Enterprise Architecture &  IT standards
Upcoming SlideShare
Loading in...5
×
 

Enterprise Architecture & IT standards

on

  • 757 views

My objective with this presentation is to introduce the key frameworks and standards that provide practical guidance when tackling an EA project or implementing an EA capability. ...

My objective with this presentation is to introduce the key frameworks and standards that provide practical guidance when tackling an EA project or implementing an EA capability.

There is currently not a universality accepted definition of EA and therefore it is important to but context to the presentation, so before we start discussing standards and frameworks that address the challenges, I want to take a minute to state my definition of Enterprise Architecture.

Statistics

Views

Total Views
757
Views on SlideShare
757
Embed Views
0

Actions

Likes
1
Downloads
56
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Remember that Guns N’ Roses album, The Spaghetti Incident?You’re forgiven if you don’t, as it wasn’t one of their best. The album was essentially a mishmash compilation of cover songs that when cobbled together didn’t sound all that great. Now think about your IT architecture, can you see a resemblance? A mishmash of technologies – new and old – all trying to work together in a spaghetti-like structure? 
  • Untangling the IT environment requires planning and management and in this presentation I will give a quick overview of some key challenges identified by research firms that will lead to even more entanglement if not managed properly.There is currently not a universality accepted definition of EA and therefore it is important to but context to the presentation, so before we start discussing standards and frameworks that address the challenges, I want to take a minute to state my definition of Enterprise Architecture.My objective with this presentation is to introduce the key frameworks and standards that provide practical guidance when tackling an EA project or implementing an EA capability.
  • Forrester Research figures that CIOs currently spend 60% of their time as "chief maintenance officers" -- that is, they have to devote several hours a day to making sure that all the IT infrastructure and applications are running smoothly.But Forrester envisions a shift to an era of what it calls empowered business technology (EBT), in which business units are more involved in deciding what their technology needs are and how to achieve them.This transition would greatly reduce the number of hours that CIOs spend as chief maintenance officers and allow them to devote a good deal more time and energy managing things like risk, vendors and innovation.
  • Gartner is advising corporations to adopt a new style of enterprise architecture called "emergent architecture," which the analyst firm says is necessary to respond to the growing complexity in markets, economies, networks and companies.Gartner has identified a variety of properties that differentiate emergent architecture from the traditional approach. Non-deterministic - Using emergent architecture, they instead must decentralise decision-making to enable innovation.Autonomous actors - They must now recognise the broader business ecosystem and devolve control to constituents.Rule-bound actors - Where in the past enterprise architects provided detailed design specifications for all aspects of the EA, they must now define a minimal set of rules and enable choice.Goal-oriented actors - Previously, the only goals that mattered were the corporate goals but this has now shifted to each constituent acting in their own best interests.Local Influences: Actors are influenced by local interactions and limited information. Feedback within their sphere of communication alters the behaviour of individuals. No individual actor has data about all of an emergent system. EA must increasingly coordinate.Dynamic or Adaptive Systems: The system (the individual actors as well as the environment) changes over time. EA must design emergent systems sense and respond to changes in their environment.Resource-Constrained Environment: An environment of abundance does not enable emergence; rather, the scarcity of resources drives emergence
  • Integrated Reporting is intended to improve communication between companies and capital marketsAn Integrated Report provides financial and non-financial information of a company’s strategy, performance and governance in its business and social context, in a way that highlights the interdependencies of the informationOrganizations would need to explain their business model, and how they create value over the short, medium and long termThere is no standard format for an Integrated Report, but the IIRC has provided Guiding Principles for an Integrated Report
  • JohnZachman is the father of EA and his framework is a brilliant “thinking model” to help in making sense of how to eat Elephant. He identified the value of EA to business in times of rapid change and increased complexity.As part of the EA research forum’s (consisting of academics, EA’s and business professionals) definition we included that section that EA is ongoing effort and that EA is not only a project.ISO 42010 is the best standard available that can be used to define the scope of work that needs to be done by Architects.
  • JohnZachman is the father of EA and his framework is a brilliant “thinking model” to help in making sense of how to eat Elephant. He identified the value of EA to business in times of rapid change and increased complexity.As part of the EA research forum’s (consisting of academics, EA’s and business professionals) definition we included that section that EA is ongoing effort and that EA is not only a project.ISO 42010 is the best standard available that can be used to define the scope of work that needs to be done by Architects.
