Blog · Industry Playbook

In SaaS, the exit runs on the code and the cloud.

A Tech & SaaS TSA exit is governed less by back office systems than by the product itself: the cloud account it runs in, the codebase that builds it, and the customer data inside it. Those three set what can move, when, and in what order. Every move ties back to the broader TSA exit strategy a disciplined buyer runs across the deal.

Product
The Asset
Cloud
Long Pole
8 min
Read Time
2026
Last Updated
Section 01

The shared cloud account is the long pole.

In most carve-outs the long pole is back office systems. In a software business it is the cloud account that runs the product. The Newco's workloads usually sit inside the seller's cloud organization, sharing accounts, identity, networking, and billing with systems that are not part of the deal. Untangling the product into its own cloud tenancy cleanly is the work that defines the exit.

The cloud account is the gating item because the live product depends on it every second. Identity and access roles, network boundaries, private connectivity, and managed services are woven into the seller's structure, and a separation that breaks any of them takes the product down for paying customers. The buyer treats the cloud separation as the spine of the exit plan, not a task to fit around other work.

The buyer-side discipline is to scope the cloud path the day the deal signs. The choice between migrating workloads into a fresh account structure and carving the existing accounts out drives cost, risk, and timeline, and it cannot be made well under deadline pressure. A rushed account split leaves orphaned permissions and surprise dependencies that surface as outages months later.

The TSA often has to cover cloud hosting and shared platform services longer than the buyer would prefer, because a clean tenancy separation that preserves uptime takes real engineering. That extended dependency makes the commercial terms unusually important. The buyer negotiates hosting pass-through and exit ramp terms knowing the cloud timeline is the true constraint.

Section 02

The codebase and build pipeline are the product.

For a software business the codebase is the asset, and it rarely sits in isolation. Repositories, the build and release pipeline, artifact registries, secrets, and developer tooling are commonly shared across the seller's engineering organization. The Newco's product history and the machinery that ships it have to come across intact, because a broken pipeline means no releases and no fixes.

The buyer validates that the full software supply chain transfers, not just the source. Build agents, package registries, signing keys, environment configuration, and deployment automation all gate the team's ability to ship after Day One. A codebase that copies over but cannot build and deploy on the Newco's own pipeline is a product that cannot be maintained.

Secrets and credentials deserve specific attention. API keys, certificates, and service credentials are scattered through pipelines and configuration, and many point at shared seller systems. The buyer inventories and rotates them as part of the separation so the Newco does not depend on the seller's secrets or leave the seller holding the Newco's. This is security work, not just migration.

The buyer-side move is to treat the build and release pipeline as part of the product, with its own workstream. Shipping has to keep working from Day One on infrastructure the Newco controls. The diligence that supports this sits alongside the broader TSA exit strategy the buyer runs.

Section 03

Customer data isolation is the real risk.

SaaS products usually serve many customers from shared infrastructure, and customer data is the most sensitive thing the exit touches. The Newco's customer records, often sitting in shared databases and storage with non deal customers, have to be separated without loss, leakage, or downtime. A separation that exposes one customer's data to another is a breach, not a bug.

The buyer plans the data separation as a careful, validated migration rather than a copy. Database tenancy, storage buckets, search indexes, and data pipelines all have to split along the customer boundary, and the cutover has to preserve every record exactly. The buyer confirms the boundary is correct before moving anything, because a wrong boundary mixes or strands customer data.

Compliance commitments ride on the data. Customers hold the Newco to contractual security terms, data residency rules, and certifications, and those obligations do not pause during a transition. The buyer confirms the separated environment keeps the certifications and residency guarantees customers were promised, because a lapse is a contract problem with the people who pay.

The buyer-side move is to treat customer data isolation as the constraint the exit protects above convenience. Each data store is checked against the customer boundary and the security commitments around it. A clean software exit is one customers never feel and auditors never question.

Section 04

Engineering identity and tooling need continuity.

The team that builds the product runs on a stack of tooling: source control, the ticketing system, observability, on call and alerting, and the identity provider that ties them together. Much of it is the seller's. If those tools go dark at separation, the team loses the ability to see, operate, and respond to the live product on Day One.

