Anyone with experience Buying or operating IT managed or app development?

September 09, 2025

by a searcher from The University of Chicago - Booth School of Business in Seattle, WA, USA

Hi folks! currently analyzing an IT managed services and app development firm. does anyone have experience purchasing or operating one of these? Curious to know key risks or considerations I should be aware of. Thank you very much!! Note: I work in tech (as a PM) and understand app development, but I have never operated a company in the space

0 Likes

10 Replies

153 Views

Replies

Reply by a searcher
in Charlotte, NC, USA

For me personally, the focus is how easy will the competition be able to replicate the company's product(s), and what can I automate via AI. However, I know there is more than just those two areas to focus on, and there are a few checklist and questionnaires floating around that you probably already found, but here is the one that I use during my due diligence (some you might skip since they aren't all that relevant). 1. Financial Risks • What percentage of revenue comes from your top 5 clients? • How do you manage margin pressures and rising labor costs? • What is the current ratio of recurring managed services revenue vs. one-off project revenue? 2. Operational Risks • How dependent are you on key technical staff, and what is your turnover rate? • What systems or processes are in place to scale operations when onboarding new clients? • How often are SLAs missed, and what are the penalties? • How do you document systems and processes to mitigate knowledge loss? 3. Market & Competitive Risks • What differentiates your services from competitors in the market? • Have you lost clients due to insourcing or cloud migration? • How do you stay updated with emerging technologies like AI, DevOps, or cloud-native platforms? • Who are your main competitors, and how do you defend against offshore or low-cost providers? 4. Compliance & Security Risks • Which compliance certifications do you currently maintain (SOC 2, HIPAA, GDPR)? • How do you manage compliance obligations for clients in regulated industries? • Do you accept liability for cybersecurity breaches? If so, how is it limited or insured? 5. Strategic Risks • How much of your revenue is tied to supporting legacy systems vs. modern platforms? • What percentage of revenue is reinvested into R&D; or innovation? • Have you been approached for acquisition, and what risks would integration pose? 6. Client Relationship Risks • What is the average length of your client contracts? • What are the switching costs for clients if they consider leaving? • How do you ensure alignment between client expectations and actual delivery? • Who owns the IP for custom-developed applications in your contracts? ---- A few notes: You could use AI to help in identifying any gaps to your own knowledge by specifying the categories you are aware of and the key areas of focus you care about the most). I created a prompt creator GPT that helps me with this called Quip: https://chatgpt.com/g/g-68746bdd91d881918a95a3dfc704726e-quip?model=gpt-5-thinking (but it requires at least a Plus plan) - I do have the initial instructions I used that I can send via DM for those who don't have Plus plan.

Reply by a searcher
from Northwestern University in Newtown, PA 18940, USA

Baseline risks are similar to other firms: customer concentration, employee retention, invoice to cash, etc. In the space specifically, understand your Utilization Rate, employee turnover, skillset, CSAT, backlog, the relationship between Sales and Delivery (huge risk), and you must have a handle on project deposits creating a liability compared to the WIP (work in progress). Happy to chat more, just ping me.

+8 more replies.

Join the discussion