Free resource · Interactive · Print-friendly

Legacy System Migration Readiness Checklist

Tick each item that applies to your system. At the bottom, enter your email to receive the unchecked items — the gaps most likely to block or delay your migration.

0 of 29 checked

Risk levels: High = migration blocker or penalty risk Medium = significant effort required Low = manageable with planning

1. Runtime & Operating System

PHP version is still officially supported (php.net/supported-versions)PHP 8.1 EOL: Dec 2025 · PHP 7.x: already EOL · PHP 5.x: EOL since 2018 High
Operating system receives security updatesSuSE SLES, CentOS, Debian — check vendor EOL dates High
All runtime dependencies (Python, Node, Java, etc.) are on supported versions Medium
System can be provisioned from scratch without manual stepsOr: is there a runbook that fully documents how to rebuild the server? Medium
No self-compiled binaries without documented build instructions High

2. Version Control

All application code is stored in Git (or another VCS)FTP deployments, direct server edits, and ZIP archives are red flags High
Commit history reflects the actual evolution of the codebaseNot just a single "initial commit" with everything in it Medium
Shell scripts and automation are versioned alongside application code Medium
Configuration files (non-secret) are versioned; environment-specific values use env vars or a secrets manager Medium
The production system reflects exactly what is in the repositoryNo "hotfixes" applied directly to the server that were never committed High

3. Dependency Management

PHP dependencies are managed via Composer with a committed composer.lock High
All third-party libraries are at versions that support the target PHP version High
No vendored or manually patched library copies in the repository Medium
External services and APIs the system depends on are documentedDatabases, message queues, monitoring agents, LDAP, payment gateways Medium
System integrations (e.g. CheckMK, monitoring agents) are compatible with the target OS Medium

4. Deployment & CI/CD

Deployments are automated and reproducibleNo manual file copying, no "only Bob knows how to deploy" High
A CI pipeline runs on every merge/pushAt minimum: syntax check and basic test run High
Rollback procedure is documented and tested Medium
Staging or test environment mirrors production closely enough to catch integration issues Medium
Deployment does not require downtime (or planned maintenance windows are formally defined) Low

5. Test Coverage

Automated tests exist for the core business logicEven basic unit tests catch regressions during PHP version upgrades High
Critical user flows are covered by integration or end-to-end tests Medium
Tests run in CI and a failing test blocks deployment Medium
Code coverage is measured (even if not enforced at a threshold) Low

6. Documentation & Knowledge Transfer

Architecture is documented: what the system does, how it is structured, what depends on what High
Database schema is documented or self-describing (migrations, ER diagram) Medium
Non-obvious shell scripts are commented or explained in a runbook Medium
At least two team members understand the system well enough to make changes independently High
Credentials and secrets are managed in a secrets store (not hardcoded or in a text file on the server) High

7. Monitoring & Observability

Errors are logged and centralised (not only in server log files nobody reads) Medium
Alerting is in place for system failures and critical errors Medium
Monitoring agents (e.g. CheckMK) are compatible with the target platform and configuration is versioned Medium
Application performance baseline is known (response times, throughput) to validate post-migration Low

Get your results by email

Enter your email address and we’ll send you the unchecked items — the gaps to address before your migration begins.

If several High items are unchecked, your system needs stabilisation before a migration can begin. That is exactly what the migration audit engagement is designed for.

Learn about migration engagements →