I work as IT M&A consultant focused on IT due diligence. IT is often very complex to understand due to its technical complexity, number of systems, applications, end-users, etc. For these reasons, many deals fail to achieve planned synergies (after integration between 2 companies, systems might not talk to each-other, data might not be correctly integrated, access rights to apps might now work after Day 1, you might end up with having duplicate ERPs, HR, supply chain systems, having data scattered across different databases, etc.). In order to avoid this it is important to have strong IT due diligence before the deal.
Here are only few activities that IT due diligence looks at.
– Define IT applications and systems owners for relevant business functions (Finance, HR, Sales and marketing, Operations, Logistics, Customer service, Quality and regulatory, Legal, Procurement, etc.)
– Create inventory of IT applications and systems
– Document hardware inventory
– Document infrastructure landscape
– IT security (audit tools, authentication, directory services, encryption, virus protection, etc.)
– Systems management (configuration / asset / change management, service/help desk, etc.)
– Telecommunications (firewall, wireless, voice, data, etc.)
– Identify business critical applications and infrastructure components