Businessman illustrating a heart on medical data, emphasizing compassion in the NetSuite Health Check audit process.
NetSuite Support
March 5, 2026

What a NetSuite Health Check Should Include (Complete Audit Checklist)

burger menu icom
CONTENTS
Example H2
Example H3
Example H4
Example H5
Example H6

A NetSuite health check is a systematic review of your entire environment -- configuration, customizations, integrations, security, performance, and governance. It tells you what's working, what's broken, what's creating risk, and what's costing you time and money.

Most organizations run one after go-live to validate the implementation. Then they never do it again. Three years later, the environment is running scripts nobody remembers building, workflows nobody can explain, and integrations held together with hope.

This guide breaks down exactly what gets reviewed in a comprehensive NetSuite health check. Not a sales pitch. A detailed audit checklist you can use to evaluate vendors or run the assessment yourself.

We've executed this process across 60+ NetSuite accounts. The pattern is consistent: environments find 15-20 actionable optimization opportunities in the first 30 days, half of which can be addressed in a week or less.

Here's the complete framework.

What Is a NetSuite Health Check?

A NetSuite health check is a systematic audit of your NetSuite environment. It reviews configuration, customizations, integrations, security, performance, and processes to identify risks, inefficiencies, and optimization opportunities.

Think of it like a diagnostic for your ERP. You're not fixing problems yet -- you're identifying what needs attention and prioritizing based on impact and effort.

A health check covers six domains:

  1. System configuration -- Account settings, features enabled, preferences, localization
  2. Customizations -- Scripts, workflows, saved searches, custom records, forms
  3. Integrations -- Third-party connections, APIs, data flows, error handling
  4. Security and access -- Roles, permissions, audit trails, compliance gaps
  5. Performance -- Script execution, search efficiency, page load times, governance usage
  6. Processes and governance -- Documentation, change management, support ownership, user training

Most organizations skip the health check until something breaks or an audit surfaces control gaps. By then, the cleanup work is 10x harder than it would've been if caught early.

Quick check: when was the last time someone reviewed every active customization in your environment and validated it's still needed? If the answer is "never" or "not since go-live," you need a health check.

Why NetSuite environments need regular system audits

Nobody implements NetSuite planning for it to become messy. It happens gradually through three patterns:

Pattern How It Happens Result
Customization accumulation Scripts and workflows get built to solve specific problems. Nobody removes them when the problem changes or the process evolves. Hundreds of customizations, half of which nobody remembers building or can explain what they do
Configuration drift Features get enabled during testing or troubleshooting. Settings change to fix one-off issues. Nobody documents why. Account settings that conflict with each other or solve problems that no longer exist
Knowledge loss The consultant who built it left. The admin who maintained it moved to another role. The original implementation team is gone. Critical systems running with zero documentation and nobody who knows how they work

The result: a NetSuite environment that's harder to maintain, slower to modify, and riskier to operate than it needs to be.

What Should a NetSuite Health Check Include?

Here's the complete checklist, organized by domain.

Domain 1: System Configuration Review

This covers your account-level settings and feature enablement.

What gets reviewed:

  • Features enabled vs features used: NetSuite has 200+ optional features. Most accounts have 40-60 enabled. Pull the Features report (Setup > Company > Enable Features) and cross-reference against actual usage. Features enabled but never used create clutter in menus and forms.
  • Company preferences: Accounting preferences, sales preferences, purchasing preferences. Are they aligned with current processes? Do they conflict with each other? Example: "Negative Inventory" enabled but purchasing workflows assume it's disabled.
  • Localization and multi-subsidiary setup: Tax settings, currency handling, intercompany eliminations. For multi-subsidiary accounts, are subsidiary relationships and elimination workflows configured correctly?
  • User preferences and defaults: Default forms, home dashboards, saved search defaults. Are they optimized for how users actually work or still showing implementation defaults?
  • Release readiness: Is the account configured to handle NetSuite's twice-annual updates? Are there customizations that break when features change?

Expected output: List of enabled-but-unused features to disable, conflicting preferences to resolve, missing configurations that would streamline workflows.

Domain 2: Customization Assessment

This is where technical debt lives. Every script, workflow, saved search, custom record, and custom form gets evaluated.

