How do you make confident business decisions if you can’t access real-time data across your organisation? How do you solve operational problems if you don’t fully understand what’s causing them? 

More often than not, the answer comes down to your data foundations. Not the ambition to use your data better – most organisations have that – but the foundations that make it possible. 

And with new cybersecurity legislation on the horizon – in the UK, North America, and beyond – getting it right is no longer just best practice. For many organisations, it’s becoming a legal obligation. 

 

The data gap 

Real-time information systems (RtIS) – the platforms that capture, structure, and contextualise operational data – are what bridge the gap between data that exists and data that works. Get them right, and every improvement you make is faster, more reliable, and compounds in value, but get them wrong, and every project you run is compromised before it starts. 

The AVEVA PI System is the platform most industrial operators rely on for this, and for good reason. As an OT-IT bridge, it sits at the intersection of operational and digital worlds, which makes it both business-critical and a high-value target.  

With over 20 years of experience working with PI, ITI Group have seen what it can do when it’s properly implemented. But we’ve also seen, repeatedly, what happens when it isn’t. 

 

What “not fit for purpose” actually looks like 

These are the issues our engineers find, time and again: 

• Security configurations that grant administrator access to your system for every connecting user, or even third-party organisations. 
• Legacy authentication mechanisms still in place long after they should have been replaced, leaving systems open to fake credentials. 
• Unmonitored system components in early-stage failure – or already failing routinely. 
• Data quality issues quietly distorting the operational picture people are making critical decisions from. 
• Unnecessary complexity making upgrades riskier and more expensive than they need to be. 
• Functionality that’s already paid for, sitting unused. 

None of this is visible from the outside. Systems appear to be working, data is flowing, but the integrity of that data is compromised, and that means every decision it informs is compromised too. 

With the UK’s Cyber Security and Resilience Bill landing in Spring 2026, these aren’t just operational risks – for critical national infrastructure operators, they’re potential compliance failures. Organisations face new legal obligations around cyber risk management for operators of essential services.  

Combined with NIS2 compliance requirements in Europe, and similar legislation emerging in North America – Canada’s Bill C-8 and equivalent frameworks in the US – the pressure to demonstrate that your systems are properly configured is only increasing. 

 

Start with an audit 

Before you plan your next operational improvement programme – whether that’s AI, digital transformation, or simply getting more from your existing systems – you need to know what you’ve got and whether it’s fit for purpose. 

ITI has developed a new PI System audit tool that deploys remotely, with no interruption to operations and no need for an engineer on site. It runs over 200 automated checks across your infrastructure, security model, system administration, and governance – faster and with less disruption than a traditional audit. Our specialists use this information to build a detailed audit report with recommendations tailored to your business. 

An audit doesn’t just identify operational improvements: it puts you in a stronger position ahead of regulatory scrutiny, wherever you operate. Our experts will identify any opportunities to secure new cost savings and value-adds by consolidating infrastructure, rightsizing servers and implementing the latest technology. 

The organisations that get the most from their data won’t be the ones with the most ambitious roadmaps. They’ll be the ones who made sure their foundation was solid before they started building and got it right – first time.

Find out more about a PI System audit from ITI