Child pages
  • Template - Custom Application (In-house) Development Architecture Review Checklist
Skip to end of metadata
Go to start of metadata

Architecture Review   

All technical projects managed by LITS and R&HS must complete an architecture review conducted by the Architecture Review Team (ART) in the project's planning phase before it can be moved into the next phase, Project Execution & Control. A second Architecture Review should be conducted during the production readiness assessment.

Project Team should submit the following documents and schedule a review meeting with ART:

  • Architecture Review Checklist (this form)
  • Architecture Diagram(s) of the System

More information on Architecture Review and Architecture Review Team can be found on Architecture Review Team.

 

Project Information

 

 

Project Name

                                                    

Project Number

 

Project Manager

 

Prepared By

 

Preparation Date

 

Project Type (Mini, Standard, or Complex)

 

Project Summary

 

LITS Responsible Team 

 

 

Architecture Diagram of the System

(please post the architecture diagram of the system here)

OIT Architecture Guideline Compliance Checklist

Note: Project Team should only fill in the third column, Approaches Taken in this Project.  The "OIT Architecture Standard" lists current OIT architecture standards/recommendations.

Note: PeopleSoft  will use PeopleSoft Application Designer as source code control for integrated tracking.

 

 

Category

OIT Architecture Standard

Approaches Taken in this Project (if other than OIT Arch standards, please specify the reasons, or Not Applicable)

Source Code Version Control

  • LITS Subversion

 

Software Configuration and Deployment Management

  • LITS Subversion

 

Technical Documentation Management

  • LITS Subversion
  • LITS Confluence Wiki

 

Web Content Management

  • LITS Cascade Server (Hannon Hill)

 

Directory Services

  • LITS LDAP and/or Active Directory

 

Application Frameworks

 

Java Application Server

  • LITS JBoss Cluster

 

Web Server Platform

  • Apache
  • IIS

 

Application and Middleware Server Platform

  • LITS Red Hat Enterprise Linux VM
  • LITS Windows Server 2008

 

Database Server Platform

  • LITS Red Hat Enterprise Linux (RHEL)
  • LITS Windows Server 2008

 

Database Management System

  • LITS Hosted UTS Managed non-HIPAA Oracle 11g RAC 
  • LITS Hosted UTS Managed HIPAA Oracle 11g RAC 
  • LITS Hosted R-WITManaged HIPAA Oracle 11g RAC 
  • LITS Microsoft SQL Server 2008
  • MySQL (R-WITonly)

 

User Authentication (Single Sign-on)

  • Emory Login Service (Shibboleth Single Sign On, UTS hosted)
  • Provider Emory Login (PEL)
  • LITS LDAP or Active Directory

 

User Authorization

  • Provisioning
  • Deprovisioning

 

Audit

  • HIPAA Audit Log Service
  • Or description of what will be used

 

Enterprise Application Integration & Service Oriented Architecture

  • LITS Enterprise Service Bus
  • Web Service
  • ETL for data warehouse

 

Java Message Service Provider, Enterprise Service Bus & Related Technologies

  • LITS SonicMQ Cluster

 

Federated Authentication & Trusted Inter-application Authentication

  • Emory Login Service (Shibboleth)

 

Workflow Engine

 

 

Reporting Engine

 

 

Security scan scheduled?

  • Nessus - for all applications
  • WebInspect - for web apps

 

VDT
  • Will this application be used by EHC and, if so, has it been tested on the VDT?
 

 

 

Other Information

Please include any other information you wish to communicate to the Architecture Review Team.  The Project Team should prepare to answer questions in areas including but not limited to:

 

 

Performance and Scalability
(including normal usage/load patterns,
performance target, sustainable peak load,
and ways to expand capacity for high load)

  • Critical performance metric(s):** Examples: webpage load time, batch processing time, query result time, report creation time, CPU utilization, disk iops, etc
  • Expected normal/peak load values for critical metrics:
    ** Examples:
  • Plan for increasing performance/capacity:
    ** Examples: Add memory to VMs, horizontally scale servers, move to higher performance storage, etc

Usability
(plan for user acceptance testing)

 

Logging and Auditing

On logging, please specify what will be logged and whether centralized logging service will be used.

Monitoring

Monitoring will be performed for (note the mechanism used or "none" if not monitored):
* System availability** (Zabbix, SCOM, etc)* Application availability** (Zabbix, etc)* Application functionality** (Zabbix, custom scripts, etc)* Performance monitoring** (Zabbix, log monitoring, SCOM, etc)* Application log monitoring (errors, abuse, etc)** (SIEM, custom scripts, manual review, etc)

Reliability

 

Availability

  • Application criticality is:** Application is not business critical to the customer** Application is business critical during typical 8x5 business hours and not critical after hours** Application is business critical 24x7
  • Customer expectation is:** 7 hours or less unplanned outage per month (99% uptime)** 1 hour or less unplanned outage per month (99.9% uptime)** 5 minutes or less unplanned outage per month (99.99% uptime)

Security

 

Data and Data Governance
(note any regulated or sensitive data:
e.g. FERPA, HIPAA, PCI, human subject research, SSNs)

 

Backup and Recovery
(note backup mechanism for each layer, as appropriate)

  • Operating system -** Example: LITS systems team managed backup
  • Database -** Example: LITS database managed backup
  • Application -** Example: LITS systems team managed backup

Quality Assurance Practices

Please explain in areas including unit test, functional test, integrated test, load test, regression test, automated test

Production Environment (LITS hosted or not)

 

Mobile Needs - will this be a native app (installed directly on the device) or a mobil web app (accessed through the mobile device¿s web browser and doesn¿t need to be downloaded and installed on the device)?

 

Deployment Practices

 

SLA and Maintenance/Support Plan

 

 

 

Technical Challenges

 List challenges that the project team see with the application that they would like support/guidance from architecture review team.

Architecture Review Team Feedback

 (ART feedback goes here)

check=

  • No labels