Tag Archives: business-IT alignment

Optimizing ISO/IEC 27001 Using O-ISM3

By Jim Hietala, The Open Group and Vicente Aceituno, Sistemas Informáticos Abiertos

The Open Group has just published a guide titled “Optimizing ISO/IEC 27001 using O-ISM3” that will be of interest to organizations using ISO27001/27002 as their Information Security Management System (ISMS).

By way of background, The Open Group published our Open Information Security Management Maturity Model last year, O-ISM3. O-ISM3 brings continuous improvement to information security management, and it provides a framework for security decision-making that is top down in nature, where security controls, security objectives and spending decisions are driven by (and aligned with) business objectives.

We have for some time now heard from information security managers that they would like a resource aimed at showing how the O-ISM3 standard could be used to manage information security alongside ISO27001/27002. This new guide provides specific guidance on this topic.

We view this as an important resource, for the following reasons:

  • O-ISM3 complements ISO27001/2 by adding the “how” dimension to information security management
  • O-ISM3 uses a process-oriented approach, defining inputs and outputs, and allowing for evaluation by process-specific metrics
  • O-ISM3 provides a framework for continuous improvement of information security processes

This resource:

  • Maps O-ISM3 and ISO27001 security objectives
  • Maps ISO27001/27002 controls and documents to O-ISM3 security processes, documents, and outputs
  • Provides a critical linkage between the controls-based approach found in ISO27001 to the process-based approach found in O-ISM3

If you have interest in information security management, we encourage you to have a look at Optimizing ISO/IEC 27001 using O-ISM3. The guide may be downloaded (at no cost, minimal registration required) here.

Jim Hietala, CISSP, GSEC, is the Vice President, Security for The Open Group, where he manages all IT security and risk management programs and standards activities. He participates in the SANS Analyst/Expert program and has also published numerous articles on information security, risk management, and compliance topics in publications including The ISSA Journal, Bank Accounting & Finance, Risk Factor, SC Magazine, and others.

Vicente Aceituno, CISA, has 20 years experience in the field of IT and Information Security. During his career in Spain and the UK, he has worked for companies like Coopers & Lybrand, BBC News, Everis, and SIA Group. He is the main author of the Information Security Management Method ISM3, author of the information security book “Seguridad de la Información,” Director of the ISM3 Consortium (www.ism3.com) and President of the Spanish chapter of the ISSA.

3 Comments

Filed under Cybersecurity, Information security, Security Architecture

Enterprise Architects and Paradigm Shifts

By Stuart Boardman, KPN

It’s interesting looking back at what people have written over the course of the year and seeing which themes appear regularly in their blogs. I thought I’d do the same with my own posts for The Open Group and see whether I could pull some of it together. I saw that the recurring themes for me have been dealing with uncertainty, the changing nature of the enterprise and the influence of information technology from outside the enterprise – and all of this in relation to the practice of enterprise architecture. I also explored the mutual influences these themes have on each other.

Unsurprisingly I’m not alone in picking up on these themes. At the risk of offending anyone I don’t mention, I note that Serge Thorn, Raghuraman Krishnamurthy and Len Fehskens have given their own perspectives on The Open Group’s Blog on some or all of these themes. And of course there’s plenty of writing on these themes going on in the blogosphere at large. In one sense I think writing about this is part of a process of trying to understand what’s going on in the world.

After some reflection, it seems to me that all of this converges in what tends to be called ”social business.” For better or worse, there is no fixed definition of the term. I would say it describes a way of working where, both within and across organizations, hierarchies and rules are being replaced by networks and collaboration. The concept of the enterprise in such a system is then definitively extended to include a whole ecosystem of customers and suppliers as well as investors and beneficiaries. Any one organization is just a part of the enterprise – a stakeholder. And of course the enterprise will look different dependent on the viewpoint of a particular stakeholder. That should be a familiar concept anyway for an enterprise architect. That one participant can be a stakeholder in multiple enterprises is not really new – it’s just something we now have no choice but to take into account.

Within any one organization, social business means that creativity and strategy development takes place at and across multiple levels. We can speak of networked, podular or fractal forms of organization. It also means a lot of other things with wider economic, social and political implications but that’s not my focus here.

Another important aspect is the relationship with newer developments in information and communication technology. We can’t separate social business from the technology which has helped it to develop and which in turn is stimulated by its existence and demands. I don’t mean any one technology and I won’t even insist on restricting it to information technology. But it’s clear that there is at least a high degree of synergy between newer IT developments and social business. In other words, the more an organization becomes a social business, the more its business will involve the use of information technology – not as a support function but as an essential part of how it does its business.  Moreover exactly this usage of IT is not and cannot be (entirely) under its own control.

A social business therefore demonstrates, in all aspects of the enterprise, fuzzy boundaries and a higher level of what I call entropy (uncertainty, rate of change, sensitivity to change). It means we need new ways of dealing with complexity, which fortunately is a topic a lot of people are looking at. It means that simplicity is not in every case a desirable goal and that, scary as it may seem, we may actually need to encourage entropy (in some places) in order to develop the agility to respond to change – effectively and without making any unnecessary long term assumptions.

So, if indeed the world is evolving to such a state, what can enterprise architects do to help their own organizations become successful social businesses (social governments – whatever)?

Enterprise Architecture is a practice that is founded in communication. To support and add value to that communication we have developed analysis methods and frameworks, which help us model what we learn and, in turn, communicate the results. Enterprise Architects work across organizations to understand how the activities of the participants relate to the strategy of the organization and how the performance of each person/group’s activities can optimally support and reinforce everyone else’s. We don’t do their work for them and don’t, if we do our work properly, have any sectional interests. We are the ultimate generalists, specialized in bringing together all those aspects, in which other people are the experts. We’re therefore ideally placed to facilitate the development of a unified vision and a complementary set of practices. OK, that sounds a bit idealistic. We know reality is never perfect but, if we don’t have ideals, we’d be hypocrites to be doing this work anyway. Pragmatism and ideals can be a positive combination.

Yes, there’s plenty of work to do to adapt our models to this new reality. Our goals, the things we try to achieve with EA will not be different. In some significant aspects, the results will be – if only because of the scope and diversity of the enterprise. We’ll certainly need to produce some good example EA artifacts to show what these results will look like. I can see an obvious impact in business architecture and in governance – most likely other areas too. But the issues faced in governance may be similar to those being tackled by The Open Group’s Cloud Governance project. And business architecture is long due for expansion outside of the single organization, so there’s synergy there as well. We can also look outside of our own community for inspiration – in the area of complexity theory, in business modeling, in material about innovation and strategy development and in economic and even political thinking about social business.

We’ll also be faced with organizational challenges. EA has for too long and too often been seen as the property of the IT department. That’s always been a problem anyway, but to face the challenges of social business, EA must avoid the slightest whiff of sectional interest and IT centrism. And, ironically, the best hope for the IT department in this scary new world may come from letting go of what it does not need to control and taking on a new role as a positive enabler of change.

There could hardly be a more appropriate time to be working on TOGAF Next. What an opportunity!

Stuart Boardman is a Senior Business Consultant with KPN where he co-leads the Enterprise Architecture practice as well as the Cloud Computing solutions group. He is co-lead of The Open Group Cloud Computing Work Group’s Security for the Cloud and SOA project and a founding member of both The Open Group Cloud Computing Work Group and The Open Group SOA Work Group. Stuart is the author of publications by the Information Security Platform (PvIB) in The Netherlands and of his previous employer, CGI. He is a frequent speaker at conferences on the topics of Cloud, SOA, and Identity. 

5 Comments

Filed under Business Architecture, Cloud, Cloud/SOA, Enterprise Architecture, Enterprise Transformation, Semantic Interoperability

SF Conference to Explore Architecture Trends

By The Open Group Conference Team

In addition to exploring the theme of “Enterprise Transformation,” speakers at The Open Group San Francisco conference in January will explore a number of other trends related to enterprise architecture and the profession, including trends in service oriented architectures and business architecture. 

The debate about the role of EA in the development of high-level business strategy is a long running one. EA clearly contributes to business strategy, but does it formulate, plan or execute on business strategy?  If the scope of EA is limited to EA alone, it could have a diminutive role in business strategy and Enterprise Transformation going forward.

EA professionals will have the opportunity to discuss and debate these questions and hear from peers about their practical experiences, including the following tracks:

  • Establishing Value Driven EA as the Enterprise Embarks on Transformation (EA & Enterprise Transformation Track)  - Madhav Naidu, Lead Enterprise Architedt, Ciena Corp., US; and Mark Temple, Chief Architect, Ciena Corp.
  • Building an Enterprise Architecture Practice Foundation for Enterprise Transformation Execution  (EA & Business Innovation Track) – Frank Chen, Senior Manager & Principal Enterprise Architect, Cognizant, US
  • Death of IT: Rise of the Machines (Business Innovation & Technological Disruption: The Challenges to EA Track) –  Mans Bhuller, Senior Director, Oracle Corporation, US
  • Business Architecture Profession and Case Studies  (Business Architecture Track) – Mieke Mahakena, Capgemini,; and Peter Haviland, Chief Architect/Head of Business Architecture, Ernst & Young
  • Constructing the Architecture of an Agile Enterprise Using the MSBI Method (Agile Enterprise Architecture Track) – Nick Malike, Senior Principal Enterprise Architect, Microsoft Corporation, US
  • There’s a SEA Change in Your Future: How Sustainable EA Enables Business Success in Times of Disruptive Change (Sustainable EA Track)  – Leo Laverdure & Alex Conn, Managing Partners, SBSA Partners LLC, US
  • The Realization of SOA’s Using the SOA Reference Architecture  (Tutorials) – Nikhil Kumar, President, Applied Technology Solutions, US
  • SOA Governance: Thinking Beyond Services (SOA Track) – Jed Maczuba, Senior Manager, Accenture, US

In addition, a number of conference tracks will explore issues and trends related to the enterprise architecture profession and role of enterprise architects within organizations.  Tracks addressing professional concerns include:

  • EA: Professionalization or Marketing Needed? (Professional Development Track)  - Peter Kuppen, Senior Manager, Deloitte Consulting, BV, Netherlands
  • Implementing Capabilities With an Architecture Practice (Setting up a Successful EA Practice Track)  – Mike Jacobs, Director and Principal Architect, OmptumInsight; and Joseph May, Director, Architecture Center of Excellence, OmptumInsight
  • Gaining and Retaining Stakeholder Buy-In: The Key to a Successful EA Practice Practice (Setting up a Successful EA Practice Track)   – Russ Gibfried, Enterprise Architect, CareFusion Corporation, US
  • The Virtual Enterprise Architecture Team (Nature & Role of the Enterprise Architecture) – Nicholas Hill, Principal Enterprise Architect, Consulting Services, FSI, Infosys; and Musharal Mughal, Director of EA, Manulife Financials, Canada

 Our Tutorials track will also provide practical guidance for attendees interested in learning more about how to implement architectures within organizations.  Topics will include tutorials on subjects such as TOGAF®, Archimate®, Service Oriented Architectures,  and architecture methods and techniques.

For more information on EA conference tracks, please visit the conference program on our website.

Comments Off

Filed under Cloud/SOA, Enterprise Architecture, Enterprise Transformation, Semantic Interoperability, Service Oriented Architecture

2012 Open Group Predictions, Vol. 2

By The Open Group

Continuing on the theme of predictions, here are a few more, which focus on enterprise architecture, business architecture, general IT and Open Group events in 2012.

Enterprise Architecture – The Industry

By Leonard Fehskens, VP of Skills and Capabilities

Looking back at 2011 and looking forward to 2012, I see growing stress within the EA community as both the demands being placed on it and the diversity of opinions within it increase. While this stress is not likely to fracture the community, it is going to make it much more difficult for both enterprise architects and the communities they serve to make sense of EA in general, and its value proposition in particular.

As I predicted around this time last year, the conventional wisdom about EA continues to spin its wheels.  At the same time, there has been a bit more progress at the leading edge than I had expected or hoped for. The net effect is that the gap between the conventional wisdom and the leading edge has widened. I expect this to continue through the next year as progress at the leading edge is something like the snowball rolling downhill, and newcomers to the discipline will pronounce that it’s obvious the Earth is both flat and the center of the universe.

What I had not expected is the vigor with which the loosely defined concept of business architecture has been adopted as the answer to the vexing challenge of “business/IT alignment.” The big idea seems to be that the enterprise comprises “the business” and IT, and enterprise architecture comprises business architecture and IT architecture. We already know how to do the IT part, so if we can just figure out the business part, we’ll finally have EA down to a science. What’s troubling is how much of the EA community does not see this as an inherently IT-centric perspective that will not win over the “business community.” The key to a truly enterprise-centric concept of EA lies inside that black box labeled “the business” – a black box that accounts for 95% or more of the enterprise.

As if to compensate for this entrenched IT-centric perspective, the EA community has lately adopted the mantra of “enterprise transformation”, a dangerous strategy that risks promising even more when far too many EA efforts have been unable to deliver on the promises they have already made.

At the same time, there is a growing interest in professionalizing the discipline, exemplified by the membership of the Association of Enterprise Architects (AEA) passing 20,000, TOGAF® 9 certifications passing 10,000, and the formation of the Federation of Enterprise Architecture Professional Organizations (FEAPO). The challenge that we face in 2012 and beyond is bringing order to the increasing chaos that characterizes the EA space. The biggest question looming seems to be whether this should be driven by IT. If so, will we be honest about this IT focus and will the potential for EA to become a truly enterprise-wide capability be realized?

Enterprise Architecture – The Profession

By Steve Nunn, COO of The Open Group and CEO of the Association of Enterprise Architects

It’s an exciting time for enterprise architecture, both as an industry and as a profession. There are an abundance of trends in EA, but I wanted to focus on three that have emerged and will continue to evolve in 2012 and beyond.

  • A Defined Career Path for Enterprise Architects: Today, there is no clear career path for the enterprise architect. I’ve heard this from college students, IT and business professionals and current EAs. Up until now, the skills necessary to succeed and the roles within an organization that an EA can and should fill have not been defined. It’s imperative that we determine the skill sets EAs need and the path for EAs to acquire these skills in a linear progression throughout their career. Expect this topic to become top priority in 2012.
  • Continued EA Certification Adoption: Certification will continue to grow as EAs seek ways to differentiate themselves within the industry and to employers. Certifications and memberships through professional bodies such as the Association of Enterprise Architects will offer value to members and employers alike by identifying competent and capable architects. This growth will also be supported by EA certification adoption in emerging markets like India and China, as those countries continue to explore ways to build value and quality for current and perspective clients, and to establish more international credibility.
  • Greater Involvement from the Business: As IT investments become business driven, business executives controlling corporate strategy will need to become more involved in EA and eventually drive the process. Business executive involvement will be especially helpful when outsourcing IT processes, such as Cloud Computing. Expect to see greater interest from executives and business schools that will implement coursework and training to reflect this shift, as well as increased discussion on the value of business architecture.

Business Architecture – Part 2

By Kevin Daley, IBM and Vice-Chair of The Open Group Business Forum

Several key technologies have reached a tipping point in 2011 that will move them out of the investigation and validation by enterprise architects and into the domain of strategy and realization for business architects. Five areas where business architects will be called upon for participation and effort in 2012 are related to:

  • Cloud: This increasingly adopted and disruptive technology will help increase the speed of development and change. The business architect will be called upon to ensure the strategic relevancy of transformation in a repeatable fashion as cycle times and rollouts happen faster.
  • Social Networking / Mobile Computing: Prevalent consumer usage, global user adoption and improvements in hardware and security make this a trend that cannot be ignored. The business architect will help develop new strategies as organizations strive for new markets and broader demographic reach.
  • Internet of Things: This concept from 2000 is reaching critical mass as more and more devices become communicative. The business architect will be called on to facilitate the conversation and design efforts between operational efforts and technologies managing the flood of new and usable information.
  • Big Data and Business Intelligence: Massive amounts of previously untapped data are being exposed, analyzed and made insightful and useful. The business architect will be utilized to help contain the complexity of business possibilities while identifying tactical areas where the new insights can be integrated into existing technologies to optimize automation and business process domains.
  • ERP Resurgence and Smarter Software: Software purchasing looks to continue its 2011 trend towards broader, more intuitive and feature-rich software and applications.  The business architect will be called upon to identify and help drive getting the maximum amount of operational value and output from these platforms to both preserve and extend organizational differentiation.

The State of IT

By Dave Lounsbury, CTO

What will have a profound effect on the IT industry throughout 2012 are the twin horses of mobility and consumerization, both of which are galloping at full tilt within the IT industry right now. Key to these trends are the increased use of personal devices, as well as favorite consumer Cloud services and social networks, which drive a rapidly growing comfort among end users with both data and computational power being everywhere. This comfort brings a level of expectations to end users who will increasingly want to control how they access and use their data, and with what devices. The expectation of control and access will be increasingly brought from home to the workplace.

This has profound implications for core IT organizations. There will be less reliance on core IT services, and with that an increased expectation of “I’ll buy the services, you show me know to knit them in” as the prevalent user approach to IT – thus requiring increased attention to use of standards conformance. IT departments will change from being the only service providers within organizations to being a guiding force when it comes to core business processes, with IT budgets being impacted. I see a rapid tipping point in this direction in 2012.

What does this mean for corporate data? The matters of scale that have been a part of IT—the overarching need for good architecture, security, standards and governance—will now apply to a wide range of users and their devices and services. Security issues will loom larger. Data, apps and hardware are coming from everywhere, and companies will need to develop criteria for knowing whether systems are robust, secure and trustworthy. Governments worldwide will take a close look at this in 2012, but industry must take the lead to keep up with the pace of technology evolution, such as The Open Group and its members have done with the OTTF standard.

Open Group Events in 2012

By Patty Donovan, VP of Membership and Events

In 2012, we will continue to connect with members globally through all mediums available to us – our quarterly conferences, virtual and regional events and social media. Through coordination with our local partners in Brazil, China, France, Japan, South Africa, Sweden, Turkey and the United Arab Emirates, we’ve been able to increase our global footprint and connect members and non-members who may not have been able to attend the quarterly conferences with the issues facing today’s IT professionals. These events in conjunction with our efforts in social media has led to a rise in member participation and helped further develop The Open Group community, and we hope to have continued growth in the coming year and beyond.

We’re always open to new suggestions, so if you have a creative idea on how to connect members, please let me know! Also, please be sure to attend the upcoming Open Group Conference in San Francisco, which is taking place on January 30 through February 3. The conference will address enterprise transformation as well as other key issues in 2012 and beyond.

9 Comments

Filed under Business Architecture, Cloud, Cloud/SOA, Data management, Enterprise Architecture, Semantic Interoperability, Standards

Save the Date—The Open Group Conference San Francisco!

By Patty Donovan, The Open Group

It’s that time again to start thinking ahead to The Open Group’s first conference of 2012 to be held in San Francisco, January 30 – February 3, 2012. Not only do we have a great venue for the event, the Intercontinental Mark Hopkins (home of the famous “Top of the Mark” sky lounge—with amazing views of all of San Francisco!), but we have stellar line up for our winter conference centered on the theme of Enterprise Transformation.

Enterprise Transformation is a theme that is increasingly being used by organizations of all types to represent the change processes they implement in response to internal and external business drivers. Enterprise Architecture (EA) can be a means to Enterprise Transformation, but most enterprises today because EA is still largely limited to the IT department and transformation must go beyond the IT department to be successful. The San Francisco conference will focus on the role that both IT and EA can play within the Enterprise Transformation process, including the following:

  • The differences between EA and Enterprise Transformation and how they relate  to one another
  • The use of EA to facilitate Enterprise Transformation
  • How EA can be used to create a foundation for Enterprise Transformation that the Board and business-line managers can understand and use to their advantage
  • How EA facilitates transformation within IT, and how does such transformation support the transformation of the enterprise as a whole
  • How EA can help the enterprise successfully adapt to “disruptive technologies” such as Cloud Computing and ubiquitous mobile access

In addition, we will be featuring a line-up of keynotes by some of the top industry leaders to discuss Enterprise Transformation, as well as themes around our regular tracks of Enterprise Architecture and Professional Certification, Cloud Computing and Cybersecurity. Keynoting at the conference will be:

  • Joseph Menn, author and cybersecurity correspondent for the Financial Times (Keynote: What You’re Up Against: Mobsters, Nation-States and Blurry Lines)
  • Celso Guiotoko, Corporate Vice President and CIO, Nissan Motor Co., Ltd. (Keynote: How Enterprise Architecture is helping NISSAN IT Transformation)
  • Jeanne W. Ross, Director & Principal Research Scientist, MIT Center for Information Systems Research (Keynote: The Enterprise Architect: Architecting Business Success)
  • Lauren C. States, Vice President & Chief Technology Officer, Cloud Computing and Growth Initiatives, IBM Corp. (Keynote: Making Business Drive IT Transformation Through Enterprise Architecture)
  • Andy Mulholland, Chief Global Technical Officer, Capgemini (Keynote: The Transformed Enterprise)
  • William Rouse, Executive Director, Tennenbaum Institute at Georgia Institute of Technology (Keynote: Enterprise Transformation: An Architecture-Based Approach)

For more on the conference tracks or to register, please visit our conference registration page. And stay tuned throughout the next month for more sneak peeks leading up to The Open Group Conference San Francisco!

1 Comment

Filed under Cloud, Cloud/SOA, Cybersecurity, Data management, Enterprise Architecture, Semantic Interoperability, Standards

2012 Open Group Predictions, Vol. 1

By The Open Group

Foreword

By Allen Brown, CEO

2011 was a big year for The Open Group, thanks to the efforts of our members and our staff – you all deserve a very big thank you. There have been so many big achievements, that to list them all here would mean we would never get to our predictions. Significantly though, The Open Group continues to grow and this year the number of enterprise members passed the 400 mark which means that around 30,000 people are involved, some more so than others, from all over the world.

Making predictions is always risky but we thought it might be fun anyway. Here are three trends that will wield great influence on IT in 2012 and beyond:

  • This year we experienced the consumerization of IT accelerating the pace of change for the enterprise at an astonishing rate as business users embraced new technologies that transformed their organizations. As this trend continues in 2012, the enterprise architect will play a critical role in supporting this change and enabling the business to realize their goals.
  • Enterprise architecture will continue its maturity in becoming a recognized profession. As the profession matures, employers of enterprise architects and other IT professionals, for that matter, will increasingly look for industry recognized certifications.
  • As globalization continues, security and compliance will be increasing issues for companies delivering products or services and there will be a growing spotlight on what might be inside IT products. Vendors will be expected to warrant that the products they purchase and integrate into their own products come from a trusted source and that their own processes can be trusted in order not to introduce potential threats to their customers. At the same time, customers will be increasingly sensitive to the security and dependability of their IT assets. To address this situation, security will continue to be designed in from the outset and be tightly coupled with enterprise architecture.

In addition to my predictions, Other Open Group staff members also wanted to share their predictions for 2012 with you:

Security

By Jim Hietala, VP of Security

Cloud security in 2012 becomes all about point solutions to address specific security pain points. Customers are realizing that to achieve an acceptable level of security, whether for IaaS, SaaS, or PaaS, they need to apply controls in addition to the native platform controls from the Cloud service provider. In 2012, this will manifest as early Cloud security technologies target specific and narrow security functionality gaps. Specific areas where we see this playing out include data encryption, data loss prevention, identity and access management, and others.

Cloud

By Chris Harding, Director of Interoperability

There is a major trend towards shared computing resources that are “on the Cloud” – accessed by increasingly powerful and mobile personal computing devices but decoupled from the users.

This may bring some much-needed economic growth in 2012, but history shows that real growth can only come from markets based on standards. Cloud portability and interoperability standards will enable development of re-usable components as commodity items, but the need for them is not yet appreciated. And, even if the vendors wanted these standards for Cloud Computing, they do not yet have the experience to create good ones.  But, by the end of the year, we should understand Cloud Computing better and will perhaps have made a start on the standardization that will lead to growth in the years ahead.

Here are some more Cloud predictions from my colleagues in The Open Group Cloud Work Group: http://blog.opengroup.org/2011/12/19/cloud-computing-predictions-for-2012/

Business Architecture

By Steve Philp, Professional Certification

There are a number of areas for 2012 where Business Architects will be called upon to engage in transforming the business and applying technologies such as Cloud Computing, social networking and big data. Therefore, the need to have competent Business Architects is greater than ever. This year organizations have been recruiting and developing Business Architects and the profession as a whole is now starting to take shape. But how do you establish who is a practicing Business Architect?

In response to requests from our membership, next year The Open Group will incorporate a Business Architecture stream into The Open Group Certified Architect (Open CA) program. There has already been significant interest in this stream from both organizations and practitioners alike. This is because Open CA is a skills and experience based program that recognizes, at different levels, those individuals who are performing in a Business Architecture role. I believe this initiative will further help to develop the profession over the next few years and especially in 2012.

1 Comment

Filed under Business Architecture, Cloud, Cybersecurity, Enterprise Architecture, Enterprise Transformation, Semantic Interoperability, Uncategorized

The Open Group Surpasses 400 Member Milestone

By Allen Brown, The Open Group

I’m pleased to announce The Open Group has recently surpassed the 400 member mark. Reaching this milestone is a true testament to the commitment our members and staff have made to promoting open standards over the past 25 years.

