IT Due Diligence Playbook

This template focuses on the crucial IT aspect of M&A transactions. Prevent future IT complications by focusing on all the right areas such as data privacy management, customer support systems, cyber & network security, software, hardware and more. Book a playbook demo to explore — schedule a call with us and we will reach out to help you get started.

This template is included in all DealRoom's plans

What are the benefits of using this template?

Excel Export/Import

Export this template to Excel with just one click. Also, Import your Excel spreadsheet easily - turn it into a nice dealroom.net board.

Integrated with Data Room

The tasks tracker is integrated with the virtual data room, so you can start collecting documents right away.

Easy Tracking

Track your projects progress from start to finish, know if a task is stuck or behind schedule.

Eliminate Excel trackers, emails and disconnected tools with DealRoom

What Tasks does the 

IT Due Diligence Playbook

 Include

General IT Administration

  • Details of any current and planned IT initiatives/key projects.
  • Summary of key IT resources (hardware/software/people).
  • Diagram of technical architecture including servers, storage devices, operating systems and databases.
  • Description of the networking systems and specific hardware configurations.
  • Summary of any vendor support or other support services to which the target is entitled.
  • Summary of annual costs associated with maintenance of IT hardware, including hardware upgrades and replacements.
  • Material contracts related to software and IT services.
  • Summary of services provided by all external IT contractors/consultants.
  • Capacity for growth in the target's current IT environment.
  • Summary of how the target acquired technology and the role of IT/technology in strategic planning.

Software

  • Identify current operating systems.
  • Identify current databases.
  • Identify current company intranet and external web servers.
  • Identify current Email.
  • Identify open source systems.
  • Identify current antivirus and security applications.
  • Identify systems utlized for different business functions (Customer Relationship Management (CRM)/ Human Resources Management (HRIS)/Accounting/Payroll/Project Management, etc.).
  • Appraise software's scalability, stability, supportability, and cost.
  • Review company's software development plan.
  • Obtain and review copies of software licenses and contracts.
  • Evaluate back-end software development.
  • Describe the level of automation and web or internet facing applications.

Hardware

  • Identify current laptops, computers, and desktops.
  • Identify current desk phones, mobile phones, and tablets.
  • Identify current storage devices.
  • Detail the item's make, model, and manufacture number.
  • Create a map of general physical location and configuration of hardware.
  • Appraise hardware's scalability, stability, supportability, and cost.
  • Identify which hardware may need replaced or updated within the next 12 months.
  • Denote whether each item is owned by the company or leased.
  • Obtain and review copies of all hardware leases and contracts

Data Privacy Management

  • Review company's Data Management Policy.
  • Review company's Privacy Policy.
  • Audit data management and privacy practices.
  • Review plan for data breaches.
  • Verify compliance with HIPAA.

Operations Procedures

  • Assess whether incidents logged with enough detail to safeguard potential problems.
  • Measure timeliness of alerts (i.e. real time or lag).
  • Identify systems and users that are designated as monitors.
  • Identify remaining infrastructure headroom.

IT Security

  • Detailed summary of the key security protocols.
  • Summary of all personal and/or sensitive information.
  • Target's policies and procedures regarding data storage and data encryption.
  • Summary of any issues, including loss of confidential information, inappropriate or malicious content, etc.
  • Results of stress test analysis, including the resolution of any issues identified.
  • Details about monitoring measures/tests to ensure technical safeguards are working as expected.
  • Summary of any logged security issues.
  • Summary of any anti-virus and anti-malware protections.
  • Policies and procedures utilized by the target to manage mobile device security.
  • Description of any cyber attacks/intrusions.
  • Copy of policy and network for remote working.

IT Staff

  • Identify whether IT support staff is internal or outsourced.
  • If outsourced, review applicable IT Staff contract, noting the value an expiration.
  • Identify all members of the IT Support Team.
  • Detail each member's name, position/title, tenure, and level of access they currently receive.
  • Gather and audit signed confidentiality and intellectual property agreements.
  • Create organizational chart to depeict how the department is organized
  • Review past performance reviews and training programs for IT staff.
  • Review and appraise IT Help Desk processes.

FAQ

What Is Due Diligence?

Due diligence is a critical aspect of any deal that begins very early in the process and can continue right up until closing. During due diligence, the potential buyer asks questions and requests documentation from the seller that helps the buyer understand the target company and its business. These requests are usually general to start and become more specific as the buyer develops a greater understanding of the target. Buyers use the information provided by the seller to evaluate the opportunities and risks associated with the potential transaction. It is important for sellers to stay organized throughout the process. Buyers often submit thorough, detailed request lists that require input from numerous members of the seller’s deal team.

