Network Architecture Review 2019

Key activities include:

• Consult with members of the network architecture team and management to understand:
• the business goals and control objectives (security requirements) as they relate to data confidentiality, integrity, availability, and provability;
• ingress, egress, and intranet data flows/protocols (and corresponding security treatment);
• network architecture and key network components including security components;
• core technologies integral to the operations of the organization and/or those that the network is reliant upon to achieve its security objectives; and,
• core operational processes integral to the operation of the network
• Analysis against relevant standards, laws/regulations, and prevailing good practice; and,
• Formal reporting on the process, gap analysis, relevant findings, and mitigation roadmap. Where possible the report will also include: root cause analysis, peer-group benchmarking, good practice benchmarking, executive summaries, and technical summaries.

The predominant benefits realized by a Network Architecture Review are:

• Provides a high-level of design assurance by looking at the network and related security controls in a comprehensive and holistic manner;
• Findings can be used to identify other necessary assurance activities and to optimally focus downstream activities on relevant issues/targets for large scale enterprise level applications; and,
• Allows an entity to identify and address network security deficiencies that may negatively impact the security of the systems, databases, and applications that are dependent upon the network.