Begin by defining the high-level scope so the audit can be calibrated to your specific integration scenario.
Project codename or identifier
Briefly describe the systems, sub-systems, or components that must interoperate
Integration pattern
Point-to-point
Event-driven (pub/sub)
API Gateway
ESB/Middleware
Micro-service mesh
Other/Hybrid
Deployment topology
On-prem ↔ On-prem
Cloud ↔ Cloud (same provider)
Cloud ↔ Cloud (cross-provider)
On-prem ↔ Cloud
Hybrid Kubernetes
Edge ↔ Core
Is this a green-field integration or are you replacing an existing interface?
Describe the current interface and its pain points
Explain why the legacy interface is being retired
Mismatched protocols and data formats remain the #1 source of rework. Verify readiness here.
Transport protocols already supported by ALL endpoints
HTTP/1.1
HTTP/2
HTTP/3
gRPC
WebSocket
MQTT
AMQP
Kafka
Modbus TCP
OPC UA
CAN
Profinet
Other
If multiple protocols coexist, who provides the protocol translation?
Built-in adapter in source system
Built-in adapter in target system
API Gateway
Message broker/bus
Custom code
Not yet decided
Message formats you will accept in production
JSON (REST)
XML (SOAP)
XML (plain)
Avro
Protobuf
YAML
CSV
EDIFACT
HL7 FHIR
Custom binary
Other
Do any endpoints require data transformation (e.g., field mapping, unit conversion)?
Where will this transformation execute?
Inside source system
Inside target system
Edge Integration Engine (e.g., Camel, Mule)
Serverless function
ESB/BPM
Not yet decided
Will schema validation be enforced at runtime?
Validation mechanism
JSON Schema
XSD
Avro Schema Registry
Protobuf Schema Registry
Custom code
Other
Are there character-set or encoding conflicts (e.g., UTF-8 vs ASCII vs EBCDIC)?
Maximum acceptable message size (MB) across the interface
Expected peak throughput (transactions/sec)
List any legacy or proprietary protocols that must be reverse-engineered
Security misalignment causes late-stage gate failures. Confirm readiness across trust boundaries.
Authentication model
API Key
mTLS (mutual TLS)
OAuth 2.0 / OIDC
SAML
Kerberos
SSH Key
IP Whitelist
None/Internal network
Is certificate rotation automated?
Will you enforce end-to-end payload encryption in addition to transport encryption?
Encryption scope
Field-level encryption
Message-level encryption
Both
Which security standards must the integration comply with?
ISO 27001
NIST SP 800-53
IEC 62443
HIPAA
PCI-DSS
GDPR
SOC 2
None
Other
Have you performed a Threat-Model review specific to this interface?
Is an API rate-limiting/throttling policy already defined?
Explain how you will protect against abuse
Physical layer mismatches (power, connectors, environmentals) often surface only during FAT/SAT. Capture them now.
Mounting standard for any physical device
DIN rail
19-inch rack
Wall-mount
Free-standing cabinet
PCB mezzanine
Not applicable (software only)
Are there hazardous-area classifications (Zone 1, Zone 2, Class I Div 2, etc.)?
Do cable runs exceed 100 m?
How will you mitigate signal degradation?
Fiber conversion
Repeater/hub
Higher AWG cable
Protocol-specific extender
Not yet decided
Connector types already approved by your standards
RJ45
M12
M8
DB9
Micro-USB
USB-C
LC/SC fiber
SFP+/QSFP
LEMO
MIL-spec
Terminal blocks
Other
Operating temperature range (°C) for field devices
IP/NEMA rating required for field devices
Is galvanic isolation required between subsystems?
Are there space-claim or weight restrictions for the physical device?
Provide max envelope dimensions and weight
Is PoE (Power over Ethernet) adequate or do you need external 24 VDC / 110 VAC / 230 VAC?
List any special grounding or shielding requirements
Time is often the hidden variable. Validate clocks, latency budgets, and jitter requirements.
