Conducting a security audit including several technical audits, an architecture and design review as well as a workshop on security-related decisions for future products and services and extending the current infrastructure