The following are six key reasons to perform IT Diligence:
1. Application Scalability: Can Target’s system support 2-3x transaction volume or 100 additional users via an acquisition? Can Target’s system support a new line of business? Does Target utilize SaaS (Software as a Service) based solutions? Understanding the platform and stability of Target’s applications are paramount, especially if the applications are custom developed. IT diligence can indicate whether Target’s systems will scale to meet the needs outlined in the investment thesis. Finally, because IT flexibility can speed future transactions, assessing scalability of the applications (and underlying infrastructure) is especially critical for platform acquisitions.
2. IT Investments: IT diligence identifies the IT investments required to address maturity, risk, or compliance gaps and might play a role in purchase-price negotiations, while, minimally, eliminating any investment surprises after closing. Depending on the specific hold period and exit strategy, the need for IT investments can vary considerably. Understanding these inputs during the diligence phase is critical to avoid over- or under-investing in technology. IT diligence can also reveal IT waste or other costs ripe for reduction.
3. Reporting: Just having operational and financial visibility into the organization isn’t enough. If the reporting process is manual, data integrity is poor, or there is no ability to dissect data, the ability to monitor and manage the business is limited. IT diligence can shed light on the reporting maturity and identify options to alleviate the problem(s).
4. System Ownership: Many custom-built applications originate from open-source software, which can take several different legal forms. Some open-source code can be leveraged for commercial use without any changes, while others require modifications prior to use. IT diligence can determine whether open-source code violations exist.
5. Data Management and Data Security: Data Management can be likened to offense’, while Data Security can be considered defense’. For Data Management, how is Target data capturing, storing, and mining various data? What do customers or the market want and does the Data Management strategy align? Many companies don’t have a Data Management strategy and might be missing an opportunity to capitalize on their data. On the flipside, Data Security is all about protecting the organization through data backup, fault tolerance, security and disaster recovery. Can mobile devices (phones or laptops) be wiped clean if stolen? If data storage is outsourced, is the vendor HIPAA compliant? Understand this exposure before you close the deal.
6. Carve-Out Transactions: If IT diligence is important for a standalone acquisition, it is essential for a carve-out. Understanding the one-time costs required to separate a business unit can be a factor in negotiating not only the purchase price, but also the Transition Services Agreement (TSA). In addition, developing and understanding the ongoing IT spend (opex and capex) must be understood prior to signing the deal. Finally, a well designed TSA will protect Buyer and document Parent’s responsibilities for ensuring a smooth, timely, and cost-effective separation.