---
layout: handbook-page-toc
title: "Acquisition Process: Technical Due Diligence"
---

1. Code and architecture diligence - your team will provide access for key engineering contacts at GitLab to code repositories, products, and development/test environments.  We will:
   * Perform a code review
   * Analyze the technology stack and how it fits in the GitLab tech stack.  Evaluate efforts and approaches for integration including milestones.
   * Analyze what open source packages are in use and their associated licenses
   * Analyze what security vulnerabilities are known to exist in the product(s) and the process for determining this (static/dynamic security scanning, independent penetration testing, etc.).
   * Provide the results of any third-party security testing results.
   * Analyze any commercial software/services that are required for the product(s) to operate.
   * Evaluate development practices and standards
   * Analyze test suite coverage, framework, and automation
1. Employee evaluations - each engineer will undergo two rounds of interviews comprised of:
   * Technical assessment - a live coding session, solving a technical exercise or review a merge request with live followup session.
   * Manager interview
   * Evaluate potential team structure post-acquisition
1. In case of acquisitions with over 10 engineers the employee evaluation stage will happen in phased approach for 5 employees at a time.
1. In case where there aren't sufficient open recs matching the acquired team, the acquisition team can put a request to the executive team to approve new recs required.