# Cloudasaservices Architecture Review Checklist

Use this checklist to make architecture review conversations more disciplined and more useful.

## 1. Business Context

- What business outcome is this architecture meant to support?
- Which risks matter most right now: cost, resilience, delivery speed, compliance, or security?
- Which teams own the next decision?

## 2. Current-State Baseline

- Is the current estate documented at a useful level?
- Are dependencies, external integrations, and operational constraints understood?
- Is there a clear view of existing pain points, incidents, or delivery bottlenecks?

## 3. Cloud Foundation

- Are account, subscription, or project structures fit for scale?
- Are landing zones, networking, and guardrails consistent?
- Are environment patterns repeatable rather than hand-built?

## 4. Security and Compliance

- Is identity and access design aligned to least privilege?
- Are key controls embedded into delivery, or added later as manual review?
- Is evidence capture reliable enough for audit or governance needs?

## 5. Reliability and Operations

- Are monitoring, alerting, and logging good enough for real incident response?
- Is backup, recovery, and resilience planning documented and tested?
- Are ownership and escalation paths clear?

## 6. Delivery and Change

- Are CI/CD and release workflows stable enough for safe delivery?
- Is rollback or remediation practical when changes fail?
- Are architecture decisions helping delivery speed or getting in the way?

## 7. Cost and Governance

- Is cloud spend visible by team, service, or product?
- Are there signs of idle, oversized, or weakly owned workloads?
- Is cost governance practical enough to be sustained?

## 8. Next-Step Decision

- What should be stabilized first?
- What should be modernized next?
- Which issues require a structured program rather than isolated fixes?

## Recommended Output

- A short summary of the biggest constraints
- A prioritized next-step list
- Named owners for the first wave of work
- A decision on whether the next move is assessment, implementation, or broader transformation planning