I recently had a conversation with a searcher who was under LOI for a SaaS. He was looking for an initial list of information to request from the owner. I thought it might be useful for the other SaaS searchers so I've provided it below. This list is just the tip of the iceberg but can provide you a leg up during DD and help your tech due diligence firm provide you better service. Not included below is codebase access. Start that conversation as soon as possible as it may take some negotiation to get access (if you can get access at all).
1. System Architecture:
High-level system architecture diagrams
Database schemas
-
Infrastructure: Cloud infrastructure documentation (e.g., AWS, Azure, GCP configurations)
-
Security: Security policies and procedures Encryption methods for data at rest and in transit Data retention and backup policies
-
Tech Stack: List of all technologies, frameworks, and programming languages used Licensing information for all software (including all open source licenses)
Product documentation
Total lines of code in the codebase
If anyone else has questions on SaaS, Technical DD, or related topics, please post them and I'll do my best to get them answered for you.