Child pages
  • Template - Custom / Developed (In-house) Application Checklist
Skip to end of metadata
Go to start of metadata

Architecture Review   

All technical projects managed by LITS and R&HS must complete an architecture review conducted by the Architecture Review Team (ART) in the project's planning phase before it can be moved into the next phase, Project Execution & Control. A second architecture review should be conducted during the production readiness assessment.

The Project Team should submit the following documents and schedule a review meeting with the ART Chair:

  • Architecture Review Checklist (this form)
  • Architecture Diagram(s) of the System

More information on Architecture Review and Architecture Review Team can be found on Architecture Review Team.


Project Information



Project Name


Project Number


Project Manager


Prepared By


Preparation Date


Project Type (Mini, Standard, or Complex)


Project Summary


LITS Responsible Team 



Architecture Diagram of the System

(please post the architecture diagram of the system here)

OIT Architecture Guideline Compliance Checklist

Instructions: The Project Team should fill in the third column with applicable information.  The second column,"OIT Architecture Standard," lists current OIT architecture standards/recommendations.

(Note: PeopleSoft will use PeopleSoft Application Designer as source code control for integrated tracking.)




OIT Architecture Standard

Project Specifications
(if other than OIT Arch standards, please specify the reasons, or Not Applicable)

Source Code Version Control

  • LITS Subversion


Software Configuration and Deployment Management

  • LITS Subversion


Technical Documentation Management

  • LITS Subversion
  • LITS Confluence Wiki


Web Content Management

  • LITS Cascade Server (Hannon Hill)


Application Frameworks


Java Application Server

  • LITS JBoss Cluster


Web Server Platform

  • Apache
  • IIS


Application and Middleware Server Platform

  • LITS Red Hat Enterprise Linux (RHEL7)
  • LITS Windows Server 2016


Database Server Platform

  • LITS Red Hat Enterprise Linux (RHEL7)
  • LITS Windows Server 2016


Database Management System

    • LITS Oracle 12.2 RAC 
    • LITS Oracle 12.2 VM (non RAC)
    • LITS Microsoft SQL Server 2016
    • LITS MySQL 5.x
  • Please specify if encryption is required


User Authentication

  • LITS Emory Login Service (Shibboleth) - preferred method of authentication and required for externally hosted applications
    • SAML 2.0
    • Single Sign On (SSO)
  • LITS LDAP/LDS - justification needed
  • LITS Active Directory - justification needed


Federated Authentication with InCommon Members

  • LITS Emory Login Service (Shibboleth) Required

User Authorization

  • Groups / Roles / Role Based Access Control



  • HIPAA Audit Log Service
  • Or description of what will be used


Enterprise Application Integration & Service Oriented Architecture

  • LITS Enterprise Service Bus
  • Web Service
  • ETL for data warehouse


Java Message Service Provider, Enterprise Service Bus & Related Technologies

  • LITS SonicMQ Cluster


Federated Authentication & Trusted Inter-application Authentication

  • Emory Login Service (Shibboleth)


Workflow Engine



Reporting Engine



Security scan scheduled?

  • Nessus - for all applications
  • WebInspect - for web apps


  • Will this application be used by EHC and, if so, has it been tested on the VDT?
Mac Certified
  • Is the solution / application certified on Macs?



Additional Project Information

Please include any other information you wish to communicate to the Architecture Review Team.  The Project Team should prepare to answer questions in areas including but not limited to:



AreasProject Information

Performance and Scalability
(including normal usage/load patterns,
performance target, sustainable peak load,
and ways to expand capacity for high load)

  • Critical performance metric(s):** Examples: webpage load time, batch processing time, query result time, report creation time, CPU utilization, disk iops, etc
  • Expected normal/peak load values for critical metrics:
    ** Examples:
  • Plan for increasing performance/capacity:
    ** Examples: Add memory to VMs, horizontally scale servers, move to higher performance storage, etc

(plan for user acceptance testing)


Logging and Auditing

On logging, please specify what will be logged and whether centralized logging service will be used.


Monitoring will be performed for (note the mechanism used or "none" if not monitored):
* System availability** (SCOM, etc)* Application availability** (NetIQ (NOC))* Application functionality** (Custom scripts, etc)* Performance monitoring** (Log monitoring, SCOM, etc)* Application log monitoring (errors, abuse, etc)** (SIEM, custom scripts, manual review, etc)




  • Application criticality is:** Application is not business critical to the customer** Application is business critical during typical 8x5 business hours and not critical after hours** Application is business critical 24x7
  • Customer expectation is:** 7 hours or less unplanned outage per month (99% uptime)** 1 hour or less unplanned outage per month (99.9% uptime)** 5 minutes or less unplanned outage per month (99.99% uptime)



User Provisioning / De-provisioning

Large enterprise wide applications may want to explore user provisioning and de-provisioning via the Enterprise Service Bus.

Data and Data Governance
(note any regulated or sensitive data:
e.g. FERPA, HIPAA, PCI, human subject research, SSNs, Dates of Birth)


Backup and Recovery
(note backup mechanism for each layer, as appropriate)

  • Operating system -** Example: LITS systems team managed backup
  • Database -** Example: LITS database managed backup
  • Application -** Example: LITS systems team managed backup

Quality Assurance Practices

Please explain in areas including unit test, functional test, integrated test, load test, regression test, automated test

Production Environment (LITS hosted or not)


Mobile Needs

Will this be a native app (installed directly on the device) or a mobile web app (accessed through the mobile device web browser and does not need to be downloaded and installed on the device)?

Deployment Practices


SLA and Maintenance/Support Plan




Technical Challenges

List any challenges the project team sees with the application where support/guidance from the Architecture Review Team would be beneficial.

Architecture Review Team Feedback


  • No labels