A few weeks of cataloging the workloads on a closet-corner office server is unromantic work and almost always pays for itself before the migration even begins. The reason is that nobody on the current staff actually knows everything the server does. The person who set up the file share retired. The person who scripted the nightly export moved on. The application that runs payroll talks to the server through a path that is documented in one screenshot in a folder on the server itself.
The audit is not a Visio diagram and it is not an asset inventory. The audit is a written list of every workload the server is currently performing, with an owner, a frequency, a downstream consumer, and a candidate replacement. A workload is anything the server does that someone in the office would notice if it stopped. The framing matters because it produces a list that the migration plan can be built against, line by line.
Most office servers have between fifteen and forty workloads. The shape is consistent. There is a file share with a few top-level folders that real people open every day, plus a long tail of folders nobody has touched in years. There is a print server hosting a queue or two. There is at least one scheduled task, usually three or four, that runs overnight. There is a domain controller role that is providing login services and group policy. There is a line-of-business application that runs from the server, sometimes a client-server install where the server piece is doing real work and sometimes a glorified file launcher.
The audit's first job is to find the workloads that are surprising. The scheduled task that runs every night and emails a CSV to a vendor that nobody on staff has talked to in two years is a real workload until proven otherwise. The folder full of scanned documents that looks abandoned but is the only copy of a regulatory submission is a real workload. The application that nobody uses except one person on Tuesdays who is loud about it being mission-critical is a real workload. Surfacing these is the audit's main contribution.
The audit's second job is to put a clock on each workload. A file share folder has a last-write date. A scheduled task has a last-run date. An application has a last-login date. The clocks are the tool for separating the active workloads from the ambient ones. The active workloads need a real replacement and a tested migration. The ambient ones can often be archived and the migration is a copy to long-term storage rather than a stand-up of a new system. Treating these two categories the same way is how migrations balloon in scope and timeline.
The audit's third job is to identify the workloads where the right answer is not "replace with the closest cloud equivalent." Some workloads are running on the office server because they were the cheapest thing to set up ten years ago, not because the office server is the right home for them. The accounting application that is half on the server and half on a few desktops is a candidate for a cloud-native accounting platform that retires both halves at once. The custom database that someone wrote in Access is a candidate for a SaaS that does the same job better. Looking past the one-to-one replacement saves money and almost always saves the staff time.
By the end of the audit, the team has a written document that lists every workload, an owner, a frequency, a chosen replacement, and a rough cutover plan for each. This document is what the rest of the migration is built against. It is also what the team uses to catch the workloads that get re-introduced during the migration window because somebody remembered something on the second-to-last day. The document is the source of truth and it is the deliverable of the audit phase, not a diagram of the network and not a list of licenses to renew.
The audit takes one to three weeks for a typical office. The deliverable is a single document, not a presentation. The cost of the audit is small relative to the cost of a migration that goes wrong because somebody forgot the scheduled export to the vendor. Offices that skip the audit and start the migration tend to discover the workloads in production, one outage at a time, and the savings from skipping the audit evaporate inside the first month.