Legacy system rescue assessment
A fixed-price, fixed-scope assessment of a system nobody fully understands — the risk map and stabilisation plan that make it safe to touch again.
Last updated:A legacy system rescue assessment is a fixed-scope review of an inherited or ailing production system: where the risks concentrate, what could take the business down, and what to stabilise first. Revenant Systems delivers a risk register, a first-90-days stabilisation plan, and a realistic modernisation path — at a fixed price agreed up front.
Who is the assessment for?
The assessment fits teams responsible for a system that runs the business but that nobody fully understands — the developer left, the agency dissolved, or it arrived through an acquisition. It changes rarely because every change is frightening, and the documentation stopped matching reality years ago.
- A production system with no confident owner
- Departed developers, dissolved agencies, acquisitions
- Changes feel risky; documentation has drifted
Who is the assessment not for?
Systems that are already well-understood — a team that can deploy, back up, and recover with confidence needs a modernisation conversation, not a rescue assessment. This exists for the system nobody can safely touch, where the first job is making change possible again.
What does the assessment cover?
The assessment maps where the risk actually sits: architecture and code hot spots, the deployment, backup, and recovery reality (tested, not assumed from documentation), dependency and end-of-life exposure, data-integrity risks, and how concentrated the remaining knowledge is. The output is ranked by what could hurt the business soonest.
Revenant Systems assesses independently — no platform to sell and no rewrite to push — drawing on the founder's twenty years of running production systems.
- Architecture and code risk map
- Deployment, backup, and recovery reality
- Dependency and end-of-life exposure
- Data-integrity risks
- Knowledge concentration
- Immediate stabilisation wins
What does a rescue look like?
Stabilise first, modernise second. The immediate goal is a system that can be deployed, backed up, and recovered with confidence; only then does incremental modernisation — a strangler-fig migration rather than a big-bang rewrite — make sense. The assessment sequences both, so spend follows risk rather than fear.
What you receive
- A risk register — severity-ranked, each risk with its business impact and a concrete mitigation
- A first-90-days stabilisation plan
- A modernisation roadmap sketch — sequenced, strangler-fig first
- A “further investigation recommended” section for anything material outside the fixed scope
- A findings walkthrough call
How the engagement runs
- Typical turnaround: two weeks from start to report
- Fixed scope and fixed price, agreed before work starts
What we need from you
- Read access to the code repository — or an archive of it
- Access to, or an honest description of, the deployment, backup, and recovery setup
- Any documentation that exists, however stale
- A short walkthrough with whoever knows the system best
Access and client data are handled under our information security statement.
Frequently asked questions
Is this fixed-price as well?
Yes. The scope and the price are set before the assessment starts and stay set — the point is certainty about a system that has had too little of it.
What if you uncover something serious outside the scope?
It goes in the report under further investigation, clearly weighted. Anything urgent is flagged in the walkthrough rather than left for the appendix.
Can you do the stabilisation and modernisation work?
Yes — both are available as separately scoped engagements, from stabilisation quick wins to a strangler-fig rebuild. The assessment stands alone regardless; the plan is written for whichever team does the work.
Each package is an audit or assessment offered on its own — the process behind it is covered in how we work.