IT/Cyber Due Diligence

This topic contains 5 replies, has 6 voices, and was last updated by  Hanen Dada 6 hours, 42 minutes ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #117669

    Kevin Ng
    Participant

    Traditionally, it is easy to engage advisors to conduct financial, legal and tax due diligence. However, IT due diligence is a fairly new field that is important but seems overlooked by most buyers.

    With increasing digitalization and cyberattacks (i.e. customer data stored online, proprietary information and knowhow stored digitally) how does your organization go about engaging in IT due diligence for potential targets?

    #119276

    Ceri Barton
    Participant

    In the past, we have engaged sector experts/operators with proven successes who have strong technical experience related to the target’s nature of business.

    #119616

    Luka Mladinov
    Participant

    I am working for an IT consulting company. This is what we usually do in terms of IT DD.

    Define IT applications and systems owners for relevant business functions
    Create inventory of IT applications and systems
    Document hardware inventory
    Document infrastructure landscape:
    – Computing platforms (mainframe hardware, server hardware, operating systems, etc.)
    – Data storage and hosting (data center facility, disaster recovery, etc.)
    – End-user computing (client hardware, client operating system, etc.)
    – Collaboration tools (e-mail, handheld devices, office automation, etc.)
    – IT security (audit tools, authentication, directory services, encryption, virus protection, etc.)
    – Systems management (configuration / asset / change management, service/help desk, etc.)
    – Telecommunications (firewall, wireless, voice, data, etc.)
    – Identify business critical applications and infrastructure components

    #121003

    Jerome Baumgartner
    Participant

    we used to work through our traditional tax & finance experts who did develop in-house IT expertise. They would then mandate some experts for specific area where high expertise is required.

    #121473

    Kar Wee Pee
    Participant

    I think this is an area where cyber security companies are actually stepping in and providing reports that can aid in such evaluation.

    #121580

    Hanen Dada
    Participant

    I agree with you that this is an important area that companies needs to spend more effort in it. Depending on the deal, IT due diligence needs to be conducted internally if the resources available and/or through advisors externally.

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

Loading.. Please wait