Corporate spinoffs pose a special kind of IT challenge. As a particular type of divestiture, a newly spun-off company has options: (1) either begin paying for IT services provided by its corporate parent, (2) start deploying its own infrastructure with a clean slate, or (3) find an alternative company to provide the services its parent once did and\/or it requires moving forward.\nIf you are directing IT at a spinoff, before embarking on any of those courses, you should conduct a standard self-assessment to inventory your IT and communications needs. In particular, determine data residency and identify security requirements. As you undertake this transformation, be mindful of both immediate and long-term costs.\n1. Run an audit\nA business unit being spun-off first needs to itemize the parent-company IT resources that it consumes. With the proliferation of shadow IT and pockets of common services, however, it\u2019s common today for organizations to be in the dark on this question. Tracking those down requires tools, but you also need a good process.\nA multi-tiered process is a useful way to reveal assets and any gaps in a company\u2019s knowledge. In our practice, we first learn what IT leaders think they know and then deploy tools to identify actual networks, assets, data repositories and cloud-based services. Then we compare the two assessments and identify any gaps, or corresponding blind spots. If you can itemize everything you require as part of the parent company, you\u2019ll be better prepared to go solo.\n2. Check your data\nCountry or regional authorities imposing data residency requirements need to know where your data is stored. Whether these restrictions are well-advised is a matter of some debate and strategic positioning. Amazon Web Services (AWS) has argued in one white paper that data residency is \u201ccounterproductive\u201d to both data protection and global growth goals. Other cloud service providers, however, have underscored their efforts to localize storage.\nTo navigate laws in dozens of countries, follow on-going negotiations for digital free-trade zones and understand the sometimes contradictory legal rulings, you\u2019ll need professional expertise and advice. Legal experts, however, will still need you to do your homework first.\u00a0 And depending on the location, they may need to do homework, too.\n3. Agree to transition\nData residency is not the only reason you\u2019ll need legal help during a spin-off. If your parent company is going to let you continue using their systems, that understanding needs to be nailed down. To drive alignment through the process, you should consider drafting a Transitional Service Agreement (TSA).\nNegotiating these deals requires answering several questions. To list a few: Do your bandwidth and computing requirements change as a spin-off? Can existing software licenses be extended to a new legal entity? Does such a shift trigger a pricing change? What are the time limitations on the use of these legacy services?\n4. Go greenfield, smartly\nIf a TSA means what it says, at some point you will indeed transition into an independent IT entity. In some cases, you might need a full stack of IT services right away.\nIn a greenfield scenario, you need to find replacements for all the assets and infrastructure you identified in the audit. One approach, sometimes advocated by large consulting firms, is to throw bodies and hardware at these transitional IT challenges. Or you can change the discussion from hardware investment to managed services and outsourced infrastructure. In so doing, newly liberated firms may find approaches better calibrated for their situation, workloads and business agility.\n5. Don\u2019t forget security\nThere are numerous ways to become less secure as a spin-off. In cases of gradual separation from the parent company, you may not realize when security becomes your own responsibility. If you fail to address standard security best practices during the transition period, gaps will almost certainly arise.\nThese weaknesses can persist. In one case, we were called in to assist a company eight months into its spinoff, and we found a team that didn\u2019t even realize they needed to think about security. It\u2019s an understandable oversight, with all the focus on the initial spinoff itself. And given IT security is rarely a company\u2019s core competence and threats never seem to decline, a newly spun-off company typically needs help in this area. At a minimum, guidance and support around best practices.\nThe rising bottom line\nCorporate spinoffs are on the rise. According to an Ernst & Young annual survey released earlier this year, 87 percent of companies worldwide are planning divestments in the next two years. That\u2019s double the percentage from the previous year.\nA divestiture can deliver financial returns to parent and newly spun-off company. But managing IT during a spinoff takes dedicated resources and attention to basics. You\u2019ll need to audit your existing IT usage, identify data residency, negotiate transitional agreements and\/or engage with providers to build out your new IT stack, all without dropping the security ball. Budget accordingly. Skimping on any of these tasks, as we have seen through numerous operational clean-ups over the years, can be costly in the long run.