The Open Group’s strategy has been shaped by IT users through the development of open, vendor-neutral standards and certifications. Today’s milestone validates that this strategy is continuing to resonate, particularly with global organizations that demand greater interoperability, trusted ways to architect their information systems and qualified IT people to lead the effort.

Our members continue to collaborate on developing long term, globally accepted solutions surrounding the most critical IT issues facing business today. Some of the work areas include Enterprise Architecture, Cloud Computing, real-time and embedded systems, operating platform, semantic interoperability and cyber-security to name a few. The members’ leadership around these issues is increasingly global through a larger roster of regional events and local offices now based in China, France, Japan, South Africa, South America, Sweden, Turkey, the United Arab Emirates, the UK and US. As a result, we now have more than 30,000 individual members participating from 400 global organizations in more than 85 countries worldwide.

This is a great milestone to end the year on, and we’re looking forward to celebrating more occasions like it resulting from the members’ hard work and contributions in 2012.

2 Comments

Filed under Enterprise Transformation, Semantic Interoperability, Standards

What does developing an IT Strategy mean?

By Serge Thorn, Architecting the Enterprise

I have observed many situations where a c-level person was supposed to document an IT Strategy in a short period of time, in order to prepare the following year’s annual budget. Very often, they lack much supporting documented business information in order to achieve this task. The result is a weak strategy, sometimes ignored by the user’s community, the key stakeholders.

A weak IT strategy can be costly and wasteful, especially for resource-constrained organizations that operate with minimal budget, tools, knowledge and people.  It also implies that organizations cannot respond to changing business requirements rapidly enough. The absence of strategic anticipation causes organizations to be inefficiently reactive, forcing them to work in a constant state of catch-up.

An IT Strategy should answer the following questions:

  • Are we doing the right things with technology to address the organization’s most important business priorities and continuously deliver value to the clients?
  • Are we making the right technology investments?
  • Do we measure what is the real value to the organization derived from that technology?
  • Is our current Information Technology agile enough; flexible to continuously support a successful organization?
  • Is our Information Technology environment properly managed, maintained, secured, able to support the clients, and is it cost effective?
  • Can our strategy support current and future business needs?

Quite often the first thing we should consider when writing such a document is the targeted audience and its content. Different people with varying roles and responsibilites may read an IT Strategy within a company, so the document may need to serve several different purposes.  It is not easy to pitch a strategy to different levels in the hierarchy within an organization, and at the appropriate level of detail. Sometimes it is too detailed and does not always match the stakeholder’s needs.

An IT Strategy is an iterative process to align IT capabilities with the business strategy and requirements:

  • It is a documented and approved process (part of the organization’s governance framework)
  • It is iterative (it needs to be frequently be revisited). Traditionally, IT strategies are updated and communicated on an annual basis, usually to meet budget cycles. This should be considered the minimum review period. If an emerging technology surfaces that has the potential to enhance the business, it should be investigated and communicated to the business as soon as possible. A one-year cycle may  be too late.
  • It  is a strong alignment of business and IT capabilities rather than designing IT solutions to support business requirements
    • Assuming  that both business and IT capabilities drive each other
    • Assuming that business drives IT and not the other way around
  • The IT Strategy sets future direction for IT function in the organization
    • Ensuring that the IT budget is spent on value creation activities for the business
    • Creating shareholder value
    • Helping to maximize the return on IT investments
  • The IT Strategy may include sub-elements such as:
    • Infrastructure strategy
    • Application strategy
    • Integration strategy
    • Service strategy
    • Sourcing strategy
    • Innovation strategy

This pyramid diagram can be used to illustrate the IT strategy and vision, and how the technology and business strategies are totally aligned. At the top of the pyramid is the enterprise overarching vision. Aligned below that is how IT supports the vision by becoming a premier IT organization in creating competitive advantage for the clients. The IT vision is in turn supported by three pillars: integration, improvement, and innovation.

To deliver this, the business strategy should clearly be articulated and documented taking into account some IT aspects. There are different ways of gathering these business inputs.

The first approach is a very classical one where you develop a questionnaire in business terms which asks each business unit to identify their future requirements for infrastructure growth, taking into account capacity and availability requirements. This extracts the data you need for business driven strategy.

This questionnaire may include some of the following examples of questions:

  1. What are your top 5 business “pain” points? These are things that you wish you had a solution for
  2. What are your top 5 business objectives? These can be short term or long term, can be driven by revenue, cost, time, time to market, competitive advantage, risk or various other reasons
  3. How do you plan to achieve these objectives?
  4. What will we gain by leveraging IT Capabilities across the business?
  5. What is in the way of achieving your business imperatives?
  6. Can IT help achieve your business imperatives?
  7. How much do you spend on IT capabilities?
  8. What is your technology ROI?
  9. Does your company have a plan for technology?
  10. Does your business plan include a technology plan?
  11. Where is IT being used across your business unit?

The second approach would be the use of Enterprise Architecture that I will explain later on.

With this input you may now start to consider the structure of your document. It may look similar to this example below:

An executive summary

  • An introduction
    • The purpose
    • The background
    • The Business drivers
    • The Organizational drivers
    • The IT drivers
  • The Business and IT aspects
    • The Business Goals and Objectives
    • The IT approaches and principles
  • The IT components
    • Business application systems
    • IT infrastructure
    • Security and IT Service continuity
  • Structure, organization and management
    • IT Governance
    • Skills, knowledge and education
    • IT Financial management
    • KPIS, measurement and metrics, balance scorecards
  • Technologies opportunities
  • Key issues

And this is where Enterprise Architecture may have to play an important and even crucial role. Some companies I have encountered have an Enterprise Architecture team, and in parallel, somebody called an IT Strategist. Frequently the connection is non-existing or quite weak.  Other organizations may also have a Strategic Planning unit, again without any connection with the Enterprise Architecture team.

An Enterprise Architecture must play the important role of assessing; existing IT assets, architecture standards and the desired business strategy to create a unified enterprise-wide environment – where the core hardware and software systems are standardised and integrated across the entire organisation’s business processes, to greatly enhance competitive advantage and innovation. The IT Strategy details the technologies, application and the data foundation needed to deliver the goals of the corporate strategy, while Enterprise Architecture is the bridge between strategy and execution; providing the organising logic to ensure the integration and standardisation of key processes that drive greater agility, higher profitability, faster time to market, lower IT costs, improved access to shared customer data and lower risk of mission-critical systems failures.

As a real example, TOGAF 9 is perfect way to produce that IT Strategy document during the Phase F: Migration Planning.

Below you will find the relationship between some phases of the ADM and the structure of the above document. It needs to be said that we should probably use a Strategic architecture level to deliver a first version of the document, which then could be reviewed with Segment or Capability architectures.

Content Examples Enterprise Architecture and TOGAF
An executive summary
An introduction (This document must be business oriented)
Content Examples Enterprise Architecture and TOGAF
The purpose Key elements of the scope, audience, time horizon The Preliminary phase is about defining ‘‘where, what, why, who, and how” Enterprise Architecture will be done and will provide all information. It also creates the conditions and context for an Architecture Capability
The background Business problems, constraints (financial, resources, IT, legal, etc.) This is covered by the Phase A: Architecture Vision. An Architecture Visionsets stage for each iteration of ADM cycle.-Provides high-level, aspirational view of target the sponsor uses to describe how business goals are met and stakeholder concerns are addressed
-Provides an executive summary version of full Architecture
-Drives consensus on desired outcomeThe Business Scenarios is used to discover and document business requirements, identify constraints, etc.
The Business drivers Market conditions, competition, consumer trends, new customers, products sales, costs savings, incremental services revenues, drivers related to the IT function In the Phase A: Architecture Vision, we:Identify business goals and strategic drivers-Ensure that descriptions used are current-Clarify any areas of ambiguityDefine constraints-Enterprise-wide constraints

