A Business Acquisition is Exciting… If It’s Handled Properly

The time may come when you find yourself in the position to expand your business through the acquisition of one of your competitors or contemporaries. You may be in this position now. Either way, congratulations! This process can be rewarding and potentially quite profitable, provided everything goes according to plan.

One of the most important aspects to pay attention to during this process is the technology you’ll suddenly be adding to your toolkit. After all, you don’t want to find yourself with a huge, surprise mess.

You Need to Inspect Your Newly-Acquired Technology Carefully

It is crucial that you thoroughly audit all the IT assets acquired as part of your acquisition to ensure a comprehensive understanding of what you now possess. You don’t want any costs or liabilities to go unnoticed, as these risks could wind up turning an investment into a money pit.

Here are the steps you will want to undergo as you carry out this inspection:

Check the Infrastructure

As you acquire a business, you need to check to see how well-maintained its network and all associated components are. Check the age of the servers, workstations, and networking equipment. If the hardware doesn’t need to be replaced outright, ensure that it is properly updated and managed.

Attend to the Software

Next, check the software that the hardware allows you to access and utilize. Confirm that everything in use is properly licensed, and critically, take a full inventory of all active subscriptions. This will help you identify any redundant or unused subscriptions that should be cancelled while also helping you integrate them into your existing subscription costs.

Evaluate the Cybersecurity

Crucially, you need to identify the state of your new technology’s security, including all past breaches and current security tools in your considerations. If there have been past breaches, investigate what caused them and confirm that any holes in your acquisition’s security strategy are addressed. Ensure that you also evaluate the preparedness of your new team members to determine if they are up-to-date on security best practices and identify any necessary training.

Your Business Acquisition IT Review Checklist

Use the following checklist to ask the right questions throughout your acquisition:

Hardware (Inventory and Condition)
These questions will help you determine how much you need to invest in addition to your acquisition cost.

• Request a comprehensive and detailed inventory of all company-owned hardware, including servers, workstations, laptops, network switches, firewalls, and peripherals.
• Request the model and purchase date of each item to gauge its remaining lifespan.
• Confirm whether or not any of the equipment is still under warranty or another maintenance contract.
• Confirm whether or not any hardware is under lease and if so, if the terms can be reviewed.

Software and Licensing
These questions will help protect you from surprise recurring costs and non-compliance issues.

• Request a list of all business software and licenses, including operating systems, productivity suites, accounting and HR software, and industry-specific applications.
• Ensure all of these licenses are valid and can be transferred to your control.
• Request a list of all cloud subscription services, complete with costs and renewal dates.
• Evaluate your hardware to check for any unlicensed applications so they can be removed.

Security
These questions provide the information you need to determine whether your new acquisition is adequately equipped to address cybersecurity issues.

• Request the make and model of any firewalls currently in place.
• Confirm whether there’s a centrally-managed antivirus/endpoint protection on all workstations.
• Check that multi-factor authentication requirements are in place wherever available.
• Confirm that policies are documented and distributed among employees.

Data Backup and Recovery
These questions determine the capability of your newly acquired organization to recover from a data loss disaster.

• Determine what data is being backed up.
• Confirm how often backups are taken.
• Identify where backups are stored.
• View the most recent backup’s logs and the most recent recovery test’s report.

Breach History
These questions can help you uncover past incidents that may have latent consequences for your business after the acquisition is complete.

• Ask what security incidents the company has experienced in the past three years, including data breaches, ransomware attacks, and others.
• Confirm what data was affected and how the incident was resolved, and whether these incidents were reported to affected parties and regulatory agencies.
• Determine what the root cause of each incident was, and what changes were made to keep it from happening again.
• Request a list of any filed cyber insurance claims, complete with the costs of fines and remediation.

Ongoing Contracts and Vendor Agreements
This ensures you know who your newly acquired business has relationships with.

• Obtain a list of all vendors your acquired business currently works with, including their Internet service provider, telecommunications provider, and IT support provider.
• Review all service contracts to confirm the terms, services, costs, and end dates for each.
• Identify who has the administrative credentials and is the primary contact for each vendor.
• Confirm whether there are any documented service level agreements active with these vendors.

Don’t Allow Your Acquisition to Become a Nightmare Because of IT

You need to know that your business, including the parts you’ve recently added, has the technology it needs to support its operations productively and securely. We can help with that!

Turn to Texas Professional IT Services LLC for assistance in managing your business’ IT, from day-to-day needs to special circumstances. Contact us at (832) 514-6260 to learn more.