Time-synchronization protocol
NTP
PTP (IEEE 1588)
GPS/IRIG-B
SNTP
Manual
Not required
Maximum acceptable clock drift across nodes (ms)
End-to-end latency budget (ms)
Is jitter or deterministic latency critical?
Specify max jitter and average latency
Do you need redundant time sources for fail-over?
Will you timestamp data at source or at gateway?
Unplanned down-time is costly. Confirm how redundancy is engineered.
Redundancy model
Active-Active (load-shared)
Active-Passive (warm standby)
Cold standby
N+1 modular
Not required
Target Recovery Time Objective (RTO) in minutes
Maximum acceptable data loss (Recovery Point Objective - RPO) in seconds
Do you require stateful fail-over (zero session loss)?
Is there a quorum or split-brain protection mechanism?
Will you perform chaos/disaster-recovery testing during commissioning?
Interfaces evolve. Ensure you have a plan to avoid breaking changes.
API/Interface versioning strategy
URL path (/v1/)
Query param?version=1.0
Header Accept-version
Content negotiation
Backwards compatible only
Not yet defined
Do you use contract-driven development (OpenAPI, AsyncAPI, Protobuf)?
Are blue-green or canary deployments possible for this integration?
Describe your deprecation policy
Is there an automated CI/CD pipeline covering integration tests?
You cannot support what you cannot observe. Confirm logging, metrics, and traceability.
Which observability stack will you use in production?
Prometheus + Grafana
InfluxDB + Telegraf
DataDog
New Relic
Dynatrace
Splunk
ELK
Jaeger/OpenTelemetry
Other/On-prem SIEM
Will you implement distributed tracing across all hops?
Are SLAs already defined (availability, error rate, response time)?
Do you have a run-book or playbook for first-line support?
Alert routing channel
Microsoft Teams
Slack
PagerDuty
ServiceNow
SNMP trap
Other
List any critical KPIs not covered above
Late discovery of missing certifications can stall go-live. Confirm alignment now.
Which industry standards must the integration satisfy?
ISO 9001
IEC 61508 (SIL)
IEC 62056 (DLMS/COSEM)
IEEE 1815 (DNP3)
IEC 61850
ISA-95
ODBC/JDBC
OPC UA Compliance
W3C Web service standards
Other
Do you need third-party certification (e.g., TÜV, UL, CE)?
Are penetration tests or security audits mandated before commissioning?
Is there an internal Design Review gate that must pass?
Target date for all compliance evidence to be ready
Capture residual risks and their treatment status. This feeds directly into the project risk register.
Rate the likelihood and impact of the following integration risks
Very Low | Low | Medium | High | Very High | |
|---|---|---|---|---|---|
Protocol mismatch requiring custom adapter | |||||
Security certificate expiry during warranty | |||||
Physical connector unobtainable in region | |||||
Firmware update bricks device | |||||
Latency exceeds real-time requirement | |||||
Vendor discontinues interface support |
Describe any risk mitigation actions already completed
Describe any residual risks that require management escalation
Confirm readiness to proceed to detailed design and procurement.
I confirm that all interface specifications are at least v0.9 and under configuration control
I confirm that lab integration testing has been budgeted and scheduled
I confirm that spare parts (connectors, converters, licenses) have been identified and long-lead items ordered
I confirm that support staff have been trained or training is in the plan
Lead Integrator signature
Analysis for Technical System Integration Readiness Audit
Important Note: This analysis provides strategic insights to help you get the most from your form's submission data for powerful follow-up actions and better outcomes. Please remove this content before publishing the form to the public.
This Technical System Integration Readiness Audit excels as an engineering-centric diagnostic tool designed to surface hidden blockers before they derail complex integration projects. The form’s structure mirrors a typical systems-engineering V-model, moving logically from high-level scope down to physical, protocol, security, and lifecycle concerns, then back up to risk, compliance, and sign-off. By forcing teams to answer questions while still in the concept/tender phase, the form acts as an early-warning radar that prevents the classic late-project discovery: “the legacy PLC only speaks Modbus RTU and our gateway is HTTP-only.”
Another major strength is the granular optionality baked into almost every question. Mandatory fields are kept to the absolute minimum required for calibration (project ID, systems in scope, integration pattern, topology, transport protocols, auth model, redundancy model, versioning strategy, physical mount, time-sync protocol, and final checklist attestations). Everything else is optional, yet the rich follow-up questions encourage deeper disclosure only when relevant. This design balances data-collection depth with completion-rate psychology, respecting the reality that engineers will abandon a form that feels like an interrogation.
The form also leverages contextual micro-copy (“Mismatched protocols remain the #1 source of rework…”) to educate while it collects, turning each section into a mini-checklist that raises the technical maturity of the responder. Finally, the inclusion of a risk matrix with 5×5 likelihood-impact scales provides quantitative inputs that can be directly imported into a project risk register, ensuring the audit output is actionable for PMOs and quality gates.
This lightweight text field is the primary key for every downstream artifact—Git repositories, Jira projects, FAT protocols, and compliance evidence packages. By making it mandatory and single-line, the form guarantees traceability without burdening the user. The placeholder “e.g., Project Orion” nudges teams toward memorable, codified names that improve cross-functional communication.
From a data-quality lens, the open-ended format allows flexibility, but the implied uniqueness constraint (no two projects should share the same codename) encourages organizations to adopt a naming convention that prevents collision in CMDB or asset-management systems. The field’s placement at the very start of the form also exploits the commitment/consistency principle—once a user types a codename, they psychologically “own” the audit and are more likely to complete it.
Privacy considerations are minimal because the codename is typically pseudonymous; no personal data is requested here, aligning with GDPR data-minimization rules while still providing an audit trail.
Acting as the scope boundary for every subsequent technical question, this multiline field captures the “what” in plain language. The example placeholder (“ERP ↔ CRM via REST, legacy PLC ↔ new SCADA…”) teaches users to state both entities and interface mechanism, reducing ambiguity during later design reviews.
The mandatory nature ensures that reviewers can calibrate the remaining questions—protocol, security, latency, physical—against the actual systems involved. Without this context, two endpoints that both “support HTTP” might still fail if one is a 1990s SCADA with a brittle HTTP 0.9 stack. By forcing a narrative description, the form collects qualitative data that keyword checklists would miss.
Usability is enhanced by the multiline expansion, preventing the cognitive compression that occurs when engineers try to cram complex topologies into a single-line text box. The field also doubles as a knowledge-management asset; future teams can search the audit repository for similar integration patterns and reuse lessons learned.
This single-choice question operationalizes the famous Gregor Hohpe enterprise-integration patterns into six concise options. Making it mandatory forces architects to choose a pattern early, which exposes hidden assumptions (“we’ll just use REST” actually implies point-to-point, not event-driven) and prevents the accidental complexity of mixing patterns mid-project.
Data-collection implications are significant: the selected pattern determines default answers for later questions. For instance, choosing Event-driven (pub/sub) will pre-validate that MQTT or Kafka appears in the transport-protocol checklist, while Micro-service mesh triggers additional Istio/mTLS questions in the security section. This conditional logic reduces respondent burden and improves consistency.
From a risk perspective, early pattern selection allows enterprise architects to flag divergence from the company’s reference architecture, escalating review gates before procurement dollars are spent.
Topology is the physical canvas on which the logical integration pattern must operate. By mandating this field, the form uncovers geopolitical, latency, and compliance constraints that pure software architects often overlook. For example, Cloud ↔ Cloud (cross-provider) immediately signals potential egress-cost blowouts and cross-account security complexity.
The curated list balances common scenarios (“On-prem ↔ Cloud”) with emerging ones (“Edge ↔ Core”) without overwhelming the user. Each option maps to a predefined set of follow-up concerns—firewall rules, data-residency clauses, and even rack-space reservations—allowing the audit engine to auto-generate risk items.
