How long does a Discovery and Review take?

Typically two to four weeks from scoping to readout, depending on the number of workloads and the depth of access available. We agree the timeline during the initial scoping session.

What do we get at the end of the engagement?

You receive a written findings report, a risk and effort matrix, remediation guidance for each finding, a prioritised action plan, and a readout session with your team. Everything is handed over in full.

Can you do the remediation work as well?

Yes. Remediation can be scoped as a follow-on consulting engagement or delivered as part of an ongoing DevOps as a Service arrangement. We discuss the options during the readout.

AWS Discovery and Review | Well-Architected Assessment

Q: What is a Discovery and Review engagement?

A Discovery and Review is a structured assessment of your AWS workloads against the Well-Architected Framework. We review architecture, security, cost, operational readiness, and compliance posture, and deliver prioritised findings with clear remediation guidance.

Q: Do you need access to our AWS accounts?

Yes, read-only access is required to assess your environment accurately. We work with your team to set up a least-privilege IAM role and agree access boundaries before the assessment begins.

Q: What frameworks do you assess against?

The primary framework is the AWS Well-Architected Framework across all six pillars. Where applicable we also map findings against ISO 27001 controls and CPS 234 requirements.

Know exactly where your AWS environment stands.

A scoped engagement that reviews your AWS workloads against the Well-Architected Framework. Architecture, security, cost, and operational readiness assessed together. You receive prioritised findings and clear next steps, not a raw list of issues.

Talk to Us

What you get

Architecture Review

Your workload design assessed against AWS best practices. Resilience, scalability, and single points of failure identified and documented.

Security Assessment

IAM policies, data controls, network posture, and account governance reviewed. Findings ranked by severity.

Cost Analysis

Unused resources, over-provisioned services, and savings plan gaps surfaced. Estimates attached to each finding.

Operational Readiness

Monitoring, alerting, deployment pipelines, and runbooks reviewed. Gaps that increase operational risk flagged.

Compliance Posture

Controls mapped against ISO 27001 and CPS 234 where applicable. Gaps documented with remediation guidance.

Prioritised Recommendations

All findings ranked by risk and effort. You leave with a report you can act on immediately, not a list to interpret.

Scoped assessment. Documented findings. Actionable recommendations.

Discovery

Workload scoping session
Access and tooling agreed
Assessment criteria confirmed
Stakeholders identified
Timeline locked

Assessment

Architecture analysis
Security and IAM review
Cost and tagging audit
Operational controls check
Compliance mapping

Recommendations

Findings report
Risk and effort matrix
Remediation guidance
Prioritised action plan
Readout session with your team

How it works

Four phases, fixed scope, clear output at each stage.

Discover

Scoping session to agree workloads in scope, access requirements, assessment criteria, and timeline.

Assess

Architecture, security, cost, operations, and compliance reviewed against the Well-Architected Framework and your stated goals.

Report

Findings documented with risk level, effort estimate, and remediation guidance for each issue.

Recommend

Readout session with your team. Prioritised action plan handed over. Remediation can be scoped as a follow-on engagement.

Audited and certified

AWS DevOps Competency

ISO 27001 Certified

AWS SaaS Competency

Get a clear picture of your AWS environment.

Tell us which workloads you want reviewed. We will scope the engagement on the first call.

Talk to Us

Frequently asked questions

What is a Discovery and Review engagement?

A structured assessment of your AWS workloads against the Well-Architected Framework, covering architecture, security, cost, operations, and compliance. You receive prioritised findings with remediation guidance.

How long does it take?

Typically two to four weeks from scoping to readout, depending on the number of workloads in scope. We confirm the timeline in the initial session.

Do you need access to our AWS accounts?

Yes. Read-only access via a least-privilege IAM role. We agree access boundaries with your team before the assessment starts.

What frameworks do you assess against?

The AWS Well-Architected Framework across all six pillars. Findings are also mapped against ISO 27001 and CPS 234 where relevant.

What do we get at the end?

A written findings report, risk and effort matrix, remediation guidance, a prioritised action plan, and a readout session with your team.

Can you do the remediation too?

Yes. Remediation can be scoped as a follow-on engagement or run as part of our DevOps as a Service. We discuss the options at the readout.

Discovery and Review

A structured assessment of your AWS workloads. Architecture, security, cost, and operational readiness reviewed against the Well-Architected Framework.