-Architecture project-specific constraints

The Organizational drivers Profitability, financial performance, change in strategic objectives, end of the product development life cycle, mergers and acquisitions, staffs, risks
The IT drivers New or obsolete technologies, updates Considering that IT is part of the Business, these drivers should also be considered in that phase
The Business and IT aspects
The Business Goals and Objectives Market growth, entering new markets, addressing manufacturing capacities In the Phase A: Architecture Vision, we:Identify business goals and strategic drivers
-Ensure that descriptions used are current
-Clarify any areas of ambiguity
-Define constraints
-Enterprise-wide constraints
-Architecture project-specific constraints
The IT approaches and principles IT standards, development, implementation, delivery, testing, consolidation, maturity, best practices Standards should be documented in the SIB (Standard Information Base)When we define the Architecture Governance Framework during the Preliminary Phase, we identy the various touch points with existing other frameworks in the organization
IT principles should have already have been defined by the IT department
The IT components
Business application systems Baseline (main applications: ERP, CRM, customers facing systems). Future plans, concerns, time period, priorities) This will be addressed by Phase C: Information Systems based on the Statement of Architecture Work, output from the Phase A
IT infrastructure Baseline (servers, network , middleware, technical services) This will be addressed by Phase D: Technology Architecture based on the Statement of Architecture Work, output from the Phase A
Security and IT Service continuity Issues, challenges, opportunities related to security, security principles, controls Security concerns are addressed during all phases of the ADM
Structure, organization and management
IT Governance Best practices, frameworks, management and monitoring, resource management, portfolio management, vendors management, IT service management, project management, etc. IT Governance will be considered when the Architecture Governance Framework is defined. There will obviously be touch points between the ADM and some other best practices used by the organization. IT Governance is defined outside of the Enterprise Architecture programme
Skills, knowledge and education Skills, knowledge and education Enterprise Architecture skills will have to be addressed by the Architecture Capability Framework. Other skills may also be identified independently of the Enterprise Architecture programme
IT Financial management IT budget, costs structures, measurement and metrics, targets, areas needing investments, etc. This is addressed is outside of the Enterprise Architecture programme
KPIS, measurement and metrics, balance scorecards IT performance measurements on SMART objectives ((Specific, Measurable, Achievable, Realistic, & Time bound) Every governance frameworks may have its own KPIs. Enterprise Architecture KPIs may be added to that list.
Technologies opportunities Emerging technologies, business related benefits This can be done in parallel of the Enterprise Architecture programme
Key issues and initiatives Summary or link to the IT Project portfolio This can be done in parallel of the Enterprise Architecture programme
Color legend
Direct relationship with Enterprise Architecture
Indirect relationship with Enterprise Architecture
Produced somewhere else

The next step would be the review of the IT Strategy document by the main stakeholders who would accept or reject technology opportunities. This could also be used as an important source of information for the Strategic Planning exercise (please refer to another article for additional information:  “How Strategic Planning relates to Enterprise Architecture?“).

Once the IT Strategy has been reviewed, amended and authorised (which should in reality already be approved, as it is the result of various ADM cycles and the output of Phase F: Migration planning), the multi-disciplinary programme team for the implementation during Phase G: Implementation Governance, will deliver the solutions to the business.

As already mentioned previously, the outline strategies will be refined and expanded with a low level of detail when addressing Segment and Capability architectures. This is the part that meets the first challenge described above, where we need different levels of detail for different stakeholders. The documents should be hierarchical, with the ability to drill down to lower levels as more detail is required.

One of the main reasons for developing an Enterprise Architecture with TOGAF 9 is to support the business by providing the fundamental technology and process structure for an IT Strategy.  Enterprise Architecture is the superset that represents both Business and IT Strategy; this is reflected in Enterprise Architecture’s basic structure of strategy, business architecture and technology/information architecture. One can certainly do an IT Strategy without Enterprise Architecture, but Enterprise Architecture cannot be done without an IT Strategy; the same would apply to business strategy/business architecture.

Serge Thorn is CIO of Architecting the Enterprise.  He has worked in the IT Industry for over 25 years, in a variety of roles, which include; Development and Systems Design, Project Management, Business Analysis, IT Operations, IT Management, IT Strategy, Research and Innovation, IT Governance, Architecture and Service Management (ITIL). He has more than 20 years of experience in Banking and Finance and 5 years of experience in the Pharmaceuticals industry. Among various roles, he has been responsible for the Architecture team in an international bank, where he gained wide experience in the deployment and management of information systems in Private Banking, Wealth Management, and also in IT architecture domains such as the Internet, dealing rooms, inter-banking networks, and Middle and Back-office. He then took charge of IT Research and Innovation (a function which consisted of motivating, encouraging creativity, and innovation in the IT Units), with a mission to help to deploy a TOGAF based Enterprise Architecture, taking into account the company IT Governance Framework. He also chaired the Enterprise Architecture Governance worldwide program, integrating the IT Innovation initiative in order to identify new business capabilities that were creating and sustaining competitive advantage for his organization. Serge has been a regular speaker at various conferences, including those by The Open Group. His topics have included, “IT Service Management and Enterprise Architecture”, “IT Governance”, “SOA and Service Management”, and “Innovation”. Serge has also written several articles and whitepapers for different magazines (Pharma Asia, Open Source Magazine). He is the Chairman of the itSMF (IT Service Management forum) Swiss chapter and is based in Geneva, Switzerland.

3 Comments

Filed under Enterprise Architecture, Semantic Interoperability, TOGAF®

Taking Decisions In The Face Of Uncertainty (Responsible Moments)

By Stuart Boardman, KPN

Ruth Malan recently tweeted a link to a piece by Alistair Cockburn about the Last Responsible Moment concept (LRM) in Lean Software Development. I’ve been out of software development for a while now but I could guess what that might mean in an “agile” context and wondered how it might apply to problems I’ve been considering recently in Enterprise Architecture. Anyway, Alistair Cockburn is an interesting writer who would be deservedly famous even if he’d never done anything after writing the most practical and insightful book ever written about use cases. So I read on. The basic idea of the LRM is that in order to deal with uncertainty you avoid taking deterministic decisions until just before it would become irresponsible (for cost or delivery reasons) not to take them. Or to put it another way, don’t take decisions you don’t yet need to take if the result will be to constrain your options but do be ready to take them when it’s dangerous to wait longer.

Alistair’s not a big fan of LRM. He makes the following statement: “If you keep all decisions open until the hypothetical LRM, then your brain will be completely cluttered with open decisions and you won’t be able to keep track of them all.” Later in the discussion, he modifies this a bit but it certainly struck a chord with me. I’ve argued recently in this column that the degree of uncertainty (I called this entropy) in which enterprise architects have to operate is only increasing and that this in turn is due to three factors: the increasing rate of change happening in or affecting the enterprise; the increasing complexity of the environment in which the enterprise exists; and the decreasing extent to which any one enterprise can control that environment. This in turn increases the level of complexity in decision making. I’ll come back to these factors later but if you give me the benefit of the doubt for the moment, you can see that there’s actually a pretty good argument for taking any decision you can reasonably take (i.e. one which does not unjustifiably constrain everything else), as early as you can – in order to minimize complexity as you go along.

This is not (repeat not) a dogma. If it’s totally unclear what decision you should take, you’d probably be better off waiting for more information – and a last responsible moment will undoubtedly arrive.

So assuming you gave me the benefit of the doubt, you might now reasonably be thinking that this is theoretically all very well but how can we actually put it into practice. To do that we need first to look at the three sources of complexity I mentioned:

  • That the rate of change is increasing is pretty much a truism. Some change is due to market forces such as competition, availability/desirability of new capabilities, withdrawal of existing capabilities or changes in the business models of partners and suppliers. Some change is due to regulation (or deregulation) or to indirect factors such as changing demographics. Factors such as social media and Cloud are perhaps more optional but are certainly disruptive – and themselves constantly in change.
  • The increase in complexity of the environment is largely due to the increase in the number of partners and to more or less formal value networks (extended enterprise), to an increased number of delivery channels and to lack of standardization at both the supply and delivery ends.
  • The decrease in control (or more accurately in exclusive and total control) arises from all forms of shared services, which the enterprise one way or another makes use of. This can be Cloud (in which case we talk about multi-tenancy), social media (in which case we talk about anarchy) but equally well the extended enterprise network where not merely do our partners and suppliers have other customers but they also have their own partners and suppliers who have other customers. A consequence of most of this is that you can’t expect to be consulted before change decisions are made.

At best you will be notified well enough in advance of it happening. So you need to take that into account in what you implement.

Each of these factors may affect what the organization is – its core values, its key value propositions, its strategy. They may also affect how it carries out its business – its key activities and processes, its partners and even its customers. And they can affect how those activities and processes are implemented, which by the way can in turn drive change at the strategic level – it’s not just one way traffic – but this is a subject worthy of its own blog.

The point is that, if we want to be able to deal with this, to make sensible decisions in a non-deterministic environment, we would do well to address them where they first manifest themselves in order to avoid a geometric expansion of complexity further on. I’m inclined to think this is primarily in the business architecture (assuming we all accept that business architecture is not just a collection of process models). Almost all of the factors are encountered first here and subsequently reflected possibly in strategy and nearly always on the implementation side. If we make the reasonable assumption that the implementation side will encounter its own complexities, we can at least keep that manageable by not passing on all the possible options from the business architecture.

