From backups to software licenses, here's a checklist for IT leaders at consolidation or acquisition time. Whether you're gaining an internal group or an external company, be prepared and be realistic.n Merger and acquisition activity stands to increase as global markets struggle to stay afloat during the worst economic slowdown in decades. What will you do when you find out you’re about to acquire or consolidate with another firm or division? Are you aware of the risks you may be inheriting? What data is going to demand the highest availability? What IT regulations will you have to address and how do you know if existing controls already address them? Below are 10 “data health” checks a CIO can conduct to answer these questions before giving a green light to a merger, acquisition or consolidation. Step One: Assess your dataFrom a data perspective, the first step needs to be an assessment of the independent data assets of each organization participating in the merger. If you do not know what data exists before the acquisition, gaining this understanding after combining the data, if it can be combined at all, will be extremely difficult. The task at hand will be simpler if both organizations practiced strong data governance. This is rarely the case though. Step Two: Plug the governance gapsAfter completing an honest assessment of where each organization stands in terms of data governance, the next step needs to be plugging the gaps. Work toward creating a definition of data that is not well understood or undocumented. Do not turn this into a long process; define what data you have and where it is stored. Consider using tools like data dictionaries and repositories and consult the subject matter experts (business users, programmers, data architects, etc.) at each organization for this information. Step Three: Leverage the M&A for governance improvementsUse the acquisition as a springboard for instituting new or stronger data governance policies and procedures. Lack of insight into important business data can be a strong motivational tool for implementing improved data management practices. Step Four: Plan for increased workload and capacityThe basic premise behind mergers is that the combined companies can conduct the same, or more, business more efficiently than two separate companies. Will you need more powerful hardware? Will the new combined business require more uptime, which translates to higher data availability? Existing hardware, transactions, applications, databases, and data maintenance processes may need to be overhauled to meet the new requirements. For mainframe shops, perhaps you can better utilize cheaper specialty engines like zIIP, zAAP, and IFL processors. And look into more efficient software and utilities for performance management, change control, and backup and recovery. Step Five: Evaluate backup and recovery plansA simple question, such as “Is everything backed up?” can be a crucial starting point. In the clamor of an acquisition, evaluating recoverability is often forgotten or ignored. The on-going health of those backups must be checked periodically. A systematic method of reviewing recovery health, include examination of backups, evaluation of IT hardware and software specification, and matching objectives to reality is helpful. Step Six: Determine your new exposure to IT regulationsIf the acquisition brings new types of business, even if it is related to your existing business, be sure to allot time and resources to examining and ensuring compliance with required IT regulations, such as PCI DSS, HIPAA and Sarbanes Oxley. Tools are available to help reduce the cost and complexity of compliance programs and processes, such as the Unified Compliance Framework (UCF), which provides spreadsheets broken down by individual areas of compliance.Step Seven: Implement a database auditing solutionBecause of the hectic nature of mergers and acquisitions, many last minute requests and requirements can fall through the cracks. A database auditing solution will routinely monitor data activity and keep an audit trail of users and changes in content. Additionally, database auditing can be used to keep an eye on your privileged users, such as DBAs and system administrators, who have unfettered access to critical data. Some can even track data access patterns to look for anomalous activity and raise alerts when it occurs. Step Eight: Plan personnel to cover combined systemsDuring most acquisitions, dual systems and applications need to be supported. Plan for the proper personnel and support to protect and manage all of the data while redundant systems are required. In other words, don’t pull the switch too soon on systems or personnel. Step Nine: Identify and eliminate the redundantInventory and eliminate redundant system software and utilities to reduce cost post-acquisition. For example, if the majority of your most functional applications use DB2 as the DBMS, but a few use a different DBMS, choosing a less functional application that uses DB2 instead may allow you to eliminate a costly DBMS license. However, such decisions need to be made in an informed, business manner and not simply with an eye toward reducing system software cost. Step Ten: Intelligently automate your data management solutionsThe more you can automate maintenance tasks, the fewer problems that may stall the integration of your systems. Using software to automate and conduct on-going health checks on your data and data management activities can improve the overall responsiveness of IT to business needs. The Bottom LineGetting a handle on all of the data in your post-acquisition organization requires time and effort. But it need not be fraught with risk. With proper planning, tools, and resources, along with realistic expectations, you can reduce the risk to your valuable business data. Craig Mullins works as a corporate technologist for Neon Enterprise Software in Houston, Texas. Read his blog at http://www.neonesoft.com/blog/blogs/cmullins. Related content BrandPost Why CISOs Are Looking to Lateral Security to Mitigate Ransomware How to fight ransomeware attacks with lateral security By Adelino Simao Mar 27, 2023 2 mins VMware Feature State of the CIO, 2023: Building business strategy Despite a focus on core modernization and transformation work, 2023 State of the CIO respondents say CIOs are playing a strategic leadership role with impact that transcends IT. By Beth Stackpole Mar 27, 2023 11 mins CIO Business IT Alignment Digital Transformation Analysis Why data leaders struggle to produce strategic results A recent Gartner survey of data and analytics leaders found that fewer than half think their teams are effective at providing value to their organizations. Here’s how to change that equation. By Thor Olavsrud Mar 27, 2023 8 mins Chief Data Officer Data Management IT Leadership BrandPost How Infosys and Tennis Australia are harnessing technology for good By Veronica Lew Mar 26, 2023 6 mins Infosys Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe