Helpt Service Scope

Helpt provides comprehensive helpdesk support, handling a wide range of hardware, software, and user-related issues. The scope of support ensures efficient troubleshooting, resolution, and escalation where necessary. With all incidents, Helpt strives to be a HERO (Helpt Evaluation, Resolution/escalation, and Overview).

Service Summary - The 4 Quadrants

1. Helpt SOPs

2. Your SOPs

3. Instant Escalations

4. Rapid Assessment & Escalation Bundle

1. Helpt SOPs

Where Helpt has pre-existing SOPs, we can effectively resolve incidents where the client has identified which system(s) are used in each area. Even with standard SOPs, incidents sometimes cannot be resolved. In these cases, we are still able to support the user by helping to determine temporary workarounds, identifying next steps, and completing our assessment and escalation process.

SOPs exist for:

1. End User Verification
   
   

   • What We Do
     Before supporting an end-user, we confirm the identity of the caller.
     
     

   • How We Do It
     We complete a verification workflow by SMS or push notification, using the verification tool web portal, and include that verification in the ticket documentation.
     
     

   • Requirements
     We need a method of identity confirmation for each caller. If you choose to utilize our verification tool, that requires a phone number where each caller is able to receive an SMS.
     
     

   • Supported Systems
     We are able to utilize the webapp version of various EUV tools:

     • Traceless

     • CIPP

     • MSP Process

     • CyberQP

     • Other systems can be utilized upon validation and approval
       
       

   • Verification Failure
     During onboarding, you may select a secondary verification option from amongst the following:
     
     i. Attempt verification process for a nearby colleague by speaking to that colleague, explaining what is being requested, asking them to attest to the identity of the caller, then completing the primary verification process for that colleague. Documentation will note the 3rd party being verified and their attestation.
     
     ii.Attempt confirmation by having the user reply to a previously created ticket in which verification was completed.
     
     iii. Attempt to call the user at a direct number stored in the user directory system.
     If the secondary option fails or if none is selected, the technician will create and escalate a ticket with complete notes but no further work completed.
     
     

2. Password Resets & Account Unlocks in User Directory Systems
   
   

   • What We Do
     We reset passwords and unlock accounts for users who are unable to access their systems. We also reset or re-register MFA for these systems. This is one of the most common support requests, and we handle it quickly and securely.
     
     

   • How We Do It
     After verifying the caller’s identity, we access your user directory system and complete the reset or unlock using the appropriate method for your platform, whether via web portal, remote session, or integrated tool. 
     
     

   • Requirements
     Password resets and account unlocks require access to your primary user directory system(s). If your environment utilizes multiple supported user directory systems, we require a list of clients/users/departments and the system utilized for each. Password resets further require a supported end user verification method or an explicit waiver acknowledging the associated security risk.
     
     

   • Supported Systems

     • Microsoft 365 / Azure AD / Entra AD

     • Google Workspace

     • CIPP

     • Okta

     • JumpCloud

     • On-prem Active Directory (requires RMM and clearly labeled server & credential)
       
       

3. Approved Software Installation
   
   

   • What We Do
     We install approved software on user workstations as needed. This includes both on-demand requests (e.g., “I need Zoom!”) and guided installations during troubleshooting and onboarding (e.g., “Call IT to get Excel installed”).
     
     

   • How We Do It
     Using the provided elevation tools, we initiate a secure session to install approved software directly on the user’s device. If a user requests unapproved software, we can submit a request for approval. We can also use RMM to generate just-in-time (JIT) local admin to approve user account control (UAC) when the approval tool is unavailable. 
     
     

   • Requirements
     We require a clearly defined list of approved software and access to a supported elevated privilege or remote access tool. We install only software explicitly included in your approved software list.
     
     

   • Installation Tools We Use
     We support the following tools for performing installations with elevated privileges:

     • AutoElevate

     • Admin by Request

     • ManageEngine PAM 360

     • Your supported RMM tool

     • Local admin with credentials accessed through approved password managers with clear labels: 

       • IT Glue/Hudu

       • Keeper/1Password/LastPass/PassPortal

       • Just-in-time accounts via RMM
         
         

   • Standard Software
     By default, we consider the following to be approved, unless we receive direction otherwise.

     • Microsoft 365

     • Google Workspace

     • Microsoft Teams / Zoom / Slack
       
       

   • What’s Not Included

     • We do not purchase or provision software licenses (though we can assign existing, unused licenses).

     • We do not install unapproved or user-supplied software.

     • We do not develop or maintain application packaging or deployment scripts.

     • We do not install software on non-workstation devices that cannot be accessed through supported RMM tools. We can utilize your SOPs (see below) to work with tablets and mobile devices through an MDM.
       
       

4. Hardware Troubleshooting
   
   

   • What We Do
     We assist users with diagnosing and resolving hardware-related issues on supported devices.
     
