Intake Forms for IT Support Companies: Triage, Device Inventory, and Data Protection
An IT support ticket that says “computer is broken” tells your technician exactly nothing. Is it a hardware failure? A software crash? Malware? A user who can’t find their desktop icons because someone changed the wallpaper? Every one of those scenarios requires different expertise, different tools, different time estimates, and different urgency levels. Without structured intake, your dispatcher is guessing, your technician is showing up blind, and your client is wondering why they’re paying for the first thirty minutes of diagnostic time that should have been handled before the truck rolled.
A proper IT support intake form does the triage work that separates a five-minute remote fix from a full-day on-site engagement. It captures the device profile, the problem history, the data situation, the network environment, and the business impact — everything your team needs to prioritize, prepare, and protect both the client’s data and your own liability. Here is what that form should include.
Issue triage: classify the problem before you start solving it
The first section of your intake should force the issue into a category. Not because categories are always clean — they’re not — but because the category determines your response protocol:
- Won’t boot / no power — hardware-focused. Could be a dead power supply, failed motherboard, corrupted boot loader, or a BIOS issue. This almost always requires hands-on work, so it rules out remote support immediately.
- Slow performance — the most vague and most common complaint. Could be RAM limitation, dying hard drive, thermal throttling, background processes consuming resources, malware, or simply too many Chrome tabs. Your intake should ask when the slowness started, whether it’s constant or intermittent, and whether it coincided with any other change. A machine that has been gradually slowing down over two years is a different diagnosis than one that became sluggish overnight.
- Malware / suspected compromise — escalates immediately. Your intake should flag this category for priority response because the client may be actively losing data or having credentials harvested. Ask what symptoms they’re seeing — pop-ups, redirects, unfamiliar programs, ransom screen, unusual network activity, locked files with weird extensions. Each symptom points to a different malware class.
- Data recovery — the highest-stakes category. A client who has lost data and doesn’t have backups is panicking, and the wrong diagnostic step can make recovery impossible. Your intake should determine what was lost (files, entire drive, specific application data), how it was lost (accidental deletion, drive failure, ransomware, water damage), and whether any recovery has been attempted. Every recovery attempt that fails reduces the probability of the next one succeeding, so knowing the starting point matters.
- Network down / connectivity issues — affects the entire business, not just one device. Your intake needs to determine scope: is one device affected or the whole office? Wired, wireless, or both? Internet access specifically or internal network communication too? Did anything change on the network recently — new equipment, ISP change, firmware update, power outage?
- Software issue — application won’t install, crashes, licensing error, configuration problem, email not working. Identify the specific application, the version, the OS it’s running on, and the exact error message. “Outlook won’t work” is not actionable. “Outlook 365 on Windows 11 throws error 0x800CCC0E when sending mail through Exchange Online” is a diagnosis.
- Hardware issue — broken screen, keyboard failure, overheating, noisy fan, failed port, dead battery. Identify the specific component and whether it’s a laptop, desktop, or server, because part sourcing and repair approach differ dramatically.
Device inventory: know what you’re working on
Every device that comes through your shop or gets worked on remotely needs a profile. Not just the make and model — the full picture:
- Make, model, and serial number — for parts sourcing, warranty verification, and tracking. A Dell Latitude 5540 and a Dell Latitude 5550 look nearly identical but use different parts. The serial number is the only reliable identifier.
- Operating system and version — Windows 10, Windows 11, macOS Sonoma, macOS Sequoia, Ubuntu 24.04. Include the build number for Windows (run
winver). Patch level affects compatibility and is often the root cause of sudden-onset problems. - Device age — approximate purchase date or age in years. A seven-year-old laptop with a failing hard drive is a candidate for replacement, not repair. A two-year-old machine with the same symptom is a warranty claim.
- Specs if known — RAM, storage type (HDD vs. SSD), processor. These determine whether an upgrade is viable and whether the machine can run the software the client needs. A client running Photoshop on 4 GB of RAM doesn’t have a computer problem — they have a hardware limitation.
- Peripherals and accessories — external monitors, docking stations, printers, USB devices. Peripheral conflicts cause a surprising number of issues, especially with docking stations and USB hubs.
Data backup status: the question that prevents lawsuits
This is the single most important section on your IT intake form. Before you touch a client’s machine, you need to know the state of their data — because if something goes wrong during your service and they lose data, the first question will be whether you warned them.
- Current backup method — local external drive, cloud backup (OneDrive, Google Drive, iCloud, Backblaze, Carbonite), network attached storage, no backup at all. “I think it backs up to the cloud” is not a verified backup. Ask when the last backup was verified and whether the client has actually restored from it.
