Hello everyone..
I am engineer and I would like to know regarding the review design for security project is it mandatory ? if so why please?
While I find this entire thread hilarious, I'm going to buy in on this one.
No, a design review is not mandatory however it is a very good idea. Not a lot of people commission an independent peer review of their work because they seem to think they know it all. This pervades most industries, but the security industry (being one of the last refuges of the thief and charlatan) seems to suffer worse than most. People tend to believe they can sneeze some technology across a facility and it will solve their perceived security problem, and most salesmen are more than willing to sell them what they can afford in the manner that makes them the highest commission.
Once you realize that nobody is an expert, and no-one has a mortgage on wisdom, then you begin to understand the value of an independent peer review. Unfortunately most security "designers" (I won't call them professionals, because they don't conduct themselves in a manner worthy of that tag) I've met are convinced they know it all, and a peer review will :
A) not be of any value because their design is perfect; and
B) let their competition in on their "trade secrets" giving them a leg up.
You should be able to see the fallacy of these arguments at first glance. Nobody knows it all and anyone who professes to is bullshitting. Likewise, anyone who calls themselves a "security expert" is simply demonstrating the shallowness of their own knowledge horizon.
Get a peer review. It's not just a good idea.