     

   • How We Do It
     We guide the user through diagnostic steps, use remote access tools when available, and provide clear documentation of the issue or resolution path.
     
     

   • We Support

     • Workstations running modern versions of Windows or macOS

     • Standard office peripherals: monitors, keyboards, mice, headsets, and locally connected speakers, docking stations, and webcams

     • Office printers and scanners
       
       

   • Limited Support
     For device types such as the following that are not fully supported, we attempt a basic, standardized troubleshooting plan:

     • Network-connected devices (e.g., routers, switches, NAS) 

     • Personal devices used for work

     • Speciality equipment such as POS terminals

     • Videoconferencing equipment

     • … or any other hardware not specifically excluded
       
       

   • We Cannot Support

     • Check printers

     • Medical equipment

     • Industrial equipment

     • Laser or radiation-based devices

     • Lab or scientific devices

     • Unsupported personal devices
       
       

5. Software Troubleshooting
   
   

   • What We Do
     We help resolve issues with commonly used and approved business software.
     
     

   • How We Do It
     We gather context from the user, perform guided troubleshooting using available access tools, and document all steps taken. Troubleshooting may include reinstallation, even if the software is not on the approved software list.
     
     

   • We Support

     • Microsoft 365

     • Google Workspace/G Suite

     • Microsoft Teams, Google Meet, Zoom, and Slack

     • Chrome, Edge, Safari, and Firefox

     • Adobe Acrobat
       
       

   • Limited Support
     We will attempt to assist with business-specific applications, such as CRMs, ERPs, inventory management software, and accounting software, as well as other common software applications, by completing common steps such as saving work, if possible, and restarting. In some cases, we will uninstall and reinstall software, if the installer is readily available.
     
     

   • We Cannot Support

     • Medical, regulated, or specialty software

     • Undocumented custom or proprietary applications

     • Development or admin tools

     • Pirated, unlicensed, or gray-market software

     • Personal or non-business apps

     • Malware or “system cleaning” utilities
       
       

6. Email Flow Management
   
   

   • What We Do
     We troubleshoot email flow including the release of quarantined emails and whitelisting of specific email addresses. Domain-wide whitelisting requests will be triaged and then escalated with proper notes for your team to whitelist as needed.
     
     

   • How We Do It
     We access your email filtering and security tool, assess the concern via general phishing markers as well as through MX lookups, then action ticket accordingly.
     
     

   • Requirements
     We need to understand your mail server/delivery systems; if your environment utilizes multiple supported email tools, we require a list of clients/users/departments and the system utilized for each.
     
     

   • We Support:

     • Appriver

     • Avanan

     • Barracuda

     • Proofpoint

     • Microsoft Defender through M365

     • Google Workspace Admin

     • Other tools can be assessed then approved if we can support
       
       

7. Meeting & Appointment Scheduling
   
   

   • What We Do
     We assist callers, primarily prospects, with scheduling meetings with your team.
     
     

   • How We Do It
     We gather information about the nature of the request and use the booking link you have provided to find and schedule a time, then confirm that the caller has received the invite.
     
     

   • Requirements
     We are able to use any web-based scheduling tool (e.g., Calendly) that does not require login. 
     
     

   • Limitations
     We are only able to use one scheduling link. We recommend it access the calendars of as many representatives of your company as possible to ensure timely scheduling. We are unable to toggle between multiple calendars or manage direct calendar access.
     
     

8. System and Network Access Control
   
   

   • What We Do
     We resolve common issues with system and network connectivity problems.
     
     

   • How We Do It
     Processes vary by the nature of the issue and systems involved. We typically require your SOPs, including permissions and approval processes.
     
     

   • Technologies and Actions We Support:
     i. Client VPNs
     ii. Bitlocker key retrieval
     
     

   • Actions Requiring Verification and/or Approval Process/Authority
     i. Remote Desktop Protocol
     ii. Drive mapping
     iii. Mailbox/delegated access

2. Your SOPs

Provided an adequate SOP, Helpt is able to resolve incidents of types not listed above.

1. How We Do It
   By adapting your SOPs to our workflow system, our technicians reliably resolve issues without needing extensive training.
   
   

   • During onboarding, we review the runbook to confirm that it is complete and executable.

   • The process, including credentials, are ingested into the Helpt technician interface.

   • When an incident is received, the technician determines the nature of the issue and selects the appropriate process.

   • The technician follows the runbook as written, with each step documented.

   • If any step fails, the technician performs any included rollback steps, captures diagnostic information, and escalates with a summary. In the event of recurring process failures, we bring the issue to your attention in order to amend the process.

