Build, improve and re-engineer your design to meet industry best practice

To identify any weaknesses inherent in the design of your security architecture, we will analyse the high-level system documentation focusing on the purpose of the system. To provide a customized risk assessment, we compare the security architecture design against both industry best practices and current attack vectors.

Once this has been completed, we may recommend building, improving, or reengineering your design to meet the following: organizational policies, industry best security practices and compliance standards (i.e. CIS, HIPAA, FERPA, GLBA etc.), legislation and regulations.

An early design or configuration review in the system lifecycle process will enable your organization to minimize costs and prevent delays. A flawed design or implementation can increase the security risks and can have legal repercussions.


Unlike a software requirements specification, a security architecture review will clarify whether the design or configuration will prevent desired functionality, will cause unintended functions or will affect security controls. Our design and configuration reviews provide security best practice recommendations for:

  • Authentication
  • Cryptography
  • Information the system will hold (PII / PCI DSS) and how it is held
  • User roles and permissions
  • Interactions with external systems
  • Software and framework choices.