Monthly Archives: September 2014

Enterprise Architecture: A Practitioner View

By Prasad Palli and Dr. Gopala Krishna Behara, Wipro

Overview of Enterprise Architecture

IT organizations as usual are always ready to take challenges and start the journey in defining/refining their IT strategies and aligning with business strategies. During this journey, enterprises adopt a framework / methodology / best-practice / pattern / process called “Enterprise Architecture” which will help them to structure their processes and address growth together.

The effective management and exploitation of information through IT is a key factor to business success, and an indispensable means to achieving competitive advantage. Enterprise Architecture addresses this need, by providing a strategic context for the evolution of the IT system in response to the constantly changing needs of the business environment.

Without Enterprise Architecture

Based on our experience in Enterprise Architecture consulting, we highlight the common mistakes/frequent issues faced by the organizations in the absence of Enterprise Architecture.

Strategy

  • No link to business strategic planning and budget process
  • Slow and ineffective decision-making
  • Inability to rapidly respond to changes driven by business challenges
  • Lack of focus on enterprise requirements
  • Lack of common direction and synergies
  • Focusing on the art or language of EA rather than outcomes
  • Incomplete visibility of the current and future target Enterprise Architecture vision

Governance

  • Inability to predict impacts of future changes
  • Confusing “IT Architecture” With “Enterprise Architecture”
  • Lack of governance
  • Strict following of EA frameworks
  • “Ivory Tower” approach
  • Lack of communication and feedback
  • Limiting the EA team to IT resources
  • Lack of performance measures
  • No measurement criteria for EA metrics
  • Picking a tool before understanding your business needs

Technology

  • Increased gaps and architecture conflicts
  • Lack of commonality and consistency due to the absence of standards
  • Dilution and dissipation of critical information and knowledge of the deployed solutions
  • Rigidity, redundancy and lack of scalability and flexibility in the deployed solutions
  • Over-standardization
  • Non-adoption of Next Generation Technologies
  • Lack of integration, compatibility and interoperability between applications
  • Complex, fragile and costly interfaces between incongruent application

Enterprise Architecture Perspective

The main drivers of Enterprise Architecture of the enterprise are:

  • Highly optimized and flexible processes (Business & IT)
  • Ability to integrate seamlessly with systems within the enterprise and partners
  • Highly optimized and shared IT infrastructure
  • Loosely coupled systems to quickly respond to new processes or new product or new channel – Business value generation
  • Well mapping of business processes to application to information to technology
  • Strict adherence to regulatory and compliance factors

This article highlights our framework of Enterprise Architecture and its roadmap for the development and management of various components. It depicts how these components work together, what are the various measures of business units, enterprise and their outcome. The framework includes putting in place the proper organizational structure and hybrid business/IT roles, consolidating and standardizing information and data stores, and integrating applications and infrastructure to support the right business processes across the enterprise.

The key Components of Enterprise Architecture are depicted below.

EA1

EA – Practical Experience

Enterprise Architecture is not a one-time event, nor limited to specific projects or business units. EA is an on-going, iterative process that provides:

  • A common vision of the future shared by business and IT; business aware of IT and vice-versa
  • Guidance in the selection, creation and implementation of solutions driven by business requirements
  • Support for the various enterprise business lines through improved information sharing – provides plan for the integration of information and services at the design level across business lines
  • A means to control growing complexities of technology by setting enterprise-wide, leverageable standards for information technology
  • Defines an approach for the evaluation, consideration and assimilation of new and emerging technology innovations to meet business requirements

Some of the key aspects that teams will come across during EA execution:

