Checklist: Everything a CTO Needs for a Multi-Site IT Cutover

For a CTO at a multi-location organization, a large-scale IT cutover is one of the most visible, high-stakes projects you will ever lead. Whether you're integrating a new M&A batch, standardizing technology across a national footprint, or opening new sites, the cutover is the moment of truth. Get it right, and it’s a seamless transition that fuels growth. Get it wrong, and you have 50 clinics dead in the water on Monday morning, angry operators, and a reputation on the line.

The difference between chaos and control isn't luck; it's a field-tested playbook. Too many IT leaders get burned by what they wish they knew beforehand: the circuit provider who shows up with no "right of entry," the E911 non-compliance notice, or the crippling one-way audio issue that stumps the help desk for days. These are the headaches that turn a planned conversion into a chaotic, costly fire-drill.

This checklist is your runbook. It’s built from MellinTech's experience executing technology programs for groups in dental, healthcare, veterinary, childcare, and more. Use it to plan your work by time horizon, assign owners, and ensure every site is ready on day one.

These are the items with multi-month lead times. Their delivery dates are your critical path. Do not schedule a cutover until these are confirmed.

• Internet Circuits & Last-Mile Buildout: Validate dedicated internet access or fiber install intervals at every single site. Plan for weeks to months, not days. On-net status, building access permits, and internal construction sequencing will all impact this. Do not assume "plug and play."

• Voice Number Porting Windows: Classify each site's ports (simple vs. complex). Gather all Billing Telephone Number (BTN) and Customer Service Record (CSR) data immediately. Schedule Firm Order Commitment (FOC) windows for after-hours and have a clear failback plan.

• Emergency Calling (E911) Compliance: For every location, confirm your new system will provide direct 911 dialing, on-site notifications (Kari's Law), and precise dispatchable location details (RAY BAUM'S Act), including floor or room numbers.

A rollout is not the time to be designing on the fly. Define, pilot, and lock your standards before you scale.

• Network & SD-WAN Standards: Define your hub, spoke, and path selection logic. Lock in QoS policies for real-time traffic (like VoIP and imaging), security policies, and your management plane. Pilot at a representative site, then stamp it out.

• Wi-Fi- & Cabling Standards: Move from guesswork to data. Use predictive designs, then validate with an "AP-on-a-stick" physical survey. After install, conduct post-install surveys to verify coverage. Document everything: AP mounting, channel plans, PoE budgets, and as-builts with photos.

• Labeling & Documentation: Enforce an ANSI/TIA-606 compliant schema across all racks, panels, ports, and pathways. This seems trivial until a "day two" support ticket for a remote site takes hours to resolve because nothing is labeled.

• Asset Inventory as a Control: Maintain a single source of truth for all hardware and software, mapped to sites and networks. This isn't just for accounting; it's a foundational security control.

Want This Runbook as a PDF?

This is a lot to track. Get this entire checklist as a PDF to share with your team and use in your planning sessions.

• Site Discovery & Readiness: Get eyes on-site (or detailed photos). Confirm IDF/MDF space, rack elevations, available power, UPS capacity, and cooling. Critically, capture the demarc location and identify any needed extensions now so carriers aren't blocked on arrival.

• DNS Cutover Hygiene: Lower the Time-to-Live (TTL) on all relevant DNS records well in advance of the change. This ensures records expire quickly during the cutover, making both the flip and a potential rollback fast and clean.

• Synthetic Baselines: Stand up synthetic tests for critical applications (e.g., login flows, accessing a patient record, processing a payment). Capture pre-cutover latency, loss, and performance. You will use these same tests during and after to prove success.

• Identity & Collaboration Plan: For M&A, this is a major workstream. Decide early: Microsoft Entra (Azure AD) cross-tenant synchronization for coexistence or a full tenant-to-tenant migration? Rehearse sign-in and MFA flows early.

• Connectivity: Provider orders are accepted, site surveys are scheduled, permits are tracked, and all inside-plant work is ready for the carrier handoff.

• Voice: CSR records are validated, Letters of Agency (LOAs) are signed, test numbers are identified, and all E911 addresses are double-checked. Run test calls on a pilot site before the first big wave.

• Wi-Fi &  Endpoints: Predictive designs are validated on-site. Mounting locations are confirmed. The PoE budget is verified against the actual load of APs, phones, cameras, and signage—with a buffer.

• Security & Compliance: Validate HIPAA network standards (where applicable) and PCI for front-desk payments. Use segmentation to keep the cardholder data environment (CDE) scoped and verifiable.

• Governance: Your Change Advisory Board (CAB) cadence is set. The risk has been reviewed, the rollback plan is defined, and a formal "go/no-go" gate is agreed upon.

• Cutover Rehearsal: Conduct a full rehearsal on a pilot site using the real, hour-by-hour runbook, not a summary slide deck.

• Backups & Freeze: All configuration backups and "golden images" are stored and verified. A change freeze is implemented across all in-scope systems—and enforced by CAB.

• Communications Kit: Prepare the comms for field teams and on-site staff: When is this happening, what should they expect, how do they escalate issues, and what are the downtime procedures?

