Skip to content

Colour theme

Region

Opens the same page on another regional site.

Search site

Search pages and articles

Ctrl+K · Search site
Menu

Free imaging IT diagnostic · 7 day turnaround

The Imaging Practice IT Risk Audit

In 7 days, a written record of every IT risk that could shut your reporting list down, fail your next insurance renewal, or end up in a board meeting you did not see coming. Plus the 90 day plan to close them. Yours to keep, whether you hire us or not.

Your practice manager joins one 30 minute intake call. We do the rest. Our imaging IT lead and a security engineer pull your PACS and RIS uptime data, backup restore history, Microsoft 365 governance, and Essential Eight posture using read only access. On day seven you receive a written report with every risk named, ranked by likelihood and dollar impact, plus a 90 day remediation plan and a one page executive summary you can forward to your board, insurer, or AHPRA reviewer the same day.

Book the Audit Send your details first

Stop guessing what a PACS outage actually costs you

Every risk that could put your reporting list down, named, ranked, and dollarised against likely revenue impact. The first time you have seen the financial exposure of your imaging IT on one page.

Hand your insurer or AHPRA reviewer the answer, not the question

The exact evidence pack the framework asks for, mapped to the artefacts you already hold and the ones you do not, with a 90 day plan to fill the gaps before your next renewal date hits.

Sleep on Tuesday night

A written, sequenced plan owned by a named human, your team, your current provider, or us, so you stop being the person who has to remember what is broken.

Why imaging practices trust this Audit

  • About 70% of Audit findings are risks the practice already suspected, but had no written record of. The Audit is the written record your reviewers will actually accept.
  • About one in three Audit clients never engages Trucell again. That is the design. The 12 page report is yours regardless, and you can hand it to any provider who can close the risks.
  • Audit delivery to date is 100% inside the 7 business day window. The charity guarantee has never been triggered.
See a redacted sample page from a real Audit report (PDF)

What is in your 12 page report

Every Audit follows the same structure so you can compare findings across practices, sites, or review cycles.

  1. PACS and RIS uptime evidence review

    Uptime trend, modality integration health, image transmit failures, and the single points of failure in your imaging chain. Includes a named owner for each risk.

  2. Backup and restore test verification

    Scope coverage across Microsoft 365, servers, SaaS, and imaging archive. Immutability and role separation check. Last verified restore date for each platform and what is missing for insurer evidence.

  3. Essential Eight maturity baseline

    Current maturity level per mitigation strategy with concrete gaps. The version of the assessment that boards and AU government panels expect to see.

  4. Microsoft 365 governance posture

    Identity, Conditional Access, privileged role hygiene, mailbox audit, Teams external sharing, and Intune compliance posture. Mapped to the controls insurers ask about.

  5. 90 day remediation plan

    Sequenced workstreams with effort estimates, owner type (you, current provider, or external), and the order that closes Critical and High risks first.

How the Audit runs

Three touchpoints over seven business days. Your practice manager owns one 30 minute call. We do the rest.

  1. 30 minute intake call

    Your practice manager only. Your IT lead is welcome but not required. We agree scope, sign a one page mutual NDA, and you grant us read only access to the systems we need to review. You do not run a single command. If you do not have admin access in your own Microsoft 365 tenant or PACS portal, we send you a one paragraph access request you forward to your current provider, with cover language that does not flag the Audit.

  2. We pull the evidence and write the report

    Our imaging IT lead and a security engineer pull your PACS and RIS uptime data, backup restore history, Microsoft 365 audit log, and Essential Eight posture using the read only access from day one. No artefact homework on your side. No interruptions to your team unless we hit a blocker.

  3. 12 page report delivered

    PDF report to your named contact. Includes ranked risks dollarised by likely revenue impact, evidence gaps, the 90 day remediation plan, and a one page executive summary you can forward to your board, your insurer, or your AHPRA reviewer the same day. No sales pitch in the report.

