Evaluation from the IT Director (CIO) perspective

The Due Diligence process monitors the IT organization from the IT Executive Director's perspective. The need to evaluate an IT organization in a few days or weeks requires a systematic and specific approach that focuses on essential areas. When identifying the main risks and problems, purchaser companies may come up with strategies and develop more options to reduce risks. If the analysis indicates substantial impact on the operational model, this information could be highlighted during negotiations.

Benefits of IT Due Diligence

Variation in technologies, sophistication and maturity levels and control over the IT acquirer and target company may create risks for both the efficient integration and the future operations. Focusing on IT Due Diligence allows the acquirer organization to gather information on potential synergies, identify any safety concerns and evaluate the IT team and structures. A broad and well-administrated process shall:

• Evaluate the IT strategy general efficiency, including processes, project portfolio, support structure and alignment with business goals;
• First day and first 100 days strategy development;
• Identify operational improvements, synergies or economy opportunities, such as resizing the IT support model and agreements with suppliers;
• Evaluate the capacity of integrating the main corporate processes and systems (for instance, ERP, supply chain management, customer relationship management);
• Evaluate the control and safety structure to minimize the exposure to onerous litigations through data exposure or theft;
• Evaluate the IT infrastructure quality to determine the capacity to expand, integrate or keep the current operating demands;
• Identify specific failure points that require a reduction plan;
• Identify hidden or embedded IT costs that result in an operational model greater than expected;
• Identify deferred or unplanned software license costs that may require investments after the transaction;
• Identify transaction problems to be considered after the transaction that would help evaluate the cost and period of the integration;
• Evaluate the intelectual proprierty, which could affect the evaluation of the target company.

Approach

A team of IT consultants shall use a consistent Due Diligence structure to guarantee that the IT capacities are prioritized and properly evaluated. The structure is focused on the main risk areas and projected to be able to support the greatest Due Diligence effort. The IT team shall work close to the transaction team to plan, execute and deliver information regarding the final decision.

Plan and initiate the IT Due Diligence - Identification and Organization of Risks - Evaluation and Analysis of Risks - IT Due Diligence Report 

Plan and iniciate the IT Due Diligence:In this phase, the team validates the project view, the strategic direction and the transaction's goals.  A project and communication plan is established to guarantee the proper delivery and disclosure.

Identification and Organization of Risks: During this phase, a customized request list is developed and sent to the target company. The requested items shall be focused on the main success factors.  Common areas to be included are IT personnel and organization, strategy, tools and aplications, IT architecture and infrastructure, IT controls and governance and IT financial information. The information is collected and evaluated through data request, interviews and on-site visits.

Risk Evaluation and Analysis:During this phase, a comprehensive risk is evaluated based on technological or operational failures that may affect the transaction or integration after the agreement. Whenever possible, reduction options shall be identified along with related costs.

IT Due Diligence Report: During the final phase, a summary of the main findings and recommendations shall be developed and disclosed. Recommendations and focus areas shall be related to transaction's goals.

IT Due Diligence Report, or report on the main monitoring points, shall provide a summary of the target company, the context of the transaction and the approach used for the evaluation.  A summary of the main problems and risks shall be included, identifying potential impacts, mitigation options, cost implications and the recommended approach. The report shall be written in a way that can be understood by professionals who are not part of the IT team. Understanding the transaction's goals and following a consistent and adapted approach shall maximize the value provided by IT Due Diligence, contributing, in general, to decision-making.