What gets reviewed:

  • Scripts (SuiteScript): Pull the Installed Scripts report. For each script, document purpose, last modified date, execution frequency, governance usage, error rate, and owner. Flag scripts that haven't been modified in 2+ years (likely undocumented), scripts with high error rates, scripts consuming excessive governance.
  • Workflows: Review every active workflow. Does it still match current approval processes? Are there steps that can be consolidated? Are error notifications going to the right people? Are there workflows that haven't triggered in 90+ days (candidates for retirement)?
  • Saved searches: Most accounts have 200+ saved searches. Half are unused. Run the Saved Search Usage report. Flag searches not run in 90 days, searches with performance issues (long execution time), duplicate searches solving the same problem.
  • Custom records: Why was each custom record created? Is it still needed? Is data being actively maintained? We've seen custom records created for one-time data imports that are still in the account years later with zero records.
  • Custom forms: How many custom transaction forms exist? Are they all necessary or can they be consolidated? Are required fields actually required or just creating data entry friction?

For context on what good customization architecture looks like, see 14 Advanced NetSuite Customization Strategies for Business Growth.

Expected output: Customization inventory with usage metrics, list of candidates for retirement, performance optimization opportunities, documentation gaps.

Domain 3: Integration Assessment

Integrations connect NetSuite to the rest of your tech stack. When they break or perform poorly, the entire operation feels it.

What gets reviewed:

  • Active integrations inventory: What systems connect to NetSuite? What data flows in each direction? What's the sync frequency? Who owns each integration (internal team vs vendor)?
  • Integration architecture: Are integrations using REST APIs, SOAP, CSV imports, SuiteConnector, or third-party middleware? Is the architecture appropriate for the data volume and latency requirements?
  • Error handling and monitoring: How do integrations handle failures? Are errors logged? Do alerts go to the right people? Is there a process for investigating and resolving integration issues?
  • Data validation and reconciliation: Are integrations validating data before creating records? Is there a reconciliation process to confirm records made it from source to NetSuite? Do duplicate detection controls exist?
  • Performance and governance: Are integrations staying within NetSuite governance limits? Are sync jobs completing within acceptable timeframes? Are there bottlenecks in data transformation or API calls?

For a detailed framework on building integration monitoring, see How to Monitor NetSuite Integrations Without Buying a New Tool.

Expected output: Integration architecture diagram, error rate by integration, monitoring gaps, recommended improvements to reliability and performance.

Domain 4: Security and Access Control Review

This domain covers roles, permissions, audit trails, and compliance readiness.

What gets reviewed:

  • Role and permission audit: How many users have Administrator access? Who can edit closed periods? Who has Full access to sensitive record types? Pull the User Access report and flag high-risk permissions. For every user with admin or elevated access, verify they still need it.
  • Segregation of duties: Can a single user execute complete sensitive processes end-to-end? Examples: creating and approving journal entries, processing and approving refunds, creating and deleting transactions. Flag violations.
  • Inactive user cleanup: Users who haven't logged in for 90+ days but still have active access. Former employees whose accounts weren't disabled. Consultant accounts left active after projects ended.
  • Audit trail configuration: Are system notes enabled for sensitive record types? Are changes to roles, workflows, and scripts being logged? Is the retention period appropriate for compliance requirements?
  • Two-factor authentication: Is 2FA enabled for admin users? For users with access to financial data? Is it enforced or optional?

For a complete guide to permission cleanup, see NetSuite Roles & Permissions Cleanup: How to Reduce Risk Without Breaking Workflows.

Expected output: List of users with excessive permissions, segregation of duties violations, security configuration gaps, remediation plan.

Domain 5: Performance Assessment

Slow systems cost money. Users waste time waiting. Scripts hit governance limits. Reports time out.

What gets reviewed:

  • Script performance: Review script execution logs for the last 30 days. Identify scripts with longest execution times, highest governance usage, most frequent timeouts. These are optimization candidates.
  • Saved search efficiency: Identify searches with long load times, searches that time out, searches using inefficient criteria (formula fields without indexes, unoptimized joins). Most slow searches can be rewritten to execute 5-10x faster.
  • Page load performance: Are custom forms loading slowly? Are there excessive custom fields on transaction forms slowing data entry? Are dashboards with heavy portlets timing out?
  • Workflow execution time: Are workflows completing quickly or creating bottlenecks? Are there workflow steps that can run asynchronously instead of blocking the user?
  • Database query optimization: For accounts using SuiteAnalytics, are queries optimized? Are there missing indexes on frequently searched custom fields?

For a comprehensive performance diagnostic framework, see Why Is NetSuite Slow? 47-Point NetSuite Performance Audit Guide.

Expected output: Performance bottleneck inventory ranked by business impact, script optimization opportunities, search rewrites, page load improvements.

Domain 6: Process and Governance Review

Technical health matters. So does organizational health around how NetSuite is managed.