2. Requirements
   
   

   1. A step-by-step procedure clear enough to follow without interpretation

   2. Credentials and permissions to access any systems referenced in that procedure

   3. Step(s) showing expected outcomes and/or verification checks

If these SOPs exist within your knowledge base, after ingesting them into our system, we require notification of changes to those processes and 3 business days to update our workflows.

3. Limitations and Guidelines
   
   

   1. Processes must be designed to resolve reactive incidents or simple, common move/add/change requests, but not proactive or project-based work. Examples of out-of-scope processes include device onboarding, scheduled maintenance, patching, migrations, major configuration changes, or any work that is not tied to a specific user-reported issue. We can support requests related to projects, such as users calling to complete an update after a major migration. In that case, each call counts as a separate ticket.

   2. Processes should be concise. Our work is oriented around short, well-defined and productive engagements. As a guideline, incident workflows should reach conclusion within approximately 20 minutes, typically. We may decline or request revisions to runbooks that require extended effort, deep troubleshooting, or multi-system reconfiguration.

   3. Processes must have a clear, step-by-step structure that is specific and actionable, not requiring judgment or logic not already contained within.

   4. Processes should be skill- and access-appropriate. Workflows requiring elevated administrative privileges, coordinated downtime, or architectural decisions will be escalated or excluded.

3. Instant Escalations

Some situations warrant urgent escalations. We are able to adapt our urgency to your requirements. 

Some common choices for instant escalation include:

• Active or suspected security incidents

• Legal or compliance issues (e.g. threat of litigation)

• VIP or executive contacts

• P1 emergency issues (e.g. “server or site down”)

Should a situation trigger your instant escalation threshold, before completing any further triage, a technician will:

• Reach out to the emergency escalation number provided

• Complete a warm handoff, providing all background knowledge available

• Document any such knowledge along with the name of the person receiving the escalation on the ticket submitted

For each incident type, should the escalation process fail, you may determine whether we should take any further steps.

4. Rapid Assessment & Escalation Bundle

Not every issue that arises is within scope. However, even when those out-of-scope issues reach us, we strive to assist and satisfy the end-user and provide you with information and time relief as much as possible.

Our work doesn’t stop when an issue is identified as out of scope. Instead, we complete our rapid assessment and triage process to ensure the end user feels heard and confident the resolution process has begun. Our portion of that process includes:

• Collecting caller and incident details

• Determining impact and urgency in accordance with ITIL standards

• Basic troubleshooting, such as personal device restarts

• Running diagnostic utilities and capturing detail via screenshots, logs, and observations 

• Suggesting safe, temporary workarounds

• Escalating via warm handoff, if necessary and when possible

• Documenting all relevant detail including user input and remediation steps taken before and during the interaction

• Submitting a detailed and prioritized ticket

General Scope Notes

• Tickets: 

  • Any actionable ticket received by Helpt is considered 1 ticket

  • Any non-actionable ticket (e.g. extraneous alerts) counts as 0.1 tickets for billing and reporting purposes

  • Any call received where we are able to gather caller information and action appropriately, including escalations, counts as 1 ticket
    
    

• Surges: Should we receive an unusually high volume of tickets, we will continue to work those tickets and, upon recognizing the volume, communicate with you. If you identify that surge as being unactionable, we will halt work and categorize any further tickets as such. If those are actionable, you may have us proceed on a project basis.
  
  

• Project work: In the event of a planned or unplanned spike in volume, we can treat batches of tickets with a project plan. This includes a discounted rate, with work being done on a scheduled basis rather than reactively, in the moment, with a deadline determined based on size and complexity.
  
  

• Security First: All services are delivered in accordance with our security best practices.
  
  

• Credentials: 

  • We prefer credentials to be stored in our Keeper Vault to ensure consistent access. We cannot guarantee support if credentials are removed or altered outside our system. 

  • We are able to utilize your password management system, if you provide a shared login we can store to Keeper Vault, including MFA, and any credential in your system that requires MFA includes MFA in the password manager record.
    
    

• Knowledge Base: 

  • We will not search your knowledge base for relevant processes and information. 

  • We do ingest your processes into our workflows and we can utilize links directly to specific articles. 

  • In cases where each of your clients has a separate document (e.g. Drive Mappings in IT Glue), we can accept a standard path to find that within each company record. 

  • Information can be updated and maintained within a “quick notes” section of your knowledge base system. 

  • We need to be notified of any changes made to relevant articles or notes within your system.
    
    

• Updates: While information is gathered during onboarding, we understand that things change. Should you need to make updates, such as to your approved software list or user directory credentials, please email success@gethelpt.com with 3 business days notice.
  
  

• Best Effort: All services are delivered to the extent of our capability and toolset, per the processes and standards shown above, with no guarantee of resolution.
  
  

• Discretion: All services and incidents are handled at our discretion. We reserve the right to decline support for systems or tools that introduce unreasonable security, legal, or operational risk.

Last updated: March 13, 2026