  • EA is NOT a project: This is one of common mistake that most enterprises do. Enterprise Architecture is NOT a project, which can be delivered within specified timeframe. Enterprise Architecture is more of a culture that enterprises must adopt like SDLC process.
  • EA is NOT about review : Generally, people tend to think that EA is always for review and do policing team/individual performance and provide review reports to higher management. Instead EA is of bringing standards and making enterprise flexible to address changes as needed for business growth.
  • EA is NOT a one-time activity: The success of EA is possible only when enterprises will adopt it as part of their culture. For this to happen, Enterprise Architecture should execute as an iterative and on-going process and educate all stakeholders (business, portfolio managers, architects, program/project managers, designers, developers, operations, partners etc.) about the initiative and make them responsible for EA success.
  • EA is NOT for IT: Most of the times Enterprise Architecture initiative is driven by IT organizations without much involvement from Business. This is the first step towards a big failure. Depending upon the approach (whether it is top-down or bottom-up), business should be aware of what’s happening in the Enterprise Architecture initiative and be actively participating in the program when needed. Business is as equally responsible as IT for the success of an EA initiative.
  • EA is NOT a strategy: There is a common view across organizations that Enterprise Architecture is more of a strategy and teams like solution architecture, portfolio management and design & development and operations streams doesn’t have a role to play. In fact, the aforementioned teams are key contributors to Enterprise Architecture definition and its success by inculcating EA standards and best practices in their day-to-day activities.
  • EA is NOT all about cost-reduction: Most of the enterprises will look at EA from cost savings perspective that puts lot of pressure on IT to show some immediate benefits in terms of savings. With this kind of pressure, EA will get off track and be seen as more of a tactical initiative rather than strategic. Enterprises should start looking at EA more from Business-IT alignment, agility, innovation etc. which are strategic in nature along with cost savings.
  • EA is NOT one-man show: Enterprise Architecture is neither a CIO job or CFO or any CXO. It’s everybody’s job within an enterprise. During the EA strategy definition phase, probably more leadership involvement is needed and at EA implementation stage all the stakeholders will have a role to play and contribute one way or another.
  • EA is all about communication: One of the common mistakes that most enterprises do during the EA program is the team will work in silos and build huge pile of documents without having proper communication sessions within enterprise. At a minimum, the EA team should spend 50% of efforts towards communicating EA artifacts with the team and successful medium is through meetings rather than sending over emails or website.
  • Measure EA: During the initial stages of an EA program, the team should define measuring criteria/factors of EA (for ex: customer satisfaction, time to market, agility, cost savings, standardization, resources skills, trainings/certification etc.). Without these factors defined, EA will end up in ad-hoc planning which leads to chaos and frustrates leadership.
  • Adoption of Latest Technology Trends on EA: Traditional EA is more of the “Ivory Tower” approach which is modeled as framework-centered and tool-driven. Most of the EA function is technology-centric and defined as a one-time initiative. Application built on Traditional EA principles are business-constraint before they are completed. The Next Generation Enterprise Architecture (NGEA) is business-centric, global, agile, continuous and social digital network. Also, the organizations adopt latest digital capabilities like social web, SOA, big data analytics, omni channel customer management, cloud computing, virtualization, Internet of Things and so on. These technologies are interrelated and fit together to define Next Generation Enterprise Architecture for an organization.

The vision of an enterprise is shifting from Traditional EA to Digital Architecture which addresses Networked Community Capabilities (interacting with users through social media), globalization (Borderless Enterprise), innovation of products and services (open, closed & virtual innovation), collaboration (enable employees in decision-making, location flexibility, schedule flexibility), flexibility (flexibility to choose the technologies, infrastructure, applications).

The following diagram shows the Next Generation EA Model.

EA2

  • Network-centric enterprise: Online communities, workforce (network/social collaboration), business partners, customers and the marketplace
  • Enterprise resources: Teams, project-centric, process-based work conducted by communities
  • Business partners: Strategic partners and suppliers can be engaged together in operations
  • Customers: Customer care communities
  • Outside enterprise: Regulators, influencers, crowdsourcing participants, software developers and other interested parties
  • Third party vendors: Packaged vendors like SAP, Oracle ERP etc.
  • New channels: Web, mobile devices, Social business environments (communities of all functional types and audiences) and CRM

Conclusions

This article attempts to demonstrate practical views of an Enterprise Architect in improving the success rate of EA across the organizations. There is no hard and fast rule that enterprises should adopt to one particular framework or standard or approach. They can choose to adopt any industry specific framework, however it can be customized as per the needs of the enterprise. It does not force fit EA programs to any industry framework. The deliverables of EA should integrate with business planning, focus on business architecture and defining/streamlining business outcome metrics.

EA program definition should not span for years. It should deliver business value in months or weeks. Also, the program output should be actionable. Always measure impact but not activity.

