To identify any weaknesses inherent in the design of your security architecture, we will analyse the high-level system documentation focussing on the purpose of the system. To provide a customised risk assessment, we compare the security architecture design against both industry best practices and current attack vectors.
Once this has been completed, we may recommend building, improving, or reengineering your design to meet the following: organisational policies, industry best security practices and compliance standards (ie CIS, HIPAA, FERPA, GLBA etc.), legislation and regulations.
An early design or configuration review in the system lifecycle process will enable your organisation to minimise costs and prevent delays. A flawed design or implementation can increase the security risks and can have legal repercussions.
Unlike a software requirements specification, a security architecture review will clarify whether the design or configuration will prevent desired functionality, will cause unintended functions or will affect security controls.
Our design and configuration reviews provide security best practice recommendations for:
Browse our other Security Assurance services: