IT due diligence investigations should take place on three levels:

The ‘audit’ level. What equipment and software is there? Is it secure? Does it work? Who owns it? What are the outstanding commitments?

The ‘management’ level. How well does IT and technology support the business?

The ‘strategic’ level. Is the technology and IT organization sufficient for the future?