What gets reviewed:

  • Documentation existence and quality: Is there documentation for customizations? Integration architecture? Business processes supported by NetSuite? Change management procedures? Most environments have little to none.
  • Change management process: How are changes requested, prioritized, tested, and deployed? Is there a sandbox for testing? Is there a rollback plan if changes break production?
  • Support ownership and escalation: Who supports NetSuite day-to-day? Who handles customizations? Integrations? User access requests? Is there an escalation path for issues?
  • User training and adoption: When was the last training session? Are new users getting onboarded effectively? Are features being underutilized because users don't know they exist?
  • Backup and disaster recovery: Is data being backed up? How often? What's the recovery time objective if NetSuite becomes unavailable? Is there a tested recovery procedure?
  • Vendor and contract management: Who owns the relationship with NetSuite? With implementation partners? With integration vendors? When do contracts renew? Are you getting value from paid add-ons?

For more on what post-implementation governance should look like, see NetSuite Post-Implementation Guide: 10 Critical Steps for Success.

Expected output: Documentation gap analysis, governance maturity assessment, support structure recommendations, training needs.

How Often Should You Do a NetSuite Health Check?

After go-live: 90 days post-implementation -- Validate that what was built during implementation is working as intended. Catch configuration issues before they become ingrained in processes.

Annually for stable environments -- Once per year for accounts where customization activity is low, integrations are stable, and the team hasn't changed significantly.

Quarterly for high-change environments -- If you're actively building customizations, adding integrations, or experiencing rapid user growth, quarterly health checks prevent issues from accumulating.

After major changes -- Following acquisitions, subsidiary additions, ERP migrations, major release updates, or leadership changes that affect how NetSuite is used.

When something feels off -- Recurring outages, scripts timing out more frequently, user complaints about performance, audit findings. These are symptoms that a health check will diagnose.

Most organizations wait too long. The longer you wait between health checks, the more technical debt accumulates, and the harder (and more expensive) the cleanup becomes.

What health check timing looks like in practice

Year 1 post-implementation:

  • 90-day health check (validate go-live decisions)
  • 12-month health check (annual baseline)

Years 2-3:

  • Quarterly health checks if actively customizing
  • Annual health checks if stable

Year 4+:

  • Annual health checks minimum
  • Quarterly if you've added subsidiaries, acquisitions, or significant integrations

After any major incident: Governance limit exceeded, integration failure affecting operations, security audit finding, data integrity issue.

For more on the difference between health checks and optimization work, see NetSuite Health Check vs NetSuite Optimization: What's the Difference.

Common Findings from NetSuite System Audits

Here's what we find consistently across environments.

40-60% of customizations aren't being used

Scripts built for temporary projects that ended. Workflows supporting processes that changed. Saved searches created for one-time analysis and never deleted.

The fix: Build a customization retirement process. If a script hasn't executed in 90 days, flag it. If a workflow hasn't triggered in 180 days, investigate whether it's still needed. Retire what's not being used.

Integration monitoring doesn't exist

Integrations run. Sometimes they fail. Nobody knows until a user reports missing data.

The fix: Build systematic integration monitoring using saved searches, workflows, and dashboards. Process 2 and Process 3 from the integration monitoring guide cover exactly how to do this.

30-50% of enabled features aren't used

Features enabled during implementation "just in case." Features turned on for testing and never turned off. Features enabled by consultants who are no longer around to explain why.

The fix: Cross-reference enabled features against actual usage. If a feature has been enabled for 12+ months and there's zero usage data, disable it. If it was actually needed, re-enable it. Most of the time, nobody notices.

Documentation is missing or outdated

The implementation team documented the original build. Nobody's updated it since. Customizations added post-go-live have zero documentation. Integration architecture exists only in the original consultant's head.

The fix: Create documentation templates for scripts (purpose, inputs, outputs, dependencies), workflows (trigger, approval routing, error handling), and integrations (data flow, sync frequency, error escalation). Make documentation part of change management -- no deployment without documentation.

High-risk permissions are widespread

Too many admin users. Users who can edit closed periods. Sales reps with Full access to customer records (which includes Delete). AP clerks who can post journal entries.

The fix: Run the seven-step permission cleanup process from the roles and permissions guide. Start with high-risk permissions, test changes before production, remove permissions incrementally.

Performance issues are caused by 5-10 customizations

Most customizations run fine. A handful consume 80% of governance, create bottlenecks, or time out regularly.

The fix: Identify the worst performers through script execution logs and saved search performance reports. Optimize those first. The 80/20 rule applies -- fixing 5 scripts often solves 80% of performance complaints.

