Category Archives: Uncategorized

Putting Information Technology at the Heart of the Business: The Open Group San Diego 2015

By The Open Group

The Open Group is hosting the “Enabling Boundaryless Information Flow™” event February 2 – 5, 2015 in San Diego, CA at the Westin San Diego Gaslamp Quarter. The event is set to focus on the changing role of IT within the enterprise and how new IT trends are empowering improvements in businesses and facilitating Enterprise Transformation. Key themes include Dependability through Assuredness™ (The Cybersecurity Connection) and The Synergy of Enterprise Architecture Frameworks. Particular attention throughout the event will be paid to the need for continued development of an open TOGAF® Architecture Development Method and its importance and value to the wider business architecture community. The goal of Boundaryless Information Flow will be featured prominently in a number of tracks throughout the event.

Key objectives for this year’s event include:

  • Explore how Cybersecurity and dependability issues are threatening business enterprises and critical infrastructure from an integrity and a Security perspective
  • Show the need for Boundaryless Information Flow™, which would result in more interoperable, real-time business processes throughout all business ecosystems
  • Outline current challenges in securing the Internet of Things, and about work ongoing in the Security Forum and elsewhere that will help to address the issues
  • Reinforce the importance of architecture methodologies to assure your enterprise is transforming its approach along with the ever-changing threat landscape
  • Discuss the key drivers and enablers of social business technologies in large organizations which play an important role in the co-creation of business value, and discuss the key building blocks of social business transformation program

Plenary speakers at the event include:

  • Chris Forde, General Manager, Asia Pacific Region & VP, Enterprise Architecture, The Open Group
  • John A. Zachman, Founder & Chairman, Zachman International, and Executive Director of FEAC Institute

Full details on the range of track speakers at the event can be found here, with the following (among many others) contributing:

  • Dawn C. Meyerriecks, Deputy Director for Science and Technology, CIA
  • Charles Betz, Founder, Digital Management Academy
  • Leonard Fehskens. Chief Editor, Journal of Enterprise Architecture, AEA

Registration for The Open Group San Diego 2015 is open and available to members and non-members. Please register here.

Join the conversation via Twitter – @theopengroup #ogSAN

 

17 Comments

Filed under Boundaryless Information Flow™, Dependability through Assuredness™, Internet of Things, Professional Development, Security, Standards, TOGAF®, Uncategorized

Open FAIR Certification for People Program

By Jim Hietala, VP Security, and Andrew Josey, Director of Standards, The Open Group

In this, the final installment of this Open FAIR blog series, we will look at the Open FAIR Certification for People program.

In early 2012, The Open Group Security Forum began exploring the idea of creating a certification program for Risk Analysts. Discussions with large enterprises regarding their risk analysis programs led us to the conclusion that there was a need for a professional certification program for Risk Analysts. In addition, Risk Analyst professionals and Open FAIR practitioners expressed interest in a certification program. Security and risk training organizations also expressed interest in providing training courses based upon the Open FAIR standards and Body of Knowledge.

The Open FAIR People Certification Program was designed to meet the requirements of employers and risk professionals. The certification program is a knowledge-based certification, testing candidates knowledge of the two standards, O-RA, and O-RT. Candidates are free to acquire their knowledge through self-study, or to take a course from an accredited training organization. The program currently has a single level (Foundation), with a more advanced certification level (Certified) planned for 2015.

Several resources are available from The Open Group to assist Risk Analysts preparing to sit for the exam, including the following:

  • Open FAIR Pocket Guide
  • Open FAIR Study Guide
  • Risk Taxonomy (O-RT), Version 2.0 (C13K, October 2013) defines a taxonomy for the factors that drive information security risk – Factor Analysis of Information Risk (FAIR).
  • Risk Analysis (O-RA) (C13G, October 2013) describes process aspects associated with performing effective risk analysis.

All of these can be downloaded from The Open Group publications catalog at http://www.opengroup.org/bookstore/catalog.

For training organizations, The Open Group accredits organizations wishing to offer training courses on Open FAIR. Testing of candidates is offered through Prometric test centers worldwide.

