IT Due Diligence Checklist

For the most concise, but complete treatment of IT due diligence, see The Business Case Checklist.

This checklist asks 12 questions of every IT investment:

1. What is the business need? No senior stakeholders being burnt by the problem, then, no investment.
2. What is the investment that addresses the business need? Describe the investment (NPV etc) first, not the technology.
3. What technology underlies the investment? Explain the cause-and-effect between what the technology does and the investment results produced.
4. What are the benefits of the investment? Define the impacts of your proposal; make them benefits by converting them into dollars or euros etc.
5. What are the costs of the investment? Capture all the costs: capex and opex, known and suspected. Be manic depressive.
6. What are the major risks? Be skeptical: assume the worst, hope for the best.
7. How did we value the investment? Check financial models, especially, assumptions and benchmarks rigorously.
8. Is the investment feasible and a good fit? Feasibility has several shapes: is it profitable (economic), does it work (technical), can we afford it (financial), and can we do it (operational)?
9. What alternatives did we consider? Without an alternative, you are not making a decision.
10. How do we execute on the investment? Until you execute, it's a forecast.
11. Is this a good business case? Wrapping a good investment in a bad business case wastes everybody's money and careers.
12. Do we invest? Decide on the merits of the investment and quality of the business case, not the loudest lobby.