A Due Diligence (DD) is defined as a targeted analysis and appraisal of the respective object under participation of independent third parties (e.g. auditors and external economic and legal advisors), to gather information on the object of purchase in the run-up to the planned transaction. Due Diligences are normally conducted functionally, whereas the Legal DD, the Commercial DD, the Tax DD and the HR DD belong to the “classical” Due Diligences since these sectors are generally seen to hold the largest risks and value levers for the purchase price and the later PMI.
Prior to concluding a contract for the company purchase, an asymmetric information flow normally exists between the contact partners. The main function of a DD in general is to decrease the incompleteness of information about the object of purchase and to therefore make possible that:
- Chances and risks of the planned company purchase are known, a price is agreed upon, which is perceived as fair between both contract parties and finally the identified risks are set down by regulations in the purchase contract.
- Information is determined for the following Post Merger Integration (PMI) (in this case IT PMI)
Regarding point 1, it should be noted that an extreme case of revealed risk in the IT sector and the so resulting risks for other areas could lead to a transaction being cancelled. Regardless of whether it is a strategic or a financial investor, it is IT DD’s task to identify which value IT can contribute towards reaching the acquisition targets.
Ideally, the IT DD should be performed in three phases, whereas these phases can overlap in time and their respective duration depends on the available time and the desired level of detail of the IT DD.
In phase 1 of the IT DD the creation of transparency is the main focus and data is collected along analysis fields which are to be defined. Ideal-typically, the following 10 analysis fields should be considered for an IT Due Diligence: IT Strategy/Governance, IT Organization, IT Processes, IT Infrastructure, IT Applications, IT Staff, IT Projects, IT Synergies/Controlling, IT Law and IT Security.
The qualification of this information with a focus on possible risk areas follows in phase 2. In phase 3 any potential purchase price reductions and implications for the purchase contract are determined, which derive from the risks.