For more information on Open FAIR certification or accreditation, please contact us at: openfair-cert-auth@opengroup.org

By Jim Hietala and Andrew JoseyJim Hietala, CISSP, GSEC, is the Vice President, Security for The Open Group, where he manages all IT Security, Risk Management and Healthcare programs and standards activities. He participates in the SANS Analyst/Expert program and has also published numerous articles on Information Security, Risk Management, and compliance topics in publications including The ISSA Journal, Bank Accounting & Finance, Risk Factor, SC Magazine, and others.

 

By Andrew JoseyAndrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate® 2.0, IEEE Std 1003.1-2008 (POSIX), and the core specifications of the Single UNIX® Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

 

 

 

Leave a comment

Filed under Accreditations, Certifications, Cybersecurity, Enterprise Architecture, Information security, Open FAIR Certification, Professional Development, RISK Management, Security, Uncategorized

The Onion From The Inside Out

By Stuart Boardman, Senior Business Consultant, Business & IT Advisory, KPN Consulting and Ed Harrington, Senior Consulting Associate, Conexiam

The Open Group Open Platform 3.0™ (OP3.0) services often involve a complex network of interdependent parties[1]. Each party has its own concept of the value it expects from the service. One consequence of this is that each party depends on the value other parties place on the service. If it’s not core business for one of them, its availability and reliability could be in doubt. So the others need to be aware of this and have some idea of how much that matters to them.

In a previous post, we used the analogy of an onion to model various degrees of relationship between parties. At a high level the onion looks like this:

By Stuart Boardman, KPN“Onion”

Every player has their own version of this onion. Every player’s own perspective is from the middle of it. The complete set of players will be distributed across different layers of the onion depending on whose onion we are looking at.

In a short series of blogs, we’re going to use a concrete use-case to explore what various players’ onions look like. To understand that onion involves working from the middle out. We all know that you can’t peel an onion starting in the middle, so let’s not get hung up on the metaphor. It’s only useful in as far as it fits with our real business objective. In this case the objective is to have the best possible chance of understanding and then realizing the potential value of a service.

Defining and Realizing Value

Earlier this year, The Open Group published a set of Open Platform 3.0 use cases. One of these use cases (#15) considers the energy market ecosystem involved in smart charging of electric vehicles. The players in this use case include:

  • The Vehicle User
  • Supplier/Charging Operator(s)
  • Distribution Service Operator (DSO).
  • Electricity Bulk Generators
  • Transmission (National Grid) Operator
  • Local Government

By Stuart Boardman, KPN

The use case describes a scenario involving these players:

A local controller (a device – known in OP3.0 as part of the Internet of Things) controls one or more charging stations. The Charging Operator informs the vehicle (and possibly the Vehicle User) via the local controller how much capacity is available to it. If the battery is nearly full the vehicle can inform the local controller that it needs less capacity and this capacity can then be made available to other vehicles at other charging stations.

The Charging Operator determines the capacity to be made available on the basis of information provided by the DSO (maximum allowable capacity at that time), possibly combined with commercial information (e.g., current spot prices, predicted trends, flexibility agreements with vehicle-owners/customers where applicable). The DSO has predicted available capacity on the basis of currently predicted weather conditions and long-term usage patterns in the relevant area. The DSO is able to adapt to unexpected changes in real-time and restrict or increase the locally available capacity.

Value For The Various Parties

The Vehicle User

For the sake of making it interesting let’s say that the vehicle user is a taxi driver. For her, the value is primarily in being able to charge the vehicle at a convenient time, place, speed and cost. But the perception of what constitutes value in those categories may vary depending on whether she uses a public charging station or charges at home. In either case the service she uses is focused on the Supplier/Charging operator, because that is who she pays for the service. The bill includes generic DSO costs but the customer has no direct relationship with a DSO and is only really aware of them when maintenance is carried out. Factors like convenient time and place may bring Local Government into the picture, because they are often the party who make parking spaces for electric vehicles available.

By Stuart Boardman, KPN“The Taxi Driver’s Onion”

Local Government

Local government is then also responsible for policing the proper use of these spaces. The importance assigned by local government to making these facilities available is a question of policy balanced by cost/gain (licenses and parking fees). Policy is influenced by the economy, by the convictions of the councilors, by lobbyists (especially those connected with the DSO, Bulk Generators and Transmission Operators), by innovation and natural resources and by the attitude of the public towards electric vehicles, which in turn may be influenced by national government policy. In some countries (e.g. The Netherlands) there are tax incentives for the acquisition of electric cars. If this policy changes in a country, the number of electric vehicles could increase or decrease dramatically. Local government has a dependency on and formal relationship with the Supplier that manages the Charging Stations. The relationship with the DSO is indirect unless they have been partners in an initiative to promote electric vehicles.

