Banking

Write an effective IT due diligence report

After you've conducted your on-site due diligence data collection, you must prepare a report. Keep in mind that writing isn't exactly a breeze. This collection of tips and advice will help you create an effective and informative report.


You’ve conducted your IT due diligence visit and collected valuable information. Now you’re ready to develop a report to assess the existing situation, identify risks, and quantify issues that offer technology leverage opportunities—and, finally, present your findings to the CEO and CFO. If you thought the hard part was the site visit, think again. Writing is hard work and it takes concentration and effort to do it well.

When writing a due diligence report (what others may call an IT assessment report), keep four things in mind:
  1. Write for the target audience.
  2. Focus on the report objectives.
  3. Limit the report to information that has material impact to your company.
  4. Structure the information to be used as valuable reference material later.

Write for the target audience
Typically, you’ll write due diligence reports for your company’s CEO, CFO, and/or board of directors. Keep the report at a high level and consider including an executive summary for those who probably won’t read the full report.

These executives will be most interested in issues that potentially affect the purchase price of an acquisition, risks that can affect the ongoing operation of the company, and leverage opportunities. The bottom line is that they’re usually looking for a financial upside, so quantify any material opportunity that affects or can improve the financial picture.

Keep your points succinct and “net out” your supporting discussion. Don’t get off course with tangents or superfluous information. A good way to tighten and cull the report down to the main objectives is to read it several times before completing a final draft.

Focus on the report objectives
Before you began your due diligence discovery, you should have gotten a clear definition of your objectives, as detailed in the first part of this series. If you didn’t, it will be very hard for your report to meet the business objectives of the project.

In my IT due diligence reports, I try to include the following sections (at a minimum):

I.    Objectives

II.   Executive Summary

III.  Key Findings
          A. Business Applications
          B. Infrastructure
          C. IT Organization
          D. Technology Expense Run Rates
          E. Capital Needs
          F. Automated Processes
          G. Key Projects
          H. Risks
          I.   Leverage Opportunities

IV.   Recommendations

V.   Financial Analysis
          A. IT Operating Budget—Next 12 months
          B. IT Capital Budget—Next 12 months

VI.  Transition Plan

It helps to have a good idea of how to structure the report before you begin your discovery process because it can keep you on alert for issues that potentially create risk, have financial considerations, or that offer potential upside to the operation of the company.

Limit the report to vital information
Producing a big, comprehensive report is not your objective. The purpose is to write a comprehensive report that focuses on all items that are material in nature to either the purchase price or ongoing operation of the company after the acquisition is completed.

Before addressing any issue in your report, ask yourself, “Will my CEO need or benefit from this information?” It’ll help you keep the report focused on the important issues:
  • Anything that has “risk” associated with ongoing operation
  • Software compliance
  • Staff retention, especially key personnel
  • Vendor issues
  • Issues that can cause material operating expense changes
  • Issues that require capital expenditures and potentially alter the value of the purchase
  • Items that have leverage possibility to generate improved earnings

One tool I use in my report development is a set of due diligence collection templates. I include these completed templates, with the company’s information filled in, with my report.

Structure information for easy reference
Many months after the due diligence process is over and you’re operating the technologies of the new company, you may be surprised at how often you need to refer to the report. It can become an excellent snapshot of the state of the company’s technologies and support capabilities at the time the company was purchased.

One of the follow-up items that you should consider is measuring your progress six months to a year after the merger is completed. In the Key Findings section of the report, include a section that lists leverage opportunities. If you quantify in the report what the opportunity is, how much it costs to implement, the ROI, and when the savings and/or benefits will be achieved, you already have what you need to measure the performance of post-merger activities. The follow-up evaluation will review each of these opportunities and grade your progress.

Tips for getting the report written
Use these four tips to streamline the report-writing effort:
  1. Develop an executive summary of findings.
    When I conduct an IT assessment, I always conclude my onsite visit with an executive summary of my discovery efforts. To prepare for this 30-minute to one-hour discussion with the executives of the soon-to-be-acquired company, I work through all my notes and list the key points that were discovered. Then I organize them by category (infrastructure, organization, financial, risks) and prepare a quick overview of key points that will be included in the report. Listing the key points will significantly help your writing efforts later.
  2. Block out a dedicated time and start writing.
    Procrastination can be the biggest obstacle. Once you focus your time and energy and actually begin writing, you’ll find that you complete the work quickly.
  3. Use a standard report outline.
    An outline will help you focus and organize your report from the start. Download this IT Due Diligence Report template and use it for your next due diligence or IT assessment project.
  4. Edit your report.
    Go back through your notes after writing the first draft to ensure you have included all pertinent issues and deleted superfluous information.

What's coming up
Keep up with this series, which will examine the following issues:
Part 5: Assimilation (the people side): This installment will cover the importance of handling staffing changes and concerns with great care, and how organizational transitions can create significant risk.
Part 6: Assimilation (the systems side): There is value in being able to eliminate redundant technologies, but it’s not as simple as converting everything to one technology. This article will focus on systems strategy and leverage opportunities.
Part 7: Measurements that make sense: How do you know if the technology organization is focused on leveraging the value of the new company after a merger is complete? This installment covers a few key measurements worth tracking.

Mike Sisco is the CEO of MDE Enterprises, an IT management training and consulting company. For more of Mike’s management insight, take a look at his IT Manager Development Series.

 

Editor's Picks

Free Newsletters, In your Inbox