Apart from these steps, enterprise should think about following other key aspects like:

  • Should have strong leadership commitments
  • Not always as-Is instead it can start with defining future state
  • Start with the highest-priority business outcomes

Use the right diagnostic tools — EAs must have a broad set of tools to choose from:

  • Ensure the program outputs are actionable
  • Measure impact, not activity
  • Adopt Next Generation Enterprise Architecture patterns
  • Socialize, listen, crowd source and be transparent
  • Do not re-architect legacy systems for the sake of re-architecting: most old systems should be wrapped, then replaced
  • Prepare to measure degree of success before starting on with the new architecture initiative
  • Do not over-design your systems of innovation or under-design the systems of differentiation or record

References

1.http://www.opengroup.org/architecture/togaf7-doc/arch/p4/comp/comp.htm

Acknowledgements

The authors would like to thank Hari Kishan Burle, Raju Alluri of Architecture Group of Wipro Technologies for giving us the required time and support in many ways in bringing this article as part of Enterprise Architecture Practice efforts.

Authors

PalliPrasad Palli is a Practice Partner in the Enterprise Architecture division of Wipro. He has a total of 17 years of IT experience. He can be reached at prasad.palli@wipro.com

 

BeharaDr. Gopala Krishna Behara is a Senior Enterprise Architect in the Enterprise Architecture division of Wipro. He has a total of 18 years of IT experience. He can be reached at gopalkrishna.behra@wipro.com

 

Disclaimer

The views expressed in this article/presentation are that of authors and Wipro does not subscribe to the substance, veracity or truthfulness of the said opinion.

1 Comment

Filed under Enterprise Architecture, Enterprise Transformation, Governance, IT, Standards

Now is the Time for Third Generation Enterprise Architecture Methods

By Erwin Oord, Principal Consultant Enterprise Architecture and Managing Partner at Netherlands-based ArchiXL Consultancy

Common methods for Enterprise Architecture used at present have been around for ages already. Although these methods have made a strong contribution to the development of the architecture discipline, they have reached the limits of their abilities. It is time to make a leap forward and for that we need a new generation of architecture methods. What characterizes architecture methods of this new generation?

Architects currently working with methods like TOGAF®, an Open Group standard, DYA or IAF might not realize it, but these methods stem from the early days of the architecture discipline. DYA originated in 2001 and the first version of TOGAF dates back to even 1995! Of course, these architecture methods are not dinosaurs that forgot to extinct. TOGAF produces new versions that are the result of lively discussion at The Open Group.

But an architecture method is like a car model. With annual facelifts you can adjust to the latest fashion, but you cannot hide the fact that the basic product reflects the spirit of the time in which it was developed. Car models, including those of the better car brands, reach their end after a decade or so. The automotive industry is used to this and knows that this cycle requires high investments, but also brings new opportunities. Enterprise Architecture is no different!

Let’s take a look back in history. The notion of Enterprise Architecture emerged in the mid-eighties. In that period, people like Zachman discovered that systems development models together create a coherent view on the enterprise. Thus arose the first architectural frameworks. This is the first generation of architecture methods, although a “method” was barely recognized.

The need for a repeatable process to develop and use architecture models emerged in the nineties. This is the time when the famous TOGAF Architecture Development Method came about, later followed by the concept of the strategic dialogue in DYA. This process-oriented approach to Enterprise Architecture was a great leap forward. We can therefore speak of a second generation of architecture methods.

A shocking discovery is that since then not much more has happened. Of course, methods have evolved with the addition of reference models and techniques for creating models. The underlying content frames have improved, now including architectural principles and implementation aspects. But all this is merely facelifting. We are still working with basic designs dating back more than a decade.

In order to make a leap forward again, we must escape the current process orientation. Instead of focusing on a fixed process to develop and use architecture, we must focus on the results of architecture. But that is only possible when we realize architecture is not a process in itself but an aspect of the overall change process in an organization. After all, governments and companies are constantly changing. An architecture method should therefore not be self-contained, but should be fully integrated in the change process.

A third generation architecture method has no fixed processes but focuses on essential architecture tasks, and integrates these tasks in the change methodology used by the organization. It provides a limited set of clearly defined architectural products that can be used directly in the change process. And it recognizes clearly defined roles that, depending on the situation, can be assigned to the right stakeholders. And that is certainly not always the Enterprise Architect. The key of a third generation Enterprise Architecture method is not the method itself but the way it is integrated into the organization.

OordErwin Oord, Principal Consultant Enterprise Architecture and Managing Partner at Netherlands based ArchiXL consultancy, has a rich experience in applying and customising Enterprise Architecture methods in both public sector and business organisations. Being co-author of a successful (Dutch) guide on selecting appropriate architecture methods, he is frequently asked for setting up an architecture practice or advancing architecture maturity stages in organisations. In his assignments, he focuses on effective integration of architecture with business and organisation change management.