 By Stuart Boardman, KPN “Local Government’s Onion”

The Distribution Service OperatorBy Stuart Boardman, KPN

Value for the DSO involves balancing its regulatory obligation to provide continuity of energy supply with the cost of investment to achieve that and with the public perception of the value of that service. The DSO also gains value in terms of reputation from investing in innovation and energy saving. That value is expressed in its own long-term future as an enterprise. The DSO, being very much the hub in this use case, is dependent on the Supplier and the Vehicle User (with the vehicle’s battery as proxy) to provide the information needed to ensure continuity – and of course on the Transmission Operator the Bulk Generators to provide power. It does not, however, have any direct relationship with any Bulk Generator or even necessarily know who they are or where they are located.

 

By Stuart Boardman, KPN“The Distribution Service Operator’s Onion”

The Bulk Generator

The Bulk Generator has no direct involvement in this use case but has an indirect dependency on anything affecting the level of usage of electricity, as this affects the market price and long-term future of its product. So there is generic value (or anti-value) in the use case if it is widely implemented.

To be continued…

Those were the basics of the approach. There’s a lot more to be done before you can say you have a grip on value realization in such a scenario.

In the next blog, we’ll dive deeper into the use case, identify other relevant stakeholders and look at other dependencies that may influence value across the chain.

[1] Open Platform 3.0 refers to this as a “wider business ecosystem”. In fact such ecosystems exist for all kinds of services. We just happen to be focusing on this kind of service.

By Stuart Boardman, KPNStuart Boardman is a Senior Business Consultant with KPN Consulting where he leads the Enterprise Architecture practice and consults to clients on Cloud Computing, Enterprise Mobility and The Internet of Everything. He is Co-Chair of The Open Group Open Platform 3.0™ Forum and was Co-Chair of the Cloud Computing Work Group’s Security for the Cloud and SOA project and a founding member of both The Open Group Cloud Computing Work Group and The Open Group SOA Work Group. Stuart is the author of publications by KPN, the Information Security Platform (PvIB) in The Netherlands and of his previous employer, CGI as well as several Open Group white papers, guides and standards. He is a frequent speaker at conferences on the topics of Open Platform 3.0 and Identity.

harrington_ed_0Ed Harrington is a Senior Consulting Associate with Conexiam, a Calgary, Canada headquartered consultancy. He also heads his own consultancy, EPH Associates. Prior positions include Principle Consultant with Architecting the Enterprise where he provided TOGAF and other Enterprise Architecture (EA) discipline training and consultancy; EVP and COO for Model Driven Solutions, an EA, SOA and Model Driven Architecture Consulting and Software Development company; various positions for two UK based companies, Nexor and ICL and 18 years at General Electric in various marketing and financial management positions. Ed has been an active member of The Open Group since 2000 when the EMA became part of The Open Group and is past chair of various Open Group Forums (including past Vice Chair of the Architecture Forum). Ed is TOGAF® 9 certified.

6 Comments

Filed under Business Architecture, Interoperability, Open Platform 3.0, Service Oriented Architecture, Strategy, Uncategorized

Using the Open FAIR Body of Knowledge with Other Open Group Standards

By Jim Hietala, VP Security, and Andrew Josey, Director of Standards, The Open Group

This is the third in our four part blog series introducing the Open FAIR Body of Knowledge. In this blog, we look at how the Open FAIR Body of Knowledge can be used with other Open Group standards.

The Open FAIR Body of Knowledge provides a model with which to decompose, analyze, and measure risk. Risk analysis and management is a horizontal enterprise capability that is common to many aspects of running a business. Risk management in most organizations exists at a high level as Enterprise Risk Management, and it exists in specialized parts of the business such as project risk management and IT security risk management. Because the proper analysis of risk is a fundamental requirement for different areas of Enterprise Architecture (EA), and for IT system operation, the Open FAIR Body of Knowledge can be used to support several other Open Group standards and frameworks.