I said almost all factors are encountered first in the business architecture. The most obvious exceptions I can think of are the Infrastructure as a Service and Platform as a Service variants on Cloud. There’s a good case to be made that the effects of these are primarily felt within IT (strategy and implementation). But wherever we start, the principle doesn’t change – start the analysis at the first point of impact.

The next thing we need to do is look for ways to a) reduce the level of entropy in the part of the system we start with and b) understand how to make decisions that don’t create unnecessary lock in.  There’s not enough space in a blog to go into this in detail but it’s worth mentioning some new and some established techniques.

My attention has recently been drawn (by Verna Allee and others) to the study of networks of things, organizations and people. This in turn makes a lot of use of visualizations. These enable us to “see” the level of entropy around the particular element we’re focusing on – without the penalty of losing sight of the big picture. An example that I found useful is by Eric Berlow.  Another concept in this area involves identifying what are referred to as communities (because the idea came out of the study of social networks – clusters of related elements, which are only loosely coupled to other communities. These techniques allow us to reduce the scope (and therefore complexity) of the problem we’re trying to solve at any one time without falling into the trap of assuming it’s entirely self- contained.

A few blogs ago I mentioned an idea of Robert Phipps’s, where he visualizes the various forces within an organization as vectors. Each vector represents some factor driving (or even constraining) change. Those can be formal or informal organizational groupings (people), stakeholders both within and external to the organization, economic factors around supply or revenue, changes in the business model or even in technology. In that blog I used this as a way of illustrating entropy but Robert is actually looking at ways of applying measures to these vectors in order to be able to establish their actual force (and direction) and therefore their impact on change. Turning an apparently random factor into something knowable reduces the level of entropy and makes us more confident about taking decisions early – and therefore in turn reduces the entropy at a later stage.

One more example: Ruth Malan and Dana Bredemeyer produced a paper last year in which they examined the idea that organizations can make the most use of the creativity of their personnel by replacing the traditional hierarchical and compartmentalized structures with what they called a fractal approach. The idea is that patterns of strategy creation are reflected in all parts of an organization, thus making strategy integral to an organization rather than merely dictated from “above”. It has the added benefit of making the overall complexity more manageable. Architects belong in each fractal both as creators and interpreters of strategy. I can’t possibly do this long paper justice here but I wanted to mention an additional thought I had. What can also help architects is to look for these fractals even in formally hierarchical organizations. There’s a great chance that they really exist and are just waiting for someone to pay them attention.

Having achieved focus on a manageable area and gathered as much meaningful data as possible, we can then apply some basic (but often forgotten or ignored) design principles. Think of separation of concerns, low coupling, high cohesion. All that starts by focusing on the core purpose of the element(s) of the architecture we’ve zoomed in on. And folks, the good news is that this will all have to wait for another occasion.

The very last thing I want to say is something I tend to hammer on about. You have to take some risks. No creative, successful organization does not take risks. You need a degree of confidence about the level and potential impact of the risk but at the end of the day you’ll have to make a decision anyway. Even if you believe that everything is potentially knowable, you know that we often don’t have the information available to achieve that. So you take a gamble on something that seems to deliver value and where the risk is at worst manageable. And by doing that you reduce the total entropy in the system and make taking other decisions easier.

Stuart Boardman is a Senior Business Consultant with KPN where he co-leads the Enterprise Architecture practice as well as the Cloud Computing solutions group. He is co-lead of The Open Group Cloud Computing Work Group’s Security for the Cloud and SOA project and a founding member of both The Open Group Cloud Computing Work Group and The Open Group SOA Work Group. Stuart is the author of publications by the Information Security Platform (PvIB) in The Netherlands and of his previous employer, CGI. He is a frequent speaker at conferences on the topics of Cloud, SOA, and Identity. 

1 Comment

Filed under Business Architecture, Cloud/SOA, Enterprise Architecture

Does IT mean Information Technology? Or is it Just a Department?

By Stuart Boardman, KPN

Some Enterprise Architects I greatly respect frequently stress the point that EA is not just or even primarily about IT. Some others go as far as to argue that it’s nothing to do with IT at all (the same people appear to think that this applies to all technology). At the other extreme, people, possibly unaware of these discussions, appear to believe that it’s only about IT. The problem with both extremes is that, when it comes down to it they are talking about the role of an organization’s own IT department rather than the role of information technology in business. The result is that IT is perceived as purely a support function (i.e. nothing more than the automation of traditional business activities). That works well for both parties, because it’s then easy to isolate it and make it either a universe in itself or an uninteresting minor galaxy.

Continue reading

Comments Off

Filed under Enterprise Architecture

Today’s projects, tomorrow’s bigger picture: an examination of Enterprise Transformation

By Allen Brown, CEO, The Open Group

Enterprise Transformation seems to be gathering momentum within the Enterprise Architecture community. It’s a term that seems to have originated in the EA community but which could be quite strange to senior executives or others in non-IT functions. Although Google finds 39 million web search results for the term, almost all of them reflect an IT perspective. The Journal of Enterprise Transformation is an official journal of the Institute of Industrial Engineers (IIE) and the International Council on Systems Engineering (INCOSE). While the systems engineering community’s notion of systems is based on general systems theory and is thus inclusive of much more than IT systems, the EA community has a tendency to see the world though “IT-colored glasses;” and this in turn colors its understanding of Enterprise Transformation.

Continue reading

1 Comment

Filed under Enterprise Architecture, Enterprise Transformation

PODCAST: Exploring business-IT alignment: A 20-year struggle culminating in the role and impact of Business Architecture

Listen to this recorded podcast here: Exploring Business-IT Alignment: A 20-Year Struggle Culminating in the Role and Impact of Business Architecture

The following is the transcript of a sponsored podcast panel discussion on defining the role and scope of the Business Architect, in conjunction with the The Open Group Conference, Austin 2011.

Dana Gardner: Hi, this is Dana Gardner, Principal Analyst at Interarbor Solutions, and you’re listening to BriefingsDirect. Today, we present a sponsored podcast discussion in conjunction with The Open Group Conference in Austin, Texas, the week of July 18, 2011. We’ve assembled a distinguished panel to delve into the role and opportunity for business architecture. We’ll examine how the definition of business architect has matured and we’ll see why it’s so important for this new role to flourish in today’s dynamic business and IT landscapes. We’ll also see how certification and training are helping to shape the business architecture leaders of tomorrow.

Here to help better understand the essential impact of business architecture on business success, is Harry Hendrickx, the Chief Technology Officer, CME Industry Unit, HP Enterprise Services and a Certified Global Enterprise Architect. Welcome, Harry.

Harry Hendrickx: Thank you, Dana.

Gardner: We’re also here with Dave van Gelder, Global Architect in the Financial Services Strategic Business Unit at Capgemini. Welcome, Dave.

Dave van Gelder: Thank you, Dana.

Gardner: And we’re also here with Mieke Mahakena. She is the Label Leader for Architecture in the Training Portfolio at Capgemini Academy and also a Certified Architect. Welcome, Mieke.

Mieke Mahakena: Thank you.

Gardner: Also, Peter Haviland, head of Architecture Services in the Americas for Ernst & Young. Hello, Peter.

Peter Haviland: Morning, Dana.

Gardner: And last, Kevin Daley, Chief Architect in the Technology and Innovation Group at IBM Global Business Services. Hello, Kevin.

Kevin Daley: Hello, Dana.

Gardner: Let me start by addressing both Harry and Kevin. There’s been a new paper that you are working on refining the definition of business architecture, but I’m interested why this is so important now. We see that CEOs around the world really are seeking fundamental change. They recognize that we’re at an inflection point. Why is that the case? Why is the role of business architect so important now? Let’s start with Harry, please.

Business-IT alignment

Hendrickx: Thank you very much, Dana. Yes, it is a very important question, of course. Why are we putting so much effort in getting business architecture on the scene? Over the past one or two decades, business-IT alignment has been number one on the CIO agenda, and apparently the organizations have increasing difficulty getting business-IT alignment resolved.

There are quite a few people pioneering in business-IT alignment, but apparently there was no urgency yet to recognize this role more specifically. HP, in the past two years, interviewed CIOs worldwide, and they all indicated that they face quite large and complex transformation processes. They also recognize that business-IT alignment is one of key issues. We think that the business architect really can provide some resolution to get those processes in better shape and more successful.

Gardner: Kevin, your thoughts. Why is it so important right now?

Daley: At IBM, we have a CEO study and a CIO study that come out in alternating years. One of the things that started coming out loud and clear in 2010 was that managing complexity and building operating dexterity required a better understanding across the entire company.

We’ve started seeing a trend to move not just from business IT alignment, but to business and IT convergence. There’s an understanding more and more that information technology, and technology in general, is a core part of the business model now. There’s an understanding that now we have a situation where business and IT aren’t so much aligned, because of the fact that IT is part of business.