What is a due diligence checklist?

As the name implies, a due diligence request list is a list of questions and requests for information and documentation that a buyer submits to a seller in order to learn about the target company, its business and its operations. The initial diligence request list tends to be broad and typically includes an extensive list of questions covering a wide range of subjects. This allows the buyer to gain a broad understanding of the target company and identify key issues that can be investigated and considered more closely. Because every deal is different, due diligence request lists have to be tailored to meet the needs of the buyer and address the unique circumstances of your transaction.
However, there is a variety of fundamental requests that are relevant in most deals. These are the types of requests that our templates are designed to address.

What Questions Does the Master Due Diligence Questionnaire Include?

As the name implies, a due diligence request list is a list of questions and requests for information and documentation that a buyer submits to a seller in order to learn about the target company, its business and its operations. The initial diligence request list tends to be broad and typically includes an extensive list of questions covering a wide range of subjects. This allows the buyer to gain a broad understanding of the target company and identify key issues that can be investigated and considered more closely. Because every deal is different, due diligence request lists have to be tailored to meet the needs of the buyer and address the unique circumstances of your transaction.
However, there is a variety of fundamental requests that are relevant in most deals. These are the types of requests that our templates are designed to address.

Key considerations when using our m&a due diligence template

Our templates are drafted to provide an inclusive and wide-ranging list of initial due diligence requests. However, the templates, as well as the information contained therein, are not legal advice. They are not complete, and they are not specific to your transaction. The templates are designed to elicit general information from the seller that will provide the buyer with a broad overview of the target and it’s business and operations. You should review any template before using it, and it may need to be modified to ensure that it is suitable and relevant to your circumstances. Information provided by the seller will likely trigger additional questions that focus on specific aspects of the target’s business and issues identified during the due diligence process.

Are the requests in the template comprehensive?

No. Our Due Diligence Checklist is drafted to include typical requests that are relevant in most transactions. However, every deal and every target company is unique. Before utilizing any template, it is important that you review it with the help of your legal and other professional advisors to ensure that the requests are complete and tailored to the specific circumstances of your deal.

How to use the template with Dealroom

  • Start 14-day Free Trial of DealRoom and sign-up
  • Select a Master Due Diligence Template while creating a new room
  • Start assigning, adding to, and completing due diligence requests with needed documents by uploading them into the built-in virtual data room. The Requests tab is automatically populated with the requests from the due diligence template.

Can I change requests in this checklist or add new?

Every M&A process is different. Downloaders are urged to make these checklists their own by changing the providing information to better fit their needs.

Does this questionnaire provide all the necessary integration information?

This checklist was created by and for M&A professionals. It includes a comprehensive starting point for the integration process. However, every deal is different and may require additional requirements and tasks.

How to use this template with DealRoom?

  • Start 14-day Free Trial of DealRoom and sign-up
  • Select an Integration Template while creating a new workspace
  • Start planning, assigning, adding to, and completing integration tasks. The Requests tab is automatically populated with the tasks from the integration template.

Key considerations when using our m&a due diligence template

Our templates are drafted to provide an inclusive and wide-ranging list of initial due diligence requests. However, the templates, as well as the information contained therein, are not legal advice. They are not complete, and they are not specific to your transaction. The templates are designed to elicit general information from the seller that will provide the buyer with a broad overview of the target and it’s business and operations. You should review any template before using it, and it may need to be modified to ensure that it is suitable and relevant to your circumstances. Information provided by the seller will likely trigger additional questions that focus on specific aspects of the target’s business and issues identified during the due diligence process.

Are the requests in the template comprehensive?

No. Our Due Diligence Checklist is drafted to include typical requests that are relevant in most transactions. However, every deal and every target company is unique. Before utilizing any template, it is important that you review it with the help of your legal and other professional advisors to ensure that the requests are complete and tailored to the specific circumstances of your deal.

How to use the template with Dealroom

  • Start 14-day Free Trial of DealRoom and sign-up
  • Select a Master Due Diligence Template while creating a new room
  • Start assigning, adding to, and completing due diligence requests with needed documents by uploading them into the built-in virtual data room. The Requests tab is automatically populated with the requests from the due diligence template.

