{"id":32062,"date":"2021-05-12T07:43:45","date_gmt":"2021-05-12T11:43:45","guid":{"rendered":"https:\/\/centricconsulting.com\/?p=32062"},"modified":"2022-03-30T08:15:34","modified_gmt":"2022-03-30T12:15:34","slug":"2-steps-to-conducting-it-due-diligence","status":"publish","type":"post","link":"https:\/\/centricconsulting.com\/blog\/2-steps-to-conducting-it-due-diligence\/","title":{"rendered":"2 Steps to Conducting IT Due Diligence"},"content":{"rendered":"<h2 style=\"text-align: center;\">In part two of our due diligence blog series, we lay out the essential elements of conducting an IT due diligence assessment.<\/h2>\n<hr \/>\n<p><i><a href=\"https:\/\/centricconsulting.com\/blog\/blog-series-understanding-tech-due-diligence-from-beginning-to-end\/\">Part of a blog series.<\/a><\/i><\/p>\n<p class=\"intro-text\">Due diligence is the best method for a company to protect itself during the merger and acquisition process. Often, companies overlook technology as part of the overall scope of due diligence, but we can\u2019t overstate its importance.<\/p>\n<p>Technology, and the risks it incurs, plays a major role in the operation of companies today. It has a direct impact on the overall well-being of a company. Conducting IT due diligence up front can help acquiring companies avoid unplanned costs, circumvent hidden vulnerabilities, and aid in negotiations between the involved companies.<\/p>\n<p>In the <a href=\"https:\/\/centricconsulting.com\/blog\/why-are-business-processes-and-it-important-components-of-due-diligence\/\">first part of our series<\/a>, we discussed the value of incorporating IT and business process reviews into due diligence, but what are the steps in conducting an IT due diligence assessment? <strong>Below, we\u2019ve outlined the first two steps in a successful assessment approach:<\/strong><\/p>\n<h2>Step 1: Initiate and Scope Effort<\/h2>\n<p>While this step may seem simple, you\u2019ll set your due diligence assessment up for success if you ensure you\u2019ve clearly defined your project and adequately prepared.<\/p>\n<ul>\n<li><strong>Identify the Scope:<\/strong> The scope of any due diligence process should involve leaders from both companies, who come together to make sure there\u2019s a shared understanding of the process and expected outcomes. Goals may vary by the scale of the transaction, risks involved and opportunities that you will realize through the merger or acquisition.<\/li>\n<li><strong>Select an Approach Method or Style:<\/strong> What does your approach include? Because each negotiation is different, parties at the target company may be friendly or hostile. Have a conversation about what you should or shouldn\u2019t say and how to work with members of the team. It\u2019s important to tailor your due diligence methodology and approach style with the target company culture.<\/li>\n<li><strong>Create a Resource Plan:<\/strong> Identify key players on the team and establish contact information and calendars. These people will help define strategic objectives, set direction and ensure you can resolve issues promptly.<\/li>\n<li><strong>Issue a Document Request:<\/strong> Issue a request for necessary documentation. These might include architectural diagrams, contracts and license agreements, partnership agreements, employee information, and other technology-related documents of value.<\/li>\n<li><strong>Review Privacy Requirements:<\/strong> Acquiring companies should ensure IT understands the confidentiality and privacy requirements of the target company. Various laws govern the use and disclosure of personal information during and after an acquisition, all of which you should make sure you thoroughly understand.<\/li>\n<li><strong>Build a Project Charter:<\/strong> Build a charter document that outlines the project plan, resource requirements, timing, objectives, stakeholders, and how you will carry out the project. The project charter recaps the project&#8217;s scope into a comprehensive document you will use throughout the due diligence process.<\/li>\n<\/ul>\n<h2>Step 2: Assess Current State<\/h2>\n<p>To assess the current state in your IT due diligence, the acquiring company must gather information through interviews, system audits, and relevant documentation. <strong>Evaluating the IT infrastructure, including business operations software and licensing, will allow the acquiring company to better understand whether the interests of the two businesses align strategically and provide insights into the target company\u2019s system capabilities, future investment needs and IT risks.<\/strong><\/p>\n<p>As mentioned, other key areas when assessing the current state include the target company\u2019s IT risks. Cybersecurity, data loss protection, contract liabilities, technology, cost base and employee flight risks are some of the areas you should evaluate.<\/p>\n<p>Because the acquired company\u2019s legal obligations may transfer to the purchasing company, ensuring a comprehensive current state assessment will help keep companies from engaging in time-consuming and costly legal disputes.<\/p>\n<p>Once you\u2019ve had conversations with leaders, IT staff and other parties and carefully documented your findings, you\u2019re ready for analysis. This is the final step of assessing the current state and will prepare you to create a final report you can present to both acquiring company and target company leaders.<\/p>\n<p><strong>Review all information collected and answer critical questions such as:<\/strong><\/p>\n<ul>\n<li>How do the IT governance process, architecture and budget align with the objectives of the company?<\/li>\n<li>Are there gaps in technology that will require significant investments?<\/li>\n<li>What risks and vulnerabilities exist?<\/li>\n<\/ul>\n<p>This process also enables you to find opportunities, whether it\u2019s to prepare for company growth, to acquire technology, to synergize operations, or other driving factors for the acquisition, which will help you integrate post-merger.<\/p>\n<h2>Conclusion<\/h2>\n<p>It\u2019s easy to overlook technology in due diligence, but taking the right steps to evaluate processes is essential in planning post-merger activities as the deal progresses. And while conducting due diligence is not easy, it\u2019s well worth the effort to identify assets and risks that may assist in overall negotiations and help ensure there are no surprises after the merger or acquisition.<\/p>\n<p>In the final blog in this series, we\u2019ll discuss post-merger integration, which covers the final two steps in our assessment approach: designing the future state and building a roadmap and execution plan.<\/p>\n<hr \/>\n<h4 style=\"text-align: center;\">Ready to get started with IT due diligence? Ask yourself these questions first.<\/h4>\n<p style=\"text-align: center;\"><a class=\"button\" href=\"https:\/\/centricconsulting.com\/wp-content\/uploads\/2021\/04\/CIO_Checklist_32122.pdf\" target=\"_blank\" rel=\"noopener\">DOWNLOAD OUR ASSESSMENT<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In part two of our due diligence blog series, we lay out the essential elements of conducting an IT due diligence assessment.<\/p>\n","protected":false},"author":63,"featured_media":32066,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","footnotes":""},"categories":[1],"tags":[19480,19108],"coauthors":[15012],"class_list":["post-32062","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-cio-services","tag-it-strategy","resource-categories-blogs","orbitmedia_post_topic-it-strategy"],"acf":[],"publishpress_future_action":{"enabled":false,"date":"2024-09-14 12:03:35","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category"},"_links":{"self":[{"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/posts\/32062"}],"collection":[{"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/users\/63"}],"replies":[{"embeddable":true,"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/comments?post=32062"}],"version-history":[{"count":0,"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/posts\/32062\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/media\/32066"}],"wp:attachment":[{"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/media?parent=32062"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/categories?post=32062"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/tags?post=32062"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/centricconsulting.com\/wp-json\/wp\/v2\/coauthors?post=32062"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}