I have designed many programs using kobo for a private company , lately their IT team wanted to check with me for further work . Some of the question they asked are coped in this email below , Can you please provide your feedback on these and what you propose if the company wanted to make the data on private server ?
Solution design light (SDL) hosting document / application architecture diagram to understand the components used and integrations to it
Application hosting details - On-prem/ IaaS / Off-prem (IaaS / PaaS / SaaS)
If this is SaaS/PaaS application, please share the latest SOC2 Type 2 report / ISO27001 certificate, Statement of Applicability, Policy and Procedure documents / Information security process document for all the security domains from vendor/supplier.
If Enterprise Architect (EA) has already approved the solution, please share the EA approval email.
Penetration test or vulnerability scan report (Optional)
User Access Management process document for application (Optional)