In addition to the analysis of the target’s physical and application architecture, the architecture analysis includes an audit of the administration mechanisms (administration, supervision, software maintenance, application deployment, logging, etc.) of the target. The integration of security issues in the choice of information system administration mechanisms is critical insofar as it allows :

• To ensure the traceability of the operations carried out on the target
• Respond effectively to service disruptions or suspicious IS transactions
• To ensure at least the maintenance of the level of security during administrative operations

The audit will be supplemented by a site visit and interviews to clarify certain points that could be misinterpreted, and to validate any discrepancies with the persons in charge of applying the procedures.

In particular, this audit shall also verify in particular :

• The procedures put in place to manage development
• Delivery procedures
• Procedures related to organizational aspects of development security