The TOGAF® Framework

In the TOGAF 9.1 standard, Risk Management is described in Part III: ADM Guidelines and Techniques. Open FAIR can be used to help improve the measurement of various types of Risk, including IT Security Risk, Project Risk, Operational Risk, and other forms of Risk. Open FAIR can help to improve architecture governance through improved, consistent risk analysis and better Risk Management. Risk Management is described in the TOGAF framework as a necessary capability in building an EA practice. Use of the Open FAIR Body of Knowledge as part of an EA risk management capability will help to produce risk analysis results that are accurate and defensible, and that are more easily communicated to senior management and to stakeholders.

O-ISM3

The Open Information Security Management Maturity Model (O-ISM3) is a process-oriented approach to building an Information Security Management System (ISMS). Risk Management as a business function exists to identify risk to the organization, and in the context of O-ISM3, information security risk. Open FAIR complements the implementation of an O-ISM3-based ISMS by providing more accurate analysis of risk, which the ISMS can then be designed to address.

O-ESA

The Open Enterprise Security Architecture (O-ESA) from The Open Group describes a framework and template for policy-driven security architecture. O-ESA (in Sections 2.2 and 3.5.2) describes risk management as a governance principle in developing an enterprise security architecture. Open FAIR supports the objectives described in O-ESA by providing a consistent taxonomy for decomposing and measuring risk. Open FAIR can also be used to evaluate the cost and benefit, in terms of risk reduction, of various potential mitigating security controls.

O-TTPS

The O-TTPS standard, developed by The Open Group Trusted Technology Forum, provides a set of guidelines, recommendations, and requirements that help assure against maliciously tainted and counterfeit products throughout commercial off-the-shelf (COTS) information and communication technology (ICT) product lifecycles. The O-TTPS standard includes requirements to manage risk in the supply chain (SC_RSM). Specific requirements in the Risk Management section of O-TTPS include identifying, assessing, and prioritizing risk from the supply chain. The use of the Open FAIR taxonomy and risk analysis method can improve these areas of risk management.

The ArchiMate® Modeling Language

The ArchiMate modeling language, as described in the ArchiMate Specification, can be used to model Enterprise Architectures. The ArchiMate Forum is also considering extensions to the ArchiMate language to include modeling security and risk. Basing this risk modeling on the Risk Taxonomy (O-RT) standard will help to ensure that the relationships between the elements that create risk are consistently understood and applied to enterprise security and risk models.

O-DA

The O-DA standard ((Dependability Through Assuredness), developed by The Open Group Real-time and Embedded Systems Forum, provides the framework needed to create dependable system architectures. The requirements process used in O-DA requires that risk be analyzed before developing dependability requirements. Open FAIR can help to create a solid risk analysis upon which to build dependability requirements.

In the final installment of this blog series, we will look at the Open FAIR certification for people program.

The Open FAIR Body of Knowledge consists of the following Open Group standards:

  • Risk Taxonomy (O-RT), Version 2.0 (C13K, October 2013) defines a taxonomy for the factors that drive information security risk – Factor Analysis of Information Risk (FAIR).
  • Risk Analysis (O-RA) (C13G, October 2013) describes process aspects associated with performing effective risk analysis.

These can be downloaded from The Open Group publications catalog at http://www.opengroup.org/bookstore/catalog.

Our other publications include a Pocket Guide and a Certification Study Guide.

By Jim Hietala and Andrew JoseyJim Hietala, CISSP, GSEC, is the Vice President, Security for The Open Group, where he manages all IT Security, Risk Management and Healthcare programs and standards activities. He participates in the SANS Analyst/Expert program and has also published numerous articles on Information Security, Risk Management, and compliance topics in publications including The ISSA Journal, Bank Accounting & Finance, Risk Factor, SC Magazine, and others.

 

By Andrew JoseyAndrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate® 2.1, IEEE Std 1003.1,2013 edition (POSIX), and the core specifications of the Single UNIX® Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

 

Leave a comment

Filed under ArchiMate®, Cybersecurity, Enterprise Architecture, O-TTF, O-TTPS, OTTF, real-time and embedded systems, RISK Management, Security, Standards, TOGAF®, Uncategorized

The Business of Managing IT: The Open Group IT4IT™ Forum

By The Open Group

At The Open Group London 2014 event in October, the launch of The Open Group IT4IT™ Forum was announced. The goal of the new Forum is to create a Reference Architecture and standard that will allow IT departments to take a more holistic approach to managing the business of IT with continuous insight and control, enabling Boundaryless Information Flow™ across the IT Value Chain.