IT Due Diligence Playbook

This template focuses on the crucial IT aspect of M&A transactions. Prevent future IT complications by focusing on all the right areas such as data privacy management, customer support systems, cyber & network security, software, hardware and more. Book a playbook demo to explore — schedule a call with us and we will reach out to help you get started.

IT Due Diligence Playbook

This template focuses on the crucial IT aspect of M&A transactions. Prevent future IT complications by focusing on all the right areas such as data privacy management, customer support systems, cyber & network security, software, hardware and more. Book a playbook demo to explore — schedule a call with us and we will reach out to help you get started.

This template comes with Single Project plan and above
Automate your process today with this M&A checklist.

Utilizing a checklist is just step one. In order to have a seamless process, M&A checklists need to be utilized with the proper deal workflow tool.

Request a demo to learn how you can turn a checklist into an automated process and workflow with the DealRoom platform. With DealRoom, you can tackle any type of due diligence.

Project Tristan
Requests
Documents
Groups
Analytics
Overview
Progress
Timeline
Filter
All Requests
Export
  • Details of any current and planned IT initiatives/key projects.
  • Summary of key IT resources (hardware/software/people).
  • Diagram of technical architecture including servers, storage devices, operating systems and databases.
  • Description of the networking systems and specific hardware configurations.
  • Summary of any vendor support or other support services to which the target is entitled.
  • Summary of annual costs associated with maintenance of IT hardware, including hardware upgrades and replacements.
  • Material contracts related to software and IT services.
  • Summary of services provided by all external IT contractors/consultants.
  • Capacity for growth in the target's current IT environment.
  • Summary of how the target acquired technology and the role of IT/technology in strategic planning.
  • Identify current operating systems.
  • Identify current databases.
  • Identify current company intranet and external web servers.
  • Identify current Email.
  • Identify open source systems.
  • Identify current antivirus and security applications.
  • Identify systems utlized for different business functions (Customer Relationship Management (CRM)/ Human Resources Management (HRIS)/Accounting/Payroll/Project Management, etc.).
  • Appraise software's scalability, stability, supportability, and cost.
  • Review company's software development plan.
  • Obtain and review copies of software licenses and contracts.
  • Evaluate back-end software development.
  • Describe the level of automation and web or internet facing applications.
  • Identify current laptops, computers, and desktops.
  • Identify current desk phones, mobile phones, and tablets.
  • Identify current storage devices.
  • Detail the item's make, model, and manufacture number.
  • Create a map of general physical location and configuration of hardware.
  • Appraise hardware's scalability, stability, supportability, and cost.
  • Identify which hardware may need replaced or updated within the next 12 months.
  • Denote whether each item is owned by the company or leased.
  • Obtain and review copies of all hardware leases and contracts
  • Review company's Data Management Policy.
  • Review company's Privacy Policy.
  • Audit data management and privacy practices.
  • Review plan for data breaches.
  • Verify compliance with HIPAA.
  • Assess whether incidents logged with enough detail to safeguard potential problems.
  • Measure timeliness of alerts (i.e. real time or lag).
  • Identify systems and users that are designated as monitors.
  • Identify remaining infrastructure headroom.
  • Detailed summary of the key security protocols.
  • Summary of all personal and/or sensitive information.
  • Target's policies and procedures regarding data storage and data encryption.
  • Summary of any issues, including loss of confidential information, inappropriate or malicious content, etc.
  • Results of stress test analysis, including the resolution of any issues identified.
  • Details about monitoring measures/tests to ensure technical safeguards are working as expected.
  • Summary of any logged security issues.
  • Summary of any anti-virus and anti-malware protections.
  • Policies and procedures utilized by the target to manage mobile device security.
  • Description of any cyber attacks/intrusions.
  • Copy of policy and network for remote working.
  • Identify whether IT support staff is internal or outsourced.
  • If outsourced, review applicable IT Staff contract, noting the value an expiration.
  • Identify all members of the IT Support Team.
  • Detail each member's name, position/title, tenure, and level of access they currently receive.
  • Gather and audit signed confidentiality and intellectual property agreements.
  • Create organizational chart to depeict how the department is organized
  • Review past performance reviews and training programs for IT staff.
  • Review and appraise IT Help Desk processes.

Prepare for your tech due diligence

DealRoom’s technical due diligence template is designed to help teams have an efficient due diligence process from the beginning. By providing your team with a premade professional tech diligence checklist, you can get a jump start on fulfilling diligence requests.

The template can act as a guide for common tech diligence requests categories such as general IT administration, software, hardware, data privacy management, operations procedures, It security and more. And when you use a diligence tracker inside DealRoom, everything will be in one centralized space.

