Child pages
  • Template - Custom Application (In-house) Development Architecture Review Checklist
Skip to end of metadata
Go to start of metadata

Architecture Review   

All technical projects managed by LITS and R&HS must complete an architecture review conducted by the Architecture Review Team (ART) in the project's planning phase before it can be moved into the next phase, Project Execution & Control. A second Architecture Review should be conducted during the production readiness assessment.

Project Team should submit the following documents and schedule a review meeting with ART:

  • Architecture Review Checklist (this form)
  • Architecture Diagram(s) of the System

More information on Architecture Review and Architecture Review Team can be found on Architecture Review Team.


Project Information



Project Name


Project Number


Project Manager


Prepared By


Preparation Date


Project Type (Mini, Standard, or Complex)


Project Summary


LITS Responsible Team 



Architecture Diagram of the System

(please post the architecture diagram of the system here)

OIT Architecture Guideline Compliance Checklist

Note: Project Team should only fill in the third column, Approaches Taken in this Project.  The "OIT Architecture Standard" lists current OIT architecture standards/recommendations.

Note: PeopleSoft  will use PeopleSoft Application Designer as source code control for integrated tracking.




OIT Architecture Standard

Approaches Taken in this Project (if other than OIT Arch standards, please specify the reasons, or Not Applicable)

Source Code Version Control

  • LITS Subversion


Software Configuration and Deployment Management

  • LITS Subversion


Technical Documentation Management

  • LITS Subversion
  • LITS Confluence Wiki


Web Content Management

  • LITS Cascade Server (Hannon Hill)


Directory Services

  • LITS LDAP and/or Active Directory


Application Frameworks


Java Application Server

  • LITS JBoss Cluster


Web Server Platform

  • Apache
  • IIS


Application and Middleware Server Platform

  • LITS Red Hat Enterprise Linux VM
  • LITS Windows Server 2008


Database Server Platform

  • LITS Red Hat Enterprise Linux (RHEL)
  • LITS Windows Server 2008


Database Management System

  • LITS Hosted UTS Managed non-HIPAA Oracle 11g RAC 
  • LITS Hosted UTS Managed HIPAA Oracle 11g RAC 
  • LITS Hosted R-WITManaged HIPAA Oracle 11g RAC 
  • LITS Microsoft SQL Server 2008
  • MySQL (R-WITonly)


User Authentication (Single Sign-on)

  • Emory Login Service (Shibboleth Single Sign On, UTS hosted)
  • Provider Emory Login (PEL)
  • LITS LDAP or Active Directory


User Authorization

  • Provisioning
  • Deprovisioning



  • HIPAA Audit Log Service
  • Or description of what will be used


Enterprise Application Integration & Service Oriented Architecture

  • LITS Enterprise Service Bus
  • Web Service
  • ETL for data warehouse


Java Message Service Provider, Enterprise Service Bus & Related Technologies

  • LITS SonicMQ Cluster


Federated Authentication & Trusted Inter-application Authentication

  • Emory Login Service (Shibboleth)


Workflow Engine



Reporting Engine



Security scan scheduled?

  • Nessus - for all applications
  • WebInspect - for web apps


  • Will this application be used by EHC and, if so, has it been tested on the VDT?



Other Information

Please include any other information you wish to communicate to the Architecture Review Team.  The Project Team should prepare to answer questions in areas including but not limited to:



Performance and Scalability
(including normal usage/load patterns,
performance target, sustainable peak load,
and ways to expand capacity for high load)

  • Critical performance metric(s):** Examples: webpage load time, batch processing time, query result time, report creation time, CPU utilization, disk iops, etc
  • Expected normal/peak load values for critical metrics:
    ** Examples:
  • Plan for increasing performance/capacity:
    ** Examples: Add memory to VMs, horizontally scale servers, move to higher performance storage, etc

(plan for user acceptance testing)


Logging and Auditing

On logging, please specify what will be logged and whether centralized logging service will be used.


Monitoring will be performed for (note the mechanism used or "none" if not monitored):
* System availability** (Zabbix, SCOM, etc)* Application availability** (Zabbix, etc)* Application functionality** (Zabbix, custom scripts, etc)* Performance monitoring** (Zabbix, log monitoring, SCOM, etc)* Application log monitoring (errors, abuse, etc)** (SIEM, custom scripts, manual review, etc)




  • Application criticality is:** Application is not business critical to the customer** Application is business critical during typical 8x5 business hours and not critical after hours** Application is business critical 24x7
  • Customer expectation is:** 7 hours or less unplanned outage per month (99% uptime)** 1 hour or less unplanned outage per month (99.9% uptime)** 5 minutes or less unplanned outage per month (99.99% uptime)



Data and Data Governance
(note any regulated or sensitive data:
e.g. FERPA, HIPAA, PCI, human subject research, SSNs)


Backup and Recovery
(note backup mechanism for each layer, as appropriate)

  • Operating system -** Example: LITS systems team managed backup
  • Database -** Example: LITS database managed backup
  • Application -** Example: LITS systems team managed backup

Quality Assurance Practices

Please explain in areas including unit test, functional test, integrated test, load test, regression test, automated test

Production Environment (LITS hosted or not)


Mobile Needs - will this be a native app (installed directly on the device) or a mobil web app (accessed through the mobile device¿s web browser and doesn¿t need to be downloaded and installed on the device)?


Deployment Practices


SLA and Maintenance/Support Plan




Technical Challenges

 List challenges that the project team see with the application that they would like support/guidance from architecture review team.

Architecture Review Team Feedback

 (ART feedback goes here)


  • No labels