We recently spoke to Forum member Charlie Betz, Founder, Digital Management Academy, LLC, about the new Forum, its origins and why it’s time for IT to be managed as if it were a business in itself.

As IT has become more central to organizations, its role has changed drastically from the days when companies had one large mainframe or just a few PCs. For many organizations today, particularly large enterprises, IT is becoming a business within the business.

The problem with most IT departments, though, is that IT has never really been run as if it was a business.

In order for IT to better cope with rapid technological change and become more efficient at transitioning to the service-based model that most businesses today require, IT departments need guidance as to how the business of IT can be run. What’s at stake are things such as how to better manage IT at scale, how to understand IT as a value chain in its own right and how organizations can get better visibility into the vast amount of economic activity that’s currently characterized in organizations through technology.

The Open Group’s latest Forum aims to do just that.

The Case for IT Management

In the age of digital transformation, IT has become an integral part of how business is done. So says Charlie Betz, one of the founding members of the IT4IT Forum. From the software in your car to the supply chain that brings you your bananas, IT has become an irreplaceable component of how things work.

Quoting industry luminary Marc Andreessen, Betz says “software is eating the world.” Similarly, Betz says, IT management is actually beginning to eat management, too. Although this might seem laughable, we have become increasingly dependent on computing systems in our everyday lives. With that dependence comes significant concerns about the complexity of those systems and the potential they carry for chaotic behaviors. Therefore, he says, as technology becomes pervasive, how IT is managed will increasingly dictate how businesses are managed.

“If IT is increasing in its proportion of all product management, and all markets are increasingly dependent on managing IT, then understanding pure IT management becomes critically important not just for IT but for all business management,” Betz says.

According to Betz, the conversation about running the business of IT has been going on in the industry for a number of years under the guise of ideas such as “enterprise resource planning for IT” and the like. Ultimately, though, Betz says managing IT comes down to determining what IT’s value chain is and how to deliver on it.

By The Open GroupBetz compares modern IT departments to atoms, cells and bits where atoms represent hardware, including servers, data centers and networks; cells represent people; and bits are represented by software. In this analogy, these three things comprise the fundamental resources that an IT department manages. When reduced to economic terms, Betz says, what is currently lacking in most IT departments is a sense of how much things are worth, what the total costs are for acquisition and maintenance for capabilities and the supply and demand dynamics for IT services.

For example, in traditional IT management, workloads are defined by projects, tickets and also a middle ground characterized by work that is smaller than a project and larger than a ticket, Betz says. Often IT departments lack an understanding of how the three relate to each other and how they affect resources—particularly in the form of people—which becomes problematic because there is no holistic view of what the department is doing. Without that aggregate view, management is not only difficult but nearly impossible.

Betz says that to get a grasp on the whole, IT needs to take a cue from the lean management movement and first understand where the work originates and what it’s nature is so activities and processes don’t continue to proliferate without being managed.

Betz believes part of the reason IT has not better managed itself to date is because the level of complexity within IT has grown so quickly. He likens it to the frog in the boiling water metaphor—if the heat is turned up incrementally, the frog doesn’t know what’s hit him until it’s too late.

“Back when you had one computer it just wasn’t a concern,” he said. “You had very few systems that you were automating. It’s not that way nowadays. You have thousands of them. The application portfolio in major enterprises—depending on how you count applications, which is not an easy question in and of itself—the range is between 5000-10,000 applications. One hundred thousand servers is not unheard of. These are massive numbers, and the complexity is unimaginable. The potential for emergent chaotic behavior is unprecedented in human technological development.”

Betz believes the reason there is a perception that IT is poorly managed is also because it’s at the cutting-edge of every management question in business today. And because no one has ever dealt with systems and issues this complex before, it’s difficult to get a handle on them. Which is why the time for creating a framework for how IT can be managed has come.

IT4IT

The IT4IT Forum grew out of a joint initiative that was originally undertaken by Royal Dutch Shell and HP. Begun as a high-level user group within HP, companies such as Accenture, Achmea, Munich RE and PwC have also been integral in pulling together the initial work that has been provided to The Open Group to create the Forum. As the group began to develop a framework, it was clear that what they were developing needed to become an open standard, Betz says, so the group turned to The Open Group.

