranges. Our P1 response target is under 15 minutes and we publish it openly in our pricing and SLA. The model is per-user, fixed monthly — which makes the EOFY conversation about value delivered, not surprise invoices.
If you’re not on a managed agreement and you’d like to run a one-off EOFY IT review before 30 June 2026, we offer that too. It’s a fixed-scope engagement that gives you the reconciled asset list, the subscription audit, the backup verification, and a written summary your accountant can use. Call 1300 028 324 or use the form at contact.
Common mistakes we see at EOFY
A few patterns repeat every year. Worth flagging so you can avoid them.
- Buying hardware on 28 June without checking install-by dates. If the asset has to be installed and ready for use by 30 June for a particular tax treatment, a laptop sitting in a delivery van doesn’t qualify. Order earlier.
- Cancelling subscriptions on the last day of the month. Most SaaS billing runs monthly anniversaries, not calendar months. You’ll often still be billed for July. Cancel mid-month with explicit confirmation of when access ends.
- Treating the asset register as IT’s problem. If finance doesn’t have an accurate fixed asset register, your accountant is guessing. This is a joint exercise, not a handoff.
- Skipping the backup test because backups “looked green”. A green dashboard isn’t a restore. Test the restore.
- Promising a major rollout starts 1 July. Nothing major should start on day one of the financial year. Your team is exhausted, suppliers are slow, and finance is busy. Start mid-July at the earliest.
What good looks like on 1 July
If you’ve done the work, here’s what your first week of July 2026 looks like. Backups tested and documented. Asset register matches finance’s books. Every active subscription is justified and right-sized. Decommissioned services no longer billing. Renewal calendar visible 12 months out. Cyber posture documented against the Essential Eight. FY27 budget signed off with three buckets and a contingency. Your accountant has clean numbers. Your team isn’t scrambling.
That’s the standard. It’s not glamorous and it doesn’t make headlines. It does mean July starts calm instead of chaotic, and that’s worth a fortnight of June effort.
Frequently asked questions
What’s the instant asset write-off threshold for FY26?
The instant asset write-off rules change regularly. As of mid-2026 the threshold has been adjusted several times in recent years by federal budget announcements. Rather than quote a figure that may be out of date by the time you read this, check the current threshold on the ATO website or ask your accountant. The principle stays the same: assets under a certain dollar value, installed and ready for use by 30 June, may be eligible for immediate deduction rather than depreciation over multiple years. Your accountant will tell you whether it applies to your situation.
How does depreciation work for IT assets like laptops and servers?
The ATO publishes effective life schedules for different asset classes. Laptops and desktops typically have an effective life around three to four years; servers and network equipment longer. Your accountant chooses between prime cost (straight-line) and diminishing value methods, and may apply small business depreciation concessions if you qualify. Your job is to give them an accurate asset list with purchase dates, prices, and disposal dates. The maths is their job.
When’s the best time to budget IT spend for the new financial year?
May and June, before 30 June. You want the FY27 budget signed off before the new financial year starts so July doesn’t begin with uncertainty. The inputs are the items in this checklist: reconciled asset list, subscription audit, renewal calendar, refresh plan, cyber posture review. With those in hand, a half-day workshop with your business owner and IT lead is usually enough to land a defensible FY27 number.
Should I buy laptops before 30 June 2026 for tax reasons?
Talk to your accountant. If the asset is genuinely needed and you’re going to buy it anyway, timing the purchase before 30 June may have tax benefits depending on the current rules and your business structure. If you’re buying purely to chase a deduction, that’s a worse decision than it sounds, because you’ve spent real cash to save a fraction of it in tax. We can help you decide whether the hardware is genuinely needed; your accountant decides whether the timing helps your tax position.
How long does an EOFY IT review take?
For a typical 20-50 user Melbourne SME, the review itself is half a day of work from your IT provider plus a 60-90 minute joint session with finance. Remediation (cancelling subscriptions, scheduling decommissions, organising hardware orders) is usually another half day across the month. Start in mid-May and you’ve got comfortable runway. Start on 25 June and you’ll be cutting corners.
Closing thought
EOFY IT prep is one of those tasks where the value isn’t in any single item, it’s in doing all of them properly. A clean asset register makes depreciation accurate. An honest subscription audit makes the FY27 budget defensible. A tested backup means the next ransomware incident is a Tuesday inconvenience instead of a business-ending event. None of it is exciting. All of it compounds.
If you’d like a hand running through this before 30 June 2026, get in touch via our contact page or call 1300 028 324. We’ll tell you straight whether you need our help or whether you’ve already got it sorted.