Reflektis believes that architecture and the architecture process are meant to secure subject-matter expertise in organisations. This expertise exists in the business (business and information architecture) as well as in technology (software and infrastructure architecture). Regular internal audits or reviews are an essential part of the architecture process, but in themselves they are not sufficient. At least once a year an external review is necessary. If only to have an independent, outside view look at the architecture and the “artefacts” created by the process.
We can help in setting up these internal review processes, as well as performing the external audits.
Reflektis does not execute these audits with the goal of cataloguing everything that is wrong. No process is perfect, and for external quality auditors it can sometimes be too easy to just mark anything that does not conform to some quality standard. Our audits do not attempt to identify a list of company failures. Instead our reviews contribute optimally to help you reach the highest possible quality in your processes and products. Concretely an architecture audit done by Reflektis provides:
- A list of potential improvements
- A power inventory analysis
- A plan of follow-up steps
Always in collaboration with and owned by internal architects.
Together we decide where the focus should be. We execute our audits based on the following standards:
- ISO 9001 (quality systems)
- ISO 27001 (security)
- IEC 62304 (software for medical purposes)
- CMMi (Capability Maturity)
- ISO/IEC 25010:2011 (previously ISO 9126, and before that Quint2)
- TOGAF 9.2 (de-facto standard for Enterprise Architecture)
Apart from architectural audits we also perform code reviews. Just like an architectural audit, code bases are in need of a periodic external view. A code review is done to acquire insight into the ‘output’ of processes, as opposed to architectural audits where also the process is part of the review. A code review results in:
- Risk analysis
- Quality assessments
To put an exact time frame on architecture audits or code reviews beforehand is not possible. Much depends on what the actual needs are, and which aspects need most attention. Our audits have run from two days to two weeks. This is why we make clear arrangements to meet the expectations and demands.