  4. Optional 30 minute walkthrough

    If you want it, we walk your team through the findings. No commitment, no upsell during the walkthrough. If you decide you want Trucell to close the risks, the named next step is the 90 Day Imaging Practice Stabilisation Sprint: fixed scope, fixed fee, money back if we miss day 90. You stay in control either way.

Our guarantee

Our guarantee

If on day seven you tell us the Audit was not worth $2,500 of your time, we donate $500 to the RANZCR Foundation in your practice's name. We keep no cancellation fee, no reimbursement obligation on your side, and no obligation to talk to us again.

The Royal Australian and New Zealand College of Radiologists Foundation funds clinical research and trainee development across Australia and New Zealand.

What happens after the Audit

If you want the risks closed, the next step is the 90 Day Sprint

About one in three Audits ends with the practice handing the report to their existing provider and walking away from Trucell. That is fine. For the practices that want Trucell to close the risks, the named next step is the 90 Day Imaging Practice Stabilisation Sprint: fixed scope, fixed fee confirmed in your Audit deliverable, every Critical and High risk closed with written evidence by day 90, or the next 90 days are free.

  • Every Critical risk closed by day 30

    Closed with written evidence in your audit binder. Not "in progress." Closed.

  • Twelve weeks, twelve artefacts

    Every Friday you receive a one page status update with that week's delivered artefact attached. You audit our pace against the published schedule.

  • Money back guarantee

    Miss day 90 and the next 90 days of Sprint work are free until every Critical and High risk in your Audit is closed.

See the 90 Day Sprint detail

Book your 45 minute intake call

Pick a slot below. We will email you the artefact checklist within five minutes of booking so your team can prepare without back and forth.

Pick a time on Microsoft Bookings

Opens our shared Outlook calendar in a new tab. Choose a 45 minute slot that suits you. You will receive an email confirmation immediately and the artefact checklist within five minutes of booking so your team can prepare without back and forth.

Pick a time (opens in a new tab)

Prefer email? Use the qualifying form below and we will reply within one business day with a booking link tailored to your practice size and timeline.

Prefer to send your details first?

Five quick fields. You receive an autoresponder within 60 seconds with the NDA and a link to choose a 30 minute intake slot in the next 5 days. No back and forth. No marketing emails.

These five fields are everything we need from you. We pull the technical evidence ourselves once you book the call.

Format: month and week (e.g. June, week of the 16th). We confirm by reply.

You receive the autoresponder with the NDA and intake booking link within 60 seconds. No obligation, no charge for the Audit, no sales pitch in the report.

Questions before you book

Is the Audit really free?

Yes. There is no charge for the Audit, no obligation to engage Trucell afterwards, and the 12 page report is yours to keep regardless of what you do next.

What do you actually need from us? We do not have admin access in our own systems.

Most practices do not, and that is normal. All we need from you is one 30 minute intake call (practice manager only; IT lead optional), a signed one page mutual NDA, and your authorisation to use read only access into your PACS portal, Microsoft 365 tenant, and backup platform. If you do not hold admin in your own tenant, we send you a short access request you forward to your current provider, with cover language that does not flag the Audit. You do not run a single command, write a single report, or chase a single vendor.

Who runs the Audit?

A senior imaging IT lead and a security engineer from Trucell. Both have hands on PACS, RIS, and Essential Eight experience across multiple Australian practices.

How is this different from your competitors' free assessments?

Most "free assessments" are scoped to fit a sales pitch. Our Audit is scoped to the four risk areas that show up most often in insurer questionnaires, AHPRA reviews, and board IT reports. The report you receive is the same artefact our paying clients receive after their first 90 day stabilisation, just with current state findings instead of remediation evidence.

What if we are happy with our current MSP?

Most of our Audit clients are. The Audit is a second opinion artefact: a written record of where you stand right now that you can use to hold your current provider accountable. About one in three Audits results in no engagement with Trucell at all, and that is fine. The report stays useful in your binder for the next twelve months.

What happens to our data after the Audit?

We sign a one page mutual NDA before any access is granted. All evidence we pull and notes we take are destroyed 30 days after delivery unless you engage us for follow on work. We never share findings between practices.