Good diligence questions for an IT / tech consultancy

July 16, 2023

by a searcher from Harvard University - Harvard Business School in New York, NY, USA

I'm interested in the space of IT consultancies / tech consultancies / digital agencies. Basically, firms that do tech services for clients, ranging anywhere from building websites to integrating CRMs / ERPs / etc to building much more complex solutions.

There's one I've found that has promising financials. I'm very aware of the risk that the consultancy rests on the founder's or the founder + management team's shoulders - ie a lot of key person risk. What I've heard in initial conversations has mitigated my concerns a bit, but of course I'd like to solidify my understanding there even more.

What are some good diligence questions to ask for companies in this space, about the above topic or in general?

1 Like

8 Replies

97 Views

Replies

Reply by a searcher
in Bengaluru, Karnataka, India

Hi Allen,

Here are some of the questions I would ask for a target company in the IT/Tech consultancy space. Remember these are due diligence concerns from a technology/operations standpoint, assuming that the bulk of their business is generated via building solutions and products :

---- Security & Compliance Posture
- What security controls and measures are implemented to protect the client's systems, networks, and data?

- How does the company identify and address potential vulnerabilities in the systems and software it builds?

- How does the company satisfy the regulatory and compliance needs (such as HIPAA, PCI DSS, or ISO###-###-#### that its clients may demand?

---- Software Development Life Cycle

- What is the current version control and configuration management mechanism?

- How are software defects and issues tracked, prioritized, and resolved?

- Who handles rollbacks and hotfixes in case of production issues? (the client or the company)

- Are there service level agreements (SLAs) in place for response times and resolution of customer-reported issues?

---- People/Teams

- How does the company foster collaboration and knowledge sharing within the technical team? - Is the technical team scalable to accommodate future growth and project demands? How does the company manage resource allocation and workload distribution?

- What is the company's approach to attracting and retaining top technical talent?

- Does the company have a succession plan for critical technical positions? How does the company ensure continuity in technical leadership and knowledge transfer?

Feel free to DM or reach out at redacted if you'd like an in-depth discussion.

Reply by a searcher
from University of Notre Dame in Portland, OR, USA

Less about key person risk and more generally...if they are able/willing to share it, here are a few areas to look into: engagement profitability/margins, rate per hour trend if they bill by the hour, utilization % of their employees and how that is trending, tools/tech that are integral to implementation/service work (is it proprietary or 3rd party), and what does their backlog waterfall look like (assuming they have one) so you can get a sense of contracted work over the near term. Of course market/competitive landscape would be critical - what will their customers and competitors do when there's a change in control? Will competitors try to poach key personnel when they hear a transaction has occurred (and thus you try to mitigate with retention payments/contracts) ? A lot of that insight will hopefully be shared by the seller as part of diligence.

+6 more replies.

Join the discussion