Ben  Franklin Ben Franklin | 14 Dec 2020

The agency view

We always perform an audit whenever we take on new clients who have existing websites. We have a good look around at our new workplace, so to speak. This process identifies any issues before we progress the project. Our subsequent work may include improving the code base, tightening security and making software features more efficient. This ensures any ongoing development work is done on a firm foundation. 

The client side

A client may require an audit for a variety of reasons. They may not be satisfied with the service they’ve been provided and wish for an independent agency to check it over, for instance. Or a company may  have recently acquired a new business that comes with its own independent website. It’s always good to know what you’re inheriting, after all. Sometimes businesses are experiencing a specific problem. Performance is most often at the heart of an audit request, but what is driving a drop in performance is the question.

A peek behind the curtain

Technical aspects - the overall code base quality in particular - are going to be the starting point. Areas where redundant code can be removed or can be refactored to run more efficiently and made to conform to the platform’s standards for functionality are vital investigations. A close look into data layer will point to any problems with the system’s ability to retrieve information.  

For websites hosted on Azure, an added step in the technical audit reviews overall functionality. Azure has so many capabilities that it’s easy to end up registered for features that aren’t getting used, but which are running anyway. This can slow things down unnecessarily and add unnecessary costs.

On a related note, the audit will very closely interrogate the security set up. It’s necessary to see where the vulnerabilities are and to recommend actions for locking them down. Security issues can easily compromise performance quite suddenly. If security isn’t sound, but it hasn’t yet caused a problem, proactively getting it under control is certainly going to be on the list of prioritised undertakings in the audit report. Other technical fixes won’t matter much if DDoS mitigation is not in place. Ameliorating against damage from attack and limiting malicious access through best practices will all be detailed in an audit report.

Spotlight on centre stage 

On the other side of the coin from technical are the user experience (UX) aspects of the audit. This is to do with how the design of the website may affect performance. Every web platform should be geared toward helping the user complete their journey in the most satisfactory way for both parties. For example, an e-commerce site must be optimised towards the user completing their transaction. The user buys what they want, and the business closes the sale. If the product catalogue isn’t organised in a way that is useful to the target customer base, then they will have trouble finding the things they want to purchase. This is a fundamental issue. 

But a more sophisticated UX audit will also look at increasing basket value - using information about user behaviour to make smart product suggestions as the user makes their way towards checkout. By the time they complete their journey through the website, hopefully they’ll have spent more time exploring other pages, and possibly adding to their purchases. 

This type of UX examination goes beyond e-commerce. Centering the features your users click on most while still ensuring they can find everything they might need is really what this part of an audit is about. Accessibility (ensuring your website is accessible to all users) straddles both UX and technical, so auditing it will be a job for both teams. 

In summary, security and performance go hand in hand in website development. Keeping the user in mind when prioritising audit outcomes will push performance even further. 

If you’re thinking about an audit for your web platform, let’s talk through the process in more detail.