6 Comments

Filed under Enterprise Architecture, Standards, TOGAF®, Uncategorized

Using The Open Group Standards – O-ISM3 with TOGAF®

By Jose Salamanca, UST Global, and Vicente Aceituno, Inovement

In order to prevent duplication of work and maximize the value provided by the Enterprise Architecture and Information Security discipline, it is necessary to find ways to communicate and take advantage from each other’s work. We have been examining the relationship between O-ISM3 and TOGAF®, both Open Group standards, and have found that, terminology differences aside, there are quite a number of ways to use these two standards together. We’d like to share our findings with The Open Group’s audience of Enterprise Architects, IT professionals, and Security Architects in this article.

Any ISMS manager needs to understand what the Security needs of the business are, how IT can cater for these needs, and how Information Security can contribute the most with the least amount of resources possible. Conversely, Enterprise Architects are challenged to build Security into the architectures deployed in the business in such a way that Security operations may be managed effectively.

There are parts of Enterprise Architecture that make the process of understanding the dependencies between the business and IT pretty straightforward. For example:

  • The TOGAF® 9 document “Business Principles – Goals – Drivers” will help inform the O-ISM3 practitioner what the business is about, in other words, what needs to be protected.
  • The TOGAF 9 document – Architecture Definition contains the Application, Technology and Data Domains, and the Business Domain. As a TOGAF service is a subdivision of an application used by one or several business functions, the O-ISM3 practitioner will be able to understand the needs of the business, developed and expressed as O-ISM3 Security objectives and Security targets, by interviewing the business process owners (found in the TOGAF Architecture Definition).
  • To determine how prepared applications are to meet those Security objectives and Security targets the O-ISM3 practitioner can interview the owner (found in the TOGAF Application Portfolio Catalog) of each application.
  • To check the location of the Components (parts of the application from the point of view of IT), which can have licensing and privacy protection implications, the O-ISM3 practitioner can interview the data owners (found in the TOGAF Architecture Definition) of each application.
  • To check the different Roles of use of an application, which will direct how access control is designed and operated, the O-ISM3 practitioner can interview the business process owners (found in the TOGAF Architecture Definition).
  • To understand how Components depend on each other, which has broad reaching implications in Security and business continuity, the O-ISM3 practitioner can examine the TOGAF Logical Application Components Map.

TOGAF practitioners can find Security constraints, which are equivalent to O-ISM3 Security Objectives (documented in “TOGAF 9 Architecture Vision” and “Data Landscape”) in the documents TSP-031 Information Security Targets and TSP-032 Information Requirements and Classification.

The Application Portfolio artifact in TOGAF is especially suitable to document the way applications are categorized from the point of view of security. The categorization enables prioritizing how they are protected.

The Security requirements which are created in O-ISM3, namely Security objectives and Security targets, should be included in the document “Requirements TOGAF 9 Template – Architecture Requirements Specification”, which contains all the requirements, constraints, and assumptions.

What are your views and experiences of aligning your ISMS + Enterprise Architecture methods? We’d love to hear your thoughts.

 

JMSalamanca photoJosé Salamanca is Regional Head of Solutions & Services at UST Global Spain. Certified in TOGAF9®, Project Management Professional (PMP®), and EFQM®. Jose also holds a MBA Executive by the Business European School (Spain) and achieved his BSc. at Universidad Complutense of Madrid. He is Vice President of the Association of Enterprise Architects Spanish chapter and Master Teacher at Universidad de Antonio de Nebrija of Madrid. José has built his professional career with repeated successes in Europe and the Middle East.

 

 

JulioVicente Aceituno is Principal author of O-ISM3, an experienced Information Security Manager and Consultant with broad experience in outsourcing of security services and research. His focus is information security outsourcing, management and related fields like metrics and certification of ISMS. Vicente is President of the Spanish chapter of the Information Security Systems Association; Member of The Open Group Security Forum Steering Committee; Secretary of the Spanish Chapter of the Association of Enterprise Architects; ISMS Forum Member.

Leave a comment

Filed under Enterprise Architecture, Enterprise Transformation, Information security, Security, Security Architecture, Standards, TOGAF®, Uncategorized