  • ISO/IEC/IEEE 42010 aims to standardise the practice of architecture description by defining standard terms, presenting a conceptual foundation for expressing, communicating and reviewing architectures and specifying requirements that apply to architecture descriptions, architecture frameworks and architecture description languages.ISO/IEC/IEEE 42010 facilitate the expression and communication of architectures and thereby lay a foundation for quality and cost gains through standardisation of elements and practices for architectural description.
  • There are a wide range of EA frameworks available that address some or all aspects of EA, but the question now is – Which one do I choose?Will it address the business need of managing change or reducing risk in my organisation?To answer that question we have another ISO standard
  • ISO 15704 Requirements for enterprise-reference architectures and methodologies (including the Generalised Enterprise Reference Architecture and Methodology [GERAM] addendum)The architecture aims to be a relatively simple framework upon which all the functions and activities involved in the aforementioned phases of the life of the enterprise-integration project can be mapped. It also will permit the tools used by the investigators or practitioners at each phase to be indicated. The architecture defined will apply to projects, products, and processes; as well as to enterprises.Lets step through an example where we see how the TOGAF framework support change in the organisation
  • ISO 15704 Requirements for enterprise-reference architectures and methodologies (including the Generalised Enterprise Reference Architecture and Methodology [GERAM] addendum)The architecture aims to be a relatively simple framework upon which all the functions and activities involved in the aforementioned phases of the life of the enterprise-integration project can be mapped. It also will permit the tools used by the investigators or practitioners at each phase to be indicated. The architecture defined will apply to projects, products, and processes; as well as to enterprises.Lets step through an example where we see how the TOGAF framework support change in the organisation
  • As part of the framework we have the Generalised Enterprise Reference Architecture (GERA) entities.Understanding the fact that there are more that 1 type of entity in an organisation help with the management and planning of the EA effort.GERA identifies the following key entities:Strategic Enterprise Management Entity (Type 1)defines the necessity and the starting of any enterprise engineering / integration effort.Enterprise Engineering/Integration Entity (Entity Type 2) provides the means to carry out the enterprise engineering efforts defined by enterprise Entity Type 1. It employs a methodology (Entity Type 5) to define, design, implement and build the operation of the enterprise entity (Entity Type 3).Enterprise Entity (Entity Type 3) is the result of the operation of Entity Type 2. It uses a methodology (Entity Type 5) and the operational system provided by Entity Type 2 to define, design, implement and build the products and customer services of the enterprise (Entity Type 4).Product Entity (Entity Type 4) is the result of the operation of Entity Type 3. It represents all products and customer services of the enterprise.It is important to note that each Entity has a defined lifecycle and life history. For the purpose of our discussion today we will only look at the lifecycle.
  • The lifecycle phases of an entity is important to understand and to note that different international frameworks and methods support different parts of the lifecycle in more or less detail.
  • Enterprise Architecture alone will not solve the spagetti structure in the organisation. We need a Governance structure to ensure that the architecture is implemented in the organisation.The IT engagement model described in Enterprise Architecture as Strategy, creating a foundation for business execution by Jeanne Ross, Peter Weill and David Robertson is in my opinion a good starting point for reviewing or implementing a governance structure around the EA effort.The IT engagement model is a system of governance mechanisms assuring that business and IT projects achieve both local and company-wide objectives.Companywide IT GovernanceProject ManagementLinking Mechanisms:Business LinkageAlignment LinkageArchitecture Linkage
  • In the presentation we discussed the standards selecting and managing EA within the organisation and how it relate to other management frameworks. There are however specific styles of e.g. security, SOA and risk that require more customised architecture implementations and here I just want to mentions a few quick start guides that can support the effort:Open Enterprise Security Architecture (O-ESA) Guide Reference resource for practicing security architects and designersISO/IEC 27001/2 standardISO/IEC 16680:2012 is The Open Group Service Integration Maturity Model (OSIMM)It specifies a model against which the degree of service integration maturity of an organization can be assessed, and a process for assessing the current and desired degree of service integration maturity of an organization, using the model.The Open Group Technical Standard: FAIR – ISO/IEC 27005 CookbookThe Factor Analysis for Information Risk (FAIR) is complementary to other risk assessment models/frameworks, including COSO, ITIL, ISO/IEC 27002, COBIT, OCTAVE, etc. It provides an engine that can be used in other risk models to improve the quality of the risk assessment results