- Critical data on the device — what would be irreplaceable if the drive failed right now? Family photos, client records, accounting data, proprietary business files, thesis research. This determines your risk tolerance during repair. A machine with irreplaceable data that has no backup should get a full disk image before any work begins.
- Data backup authorization — does the client authorize you to create a backup before performing service? Document their response. If they decline a backup and you proceed with repair, and data is lost during a Windows reinstall or drive replacement, your documented offer and their documented refusal is your defense.
- Data handling agreement — does the client consent to your technicians accessing their files as needed for diagnostic purposes? Some clients have sensitive data (medical records, legal files, financial data) and may want restrictions on what your team can access. Document any limitations.
Remote vs. on-site preference
Many IT issues can be resolved remotely, but not all clients are comfortable with remote access, and not all issues can be diagnosed without being physically present.
Your intake should capture the client’s preference, but also your assessment of whether the issue is remote-eligible. Software configuration, email setup, driver installation, malware removal — these are typically remote-friendly. Hardware failure, network infrastructure issues, server rack work, and data recovery from a failed drive require on-site presence.
For remote support, document whether the client has a stable internet connection (if the issue is network-related, they may not), whether they can install or run your remote access tool (TeamViewer, AnyDesk, ConnectWise, Splashtop), and whether they will be present during the session. Some clients want to watch; others want to hand off and come back when it’s done.
For on-site visits, document the physical address, parking and access instructions, building security requirements, and whether someone will be present to grant entry. An MSP technician arriving at a locked office with no one to let them in wastes the trip and the client’s time.
Network topology and environment
For business clients, a single device issue is often a symptom of a network-wide problem. Your intake should capture the client’s IT environment so your technician arrives with context:
- Number of devices — workstations, servers, printers, switches, access points. A ten-person office with a single switch and a consumer-grade router is a very different environment than a fifty-person office with managed switches, a domain controller, and a firewall appliance.
- Network type — peer-to-peer workgroup, Active Directory domain, cloud-managed (Azure AD/Entra ID), hybrid. This determines your diagnostic tools, access requirements, and administrative approach.
- ISP and connection type — fiber, cable, DSL, fixed wireless, cellular. The ISP often matters because certain providers have known issues in certain areas, and your technician may need to call the ISP as part of the diagnostic process.
- Existing IT infrastructure — firewall brand and model, managed switches, wireless access points, NAS devices, security cameras on the network. Each device is a potential failure point and a potential conflict source.
- Current IT management — is the client managing their own IT, using another MSP (and switching to you), or has no IT management at all? If they’re switching from another provider, you need to know what access credentials exist, where they’re stored, and whether the previous provider will cooperate with transition.
Security clearance and data handling
If the client operates in a regulated industry — healthcare (HIPAA), legal (attorney-client privilege), financial services (SOX, PCI-DSS), government contracting (CMMC, FedRAMP) — your technicians may be accessing systems that contain protected data. Your intake should determine whether any compliance frameworks apply, whether your team needs to sign a Business Associate Agreement or NDA before accessing the systems, and whether there are restrictions on what tools you can install or what data you can access.
A dental office that calls you to fix a slow computer is a HIPAA-regulated entity. If your technician accesses patient records during diagnosis — even accidentally, by opening a file to test that the application works — you may have created a HIPAA compliance issue. Your intake should flag regulated clients so your team follows the appropriate data handling protocols from the first minute of the engagement.
Business impact assessment
Not all IT issues are equally urgent. A single user who can’t print to a secondary printer is an inconvenience. A server crash that took down the entire accounting department on the last day of the quarter is a business emergency. Your intake should assess impact:
- How many users are affected? — one person, a department, the entire organization.
- What business function is impaired? — can people still work, just inconvenienced? Or is revenue-generating activity stopped?
- Is there a deadline? — payroll processing, regulatory filing, client deliverable, month-end close. A deadline creates urgency that the technical severity alone may not reflect.
- What is the cost of downtime? — for some clients, an hour of downtime costs them thousands. For others, a day without one printer is barely noticeable. This drives your SLA response and your triage priority.
Warranty and service plan status
Before your technician disassembles a machine, determine whether it is under manufacturer warranty, an extended warranty, or a service plan with you or another provider. Opening a device under warranty may void coverage, and the client should make an informed decision about whether to use manufacturer support or your service. For MSP clients on a managed service plan, verify what’s covered under the plan and what falls outside scope so billing expectations are clear before work begins.
A complete IT support intake form turns a vague “it’s broken” into a prioritized, documented, and defensible work order. Your technician arrives prepared, your client knows what to expect, and your liability exposure shrinks with every field that was filled out before the first diagnostic step.
For related reading on intake for technology services, see our guide to intake forms for web designers.
Ready to Upgrade Your Intake Process?
Professional fillable PDF forms — instant download, no monthly fees.
Browse All Forms View Bundles