General IT Administration

  • Details of any current and planned IT initiatives/key projects.
  • Summary of key IT resources (hardware/software/people).
  • Diagram of technical architecture including servers, storage devices, operating systems and databases.
  • Description of the networking systems and specific hardware configurations.
  • Summary of any vendor support or other support services to which the target is entitled.
  • Summary of annual costs associated with maintenance of IT hardware, including hardware upgrades and replacements.
  • Material contracts related to software and IT services.
  • Summary of services provided by all external IT contractors/consultants.
  • Capacity for growth in the target's current IT environment.
  • Summary of how the target acquired technology and the role of IT/technology in strategic planning.

Software

  • Identify current operating systems.
  • Identify current databases.
  • Identify current company intranet and external web servers.
  • Identify current Email.
  • Identify open source systems.
  • Identify current antivirus and security applications.
  • Identify systems utlized for different business functions (Customer Relationship Management (CRM)/ Human Resources Management (HRIS)/Accounting/Payroll/Project Management, etc.).
  • Appraise software's scalability, stability, supportability, and cost.
  • Review company's software development plan.
  • Obtain and review copies of software licenses and contracts.
  • Evaluate back-end software development.
  • Describe the level of automation and web or internet facing applications.

Hardware

  • Identify current laptops, computers, and desktops.
  • Identify current desk phones, mobile phones, and tablets.
  • Identify current storage devices.
  • Detail the item's make, model, and manufacture number.
  • Create a map of general physical location and configuration of hardware.
  • Appraise hardware's scalability, stability, supportability, and cost.
  • Identify which hardware may need replaced or updated within the next 12 months.
  • Denote whether each item is owned by the company or leased.
  • Obtain and review copies of all hardware leases and contracts

Data Privacy Management

  • Review company's Data Management Policy.
  • Review company's Privacy Policy.
  • Audit data management and privacy practices.
  • Review plan for data breaches.
  • Verify compliance with HIPAA.

Operations Procedures

  • Assess whether incidents logged with enough detail to safeguard potential problems.
  • Measure timeliness of alerts (i.e. real time or lag).
  • Identify systems and users that are designated as monitors.
  • Identify remaining infrastructure headroom.

IT Security

  • Detailed summary of the key security protocols.
  • Summary of all personal and/or sensitive information.
  • Target's policies and procedures regarding data storage and data encryption.
  • Summary of any issues, including loss of confidential information, inappropriate or malicious content, etc.
  • Results of stress test analysis, including the resolution of any issues identified.
  • Details about monitoring measures/tests to ensure technical safeguards are working as expected.
  • Summary of any logged security issues.
  • Summary of any anti-virus and anti-malware protections.
  • Policies and procedures utilized by the target to manage mobile device security.
  • Description of any cyber attacks/intrusions.
  • Copy of policy and network for remote working.

IT Staff

  • Identify whether IT support staff is internal or outsourced.
  • If outsourced, review applicable IT Staff contract, noting the value an expiration.
  • Identify all members of the IT Support Team.
  • Detail each member's name, position/title, tenure, and level of access they currently receive.
  • Gather and audit signed confidentiality and intellectual property agreements.
  • Create organizational chart to depeict how the department is organized
  • Review past performance reviews and training programs for IT staff.
  • Review and appraise IT Help Desk processes.

How DealRoom can help you execute due diligence

By using our master due diligence template, alongside DealRoom’s M&A lifecycle management software, you can create a smooth diligence process.

How DealRoom can help you execute integration

By using our integration template, alongside DealRoom's M&A lifecycle management software, you can create a smooth integration process

With this solution you’ll receive:

Professional template

with requests that are specific to your transaction type. Our platform allows you to add new requests as they pop up, track progress, collaborate and more.

A built-in data room

allowing you to link corresponding documents to the diligence requests and keep all the information safe.

Project management capabilities

that enable your team, client and other parties to work together and set priorities during the diligence.

Collaboration tools

to eliminate long email threads. Team members can add comments and tag other each other on requests.

More Templates

Flow of Funds Template

Environmental Due Diligence Playbook

Venture Capital Due Diligence Playbook

Highly effective M&A teams choose DealRoom to manage their transactions end-to-end

Download your free template by simply filling out the form below

All fields are required.
Thank you!
Your download has already started.
Have your template do the work for you
Streamline your process with this M&A template and turn it into an automated process and workflow with the DealRoom platform today.