Advisory / Audits

Technical Due Diligence

In 2–3 weeks you know exactly what you are buying — the code, the architecture, the team, the security posture, and what the repairs will cost.

2–3 weeks, fixed

When you need it

You are acquiring, investing in, or lending against a company whose value depends on software. The financials have been audited. The technology — the thing the money actually buys — usually has not. Deals price in a technology story; our job is to check it against the technology.

What we examine

  • Code and architecture. Structure, quality, technical debt, and whether the platform can carry the growth the deal assumes.
  • Team. Who holds the critical knowledge, what leaves with them, and how delivery actually works day to day.
  • Security. Posture, exposure, and the incidents the data room does not mention.
  • Infrastructure and cost. What it runs on, what it costs, and how that cost curves at the scale in the model.
  • The repair bill. Every finding priced: what must be fixed, roughly what it takes, and in what order.

The process

StepWhat happens
1. ScopingOne call. We agree scope, access, and timeline, and sign what needs signing.
2. AccessRepositories, documentation, cost consoles, and interview slots are arranged.
3. ExaminationWe read the code, the architecture, and the numbers. We interview the leads. We test the claims made in the deal narrative against what we find.
4. ReportWritten findings with a risk register, prioritized. No hedging — each risk carries a verdict: deal-blocking, price-affecting, or manageable.
5. Verdict call30 minutes with your team. What we found, what it means for the deal, what we would do first on day one.

Optional module: Team Assessment

The codebase tells you what was built. It does not tell you whether the team can build what your investment case requires next. The Team & Org Assessment bolts onto a due diligence as a structured evaluation of the people and the delivery organization — most useful when the thesis depends on shipping, not just owning.

Questions buyers ask

How do you handle confidentiality?

We sign the NDA before we see anything — yours or the target’s. Findings go to you alone. We never audit a vendor we work with; the conflict-of-interest policy is public and applies to every engagement.

What access do you need?

Read access to the repositories, the infrastructure and cost consoles, the architecture documentation if it exists, and interview time with the engineering leads. No production access is required. We work inside the target’s security constraints.

What if the timeline is shorter than two weeks?

We tell you what we can and cannot conclude in the time available, and the report marks the difference. A verdict with stated confidence beats a guess with false precision.

Do you rate the deal?

We rate the technology and the team against what the deal assumes about them. The investment decision is yours; the report tells you what you are actually buying and what it will cost to make it do what the thesis needs.

Buying something built on software?

A 30-minute scoping call tells you whether the timeline works, what access we need, and what the engagement costs. Fixed scope, fixed duration.

Book a scoping call