Due Diligence: IT Due Diligence

Written By Karl Popp
THIS IS THE FREE, REDACTED VERSION OF THE TASKS IN THE M&A REFERENCE MODEL  AND IT IS LICENSED UNDER Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International THE FULL SET OF DATA HAS TO BE LICENSED COMMERCIALLY.  HERE is a full model example for this task.

  The task has the following goal(s):

Draft IT integration plan: prepared

IT infrastructure of the target: analyzed

Application systems of the target company: analyzed

 The task has the following objectives:

Information asymmetry: minimized

Integration success: maximized

Risk: minimized

 Short description of task IT Due Diligence:

IT due diligence analyzes the company's IT resources as well as application and communication systems.

 The task uses the following business object types:

Target IT Budget, Target IT strategy, Target IT processes, Target IT projects, IT infrastructure risk, Application system risk, IT infrastructure of the target, Finance applications of the target, Application systems of the target company, Resources for automation of target information systems,

 Questions to be used during the execution of the task

The task is executed with the following questions, among others:

  • Are all key hardware resources redundant?

  • Are all custom developed applications adequately documented?

  • Are standardised / specialised communication protocols used?

  • Are there (contractual) commitments for future application systems?

  • Are there contracts that bind the company to third parties, such as service providers or cloud services?

  • Are there plans or contracts for future outsourcing projects and if so, what are the details?

  • Can the products be configured (attributes and property values) and if so, how is the configuration mapped / documented?

  • Can the routing be configured?

  • Does the company bind third parties to its own systems?

  • How are removals from data storage initiated? Are there interfaces to other systems/applications?

  • How are the data of the sold end products maintained during their product life cycle?

  • What are the details for the backup concept?

  • How are the production, machine and personnel data recorded?

  • How quickly is the reconstruction and restart after a failure?

  • What is the data protection concept?

  • How is tool management implemented?

  • How long can the company survive after an IT failure?

  • Can IT contracts be terminated?

  • What is the contractual term of IT contracts?

  • Is the configuration multi-level (i.e. can the configuration be adjusted for each level of the BOM?

  • Is there sufficient know-how for the specially developed applications?

  • Is the stock only used for shipping or also for production?

  • Is there an adequate backup concept with a backup data center for all important company functions? 

  • Is there an interface to the warehouse management? 

    THIS IS THE FREE; REDACTED VERSION OF THE TASK IN THE M&A REFERENCE MODEL: THE FULL SET OF DATA HAS TO BE LICENSED

    (C) Dr. Karl Michael Popp 2025

Karl Popp www.drkarlpopp.com
Previous

Due Diligence: Intellectual Property Due Diligence
Next

Due Diligence: Tax Due Diligence