An introduction to IT due diligence
An IT due diligence, which is an assessment performed on any company with a business that is supported or sometimes enabled by IT/digital capabilities, seeks to uncover performance, liabilities, key risks and opportunities as well as potential investment needs associated with the target company’s IT organisation and IT engine.
The aim is to ensure better valuation, risk mitigation as well as understanding of whether the target’s IT has what it takes to support the business in achieving its (future) strategic objectives.
What is IT due diligence and why should you conduct it?
What
It can be a challenge to get a clear and comprehensive understanding of the risks and opportunities related to the target’s IT organisation and IT platform prior to a merger or acquisition.
To ensure better valuation and risk mitigation and to determine whether IT has the necessary assets, resources and processes to support the business in achieving its future strategic objectives, it is essential to perform an IT due diligence.
An IT due diligence should therefore aim to uncover performance, liabilities, key risks and opportunities as well as potential investment needs.
Thus, an IT due diligence is the process of reviewing and evaluating the target’s IT strategy, IT architecture, application portfolio, infrastructure, IT procedures and security, IT organisation and IT financials.
Why
IT and business are becoming increasingly intertwined, making it difficult to succeed with one without succeeding with the other.
Now more than ever, companies depend on IT to support business operations, manage transactions and enable new business opportunities.
Nevertheless, many due diligence projects still lack the required emphasis on IT – this despite the fact that 45-65%* of the expected value creation from acquisitions is directly linked to the success of IT integration.
Hence, it is a necessity to have an adequate focus on due diligence to uncover any potential risks and synergies in IT and prevent any hiccups in the transaction or during a potential integration later.
How
To derive relevant and valuable insights from an IT due diligence, it is essential to get access to certain information via key stakeholders and documents. The IT areas that need to be emphasised will be determined based on objectives of the transaction and the primary characteristics valid for the target’s industry.
- It requires access to the target’s data, IT setup and IT leadership team, including the CIO.
- Normally, the it due diligence would take 2-3 weeks, given that the target has the capacity to provide necessary information in that time frame.
- In order to conduct an IT due diligence, a combination of deep technical expertise and industry knowledge is required.
Implement’s IT due diligence framework revolves around seven key areas with four supporting elements
Description
- The IT due diligence framework used consists of seven primary domains (centre) and four supporting domains (sides).
- The primary domains reflect a subset of a company’s IT ability to support the daily business operations.
- The supporting or secondary domains provide the boundaries and guidelines for the primary domains.