“It was pretty clear that The Open Group was the best fit for this,” he says. “There was clearly recognition and understanding on the part of The Open Group senior staff that this was a huge opportunity. They were very positive about it from the get-go.”

Currently in development, the IT4IT standard will provide guidance and specifications for how IT departments can provide consistent end-to-end service across the IT Value Chain and lifecycle. The IT Value Chain is meant to provide a model for managing the IT services life cycle and for how those service can be brokered with enterprises. By providing the IT similar level functionality as other critical business functions (such as finance or HR), IT is enabled to achieve better levels of predictability and efficiency.

By The Open Group

Betz says developing a Reference Architecture for IT4IT will be helpful for IT departments because it will provide a tested model for departments to begin the process of better management. And having that model be created by a vendor-neutral consortium helps provide credibility for users because no one company is profiting from it.

“It’s the community telling itself a story of what it wants to be,” he said.

The Reference Architecture will not only include prescriptive methods for how to design, procure and implement the functionality necessary to better manage IT departments but will also include real-world use cases related to current industry trends such as Cloud-sourcing, Agile, Dev-Ops and service brokering. As an open standard, it will also be designed to work with existing industry standards that IT departments may already be using including ITIL®, CoBIT®, SAFe® and TOGAF®, an Open Group standard.

With almost 200 pages of material already developed toward a standard, Betz says the Forum released its initial Snapshot for the standard available in late November. From there the Forum will need to decide which sections should be included as normative parts for the standard. The hope is to have the first version of the IT4IT Reference Architecture standard available next summer, Betz says.

For more on The Open Group IT4IT Forum or to become a member, please visit http://www.opengroup.org/IT4IT.

 

Leave a comment

Filed under architecture, IT, IT4IT, Standards, Uncategorized, Value Chain

The Open Group ArchiMate® Model File Exchange Format

By The Open Group

The Open Group ArchiMate Forum has released a snapshot of its ArchiMate® Model Exchange File Format. This aims to address the challenge of portability of models between tools.

Following is a Q&A with Andrew Josey, Phil Beauvoir and Frans Faase, members of the project team, to find out more.

Q.  What is The Open Group ArchiMate Model Exchange File Format?

A.  It is a specification of a standard file format for the exchange of ArchiMate models between different tools.

Q.  Why is it provided as a Snapshot release?

A.  The Snapshot makes public the direction and thinking the project is taking in the development of a standard file format supporting exchange of ArchiMate models between tools. We’re looking for feedback and guidance from the community at this stage.

Q.  When do you need feedback by and how should it be provided?

A.  Comments can be sent by email to ogspecs-snapshot-feedback-AT-opengroup.org no later than January 12, 2015.

Q.  What is addressed in the Snapshot release?

A.  The project is being implemented as two phases:

  •     Phase 1 includes the core exchange format.
  •     Phase 2 includes in addition the visual layout.

This Snapshot describes Phase 1 only, and excludes the detailed visual layout, which will be included in Phase 2.

Q.  Do you intend the format as a persistent file format for an ArchiMate model?

A.  No, The exchange file format is not intended as a persistent file format for the model itself, it is a mechanism to convey instance data from one tool to another (a simple analogy would be the csv file format for exchange of spreadsheet information). The data contained in the exchange file format is meant to be processed by an “ArchiMate aware” tool, thus ruling out standalone semantic inference. Once the instance data has been imported into an ArchiMate tool, that tool will probably save it in its own proprietary file format.

Q.  Where can I obtain the Snapshot release?

A.  The Snapshot can be obtained from The Open Group publications catalog.

https://www2.opengroup.org/ogsys/catalog/S142

Q.  What is provided with the Snapshot release?

A.  The deliverables included with this Snapshot are as follows:

  • Open Group Snapshot, ArchiMate® Model Exchange File Format
  • Schema Documentation for the ArchiMate® 2.1 XML/XML Schema Definition (XSD) Binding
  • A ZIP file containing: the XSD Schema file, an example Extended XSD Schema file, and example models in the exchange file format

Q.  What example models are provided with the Snapshot?

A.  The ArchiSurance and ArchiMetal case studies are provided, as is a Testall.xml model that can be used for interoperability testing.

Q.  Are all the elements defined in Exchange File Format mandatory?

A.  There are only two mandatory elements:

  • The main “model” tag itself with associated namespace declarations
  • Elements in the “elements” tag (with type and ID)

Everything else is optional. Of course, a minimal file containing only these two things would probably be unlikely, but it could be the case that there are no relationships in the model.

