{"id":22679,"date":"2026-01-07T09:23:11","date_gmt":"2026-01-07T09:23:11","guid":{"rendered":"https:\/\/www.synetis.com\/ssi-audit\/safety-audits\/architecture-audit\/"},"modified":"2026-05-11T12:06:18","modified_gmt":"2026-05-11T12:06:18","slug":"architecture-audit","status":"publish","type":"page","link":"https:\/\/www.synetis.com\/en\/ssi-audit\/safety-audits\/architecture-audit\/","title":{"rendered":"Architecture audit"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"22679\" class=\"elementor elementor-22679 elementor-10479\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-7832a80 e-flex e-con-boxed e-con e-parent\" data-id=\"7832a80\" data-element_type=\"container\" data-e-type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-3e4f659 e-con-full e-flex e-con e-child\" data-id=\"3e4f659\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-c3605d1 elementor-widget elementor-widget-shortcode\" data-id=\"c3605d1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\"><div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.synetis.com\/en\/\" title=\"Accueil\">Accueil<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u203a<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.synetis.com\/en\/ssi-audit\/\" title=\"SSI audit\">SSI audit<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u203a<\/span><span class=\"aioseo-breadcrumb\">\n\t<a href=\"https:\/\/www.synetis.com\/en\/ssi-audit\/safety-audits\/\" title=\"Safety audits\">Safety audits<\/a>\n<\/span><span class=\"aioseo-breadcrumb-separator\">\u203a<\/span><span class=\"aioseo-breadcrumb\">\n\tArchitecture audit\n<\/span><\/div><\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-30325ff elementor-widget elementor-widget-heading\" data-id=\"30325ff\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Architecture audit<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-05554ba elementor-widget elementor-widget-text-editor\" data-id=\"05554ba\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>A technical architecture audit to reinforce the security of your IT infrastructure<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-897e4aa elementor-widget elementor-widget-button\" data-id=\"897e4aa\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"button.default\">\n\t\t\t\t\t\t\t\t\t\t<a class=\"elementor-button elementor-button-link elementor-size-sm\" href=\"https:\/\/www.synetis.com\/en\/contact\/\">\n\t\t\t\t\t\t<span class=\"elementor-button-content-wrapper\">\n\t\t\t\t\t\t\t\t\t<span class=\"elementor-button-text\">Contact our teams<\/span>\n\t\t\t\t\t<\/span>\n\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-c0162c2 e-flex e-con-boxed e-con e-parent\" data-id=\"c0162c2\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-5a04d67 elementor-widget elementor-widget-heading\" data-id=\"5a04d67\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Purpose of an architecture audit<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7cca607 elementor-widget elementor-widget-text-editor\" data-id=\"7cca607\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The aim of an architecture audit is to <\/span><b>identify weaknesses<\/b><span style=\"font-weight: 400;\"> or non-compliance with recommended security practices.<br\/><\/span><span style=\"font-weight: 400;\">An architecture audit is based on a <\/span><b>documentary analysis<\/b><span style=\"font-weight: 400;\"> followed by interviews with the people in charge of the design, implementation, administration, supervision and maintenance of the target information system.<\/span><\/p>\n<p> <\/p>\n<p><span style=\"font-weight: 400;\">In addition, additional analyses can be carried out on network configuration samples (e.g. switches, firewalls, security cloud groups, etc.) to complete the audit.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d6e84fe elementor-widget elementor-widget-image\" data-id=\"d6e84fe\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"800\" height=\"286\" src=\"https:\/\/www.synetis.com\/wp-content\/uploads\/2026\/01\/Audit-Architecture-1024x366.png\" class=\"attachment-large size-large wp-image-22680\" alt=\"\" srcset=\"https:\/\/www.synetis.com\/wp-content\/uploads\/2026\/01\/Audit-Architecture-1024x366.png 1024w, https:\/\/www.synetis.com\/wp-content\/uploads\/2026\/01\/Audit-Architecture-300x107.png 300w, https:\/\/www.synetis.com\/wp-content\/uploads\/2026\/01\/Audit-Architecture-768x274.png 768w, https:\/\/www.synetis.com\/wp-content\/uploads\/2026\/01\/Audit-Architecture.png 1400w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-af5828d e-flex e-con-boxed e-con e-parent\" data-id=\"af5828d\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-032e07a elementor-widget elementor-widget-heading\" data-id=\"032e07a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Benefits expected from a technical architecture audit<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3b73412 elementor-widget elementor-widget-text-editor\" data-id=\"3b73412\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The benefits of an architecture audit include :<\/span><\/p>\n<p> <\/p>\n<ul>\n<li aria-level=\"1\">Identification of potential risks within the audited perimeter;<\/li>\n<li aria-level=\"1\">An action plan including recommended remedies in the specific context of the target system;<\/li>\n<li aria-level=\"1\">Enhanced data protection;<\/li>\n<li aria-level=\"1\">Optimizing IT resources;<\/li>\n<li aria-level=\"1\">Verify the security of your architecture to prevent future incidents.