Hiring a Software Development Company: What to Look For, What to Avoid
Choosing the wrong software development partner is an expensive mistake. Here's the due diligence process I'd run before signing any contract for custom development.
James Ross Jr.
Strategic Systems Architect & Enterprise Software Developer
Why This Decision Is Hard to Undo
Hiring a software development company is one of those decisions that looks easy from the outside and turns out to be consequential in ways you didn't anticipate. Once a team has been working on your codebase for six months, switching costs are enormous — not just financially, but technically. The code they've written is now your code. Their architectural decisions are now your architectural decisions. Walking away means starting over or inheriting whatever they built.
This is why the front-end of the process — how you evaluate, interview, and select a development partner — matters as much as any other part of the project. A mediocre vetting process produces a mediocre partner, and you'll be living with the consequences for years.
The First Filter: What They've Actually Built
The portfolio is the most important artifact a development company can show you. But most portfolios are marketing, not evidence. Screenshots of polished UIs, logos of well-known clients, and vague statements about "scalable solutions" tell you almost nothing about whether they can build what you need.
What you want to see is work that is technically, industry, and scale-similar to your project. If you're building a multi-tenant B2B SaaS application, you want to see another multi-tenant B2B SaaS application in their portfolio — not a consumer mobile app and a marketing website.
When reviewing their work, ask:
- What was the tech stack?
- How many concurrent users does the system handle?
- Who managed the architecture — was there a lead architect, or was it a junior team?
- Is the client still using this software? Why or why not?
That last question is underrated. If a client commissioned a custom system and abandoned it within 18 months, that's a data point.
Reference Checks That Are Actually Useful
Most companies offer references, and most people treat reference checks as a formality. That's a mistake. The reference call is your best source of ground truth.
Ask for references from projects that are most similar to yours. Then ask the reference these specific questions:
Did the final cost come in close to the original estimate? If it was more than 30% over, ask why. Sometimes the reasons are legitimate (scope changes, changing requirements). Sometimes they're not.
How did they communicate when something went wrong? Every project has problems. The question is how the company handles them — proactively and transparently, or quietly until it becomes unavoidable.
Did they meet their delivery commitments? Not just the final date, but intermediate milestones. A team that consistently misses milestones by small amounts is running a different kind of schedule than they're telling you.
Would you hire them again? Listen for hesitation, qualifications, or deflections. "They did a good job overall" is not the same as "absolutely, without question."
What would you do differently if you were starting the engagement over? This question gets you the most honest information, because it frames the criticism as self-reflection rather than complaint.
Green Flags in the Evaluation Process
They push back on your requirements. A development company that agrees with everything you say and produces a quote in 48 hours without asking hard questions is not doing their job. The best shops will challenge your assumptions, identify requirements gaps, and flag technical risks before they take your money. Pushback is a sign of expertise, not difficult clients.
They propose a discovery phase. Serious development companies don't quote a full project from a brief. They propose a paid discovery phase that produces a specification, an architecture recommendation, and a detailed scope document. This is good practice, and it tells you they're committed to understanding your project before they build it.
They use version control, CI/CD, and code review as standard practice. Ask directly: what does your development process look like? How do you manage code? How do you test? What does a deployment look like? Answers that mention Git, automated testing, deployment pipelines, and code review are answers from a team that has basic engineering hygiene. Vague answers about "our process" with no specifics are a red flag.
They can explain their stack choices. If they say "we use React Native for mobile," ask why. If they say "we use PostgreSQL for your database," ask why. A team that can articulate the reasoning behind their technology choices has made those choices deliberately. A team that defaults to whatever they always use without thinking about your specific needs is treating your project as a commodity.
Red Flags That Should Stop the Conversation
They can't give you a point of contact who is technically accountable. Some development companies are fundamentally sales organizations — a polished front-end staffed by account managers who then subcontract the actual work to developers you've never met in places you didn't know about. Ask directly who will be writing the code and who has technical accountability for the project. If you can't get a specific name with a specific role, stop.
Their contract transfers no IP until final payment. A legitimate development contract should transfer intellectual property as work is completed, or at minimum upon payment of each invoice. A contract that retains all IP until the final invoice is paid is holding your software hostage. This is a leverage mechanism, not a standard business practice.
They offer an unusually low quote. Below-market pricing usually means one of three things: they're using offshore junior developers (which may be fine if disclosed, problematic if hidden), they've intentionally underscoped the project and will make it up in change orders, or they're desperate for work for reasons you should understand. Get specifics about staffing and experience levels.
They can't show you code. Not the full codebase of a client project — but some representation of their code quality. A technical test project, open source contributions, or a code sample from a past project with client permission. Teams that produce good code generally aren't defensive about showing it. Teams that produce mediocre code often are.
Structuring the Contract for Protection
Before you sign anything, make sure the contract addresses:
Escrow of code. If the relationship ends, you have immediate access to the full repository.
Milestone-based payment. Pay for completed, accepted work — not for time in advance. Each payment should be tied to a deliverable you've verified and approved.
Termination for convenience. You should be able to end the engagement with reasonable notice (30-60 days is standard) without penalty beyond payment for work completed.
Definition of done. What does "complete" mean for each deliverable? Who approves it? What's the process for defects discovered after approval?
Spend money on a lawyer to review this contract. The cost is trivial relative to the value of the project and the cost of a dispute.
The hiring decision is where a software project is often won or lost — before a line of code is written. If you'd like help evaluating a development partner or want a second opinion on a proposal you've received, book a call at calendly.com/jamesrossjr.