Investing in or acquiring a company that relies on software as a core competence involves risk. No-one knows the company like the designers and architects, but they are not always able to provide a broad perspective on the technology.

Getting visibility on and understanding risks can be a truly frustrating activity for the non-specialist, particularly with the plethora of new technologies and techniques that are in contemporary use. Investment in due diligence is therefore a critical part of any transaction.

Ythos provides a detailed and structured approach for investors and acquirers. After our due diligence, you will have a clear idea how the technology you plan to acquire fits with your business goals. In using Ythos as an independent contractor, you may also quarantine the intellectual property component of the acquisition should the deal not proceed to completion.

Ythos deploys a team of one or two consultants depending on the nature of the code base, and follows a methodology that considers strategic, architectural, and implementation factors. Our methodology includes not only code review but face-to-face meetings with key staff, including members of the R&D team at all levels. Typical engagements last 1-4 weeks depending on the complexity of the project and provide iterative reports if necessary.

anatomy of a project

• client engagement

  • Review of business objectives
  • Specific issues to be addressed
  • Timescales
  • Letter of engagement

• context analysis

  • General systematic review of the software
  • Analysis of approach to common issues and challenges

• global technology review

  • Evaluation of the size and complexity of the software
  • Summary of the technologies employed and associated risks
  • The development environment
  • Quality Control process

• specific technology review

  • Architecture of the system
  • 3rd party dependencies & risks
  • Risk associated with Open Source Strategies
  • Code documentation
  • Code readability
  • Code maintenance
  • Physical and logical views of the system
  • Scalability review
  • New functionality and ease of integration
  • Supporting a changing code base
  • Security and privacy risks
  • Reliance on and access to data centers
  • Key algorithm review (e.g. a summary view of implementation and effectiveness)
  • Portability across systems
  • Code Unit Testing methodologies and suitability
  • Regulatory compliance
  • Addressing specific requirements

• summary and conclusions aiming to address the specific questions raised in the engagement contract