Enterprise Architecture &  IT standards Enterprise Architecture & IT standards Presentation Transcript

  • Architecture Standards Presented by Louw Labuschagne 1 www.csInteractiveTraining.com www.csInteractiveTraining.com
  • Introduction TOGAF ADM SOA Zachman Framework GERAM COBIT EA as Strategy ISO/IEC 38500 Architectur e Capability ArchiMate SOCCI ISO/IEC 42010 2 www.csInteractiveTraining.com Open Enterprise Security Architectur e
  • Forrester: Empowered Business Technology • CIOs will have more time and energy managing things like risk, vendors and innovation. Forrester Research figures that CIOs currently spend 60% of their The breakdown of current and just-beyond-the-horizon CIO time as "chief maintenance officers" Chief maintenance officer: 25% Chief vendor manager: 20% Chief enterprise architect: 20% Chief risk officer: 15% Chief innovation officer: 15% Chief demand officer: 5% Chief maintenance officer: 60% Chief vendor manager: 10% Chief enterprise architect: 10% Chief risk officer: 10% Chief innovation officer: 5% Chief demand officer: 5% Source: Forrester Research, July 2011 Accessed: Jamie Eckle On: 13 Oct 2011 For: Computerworld 3 Business units are more involved in deciding what their technology needs are w w w . c s I andc how ato nachieve them. ntera tiveTr ini g.com Current CIOs Empowered Business Technology CIOs duties
  • Gartner: Emergent Architecture New "emergent architecture” is necessary to respond to the growing complexity in markets, economies, networks and companies. 1. Decentralise decision-making to enable innovation. 2. Architects recognise the broader business ecosystem and devolve control to constituents. 3. Enterprise architects define a minimal set of rules and enable choice. 4. Goal-oriented, not just corporate goals but also each constituent acting in their own best interests. 5. EA must increasingly coordinate actors that are influenced by local interactions and limited information 6. The system (the individual actors as well as the environment) changes over time. EA must design emergent systems that sense and respond to changes in their environment. 7. The scarcity of resources drives emergence. 4 www.csInteractiveTraining.com
  • KPMG: Integrated Reporting An Integrated Report provide information of a company in a way that highlights the interdependencies of the information. • Integrated Reporting is intended to improve communication between companies and capital markets • Provide financial and non-financial information of a company’s strategy, performance and governance in its business and social context, in a way that highlights the interdependencies of the information • Organisations would need to explain their business model - KPMG Integrated Reporting publication, Issue 1, 2011, KPMG 5 www.csInteractiveTraining.com
  • My Definition of Enterprise Architecture "If you get really honest and search all of history, seven thousand years of known history of humankind, to find how humanity has learned to cope with two things, complexity and change… there is one game in town, ARCHITECTURE.” John Zachman ISO/IEC 42010:2007 defines “architecture” as: “The fundamental organization of a system, embodied in its components, their relationships to each other and the environment, and the principles governing its design and evolution.” 6 www.csInteractiveTraining.com
  • My Definition of Enterprise Architecture "If you get really honest and search all of history, seven thousand Enterprise history of humankind, to continuous has years of known Architecture is thefind how humanity practice of learned to cope the two things, complexity and change… there is describing with essential elements of a socio-technical one game in town, ARCHITECTURE.” organisation, their relationships to each other and to the environment, in order to understand complexity and manage ISO/IEC 42010:2007 defines “architecture” as: “The fundamental organization of a system, embodied in its components, their change. relationships to each other and the environment, and the principles governing its - design and evolution.” Enterprise Architecture Research Forum (EARF) 7 www.csInteractiveTraining.com