Collecting topology data also feeds capacity-planning models; knowing that traffic must traverse AWS → Azure via VPN lets infrastructure teams reserve the right number of virtual interfaces and forecast NAT-gateway costs.
This multiple-choice question is the technical linchpin of the entire audit. By asking which protocols are supported by ALL endpoints (not just one side), the form surfaces the lowest-common-denominator constraint that will dictate adapter effort. Making it mandatory prevents the common “it supports HTTP” hand-wave that omits version or sub-protocol details (HTTP/1.1 vs HTTP/2 vs HTTP/3).
The extensive option list spans IT (HTTP, gRPC, WebSocket) and OT (Modbus TCP, OPC UA, Profinet), acknowledging the convergence reality of Industry 4.0. The inclusion of Other with free-text capture ensures no protocol is left behind, while the multi-select UI allows users to tick multiple transports, reflecting real-world multi-homed endpoints.
Data quality is high because the question explicitly references runtime support, not roadmap slides, forcing teams to validate firmware versions and license features before answering. This reduces the infamous “it will be ready by go-live” syndrome that plagues SI projects.
Similar to the transport question, this mandatory multiple-choice field exposes format mismatches that drive transformation effort. The curated list spans modern (JSON, Protobuf) and legacy (EDIFACT, HL7 FHIR) formats, ensuring no domain is left out. By asking what will be accepted, not just preferred, the form quantifies how many parsers/serializers must be maintained, which directly maps to code-path complexity and test-case explosion.
The question also influences DevOps toolchain selection—choosing both Avro and Protobuf implies the need for Schema Registry clusters and CI tasks that validate backward-compatibility, both of which impact budget and schedule.
From a compliance standpoint, certain formats (HL7 FHIR, EDIFACT) carry regulatory metadata that must be preserved end-to-end; capturing this early ensures privacy officers can sign off on data-lineage requirements before detailed design.
Security is often the longest pole in the integration tent because trust boundaries touch every layer. By mandating this single-choice field, the form forces stakeholders to pick a concrete mechanism, avoiding the vague “we’ll use SSO” answer that collapses under scrutiny. Each option maps to a known set of operational tasks—mTLS implies certificate lifecycle management, OAuth2 implies token introspection endpoints—allowing project managers to estimate effort accurately.
The list balances simplicity (API Key) with enterprise rigor (SAML, Kerberos) and modern cloud-native (OAuth 2.0 / OIDC), ensuring relevance across industries. The absence of a generic “Other” forces teams to select the closest match, reducing snowflake architectures that are impossible to support.
Mandatory capture here also triggers conditional follow-ups (certificate rotation, encryption scope) that feed security-risk heat-maps, ensuring compliance teams can preview audit evidence requirements months in advance.
High-availability requirements drive the largest cost line-items in infrastructure estimates. By making this field mandatory, the audit uncovers stakeholder expectations early, preventing the classic scenario where development optimizes for throughput while operations assumes active-active redundancy. The curated options span hot (Active-Active) to cold (Cold standby), each with clear cost and complexity implications.
The data collected feeds directly into architecture decision records (ADRs) and procurement specs—selecting N+1 modular implies modular PSU and fan trays, while Active-Passive implies license duplication and replicated storage. Early clarity here prevents last-minute purchase orders that blow CAPEX budgets.
From a risk perspective, redundancy model also influences failover testing scope; cold-standby systems require longer RTO validation and chaos-engineering exercises, all of which need to be scheduled during commissioning.
Versioning is the contractual glue that prevents breaking changes from cascading across ecosystems. By mandating this single-choice field, the form ensures that architects adopt a strategy before the first line of code is written, avoiding the expensive retrofit of versioning into a live system. Each option (URL path, header, content negotiation) carries different caching, routing, and consumer-onboarding implications.
The presence of Backwards compatible only and Not yet defined as explicit options forces teams to confront technical debt early. Selecting Not yet defined raises a red flag in the audit dashboard, triggering a mandatory architecture review gate before procurement.
