Provided technology and data privacy diligence

Provided technology and data privacy diligence

Stout’s IT Due Diligence team performed IT diligence for a buy-side M&A client in connection with the acquisition of an emergency response and resilience consultancy (“the Company”).

Stout performed comprehensive IT diligence, including a cybersecurity and data privacy assessment. Stout’s IT diligence included an assessment of key applications — both custom developed and commercially available, network and infrastructure, and a benchmark analysis of staffing and spending compared with peers.

The engagement’s complexity came from the introduction of multiple data privacy assessments, which included CCPA (California), GDPR (EU), and LGPD (Brazil) regulations, each requiring their own assessment. Additionally, the Company had custom-developed applications that required a detailed technical assessment, examining the technologies leveraged to develop the system, its current capabilities, and its ability to scale in future.

The cross-disciplined diligence effort was the combination of Stout’s Investment Bank group (who advised on the deal) and the IT Diligence team, which leveraged Stout’s Data and Analytics team for supporting the data privacy assessments.