Where we did interviews and surveys and then compiled them for thousands of CEOs, we came up with three key elements. Amongst those was managing and taking advantage of complexity while building operating dexterity. That’s the key theme.

One of the problems that we’re seeing from the CEOs is having for decades separated IT as if it was its own business unit, instead of part of the true sense of the business. It’s been an interpretive science. To manage that complexity they needed a means by which to start with the design of where they’re going and have have a business strategy.

How do they take that strategy and transform it into technology and into information management? They needed an ability to have a framework in which to have that substantive discussion between the people who were responsible, such as the CIO who is responsible for technology and the operations and the COOs, who are really about the execution of the overall picture.

What we’ve seen from our CEOs is a need to start being more integrated. There have been market pressures that they having to respond to. The big economic downturn was a big change for everyone, and they are trying to address it.

They’re looking at means that they can start integrating more globally. They can start to increase their cost variability and start becoming more agile in how they operate their business. To do that they need a means by which they can more effectively communicate.

Driving understanding

So far, we’ve been seeing that business architecture is a perfect way to start driving an understanding. It’s a place where both people who are used to seeing standard business models like revenue and capability are able to associate that to the different types of architectures and designs that we see coming out of the technology group.

It’s giving them a common place to meet and jointly move forward with what they’re trying to do in terms of managing the complexity, so they can be more agile and dexterous.

Gardner: Dave van Gelder, it sounds as if what we’re trying to do here is at a very high level in the organization. Does a business architect and architecture have to be at a high level to be successful? Where in the org chart do we typically see this role? Is it near the top? Does it matter?

van Gelder: It depends on the maturity of an organization. Within Capgemini nowadays, we talk about business technology. As Kevin said, business and technology are not separate. Technology is part of the total business.

When we started the Business Architecture Working Group in 2006, there was a lot of discussion about two words, business and architecture, and nobody knew exactly what we were talking about. Everybody had a different understanding of those words. In the last years what you have seen is that business architecture is looked at in a different way. Currently in the Business Architecture Working Group, we see business architecture as something that brings the balance between all the other architectures in the company — that’s IT architecture, financial architecture, money, people architecture, and a lot of other architectures.

If business architecture is bringing the balance between the different aspects of a company, then business architecture is something that should be handled in the top of the organization, because balance should be created between all the different aspects in the organization.

Gardner: Based on what Dave said. it sounds, Mieke, as if we’re talking about a federation of architectures,. What then is the fundamental problem that the business architect needs to solve? Is this getting into the actual mechanisms or is it about organizing the people around some sort of a vision or strategy?

Mahakena: It’s more like making sure that, whatever transformation you’re going to implement, you align all those different aspects. As Dave told us, there are a number of aspects in an organization that might need to change, and you can have all those different architectures for those aspects. But, if every aspect goes its own way in changing, then they will never be aligned. Business architecture is meant to align all of those aspects to make sure that you have a balanced, consistent, and coherent set of operations at the end.

Gardner: It sounds as if we’re in agreement that this is a high level function, but what is it that people might stumble upon, if they direct this in a wrong direction? What is business architecture not good at? Peter, what should we avoid? What’s a misstep in terms of either the level in the organization or the target of the activity?

Many things at once

Haviland: 

Business architecture is similar to other forms of architecture, in that it tends to try to do many things all at once. The idea of enterprise alignment is definitely the right outcome, but there is enough complexity there to blow steam out of your head for many, many years to come.

Certainly in our experience of implementing these types of functions in organizations, functions that constrain scope very well also tend to communicate very well around what their status is, what their progress is against milestones, and what outcomes they’ve achieved: and they tend to articulate those outcomes in terms of real business value. What business architecture is not very good at are broad-reaching types of goals that don’t have measurable outcomes.

Gardner: So, it’s not just let’s have a designated business architect and a laurels-wearing individual, but move more towards something that’s very practical and that shows results. That leads to a question about how to professionalize this role.

Anyone could stand up and call themselves a business architect, but what is The Open Group, in particular, doing about actually certifying and moving towards a standardization of some sort. Does anybody have any thoughts about how to make this more rigorous?

Hendrickx: The first question we get asked is, what’s the difference between a business consultant and a business architect or a business analyst and a business architect? We also have enterprise architects and technology architects. Is there a reason for being for the business architect?

This is something we did a lot of research on at HP and we delineated the role of the business architect quite clearly from the business consulting and the business analyst aspect. The business architect’s role is distinct, because he combines the organizational strategy with the operations. He identifies the implications of this strategy, as well as that of the technology for the business operations. This is opposed to the business consultant, who is more outwardly looking to the commercial aspects of the organization and what that means for the structure. The business analyst is looking more at not the structure of the operation, but at the solution level.

When we look at the enterprise architect and the solution architect, the business architect focuses more on the complete implications of the strategy and technology trends on the operations, whereas the enterprise architect is more interested in the IT and the implications for the IT strategy and how IT should be deployed. The business architect is much more focused on the complete performance of the business operations.

So, the bottom line of these delineations of the past one-and-a-half years is that there is a reason for being for a business architect. It is a distinct role and it has a real solution for a problem.

Gardner: Thank you, Harry. Anyone else with some thoughts about how to make the certification and standardization of this stick?

Defining the profession

Mahakena: What we’ve been doing in the Business Forum, after we decided that business architecture has its own reason for existence, we described the business architecture profession – what’s the scope and what should be the outcome of business architecture. Now, we’re working on the practice of business architecture by defining a framework, looking at methods, and defining approaches you can use to do business architecture.

Parallel to that, if you know what the profession is and what the practice is, you’re able to create the business architecture certification, because those things help you define the required skills and experience a business architect needs. So, we are working on that in the Business Forum.

Daley: Let’s look at business architecture from the concept that has existed, combining the thoughts of what Mieke and Harry have already talked about. When we work with clients, for those of us that are in consultancies, we see that there is normally something that’s similar to business architecture, but it’s either a shadow organization inside a purely business unit that isn’t technology focused, or it is things like the enterprise architects who are having to learn the business concepts around business architect anecdotally, so that they can be successful in their roles.

I’d suggest that we’re seeing a need to make it more refined and more explicit, so that we’re able to identify the people that fit for this. They have specific things, instead of having general things that we have today. For me, the certification helps provide that certainty as a hiring manager or as somebody who is looking to staff an organization.

It provides that kind of clarity of what they should be doing, giving them specific activities, specific things they do that create value for the company. It takes out of the behind the scenes action and pull something that’s critical to success into the front with people who are specifically aligned and educated to do that.

Gardner: Thank you, Kevin. Let’s speak a little bit about why the strategic and top-level aspects of this certified individual or office is so important. It seems to me that, on one hand, we have more need for different technology competencies in an organization, but at the same time, we’re starting to see consolidation, particularly at the data center level, fewer data centers, more powerful and vast data centers and consolidation across different regions. How does globalization fit into this? Do we need to think about the fact that if we have fewer data centers but more technology requirements, doesn’t the role of somebody or some group need to come together so that there is a pan organizational or even global type of effect?

Let’s start with you Peter. How does the globalization impact the importance of this role?

Haviland: Globalization is creating more and more complexity in the business modelsthat organizations are trying to operate. Over the last couple of decades, with the science and the engineering of IT, there has been enormous investment by companies to actually operate, maintain, and improve their IT in their current world.

In many cases this IT work has outpaced the comparable business efforts inside those organizations when they think about their business, their business models, and their business operating principles. What we’re actually seeing now is that the rigor, the engineering, and the effort that’s put into technical architecture and IT architecture is now being proposed on the business side, with many businesses managing process improvement activities. These tend to be at quite a low level, however, when you compare them to business architecture initiatives at the enterprise level.

What we’re actually seeing now is that the rigor, the engineering, and the effort that’s put into technical architecture and IT architecture is now being proposed on the business side and many businesses have process improvement activities. Many of them see to be at the process level. Those processes are defined at quite a low level, when you compare it to some architecture initiatives that are enterprise wide.

Scope and challenge

If those architecture initiatives are at the high levels that are needed, you start to consider the scope and challenges that come into play, when you start talking about globalization. So, with the increase in scope and the global way that people are operating across cultures, geographies, and languages, that requires this discipline, which does operate at that high level to start to organize the other areas, but perhaps at a lower level.

Gardner: Harry Hendrickx, thoughts about this issue of increased complexity and yet more consolidation in terms of where IT is housed, managed, and governed?