Data quality is enhanced because the question references strategy, not just syntax, encouraging teams to document deprecation policies and consumer communication channels—both of which are required for SOC-2 and ISO-27001 evidence.
Physical integration is often treated as an afterthought until a device arrives with M12 connectors that don’t fit the DIN rail. By mandating this single-choice field, the audit surfaces real-world constraints that affect bill-of-materials, panel drawings, and even hazardous-area certifications. The options span industrial (DIN rail), IT (19-inch rack), and embedded (PCB mezzanine), covering most scenarios.
The mandatory nature ensures that mechanical engineers are looped into design reviews early, preventing the late discovery that a required device is only available in an IP20 plastic housing when the site demands IP67 stainless steel. This single question has been shown to save weeks of procurement delays in brown-field plants.
Collecting mounting data also influences cooling and power budgets—DIN devices often rely on natural convection, while rack-mount servers require front-to-back airflow that may conflict with cabinet HVAC designs.
Clock drift is the silent killer of audit trails, forensic investigations, and real-time control loops. By mandating this single-choice field, the form forces teams to confront timing requirements before devices are procured. The options range from ubiquitous NTP to high-precision PTP (IEEE 1588) and GPS/IRIG-B, each with different network and hardware dependencies.
The data collected feeds into network design—PTP requires boundary-clock switches and low-jitter PHYs, while NTP can ride over existing L3 links. Early selection prevents the expensive rip-and-replace of network gear during commissioning.
From a compliance standpoint, certain standards (IEC 61850, IEEE 1815 DNP3) mandate sub-millisecond timestamp accuracy; capturing the protocol here ensures that test plans include the required oscilloscope-grade validation.
Programmatic success hinges on milestone realism. By making this date field mandatory, the audit forces stakeholders to confront the delta between contractual go-live and the actual time required for TÜV, UL, or CE certification. The date is stored in ISO-8601 format, enabling automatic countdown dashboards that flag slippage weeks in advance.
The field also serves as a forcing function for procurement—long-lead cert labs must be booked early, and any slip here cascades into updated project baselines. Capturing the date in the same audit as technical specs ensures that compliance is treated as a deliverable, not an afterthought.
Privacy is respected because only the date is collected, not personal names, aligning with minimization principles while still providing program-management telemetry.
These mandatory checkbox fields act as quality gates that prevent the audit from being treated as a paperwork exercise. By requiring the lead integrator to attest that interface specs are under configuration control and that lab testing has been budgeted, the form creates an auditable trail that can be referenced during gate reviews.
The spare-parts checkbox, though optional, encourages lifecycle thinking—teams must identify long-lead items (e.g., proprietary SFP+ modules) and order them before factory acceptance testing, avoiding the dreaded “we can’t commission because we’re missing a $50 connector” scenario.
Collecting these attestations in the same tool as the technical data ensures that project managers can generate compliance scorecards without chasing emails, improving governance velocity.
Mandatory Question Analysis for Technical System Integration Readiness Audit
Important Note: This analysis provides strategic insights to help you get the most from your form's submission data for powerful follow-up actions and better outcomes. Please remove this content before publishing the form to the public.
Project codename or identifier
Justification: This field is the unique primary key used to correlate the audit with project-management systems, Git repositories, procurement requisitions, and compliance evidence packages. Without it, the audit cannot be referenced in downstream workflows, undermining traceability and configuration management.
Briefly describe the systems, sub-systems, or components that must interoperate
Justification: The entire audit calibration hinges on understanding the scope of integration. This narrative provides the context required to interpret protocol, security, and physical answers, ensuring that reviewers can flag mismatches (e.g., legacy PLC vs modern REST) that would otherwise surface only during commissioning.
Integration pattern
Justification: The chosen pattern dictates default assumptions for redundancy, latency, and security questions later in the form. Making it mandatory prevents architects from deferring this strategic decision, which is a leading cause of rework when teams discover mid-project that point-to-point will not scale to enterprise throughput.
