July 17, 2026 - by Manan Thakkar
The highest-return IT move in the first 90 days post-close is a SaaS license audit — a three-week engagement that recovers $40K to $120K in year-one cost and produces the application baseline every subsequent integration decision depends on. Beyond quick wins, post-close IT value creation requires sequencing discipline across three dimensions: what to act on immediately, what to avoid in year one, and how to build the data foundation that determines whether AI investments in 2027 and 2028 deliver returns or sit idle.
Earlier this year, I joined Eric Codorniz and Miguel Sanchez for Synoptek’s PE value creation webinar, where we walked a live audience of PE sponsors, operating partners, and portfolio CFOs through what IT actually does and does not, accomplish across the deal lifecycle. The questions that generated the most engagement were not about diligence or exit. They were about the hold period: what to do first, what to avoid, and how to convert IT from a quarterly fire drill into a board-level value driver.
This article is an extension of that conversation, drawn from what I see repeatedly across post-close platform consolidations.
There is a pattern that shows up in the first 90 days post-close. The deal thesis is clear. The value creation priorities are agreed upon. And then the first IT decision gets made by whoever happens to be in the room, because there is no governance structure yet, and speed feels more important than process.
By day 60, that decision has three dependencies. By day 90, there is a vendor contract attached to it. By year two, it is the constraint the integration plan has to work around.
Post-close IT value creation is not a transformation program. It is a sequencing discipline. The right moves, in the right order, with the right accountability structure underneath them, compound positively across the hold period. The wrong moves, made reactively, compound the other direction.
After architecting post-close platform consolidations across a range of deal sizes and complexity levels, the patterns are consistent enough to be prescriptive.
The Quick Win That Actually Works
The highest-return move in the first 90 days is a SaaS license audit.
In my experience, mid-market portcos typically run 60 to 120 SaaS applications at the time of close. A structured audit surfaces duplicate seats, abandoned subscriptions, and license tiers that are misaligned with actual usage. The engagement takes about three weeks. Annualized cost recovery can approach seven figures depending on the size of the company.
As I noted in the webinar: “The CFO can show that result before the first quarterly board review. It is a credibility builder, and it is a real cash impact; not a cost-avoidance argument.”
The deck’s own SaaS spotlight quantifies this further: typical year-one recovery runs $40K to $120K from unused licenses alone in a mid-market portco. That is before the broader rationalization work begins.
The audit also does something structurally important: it produces the first clean map of the application landscape. That map becomes the baseline for every subsequent rationalization and integration decision. The portcos that skip it are making architectural decisions without a complete picture of what they own.

What Not to Touch in Year One
Replacing an ERP in the first year of a hold period sounds decisive. In my experience, it is actually one of the most reliable ways to consume the value creation capacity that should have gone to revenue-side technology investments.
The problem is not the ERP replacement itself. It is the timing. In year one, the operating model is still being understood. The integration priorities are still being sequenced. The data flowing through the ERP is still being instrumented. A replacement program launched before those foundations are in place will encounter the operating model mid-migration and force expensive course corrections.
Stabilize the ERP. Instrument the data flowing through it. Build a clean baseline. Replace in year two or year three when the operating model is actually understood, and the replacement can be designed around it, not despite it.
There is a middle category worth addressing separately: identity and security tooling. Consolidate fast, as the cost of leaving them fragmented compounds quietly. Every month of fragmented identity management is a month of compounding access control risk and integration overhead. These are the moves that protect value while the strategic decisions are being made.
The Carve-Out Variable That Changes Everything
For portcos coming out of a carve-out, there is a fourth question that determines whether the standalone IT build is a 90-day project or an 18-month one: what identity, data, and security artifacts get migrated on Day 1 versus held in the seller’s tenant?
That single answer drives the TSA scope, the integration timeline, and the capital requirement for standalone infrastructure. Most buyers discover the answer post-close. The ones who discover it pre-LOI have a materially different integration plan and a materially different cost model. I have seen this single oversight add six to twelve months to a carve-out timeline, and in some cases, re-open price conversations with the seller after close.
Turning Cyber, Vendors, and SaaS from Fire Drills into Board Metrics
The recurring pattern in portcos that manage IT well at the board level is not sophistication. It is discipline. Three metrics, refreshed quarterly, with named owners and documented action thresholds.