• Verify DNS TTLs are still low.

• Confirm porting FOC windows with all carriers and stakeholders.

• Check that all synthetic tests are green and dashboards are bookmarked.

• ​Validate closet power and UPS runtime for the current PoE loads.

These are the issues that rarely make it into the official project plan but cause the most pain.

1. The 'Tech On-Site, No Access' Fiasco: The circuit provider is on the clock, but building management wasn't looped in on the Right-of-Entry, or the demarc extension was never run. Your critical path just stalled, and you're paying technicians to wait.

2. The Slow-Motion DNS Failure: DNS TTL was left high (e.g., 24 hours). The cutover fails, but the rollback takes an entire day to propagate, leaving sites dark and your team helpless.

3. The E911 ' Near Miss': The phones work, but E911 was never fully configured for the newly ported numbers. You don't discover this until a real emergency, creating a massive compliance and safety liability.

4. The One-Way Audio Mystery: Users complain of dropped calls or one-way audio. The culprit? A double NAT issue or a firewall's SIP ALG "helper" corrupting traffic.

5. The 'Afterthought' Identity Crisis: In an M&A, identity was treated as a simple IT task. Now, two organizations are merged, but users can't access shared files, and MFA flows are broken. This should be a primary workstream from day one.

6. The Ignored Analog Dependencies You successfully cut over to VoIP, but no one inventoried the analog lines. The alarm panel, elevator phone, and fax machine are all dead.

7. The 'Labeling Drift' Nightmare: Three rollouts later, no two sites are labeled the same way. Remote support tickets that should take 5 minutes now take 45 as you try to verbally guide a clinic manager to "unplug the third cable from the top... no, that top."

Worried about these headaches? An experienced partner spots these issues months in advance. We can review your plan and identify gaps before they become 'Day One' pain points.

1. T-0: Open the command bridge and the war room. Track every task with timestamps.

2. Execute in Sequence: Validate circuits are live. Push SD-WAN policies. Execute DNS flips. Execute identity cutovers. Confirm number ports. Flip Line-of-Business (LOB) apps.

3. Validate (Per Site):

• WAN and Wi-Fi health (DHCP, DNS, latency).

• Sign-in and MFA.

• A real transaction in your primary app (e.g., open a patient chart).

• Inbound and outbound calls, including a permitted 911 test.

• Printers, scanners, and payment terminals.

4. Decision Gate:  If hard criteria (from your validation checklist below) are not met by the pre-defined cutoff time, execute the rollback plan.

• Hold daily standups with a dedicated triage queue. Trend tickets by site and category.

• Compare your synthetic performance baselines to the pre-cutover data. Investigate any regressions before moving to the next wave.

• Compile the Closeout Package: This is non-negotiable. Labeled photos, as-builts, final configs, port maps, updated inventory, and stakeholder sign-off.

• Map every phone number to a physical site.

• Pre-validate BTN/CSR, schedule FOC windows, and run test calls.

• Confirm Kari's Law (direct dialing) and RAY BAUM'S Act (dispatchable location) for each MLTS.

• Validate with AP-on-a-stick and post-install surveys, not just predictive designs.

• ​Watch for interference risks from specialized equipment (e.g., dental imaging, medical devices) and size for voice-grade roaming.

• Keep the cardholder environment segmented and minimized. Use PCI's scoping and segmentation guidance to plan controls per site.

• Use Entra cross-tenant synchronization for coexistence or plan a full tenant-to-tenant migration with well-defined cut windows.

• [  ] Internet up, SD-WAN tunnels healthy, loss and jitter under thresholds.

• [  ] Wi-Fi SSIDs present, clients roam, SNR acceptable on floor plan.

• [  ] Users can sign in with MFA; shared mailboxes and Teams/Slack work.

• [  ] LOB application opens and completes a real transaction/chart entry.

• [  ] Printing and scanning tested where applicable.

• [  ] Inbound/outbound calls work, CNAM correct, and permitted 911 test validated.

• [  ] Payment terminal processes a sale; receipts print. PCI segmentation documented.

• [  ] Synthetic tests are all green and match or beat the pre-cut baseline.

A successful nationwide IT rollout isn't magic. It's the result of meticulous planning, standardization, and a runbook that has been tested by reality. This checklist is a map to avoid the common "gotchas" and turn a high-stakes, chaotic event into a predictable, non-event.

But a plan is only as good as its execution. This checklist is the foundation of every program MellinTech runs. If your team is facing a complex rollout, M&A integration, or new build, let's talk. We're the execution partner that makes 'Day One: Ready' a reality.

Download the Multi-Site Cutover Checklist.

• New Construction Readiness: Full-scope technology programs for new builds, including structured cabling, Wi-Fi, A/V, and device connectivity so new locations are ready for patients or customers on day one.

• M&A & Standardization Rollouts: Coordinated nationwide programs for acquisitions and technology refreshes. We manage everything from discovery and standards through site execution and closeout documentation.

• Moves, Adds, & Changes (MAC): Expert field services to relocate or expand equipment with minimal disruption.