Deployment topology
Justification: Topology drives network, licensing, and data-residency constraints that affect cost and schedule. A mandatory answer ensures that cloud egress fees, firewall rules, and edge-hardware requirements are evaluated before purchase orders are placed, preventing five-figure budget surprises.
Transport protocols already supported by ALL endpoints
Justification: This multi-select field exposes the lowest-common-denominator protocol that must be used, which directly maps to adapter development effort. Mandatory capture prevents the “it supports HTTP” hand-wave that omits version details, a historical top-three source of SI rework.
Message formats you will accept in production
Justification: Format mismatches require transformation engines that impact latency, cost, and test-case explosion. A mandatory answer ensures that parser/serializer maintenance effort is estimated and budgeted, and that schema-registry infrastructure is procured where needed.
If multiple protocols coexist, who provides the protocol translation?
Justification: Ownership of protocol translation determines which team must design, test, and support the adapter. Making this mandatory clarifies RACI early, preventing the classic gap where “everyone assumed the other side would handle it,” which historically delays FAT by weeks.
Authentication model
Justification: Security is the longest lead item in most integrations due to certificate lifecycle, identity-provider federation, and compliance audits. A mandatory selection forces stakeholders to pick a concrete mechanism, enabling security architects to generate evidence requirements and schedule penetration tests before go-live.
Redundancy model
Justification: HA requirements drive the largest cost line-items (duplicate licenses, load balancers, storage). Mandatory capture ensures that infrastructure CAPEX and failover test schedules are agreed upon before procurement, preventing last-minute budget blowouts.
API/Interface versioning strategy
Justification: Versioning strategy prevents breaking changes that cascade to consumers. A mandatory answer ensures that deprecation policies, consumer communication channels, and schema-registry tooling are defined before code is written, reducing technical debt and SOC-2 audit findings.
Mounting standard for any physical device
Justification: Physical constraints affect panel drawings, hazardous-area certifications, and spare-parts inventory. A mandatory selection ensures mechanical engineers are engaged early, preventing the late discovery that a required device is unavailable in the mandated IP/NEMA rating, which historically stalls FAT by days.
Time-synchronization protocol
Justification: Clock drift invalidates audit trails and real-time control loops. A mandatory choice ensures network designers specify boundary-clock switches or GPS receivers before procurement, avoiding expensive rip-and-replace during commissioning.
Target date for all compliance evidence to be ready
Justification: Certification labs and penetration-test vendors have long lead times. A mandatory date field forces program management to confront the delta between contractual go-live and certification readiness, enabling early booking and preventing last-minute slips that can block production cutover.
I confirm that all interface specifications are at least v0.9 and under configuration control
Justification: This attestation creates an auditable quality gate that prevents the audit from being treated as a paperwork exercise. It ensures that the technical baseline exists and is version-controlled before detailed design begins, reducing scope creep and change-request churn.
I confirm that lab integration testing has been budgeted and scheduled
Justification: Lab testing is the only reliable way to validate latency, failover, and security assumptions. A mandatory checkbox ensures that budget and calendar slots are reserved before procurement, preventing the common scenario where hardware arrives but no budget exists to power and test it.
The form strikes an effective balance by mandating only the minimum viable data required to calibrate the audit and expose high-impact risks. This approach maximizes completion rates while ensuring that critical architectural decisions (protocol, auth, redundancy, versioning, physical mount, and compliance timeline) are captured early. To further optimize, consider making spare-parts identification conditionally mandatory when the deployment topology is Edge ↔ Core or when hazardous-area classifications are selected, as these scenarios historically suffer from long-lead connector shortages.
Additionally, introduce visual indicators (e.g., red asterisk) and inline help tooltips that explain why each field is mandatory; this transparency reduces user frustration and improves data quality. Finally, schedule an annual review of mandatory fields against post-mortem data—if a field shows >95% compliance and no correlation with project delays, consider downgrading it to optional to further reduce friction.
To configure an element, select it on the form.