top of page

Infographic: Steps for Architecture Review Process

Security Architecture Reviews: will be offered as an offshore service for clients who could provide us the response/answers for our security screening questionnaire. InfoZeus will provide four targeted screening forms/questionnaire sections mentioned below to gather the required information from the clients to tailor our services scope and review process: 

 

  • Business requirements (e.g., business scope, data sensitivity, end-users, partners/external users, administrators, and regulatory/compliance requirements). 

  • Infrastructure requirements (e.g., On Premise, Cloud Service Provider with its underlying cloud services, Cloud components and their interactions, Cloud to On Premise systems integrations, etc.). 

  • Application requirements (e.g., software technology stack, data processing, application and data access, APIs scope and design, application monitoring, application architecture design). 

  • Security program requirements (e.g., Application risk posture/profile, change management, software development methodologies, regulatory and compliance requirements, security operations, vulnerability management etc.,).  


Based on our client’s response to our security screening questionnaire requests (stated above), we will perform detailed security architecture reviews with follow up conversations that requires representatives from the client’s solution architects and development leads. Our deliverables will include a review report with security controls recommendation and overall risk rating/ranking. 

bottom of page