An international specialist in risk management, Apave has chosen to expand in France and abroad through the acquisition of medium-sized structures, generally lacking in structured IT.

The interweaving of business and data aspects often calls for a global IT audit

For the past three years, Agnès Kihm has been managing these initiatives on behalf of general management, usually from contact sourcing through to integration. “To succeed in these missions, it’s essential to have the right contacts and experts in place beforehand, particularly for IT issues”, explains Agnès Kihm. Even if IT is not always a strategic issue, IT audits have become almost systematic at Apave. “When we consider acquisitions of test companies or laboratories, we’re usually faced with tracking software, data management software, and customer or supplier data protection is often a sensitive issue, says Agnès Kihm, for whom the compliance rules are rarely respected in the field, which often presents a very significant potential risk.

Apave called on Lucernys for two of these acquisition audits – due diligence or IT carve-in . The first involved a Middle Eastern company made up of two laboratories that had developed their own in-house ERP systems. ” We felt that the interweaving of business and data aspects required a global IT audit”, explains Agnès Kihm, an audit carried out in parallel with a “business” due diligence. The same applies to the acquisition of a Polish company specializing in mobile and Internet network measurement on behalf of leading European telecom operators. The in-house tool designed to store the data was an important asset of the acquisition.

The need for these IT audits also arose from the evolution of the Apave Group. With an IT Department comprising over 300 employees and a significant number of tools historically developed by subsidiaries acquired over the years, it had become urgent to work upstream on tool synergies. “It was this observation that led the IT Department to call in external experts to provide an outside perspective,” explains Agnès Kihm. In her opinion, the use of these small, agile external structures with targeted expertise enables us to better measure risks and prepare for integration with the CIO after due diligence missions. The idea is to go further than just reporting, by recommending solutions tailored to the target: “These partners can sometimes propose post-acquisition corrections,” explains Agnès Kihm. And we need people who don’t just audit, but who can also provide operational support, give us the benefit of their customer experience, and be more responsive to the organization than an IT department would be”.

We need people who can provide operational support

As regards the two IT due diligence missions, Lucernys ‘ intervention confirmed Apave’s intuitions and demonstrated the strengths and weaknesses of each in-house ERP system in a highly documented manner. On one of the two targets“We realized that an asset identified as strategic would ultimately represent a very heavy investment for upgrading or replicability,” explains Bernard Schmitt, President of Lucernys. “The audit enabled us to document this point for the IT Department, which in turn was able to produce a detailed report for General Management in line with the Group’s requirements,” confirms Agnès Kihm. Lucernys also provided suggestions for corrections and adjustments, which were much appreciated.” On the target scond, the IT due diligence confirmed the compliance of the in-house tools touted by the vendors.