UKBA logo dark

Protect Your Company with Technical Due Diligence

By Chris Galley

With the introduction of the information age came the rise of a new discipline known as ‘technical due diligence’. As an expert technology strategist and experienced CTO, technical due diligence is a core part of my skillset. I understand that it is critical to maintaining a company’s security, viability, and productivity. It is something that cannot be ignored in a world that relies almost exclusively on technology to drive business forward.

The term ‘due diligence’ has its origins in law and business. In a legal setting, a solicitor exercises due diligence on behalf of a client in order to ensure his or her best interests are always protected. In a business setting, due diligence is applied before certain kinds of transactions (e.g., merger or acquisition, purchase of securities, etc.) to ensure that a company’s financial best interests are protected.

Technical due diligence accomplishes similar purposes. It protects a company’s best interests for both short- and long-term operation; it helps to maintain a company’s long-term viability should there ever come a day when a technology investor shows interest in acquiring full or partial ownership.

More Than Just an Audit

Technical due diligence is more than just a routine audit for obtaining ISO accreditation. Audits are fine as far as they go, but they do not go far enough to uncover systemic issues that could cause significant problems down the road. Performing technical due diligence properly requires asking hard questions, digging deeply into institutional paradigms, and addressing systems and modalities in a way that makes people uncomfortable.  The value comes in addressing the issues found  during the due diligence process and the recommendations made as a result, this is where I work with the business to ensure that it improves in those areas highlighted.

So what goes into technical due diligence? The list of things I dig into as a technology strategist would be too long to list here in detail, but a good overview is possible. Whether I am working for a company with no plans to sell or helping a technology investor looking to make a deal, my technical due diligence covers the following areas:

Technical capability, stability, and scalability

Technical depth (staff, hardware, and software)

Total operational and support costs

The level of dependency on technology

Planned or required future technology initiatives and whether in the financial forecasts

Risks (security, financial, etc.) including regulatory such as GDPR.

Security strategies, policies, and procedures

members and management capabilities

Current software licensing and ownership

Current vendor agreements.

More often than not, technical due diligence uncovers systemic issues that are widely known but rarely discussed. It is a lot like a family with ‘secrets’ that everyone knows about but never mentions outside the family. Those things need to be brought out into the open and dealt with honestly if the right solutions are to be found and applied.

As a technology strategist, I have seen the harm that can come from not applying technical due diligence on a regular basis, nor following through the recommendations that are made. The reality of the modern world is that technology dominates. If businesses are not willing to practice due diligence where their technology is concerned, only negative consequences await.

By Chris Galley.

Contact us for further information

Need advice & guidance?

We have advisors all over the UK. Get in touch today for expert guidance and support.