The following items are optional:

  • Metadata
  • Organization
  • The xml:lang=”xx” attribute

They are provided because they may be of use to the sender/receiver, but they don’t have to be there. For example, with the Organization element, this may be useful if the tool sending or receiving would like to know how the elements/relations are organised in folders for example, but not every tool might support that and could happily ignore it.

Similarly, not every tool supports multi-language so there is need to use the xml:lang=”xx” attribute. The example XML files provided with the Snapshot are more of a showcase of all the elements.

Q.  I am a tool provider, how can I get involved?

A.  You can get involved by joining The Open Group ArchiMate Forum, email archimate-forum-AT-opengroup.org

Q.  Are there interoperability tests with other tools suppliers?

A.  Yes, these are ongoing within the project within The Open Group ArchiMate Forum.

Q.  I have suggestions for improvement to the exchange file format, where do I send them?

A.  Please send comments by email to ogspecs-snapshot-feedback-AT-opengroup.org no later than January 12, 2015

Q.  I have suggestions for the Phase 2 visual layout, where do I send them?

A.  Please send comments by email to ogspecs-snapshot-feedback-AT-opengroup.org no later than January 12, 2015

By Andrew JoseyAndrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate® 2.1, IEEE Std 1003.1,2013 edition (POSIX), and the core specifications of the Single UNIX® Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

 

philbeauvoirPhil Beauvoir has been developing, writing, and speaking about software tools and development for over 25 years. He was Senior Researcher and Developer at Bangor University, and, later, the Institute for Educational Cybernetics at Bolton University, both in the UK. During this time he co-developed a peer-to-peer learning management and groupware system, a suite of software tools for authoring and delivery of standards-compliant learning objects and meta-data, and tooling to create IMS Learning Design compliant units of learning.  In 2010, working with the Institute for Educational Cybernetics, Phil created the open source ArchiMate Modelling Tool, Archi. Since 2013 he has been curating the development of Archi independently. Phil holds a degree in Medieval English and Anglo-Saxon Literature.

Frans FaaseFrans Faase is a senior software engineer who has been working with BiZZdesign since 2002. He got an M.Sc. degree in Computer Science from the University of Twente. At BiZZdesign he has been involved in designing the repository being used by BiZZdesign Architect, which implements the ArchiMate standard. He designed a locking mechanism that allows smooth cooperation between multiple users on a single model. He also worked on many import functions from other tools requiring reverse engineering, scanning, and parsing of used file formats. Many of these file formats are based on XML.

Comments Off

Filed under ArchiMate®, Certifications, Standards, Uncategorized

TOGAF® 9 Certification Growth

By Andrew Josey, The Open Group, Director of Standards

Number of individuals certified continues to increase over past 12 months – now 37,800

The number of individuals certified in the TOGAF® 9 certification program as of November 21, 2014 is 37,800. This represents over 10,000 new certifications in the past twelve-month period. TOGAF continues to be adopted globally with certified individuals from over 100 different countries.

The certifications for the period ending October 1, 2014 are shown in the figure below:

By Andrew Josey

The top five countries are UK, USA, Netherlands, India and Australia.

Individuals certified by Country – TOP 10 Countries – October 2014

Rank # Individuals Country Percentage
1 5350 UK 14.68%
2 4488 USA 12.32%
3 3056 Netherlands 8.39%
4 2835 India 7.78%
5 2264 Australia 6.21%
6 1641 Canada 4.5%
7 1305 France 3.58%
8 1272 South Africa 3.07%
9 1117 China 3.07%
10 984 Finland 2.7%

 

An interactive map showing detailed information on the number of certifications is available at http://www.togaf.info/togaf-visualmap.html

TOGAF Visual Heat map Oct 1 2014

There are over 50 accredited TOGAF 9 training course providers worldwide. More information on TOGAF 9 Certification, including the directory of Certified People and official accredited training course calendar, can be obtained from The Open Group website at: http://www.opengroup.org/togaf9/cert.

By Andrew JoseyAndrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate® 2.0, IEEE Std 1003.1-2008 (POSIX), and the core specifications of the Single UNIX® Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

 

 

 

 

 

1 Comment

Filed under Certifications, Standards, TOGAF, TOGAF®, Uncategorized