32 Questions Before Hiring a Software Agency
Use on every shortlisted agency, including us. Goal isn't 100% green — it's that you know exactly what you're getting before you sign.
How to score: Each question on a 1-5 scale (1 = red flag, 5 = exceptional). Total possible: 160. Most decent agencies: 110-130. Below 90 = no.
Category 1 — The actual team (5)
1. Who will write the code on my project?Good answer: named senior + named junior, with LinkedIn. Red flag: "our team".
2. Where do they sit?Good: in-house. Acceptable: hybrid. Red flag: anonymous offshore.
3. Show me 3 things this team has shipped in the last 12 months.Live URLs preferred. Red flag: only PDF screenshots.
4. Can I talk to the lead engineer before signing?Good: yes, free 30-min call. Red flag: "after signing".
5. What happens if the lead engineer leaves mid-project?Good: documented, paired, replaceable. Red flag: "that won't happen".
Category 2 — Stack & ownership (6)
6. What stack do you propose and why?Good: standard, boring, hireable (Laravel/Django/Next.js). Red flag: proprietary framework.
7. Who owns the code on day one?Good: you. Red flag: "we" or "after final payment".
8. Will I get a GitHub repo I own from day one?Good: yes, transferred at kickoff. Red flag: "after launch".
9. Where will my data live?Good: your AWS/DO/Hetzner account. Acceptable: their managed hosting with documented exit. Red flag: shared multi-tenant.
10. What's your hosting choice and why?Should match your DPDP / data-residency needs.
11. Are there any third-party libraries with restrictive licenses?Should know off the top of their head. AGPL / GPL on commercial code is usually a no.
Category 3 — Process & timeline (5)
12. What does discovery look like?Good: 1-2 weeks, structured workshops, written output. Red flag: "we'll send a form".
13. How often will I see working software?Good: weekly demo. Red flag: "at the end".
14. How are change requests handled?Good: written, scoped, priced before work starts. Red flag: "we figure it out as we go".
15. What does "done" mean?Good: explicit acceptance criteria per feature. Red flag: vague.
16. Penalty if delivery slips?Good: defined milestone-based payment, last 20% on go-live. Red flag: front-loaded payment.
Category 4 — Pricing transparency (5)
17. Is GST included in the quoted price?Most quotes are pre-GST. Confirm explicitly.
18. What's the payment milestone schedule?Good: 25/25/25/25 or 30/30/30/10. Red flag: 50% upfront.
19. What's explicitly NOT included?Good: written scope-out list. Red flag: vague.
20. Year-1 maintenance cost?Should be a clear number, separate from build cost.
21. Hourly rate for ad-hoc work after warranty?Should be a number you can budget against.
Category 5 — Reference & trust (6)
22. Three references I can call?Good: phone numbers + permission to call. Red flag: "we'll arrange".
23. How long have you been a Pvt Ltd?Should match MCA records (verify at mca.gov.in).
24. Share GSTIN + CIN.Should be on their footer or sent within 24h.
25. Sample contract for review?Good: standard MSA + SOW. Red flag: only verbal.
26. Will you sign a mutual NDA?Should be a yes within 48h.
27. Who reviews the IP clause in the contract?Should be willing to negotiate. Red flag: "non-negotiable".
Category 6 — Risk handling (5)
28. What's your warranty period?Good: 60-90 days post-launch, free fixes for in-scope bugs.
29. SLA for production bugs?Good: response time ≤ 4 working hours for critical.
30. Source-code escrow option?For larger projects, yes. Smaller, you have GitHub access already.
31. Dispute resolution clause?Should specify Indian arbitration / which city's jurisdiction.
32. Exit plan if you go out of business?Good: documented runbook, code in your GitHub, infra in your account. Red flag: "that won't happen".