Due diligence is an essential part of the acquisition process. Technology, operations and security are key levers that can expose risks pre-close and present opportunities to drive value creation post-close. Compello works closely with its private equity clients and assesses a potential target’s technology and security environment. For non-technology businesses such as manufacturing and distribution, Compello offers operational due diligence to increase your operations and supply chain performance.
Our deep knowledge across all types of technology platforms helps you understand the risks of adopting a company’s applications, infrastructure, security and organization. The Compello team has conducted over 300 diligence engagements worldwide from small to mid-size to global organizations. Our due diligence team works closely with the private equity firm’s deal team to assess the IT environment and provide an actionable roadmap and incremental spend for post-close optimization. With Compello as your due diligence partner, you enter into a transaction fully informed.
IT Due Diligence
The best approach to IT due diligence is a holistic one that assesses a company’s internal on-premise, cloud environment, digital assets, and the company’s resources and processes that drives technology across the enterprise. While Compello follows proven diligence methodologies and a prescriptive process, we are flexible and will customize each diligence engagement to fit the PE firm’s needs based upon the investment thesis, budgetary and deal-close requirements. Compello can tailor and mix-match our diligence tracks that best fit the needs of our customers. And because technology works optimally when all systems are in sync, we also evaluate how well each fits into the company’s overall technology ecosystem and growth plans. Areas covered for non-software/product companies includes:
- Regulatory Compliance
- Business Processes such as ‘order to cash’, ‘procure to pay’, ‘post to close’ and ‘plan to make’
Software Due Diligence
A target company’s technology stack is a combination of commercially available software and proprietary-developed applications. Compello Partners applies rigor to evaluating both.
We bring CTO-level experience to assess the scalability, extensibility, reliability, security and sustainability across the software lifecycle. Our advisors are operators that have implemented global applications and solution architectures in real-world enterprise settings. Areas covered include:
- Technology Stack
- Application Architecture
- Software Development Lifecycle
- Information Security
- Business Continuity Plans
- Code Review
- IT Organization
Operations and Supply Chain Due Diligence
We look at the technology behind the operations and supply chains to assess the capabilities to scale and increase margins.
Are operations as efficient as possible? Where can volume increase and costs decrease? Is there waste that can be eliminated from a supply chain? How can you optimize your inventory turns? The answers to these questions have a tremendous impact on a target’s profitability potential. Areas covered include:
- Cost Reductions And Margin Expansions
- Operational Leadership
- Lean Maturity
- Operational Improvements
- Sourcing & Procurement
- Sales, Inventory & Operations Planning (SIOP)
- Site Layouts And Flow Optimizations
Cybersecurity Due Diligence
Is the company vulnerable to cyberattacks? What about data breaches? Are there any potential operational and reputational disasters in the making? Our due diligence includes comprehensive cyber risk management.
With our security expertise, we pinpoint where cybercriminals can access systems, tamper with data, and exploit weaknesses. With this detailed insight, we then develop recommendations and an actionable roadmap to shore up your target company’s security posture. Compello’s CISO (Chief Information Security Officer) covers:
- Information Security
- Intrusion Detection Systems
- File Integrity Management
- Physical Security Standards
- Vulnerability And Penetration Tests
- Adherence To Regulatory And Compliance Standards (NIST-800, HIPAA, etc.)
- Documented Security Policies And Procedures
- Management Capability