  • Conceptual Model Of Architectural Description ISO/IEC/IEEE 42010 aims to standardise the practice of architecture description by • • defining standard terms, presenting a conceptual foundation for expressing, communicating and reviewing architectures and specifying requirements that apply to o architecture descriptions, o architecture frameworks and o architecture description languages. • 8 www.csInteractiveTraining.com
  • Enterprise Architecture Frameworks ICODE iCode Security Architecture Framework AAF Automotive Architecture Framework BCA Business Capability Architecture IFW IBM Information FrameWork (IFW) Business Enterprise Architecure Modeling 4+1 Kruchten's 4+1 view model BEAM BPEAM CEA CIAF iteratec best-practice enterprise architecture management (EAM) method CEA Framework: A Service Oriented Enterprise Architecture Framework (SOEAF) Capgemini Integrated Architecture Framework DoDAF US Department of Defense Architecture Framework MODAF NAF NIST-EAM PEAF DRA1 Dragon1 PPOOA E2AF Extended Enterprise Architecture Framework SABSA EXAF Extreme Architecture Framework FEAF US Federal Enterprise Architecture Framework FFLV+GODS FSAM GEAF HEAF 9 Functions-Flows-Layers-Views + GovernanceOperations-Development-Support Federal Segment Architecture Methodology (FSAM) Gartner's Enterprise Architecture Framework Health Enterprise Architecture www.csInteractiveTraining.com Framework TEAF TOGAF xAF ZF IADS IAF (UK) Ministry of Defence Architecture Framework NATO C3 Systems Architecture Framework NIST Enterprise Architecture Model Pragmatic Enterprise Architecture Framework Processes Pipelines in Object Oriented Architectures Sherwood Applied Business Security Architecture (US) Treasury Enterprise Architecture Framework The Open Group Architecture Framework Extensible Architecture Framework Zachman Framework IBM Architecture Description Standard Index Architecture Framework
  • ISO 15704 Requirements for enterprisereference architectures and methodologies GERA Identifies concepts of enterprise integration Generic Enterprise Reference Architecture employ PEMs Provide reusable reference models and designs of enterprise concepts Generic Enterprise Modelling Concepts (Particular) Enterprise Models 10 EEM Describe process of enterprise engineering Partial Enterprise Models Enterprise Engineering Methodology utilise Enterprise Engineering Tools GEMCs Define the meaning of enterprise modelling constructs EETs Support enterprise engineering Used to build Enterprise Modules EMOs Provide implementable modules (human, process & technology) (Particular) Enterprise Operational Systems IFIP-IFAC Task Force, 1999) EMLs Provide modelling constructs for modelling enterprise concepts Implemented in support www.csInteractiveTraining.com Enterprise Modelling Languages EMs Enterprise designs, and models to support analysis and operation Used to implement EOS Support the operation of the particular enterprise
  • ISO 15704 Requirements for enterprisereference architectures and methodologies Human Concepts GERA Identifies concepts of Technolo Process enterprise integration gy Concepts Strategic Management Entity (Type 1) Generic Enterprise Reference Architecture EEM Describe process of enterprise engineering employs PEMs Provide reusable reference models and designs of enterprise concepts Enterprise Product (Type 4) Generic Enterprise Modelling Concepts Manufacturi ng Entity (Type 3) www.csInteractiveTraining.com (Particular) Enterprise Models EMLs Provide modelling constructs for modelling enterprise concepts Implemented in Partial Enterprise Models Methodology Entity (Type 5) 11 utilise Concepts Construction Entity (Type 2) Engineering Entity (Type 2) Enterprise Engineering Methodology Enterprise Modelling Languages Enterprise Engineering Tools support GEMCs Define the meaning of enterprise modelling constructs EETs Support enterprise engineering Used to build Enterprise Modules EMOs Provide implementable modules (human, process & technology) (Particular) Enterprise Operational Systems IFIP-IFAC Task Force, 1999) EMs Enterprise designs, and models to support analysis and operation Used to implement EOS Support the operation of the particular enterprise