The buyer maps the engineering tool estate early and decides which tools transfer, which are rebuilt, and which are replaced. Observability and alerting matter most, because a team blind to production incidents during a transition cannot protect customers. The buyer confirms monitoring, logging, and on call coverage are live on the Newco's own tooling before the seller's access is cut.

Identity is the thread that runs through all of it. Single sign on, directory groups, and access controls govern who can touch the code, the cloud, and customer data, and they are usually the seller's. The Newco stands up its own identity and re entitles the team cleanly, because access that still depends on the seller is both a security gap and an exit blocker.

The buyer-side move is to treat tooling and identity continuity as operational readiness, not administrative cleanup. The team has to be able to build, deploy, observe, and respond from Day One. A software business that cannot operate its own product on the morning after close is not actually separated.

Section 05

Sequence the exit around the release cadence.

The software exit sequence respects that the product is live and shipping continuously. A generic carve-out leads with finance and HR systems and treats the product as one workstream. A software carve-out leads with the cloud account, the codebase and pipeline, and customer data, and fits everything else around them. The buyer who sequences the other way around risks the product to protect the back office.

Practically, the critical path runs through cloud tenancy separation and the data boundary, then a pipeline and tooling cutover, with releases continuing throughout. The buyer plans cutovers around the release cadence and change freezes rather than against an arbitrary date, so a separation step never lands in the middle of a major deployment.

Governance has to include engineering leadership, not just finance and IT. Decisions about cloud timing, data separation, and release windows are engineering decisions with customer impact. A governance structure that excludes the people who run the product will commit to dates that put uptime and data at risk. The exit plan is socialized with engineering early.

Software carve-outs reward buyers who respect the product and punish those who treat it as one line item. The cloud takes the time it takes to separate cleanly. The pipeline has to keep shipping. Customer data has to stay isolated. A buyer who plans the exit around those truths lands it without an outage. A buyer who plans around an idealized timeline pays in downtime, security exposure, and extension fees.

FAQ

SaaS exit questions buyers ask.

What makes a Tech & SaaS TSA exit different?

The product is the asset, and it is live. The cloud account, the codebase and build pipeline, and customer data set the constraints, not back office systems. A cutover that drops uptime, breaks the pipeline, or mixes customer data is a customer and security problem, not an internal inconvenience.

Why is the cloud account the long pole?

The Newco's product usually runs inside the seller's cloud organization, sharing accounts, identity, and networking. Separating it into its own tenancy without breaking access, connectivity, or managed services takes careful engineering, and the live product depends on it continuously. It usually sets the exit calendar.

How does customer data isolation affect the exit?

SaaS products often serve many customers from shared databases and storage. The separation has to split data exactly along the customer boundary with no loss or leakage, while keeping the security and residency commitments customers were promised. A wrong boundary mixes or strands customer data and becomes a breach.

What about the engineering team and its tooling?

Source control, observability, on call, and identity are often the seller's. The Newco stands up its own so the team can build, deploy, observe, and respond from Day One. A team that loses visibility into its live product during a transition cannot protect customers.

Related Reading

More on industry TSA exits.

Free Download

Get the buyer-side TSA Exit Playbook.

The 90-day governance, IT, finance, HR and procurement separation plan we run on live carve-outs. Get the playbook plus the bi-weekly Day One Letter — short, signal-heavy, buyer-side.

No spam. Unsubscribe in one click. · Read the overview first →

In SaaS, the exit runs on the code and the cloud.
TSA Exit Acceleration

A SaaS exit needs the product protected first.

Fixed-fee scope to sequence the exit around the cloud account, the codebase, and customer data isolation. Senior team on day one. The first conversation is always free.

White paper

The TSA Exit Playbook

Seven buyer-side moves to exit a Transition Services Agreement on time and below budget. The mark-up, the extension-fee curve, exit sequencing, and the 11-month calendar.

Read the playbook →
White paper

Technology & Software TSA Exit Playbook

A representative $80M-revenue SaaS carve-out runs a Transition Services Agreement across eight functions while the release train keeps shipping. The moves below cut the exit from a 16-month drift to a 10-month managed exit and remove $1.9M of mark-up and stranded cost — without pausing a single sprint.

Read the playbook →
The Day One Letter

Get buyer-side TSA intelligence every two weeks

One tactic, one benchmark, or one pattern from a recent buyer-side engagement. Short. Signal heavy. Free.

Subscribe to The Day One Letter →