<\/li>\n<\/ul>\n<p> <\/p>\n<p><span style=\"font-weight: 400;\">As Synetis is a PASSI-qualified company, the architecture audit can be carried out under this qualification as defined by ANSSI. This applies, for example, to the audit of a Restricted Diffusion network or a SecNumCloud qualification. <\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-4dfaf54 e-flex e-con-boxed e-con e-parent\" data-id=\"4dfaf54\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-810e8d4 elementor-widget elementor-widget-heading\" data-id=\"810e8d4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Architecture audit methodology<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-79bd4b6 elementor-widget elementor-widget-text-editor\" data-id=\"79bd4b6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">During an architecture audit, the following aspects in particular are checked (non-exhaustive list):<\/span><\/p>\n<p> <\/p>\n<ul>\n<li aria-level=\"1\">Perimeter defense ;<\/li>\n<li aria-level=\"1\">Defense in depth ;<\/li>\n<li aria-level=\"1\">Partitioning ;<\/li>\n<li aria-level=\"1\">Breaking protocol;<\/li>\n<li aria-level=\"1\">Flow management ;<\/li>\n<li aria-level=\"1\">MCO\/MCS, backup and logging policies ;<\/li>\n<li aria-level=\"1\">Disaster recovery plan ;<\/li>\n<li aria-level=\"1\">&#8230;<\/li>\n<\/ul>\n<p> <\/p>\n<p><span style=\"font-weight: 400;\">The methodology used by Synetis is based on the various technical guides and recommendations issued by ANSSI (Agence Nationale de la S\u00e9curit\u00e9 des Syst\u00e8mes d&#8217;Information). At every point of the infrastructure, Synetis auditors focus their attention on the coverage of Information Systems Security (ISS) requirements, i.e. : Availability, Integrity, Confidentiality and Traceability.<\/span><span style=\"font-weight: 400;\"><br\/><\/span><span style=\"font-weight: 400;\"><br\/><\/span><span style=\"font-weight: 400;\">Any <\/span><b>operational constraints<\/b><span style=\"font-weight: 400;\"> and business needs in the application of these guides and their associated recommendations <\/span><b>are taken into account<\/b><span style=\"font-weight: 400;\"> by Synetis auditors.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-e9e2089 e-flex e-con-boxed e-con e-parent\" data-id=\"e9e2089\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-19efdae elementor-widget elementor-widget-heading\" data-id=\"19efdae\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Literature review<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1788894 elementor-widget elementor-widget-text-editor\" data-id=\"1788894\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">This part of the audit consists of comparing your documentation with the selected standards. The audit team uses the various mappings provided to analyze your security: <\/span><\/p>\n<p> <\/p>\n<ul>\n<li aria-level=\"1\">Mapping information system administration ;<\/li>\n<li aria-level=\"1\">Logical network mapping ;<\/li>\n<li aria-level=\"1\">Application mapping ;<\/li>\n<li aria-level=\"1\">Physical mapping of the network.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6a27f7a elementor-widget elementor-widget-heading\" data-id=\"6a27f7a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Interviews with teams<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5e3830b elementor-widget elementor-widget-text-editor\" data-id=\"5e3830b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Carrying out an audit also requires discussions around the business context of the audited perimeter and questions to clarify the auditors&#8217; and teams&#8217; understanding of the documentation received.<\/span><\/p>\n<p> <\/p>\n<p><span style=\"font-weight: 400;\">Additional questions can also be asked on less technical aspects.<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-78c2e41 e-flex e-con-boxed e-con e-parent\" data-id=\"78c2e41\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-cab1247 elementor-widget elementor-widget-heading\" data-id=\"cab1247\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Some examples of architecture audit results<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-97c339d elementor-widget elementor-widget-text-editor\" data-id=\"97c339d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The following are some illustrative results from our IS architecture audit work:<\/span><\/p>\n<p> <\/p>\n<ul>\n<li aria-level=\"1\">Unsatisfactory partitioning (risk of lateral displacement) ;<\/li>\n<li aria-level=\"1\">Lack of separation between critical services ;<\/li>\n<li aria-level=\"1\">Little or no filtering of incoming and\/or outgoing flows;<\/li>\n<li aria-level=\"1\">No nomadic access control ;<\/li>\n<li aria-level=\"1\">No system hardening ;<\/li>\n<li aria-level=\"1\">No maintenance policy procedures ;<\/li>\n<li aria-level=\"1\">No centralization and\/or supervision of logs ;<\/li>\n<li aria-level=\"1\">Exposure of internal cloud services to the Internet.<\/li>\n<\/ul>\n<p> <\/p>\n<p><span style=\"font-weight: 400;\">An architecture audit is an essential investment for any company wishing to verify and improve the security of its infrastructure. By identifying and correcting vulnerabilities, you can considerably reduce the risk of incidents, while improving the performance of your IT department. <\/span><\/p>\n<p> <\/p>\n<p><b><a href=\"https:\/\/www.synetis.com\/en\/contact\/\" target=\"_blank\" rel=\"noopener\">Contact our Synetis experts<\/a> for more information about <\/b><b>architecture audits to improve your cybersecurity!<\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Architecture audit A technical architecture audit to reinforce the security of your IT infrastructure Contact our teams Purpose of an architecture audit The aim of an architecture audit is to identify weaknesses or non-compliance with recommended security practices.An architecture audit is based on a documentary analysis followed by interviews with the people in charge of [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"parent":22669,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"class_list":["post-22679","page","type-page","status-publish","hentry"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/pages\/22679","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/comments?post=22679"}],"version-history":[{"count":1,"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/pages\/22679\/revisions"}],"predecessor-version":[{"id":22682,"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/pages\/22679\/revisions\/22682"}],"up":[{"embeddable":true,"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/pages\/22669"}],"wp:attachment":[{"href":"https:\/\/www.synetis.com\/en\/wp-json\/wp\/v2\/media?parent=22679"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}