Yes! Information security is a critical component to due diligence. The acquiring company’s information security team should be heavily involved with understanding how the target company’s information security program operates, identify and understand known vulnerabilities, and build any risks into the deal model and integration plan. Identifying and mitigating obvious risks, not just in technology, are critical to a successful acquisition.