During the webinar, I laid out the framework this way: “Three metrics. First, a cyber posture index. Second, vendor renewal exposure. Third, SaaS application count and per-employee SaaS spend, all trended. The metric only creates value if there is a named owner, a review cadence, and a documented action threshold. Without the threshold, it is a status update. With the threshold, it is an operating control.”
Here is what each metric covers in practice:
Cyber posture index: A single composite number covering control coverage, incident count, and quantified exposure trend. Trended quarter over quarter, so the board sees direction, not noise. This is the output of FAIR-based cyber risk modeling: a dollar-denominated exposure range that a CFO can defend in front of a board, not a red-yellow-green dashboard that tells them nothing actionable.
Vendor renewal exposure: A 12-month forward calendar with price increase ranges and contract value. The board does not need every contract. It needs to see what is rolling and what the financial exposure is. Auto-renewals at unfavorable pricing are one of the most consistent and most avoidable sources of value leakage across mid-market portcos. I have seen a single unmanaged auto-renewal consume the equivalent of an entire SaaS audit recovery.
SaaS application count and per-employee SaaS spend, trended. When the trend line bends upward, that is the signal for operational investigation. It does not go to the board as a problem; it goes to operations as a task. The board sees the trend, not the escalation.
What AI Actually Requires in a Portco Environment
AI investment is up across portfolios. AI productivity in portco environments is a different conversation.
Three things have to be true for AI to be productive in a mid-market portco:
- The data foundation has to be clean enough to query
- The use case has to be ranked by P&L impact, not by what is technically interesting
- The delivery model cannot depend on a six-person internal data science team a $50M portco cannot afford
Where I see firms waste money on AI follows a consistent pattern. Buying enterprise AI platforms before data hygiene is in place. Applying generative AI on top of unstructured contracts and documents without the underlying data architecture to support it. And treating software co-pilot license rollouts as the AI strategy. Co-pilots are an enablement layer. They are not a value creation thesis.
A realistic roadmap for a $50M revenue portco looks like this. Year one is data foundation and one or two narrow use cases with measurable dollar impact: sales lead scoring, invoice automation, or contract triage. Pick something where the impact can be isolated and measured. Year two is scaling what worked and retiring what did not.
As I said to close the webinar: “The portfolios that will lead on AI in 2027 and 2028 are the ones starting the data foundation work in 2026. Most portcos are deferring it because it does not show up on a dashboard the way revenue does. That deferral is a compounding decision.”
Every AI conversation in the next 24 months depends on whether the data is usable, queryable, and trustworthy. The portcos that have not invested in that foundation will be paying for AI capability they cannot actually use. For a framework on where to start, Synoptek’s IT Value Roadmap engagement includes a data foundation assessment as a named workstream.
The Integration Playbook Has a Shelf Life
For platforms running an active add-on strategy, the integration playbook either exists or it gets invented under pressure. The first two add-ons typically get absorbed by the existing stack without a formal framework. By the third or fourth, identity, financial reporting consolidation, and customer master data are fractured, and the cost of inventing a playbook under pressure is significantly higher than the cost of building one after the first add-on.
I have seen this play out enough times that I now frame it as a rule: build the playbook after the first add-on, pressure-test it on the second, and have it operationalized before the third.
For a tuck-in, defined as under 25 percent of platform revenue, the priority is standardizing on platform identity, financial systems, and security tooling within 90 days and leaving operational systems alone for six months. The platform absorbs the tuck-in. Speed matters more than perfection.
For a transformative add-on, above 25 percent of platform revenue or a different business model, treat it as a merger. Pre-LOI architecture review. Named integration leads on both sides. A 180-day TSA at minimum. And the platform’s systems are not automatically the right answer. Sometimes the add-on has the better stack, and the correct decision is to migrate the platform to it. That is uncomfortable, but it is operationally correct.
The through-line across all of these decisions is the same: sequencing discipline, named accountability, and outcomes measured in dollars. That is what converts IT from a cost center into a value creation workstream, and it is what the hold period either builds or squanders.
To watch the full panel discussion, including Miguel’s frameworks on diligence and exit prep and Eric’s breakdown of the deal lifecycle math, the on-demand session is available to stream.
About the Author
Manan Thakkar is the Practice Director, Consulting at Synoptek. An IT professional with strong technical, analytical, and administrative skills, Manan is a self-motivated and energetic performer, showcasing the ability to make decisions, be accountable, exceed goals, and achieve high-quality results.