  • Relationships between GERA Entity Types Product: Enterprise Concept Strategic Management Entity (Type 1) defines the necessity and the starting of any enterprise engineering / integration effort. Engineering Entity (Type 2) provides the means to carry out the enterprise engineering efforts defined by enterprise Entity Type 1. Enterprise Product (Type 4) is the result of the operation of Entity Type 3. It represents all products and customer services of the enterprise. 12 www.csInteractiveTraining.com Product: Enterprise Design Methodology Entity (Type 5) is employed by the Engineering, Construction and Manufacturing entity (Entity Type 3) to define, design, implement and build. Construction Entity (Type 2) provides the means to carry out the enterprise engineering efforts defined by enterprise Entity Type 1. Product: Enterprise Installation Manufacturing Entity (Type 3) is the result of the operation of Entity Type 2. It uses the operational system provided by Entity Type 2 to define, design, implement and build the products and customer services of the enterprise (Entity Type 4).
  • ISO 15704 Requirements for enterprisereference architectures and methodologies Generalised Enterprise Reference Architecture and Methodology (GERAM) is an enterprise-reference architecture that models the whole life history of an enterprise integration project from Entity Life-cycle Phases Identification Concept Requirements Preliminary Design initially developed it, • through its definition, • functional design or specification, Detailed Design • detailed design, Implementation • physical implementation or construction, Operation Decommission 13 • its initial concept in the eyes of the entrepreneurs who www.csInteractiveTraining.com • and finally operation • to obsolescence.
  • The Open Group Architecture Framework (TOGAF) aligned with other management frameworks • The Architecture Development Method (ADM) is an iterative approach to planning, designing, realising, and governing the architecture. ISO/IEC 20000: 2005 Decommission Identification ISO 38500:2008 Concept Operation Requirements Implementatio n ISO 21500:2012 Detailed Design ISO/IEC 15504 (SPICE) 14 www.csInteractiveTraining.com Preliminary Design
  • IT Engagement Model • Based on the model defined in Enterprise Architecture as Strategy (Ross, Weill & Robertson) Alignment IT Business Company strategy Enterprise & operations Alignment Linkage architecture Coordination • • • Project Management Office Business – IT relationship managers Project manager training Company Level Companywide IT Governance Architecture Linkage • • • Architect on projects Project funding based on Architecture compliance Architect training Business sponsors for projects Solution Regular project reviews by Project plan Architecture company level office • Process owners w w w . c s I n t e r a c t i v e T r a i n i n g . c o Project Management • m Incentives tied to company goals • • 15 Project Level Business Linkage
  • SOA, Security & Risk Architecture Styles • Open Enterprise Security Architecture (O-ESA) Guide • • Reference resource for practicing security architects and designers ISO/IEC 27001/2 standard • ISO/IEC 16680:2012 is The Open Group Service Integration Maturity Model (OSIMM) • • It specifies a model against which the degree of service integration maturity of an organization can be assessed, and a process for assessing the current and desired degree of service integration maturity of an organization, using the model. • The Open Group Technical Standard: FAIR – ISO/IEC 27005 Cookbook • 16 The Factor Analysis for Information Risk (FAIR) is complementary to other risk assessment models/frameworks, including COSO, ITIL, ISO/IEC 27002, COBIT, OCTAVE, etc. • It provides an engine that can be used in other risk models to improve the quality of the risk assessment results www.csInteractiveTraining.com
  • Business owners need to realise that their enterprise architecture design is a reflection of their business even if it is not intentional. If you don’t care about your enterprise architecture then your design is telling people that you don’t care about your business. — MARCO SUAREZ (SLIGHTLY ADAPTED) 17 www.csInteractiveTraining.com