Technical due diligence plays a vital role in establishing a fair valuation and assessing future business potential. Software quality represents a significant part of the value of any potential private equity investment or full acquisition. Mobilize.Net is able to assist with your technical due diligence needs. With over 20 years of experience analyzing and evaluating the quality of software, from architecture to implementation, our senior staff of engineers and analysts stand ready to help you understand critical areas such as:
- Code quality and complexity
- Architecture, design, and programming patterns
- Platform infrastructure and frameworks
- Obsolescence and vendor dependency risk
- Codebase maintainability
- Readiness for agile development
- Quality of the existing development team and processes
- Readiness to meet future business goals and opportunities.
Technical Due Diligence: Framework for evaluating software quality
Quality Evaluation Criteria
Application quality is evaluated along many dimensions. The most common is architecture adherence to known best practices and architectural patterns, compliance with established coding practices and a foundation of well-supported frameworks, languages, and tools. A quality, well-built application will be up to date and correct on both architecture and implementation, ready for the demands of competition in today's dynamic markets.
Design criteria include the following:
- Agile, poised for growth: Is the system architected for new feature development, integration with other systems? Is it based on loosely-coupled, message-based design?
- Design patterns: Is it based on recognized good design patterns? Does the design incorporate current best practices?
- Future ready: Is it ready to be deployed as a web application, on a mobile device, in the cloud, or as SaaS?
- Choice of language: Are skilled, trained developers available in the labor market? Is the language currently taught in top universities? Is it well supported with tools and information from both the vendor and community?
- Framework(s): Are frameworks current with respect to version? Are they supported by the vendor and community? Is the vendor credible and do you expect continued enhancement and support? Is it a "black box" (binary code) or a "white box" (source code)?
- Operations infrastructure: Is the application implemented as on-premise or cloud-based? Is deployment complex or simple?
- Performance: Are the algorithms written for performance? Do coding practices limit performance on future clients?
- Code quality: How logical and accurate is the source code? How "human readable" is it? Is it documented? Are coding standards used consistently and correctly? What defect rates exist both for pre-release and post-release discovery? How complex (cyclomatic complexity measure) is the code?
- Development and build processes: What processes are used to develop specifications, source control, builds, QA and user acceptance?
Levels of Engagement
- First look: Structured questionnaires and phone interviews
- Drill Down: Adds deeper phone interviews and off-site architectural analysis via document reviews
- Deep Dive: Adds on-site interviews, direct code analysis of critical modules, and detailed code walkthroughs.