The Stockton10 Approach: NetSuite Health Checks That Lead to Action


Why most NetSuite audits produce reports nobody acts on

Organizations run a health check. They get a 50-page report. It sits in a folder. Nothing changes.

Three reasons why:

Findings aren't prioritized -- The report lists 100 things that could be improved but doesn't say which 10 actually matter. Teams don't know where to start, so they don't start.

No clear ownership -- The report identifies problems but doesn't assign who should fix them. Finance thinks IT should handle it. IT thinks it's a business process issue. Nothing happens.

No implementation plan -- "Optimize slow scripts" isn't actionable. Which scripts? What does optimization look like? What's the timeline? Without specifics, nothing moves forward.

Effective health checks produce prioritized action plans with clear ownership and timelines -- not just finding lists.

How Stockton10 delivers actionable NetSuite health check reports

Our approach across every NetSuite post implementation audit follows the same structure:

  • Findings categorized by impact and effort: Critical/High/Medium/Low impact. Quick win vs multi-week project. This makes prioritization obvious.
  • Ownership assigned to each finding: Which team owns the fix: Finance, IT, Operations, External Partner. No ambiguity about who's responsible.
  • Remediation plan with timelines: Not just "fix this." Specific steps to resolve the issue, estimated effort, and recommended timeline.
  • Quick wins identified separately: 5-10 findings that can be addressed in a day or less. These get tackled first to build momentum.

For organizations using our NetSuite managed services assessment, we don't just deliver the report -- we help execute the remediation plan.

What ongoing NetSuite governance looks like after a health check

  • Monthly: New customization requests reviewed for necessity and alignment with architecture standards. No new scripts or workflows without documentation.
  • Quarterly: Customization usage reviewed. Scripts and workflows with zero activity flagged for retirement. Performance metrics monitored for degradation.
  • After every NetSuite release: Review release notes for features affecting customizations. Test customizations in sandbox before production release. Update documentation if behavior changes.
  • Annual: Full health check repeated. Progress on prior findings measured. New risks identified. Governance maturity assessed.

For more on how this applies to specific industries and use cases, see NetSuite Optimization: How to Get More Speed, Efficiency, and Value.

NetSuite Health Checks: From Diagnostic to Action Plan

NetSuite health checks aren't about finding everything wrong with your environment. They're about identifying the 10-20 things that matter most and building a plan to fix them.

The six domains covered in this guide -- system configuration, customizations, integrations, security, performance, and governance -- represent every area where NetSuite environments accumulate risk and inefficiency over time.

Most organizations skip the health check until something breaks. By then, the technical debt is significant, the documentation gaps are severe, and the cleanup work is measured in months rather than weeks.

Running a systematic NetSuite system audit annually -- or quarterly for high-change environments -- prevents problems from accumulating. It identifies optimization opportunities before they become pain points. It keeps the environment maintainable as the business grows.

The checklist in this guide gives you the framework. Document what's there, evaluate it against best practices, identify gaps and risks, prioritize based on impact, build remediation plans with clear ownership.

You can run this assessment internally or engage a partner. Either way, the output should be the same: a prioritized action plan that turns findings into improvements rather than a report that sits in a folder.

Ready to see what a comprehensive NetSuite health check reveals about your environment?

Stockton10 offers free NetSuite health check assessments for organizations evaluating optimization consulting services or considering NetSuite managed services. 

Contact us today to schedule yours.

Want to learn more about the Services Stockton10 Offers?

netsuite support icon
NetSuite Support
netsuite optimization icon
NetSuite Optimization
netsuite integration icon
NetSuite Integration
netsuite customization icon
NetSuite Customization
netsuite development icon
NetSuite Development
netsuite healthcheck icon
NetSuite Healthcheck

Related Use Cases

NetSuite Support
September 16, 2025

NetSuite Support US: 5 Service Levels Most Providers Don’t Offer

NetSuite Support
July 22, 2025

NetSuite HubSpot Integration Guide: Setup, Tools, KPIs [2025]

Stockton Guarantee

Netsuite managed services, mastered.

Get reliable support with our 30-minute guaranteed response time—or get your money back!

stockton moneyback guarantee logo image
Let’s work together

hello@stockton10.com

  • 20A Tanjong Pagar Road Singapore 088443

  • 1406 Centerpoint Bldg., Garnet Road, Ortigas Center, Pasig City, Metro Manila Philippines
© 2026 Stockton10 | Terms & Conditions | Privacy Policy