IT budget after a growth freeze: what to cut, what to protect

The same story plays out every January. The year-end numbers are in, the new plan has been approved with a downward adjustment, and now the CTO or IT director has to explain to the team which planned items are being deferred. The challenge is doing that without dropping what actually keeps the business running.

I have seen this in different configurations - companies that grew for three straight years and suddenly slowed down, and companies that were built cautiously from the start. The reaction to budget compression is almost always the same: cut what is visible, keep what people are loudest about. That is not always the right call.

The typical mistake when cutting

The first instinct is to freeze all new projects and keep only maintenance of the existing systems. That sounds sensible, but there is a trap. "Maintenance of existing systems" in most companies includes a large layer of hidden technical debt that stays alive only because someone manually patches it constantly. Freezing infrastructure investment does not save money - it defers the cost to the future with interest.

The second instinct is to cut people and keep tools. Often the opposite is correct: keep the people, review the subscriptions on tools that matter less than they appear to.

Three categories that must not be mixed

When I help work through an IT budget, I start by separating spending into three buckets:

Operational continuity - what keeps the business running today. This is not touched. It includes production systems, backups, monitoring, access management, and security. Cutting here means creating a risk that will cost more than the saving.

Technical hygiene - updates, patches, basic technical debt reduction. This is easy to defer, and it almost always gets deferred. But a year later it becomes an incident or a blocker for the next project.

Development - new tools, integrations, AI initiatives, platform migrations. This is where there is real room for prioritisation and pause.

The problem is that in most companies these three categories are mixed together in a single budget line with no clear separation. Decisions then get made not by logic, but by whoever is talking loudest at the moment.

What to protect first

A few things I recommend keeping untouched even under hard compression.

Monitoring and observability. If systems start failing and you cannot see why, the cost of recovery multiplies. Cutting observability during a period of uncertainty is especially dangerous.

Access management. Any audit, any data leak incident during an unstable period is expensive - reputationally and operationally. This is not a line to economise on.

Data and its integrity. If a data pipeline breaks or history is lost, management analytics stops working exactly when it is needed most.

Questions that help prioritise

When making a decision about a specific budget line, I ask a few questions:

1. What happens if this is not done for the next six months - concretely, not abstractly?
2. Who in the company actually depends on this tool or system every day?
3. If it breaks, how long does recovery take and who does it?
4. Is there a cheaper alternative that covers 80% of the need?
5. Which "new initiatives" are already funded but effectively frozen waiting for something - would it be better to explicitly stop them and stop paying?

The last question often gives the fastest result. In almost every company's portfolio there are projects that are formally active but practically stalled - and still drawing budget.

Reducing IT spending is not always a bad thing. Sometimes it is the moment when a company finally figures out what it is actually paying for.