What does an outsourced IT director actually do?

If you search for "outsourced IT director" online, most of what comes back is marketing copy from managed IT companies. They describe something that sounds strategic, then explain that it comes bundled with their helpdesk contract.

That is not what an IT director does. Let me give you a clearer picture.

What an IT director is not

An IT director is not IT support. They do not fix problems when things break. They do not manage your helpdesk or respond to tickets. They do not configure your systems or install software.

That work matters, and you need someone doing it. But it is operational, not strategic. The people doing it are focused on keeping today working. An IT director is focused on whether the whole setup is right for where you are going.

What an IT director actually does

The simplest way to describe it: an IT director looks at IT from the board's perspective.

They ask questions like: Are we spending in the right places? Do we actually know what we are exposed to from a security perspective? Are our suppliers doing what we are paying them to do? Is IT helping the business grow, or getting in the way?

These are not support questions. They are governance questions. And most SMEs have no one asking them.

The practical work

In practice, an outsourced IT director typically covers four areas.

Reviewing what you have. A proper IT director starts by understanding your current position. That means reading your supplier contracts, looking at what you spend and what you get, identifying gaps in your security, and understanding what decisions have been deferred. Most businesses have not done this properly, and the findings are usually uncomfortable.

Managing your suppliers. If you use an IT support company, a cloud provider, a phone system, a software vendor, an IT director holds them accountable. They attend the service reviews, read the reports, and push back when performance is not there. This is something most MDs do not have time for and most finance directors do not have the technical knowledge to do.

Cyber and risk oversight. Not implementing security products. Assessing whether the right things are in place and whether the risk picture your board has been given is accurate. There is a meaningful difference between "we have antivirus" and "we understand our actual exposure". An IT director closes that gap.

Board-level reporting. Translating the technical picture into plain English for the people who make decisions. What the actual risks are. Where money is being wasted. What decisions need to be made. This is something your IT support company cannot do neutrally, because they are part of what you would be reviewing.

The outsourced version

A full-time IT director costs £80,000 to £120,000 a year. For most businesses with under 200 staff, that is not a sensible hire.

The outsourced model gives you the same oversight at a fraction of the cost. You get a fixed number of days per month, structured around what your business needs. The IT director is available for board meetings, supplier reviews, and anything that requires someone to look at IT from the outside.

The outsourced model works because strategic IT oversight does not need to be full-time. A business with 50 staff does not have 40 hours of strategic IT decisions per week. It has a few hours of board input per month, plus the background work of keeping suppliers accountable and risk under control.

What makes it work

Independence is what makes an outsourced IT director useful. If they also sell you software, or take commissions from vendors, or are affiliated with a managed IT provider, the independence disappears. Their advice is no longer neutral.

The value of an IT director comes specifically from their having no financial interest in what you decide to buy. That is what separates real IT governance from what most managed IT companies offer when they use the term.

Who it is for

An outsourced IT director is most useful for businesses where the MD or leadership team has lost visibility of IT. Where costs are increasing without clear justification. Where there has been a security concern and nobody is confident the response was adequate. Or where IT is becoming a board-level conversation and there is no one qualified to have it.

If your IT is running well, costs are under control, and you have no concerns, you probably do not need one yet. When things start to feel uncertain, that is when the structure matters.