Hendrickx: There are two aspects that need to be paid more attention to with globalization and more complexity. First, the business architect is, or should be, equipped to look at the organization, not only within the boundaries of an organization, but also the ecosystem of organizations that will mold together and have to be connected to produce the value.

Since these are more formalized contracts or relationship with different organizations connected to each other, there is a dynamic that is hardly seen anymore, that is not transparent anymore. There clearly needs to be some more detailed insights and transparency for each organization, so that people understand what the impact of certain developments or events will be. This can’t be done just by logic or just by watching carefully. This really needs some in-depth analysis for which the business architecture is built.

The second part of it is that the due to the complexity, the decision making process has become more complex and there will be more stakeholders involved in the different areas of decision making. The business architect has a clear task and challenge as well. By absorbing the strategy, technology trends, and the different developments and focusing on the applications for operations, he has the opportunity to discuss with the different stakeholders. He has the opportunity to get those stakeholders either mobilized or focused on specific decisions: the deliverables you will provide.

Gardner: We certainly see a lot of important characteristics in this role: global, strategic high level, encompassing business understanding, as well as technology. Dave van Gelder, where do you go to find these kinds of people? Who tends to make a good business architect or is there no real pattern yet established as to who steps up to the plate to be able to manage this type of a job?

van Gelder: To all the complexity already mentioned, I’d want to add something else that we found in the Business Architecture Working Group, which is more research in the whole field. That’s the problem of communication. How do people communicate with each other?

If you look in the IT world, most people come from an engineering background. It’s hard enough to talk to each other and to be clear to each other about what’s possible and how you should go or what you should go for. If you start talking to all those other areas in the business, then suddenly people have a completely other way of thinking. Sometimes they use the same words and don’t understand each other.

It’s not easy to have these kinds of people that need very good communication skills next to all the complexity that you have to handle. On the other hand, you need an architect when it’s complex. You don’t need an architect when it’s simple, because everybody can do it. But an architect is just a person. I say if I am a simple person, I can only handle simple things. What you need are people who can structure. I can only work with things when I can structure it, when the complexity is fairly well-structured. I then have overview of all those complexities, and then I can start communicating with all the parties I have to communicate with.

No real training

At the moment, I don’t see any real training or development of these kinds of people that you need. Most of them come with a lot of experience in a lot of fields, and because of that, they have the possibility to talk to all kinds of people and to bring the message.

Gardner: Mieke, at Capgemini Academy, you’ve obviously encouraged and encountered folks moving towards a business architect role. What are your thoughts on what it takes and where they tend to come from?

Mahakena: Let’s have a look where they can come from. What you see is that this role of business architect can be a next step in one’s career. For example, a business analyst, who has been creating a lot of experience in all kinds of fields, and he could evolve to watch a business architect. This person needs to get away from the detail and move towards the strategy and a more holistic view.

Another example could be an enterprise architect who already has analytics skills and communication skills. But, enterprise architects are more or less focusing on IT, so they should move more towards the business part and towards strategy and operations.

One could be the business consultant who is now focusing on strategy, also should have those communication skills, and will be able to communicate with stakeholders in high positions in companies. Business consultants have a lot of industry knowledge. So they should need more knowledge about technology and perhaps improve their analytics skills and learn more to how to structure operations.

So, there are number of existing roles that already have a lot of skills required for business architecture. They just have to enhance skills and get new skills to do this new role.

Gardner: We talked about how this is important because of the internal organizational shifts and the need for transformation. We’ve seen how globalization makes this more important, but I’d like to also look a little bit at some of the trends and technology.

We’ve seen a great deal of emphasis on cloud computing, hybrid computing, the role of mobile devices, wirelessly connected devices, sensors, and fabric of information which, of course, leads to massive data, and they need to then analyze that data.

This is just a handful of some of the major technology trends. Kevin Daley, it seems to me that managing these trends and these new capabilities for organizations also undergirds and supports this need. So how do you see the technology impetus for encouraging the role of business architect?

Daley: I’m seeing from my work in the field that we’ve got all these things that are converging. Certainly, you’ve got all these enabling technologies and things that are emerging that are making it easier to do technology types of things and speeding them up. So, as they start maturing and as organizations start consuming them, what we’re seeing is that there’s a lack of alignment.

Business relevancy

What this trend is really doing is making sure that you have something that is your controlling device that says what is the business relevancy? Are we measuring these peer-to-peer — measuring something such as massive data and information fabrics compared to something like cloud computing, where you are dispersing the ability to access that more readily. It creates a problem in that you have to make sure that people are aligned on what they’re trying to accomplish.

We’re seeing that the technologies that are emerging are actually enabling business architecture in a fashion. It provides that unified vision, that holism, that you can start looking at combinations of these technologies, instead of having to look at them as we’ve had to in the past of siloed elements of technologies that have their own implications.

We’re using business architecture as a means to provide the information back to the business analyst who is going to look and help. You can provide the business implications, but then you have to analyze what that implication means and make decisions for how much of that you’re willing to accept within your organization.

In the notions around how I investigate risk, how I look at what is going to improve market, and what is the capacity of what I can do, there’s a disconnect that business for which architecture is helping provide the filler for to get to the people that are doing these corporate strategies and corporate analysis at a level. That allows them to virtualize the concept of the technology, consume what it means and what that relates to for a business or in terms of its operation and strategy and the technology itself.

We’re seeing this become the means by which you can have that universal understanding that these are the implications, and that those implications can now be layered, so that you can look at them in combination instead of having to deal with each technology trend as if it’s a standalone piece.

We’re seeing this as a means by which to provide some clarity around what any adoption would be. When you adopt technology, it obviously has a level of maturity it has to reach, but it also has a level of complexity. It’s being able to start taking advantage of more than just one technology trend at the same time and being able to realistically deliver that into their business model.

What I have been seeing is that the technologies are driving the need for business architecture, because they need that framework to make sure that they are talking apples to apples and that they are meaning the same thing, so that we get out of the interpretation that we have had in the past and get into something that’s very tactical and very tactile, and that you can structure and align in the same way, so you understand what the full ramifications are.

Gardner: Peter Haviland, we have these multiple technology developments overlapping. They can be opportunities for businesses, but they can also perhaps be problems, if you don’t manage them.

What are the stakes here for business architecture and for organizations that can master this? It seems to me that they would have a significant advantage. For those that don’t, it could mean a significant cratering of their business potentially. So are we talking about an existential level importance for business architecture? How important is this now?

Haviland: IIt’s extremely important. What I see is that this is a discipline that’s just crying out for more people and more maturity. You almost need it to become pervasive throughout organizations now.

Feeding technology

The most common story I encounter is simply that organizations spent a lot of time in the past creating their processes and then they spent a lot of time feeding technology solutions to those processes. In recent times, the pace of technology change has moved faster than that previous paradigm.

What you’re looking at is at people saying, well, I am the business, there are all of these technology options out there. I cannot find a way forward and so how do I exploit those? That is where the business architecture profession is really being pushed to the front.

That said, there is a slight risk here that it may be considered too much in isolation. I mean, it is an architecture profession, it is a part of architecture, and the value of architecture is to provide that aligned view across the various domains that are important in terms of business, technology, information, security, and those types of elements.

When it comes back to what’s at stake for businesses that are investing in this particular area and for businesses that are trying to reconsider the way that they can operate themselves to support technology, they are moving ahead and they have competitive advantage. Businesses that aren’t doing that tend to be left behind, because the pace of change of technology is going to get faster.

Gardner: We’re here at The Open Group Conference. I wonder if any of you could fill us in on what The Open Group is now doing to advance this definition, mature the role, promulgate certification, and hasten the effect and benefits of business architecture in the field. Who can update us briefly on where we stand with The Open Group’s movement on certification and definition?

Mahakena: All those subjects you mentioned are part of the work of the Business Forum. The Business Forum is working in parallel on all those things. For example, it’s defining the profession and defining business architecture, working on methods and frameworks and approaches, and working on certification.

We need to do that in parallel, because all those aspects have to be aligned. We also need alignment in our own work to make sure that the certification, for example, are just the skills you actually need to do the business architecture and to create the outcomes we have defined in the profession and practice part.

We’re on our way as a Business Forum and we have done a huge amount of work, but we’re not ready yet. There are still a number of subjects we need to discuss, and we need to align everything we have now to make sure that we have a consistent package of deliverables that can be used by the members of The Open Group and anyone outside as well.

That’s where we are at this moment, and we are hoping to deliver a set of documents that will be accepted by The Open Group, by the members, and then they can be shared.

Hendrickx: I want to extend a little bit on where we are, because there has been some investigation in the 28 frameworks, which are very close or are meant to be frameworks for business architects. From this it resulted that none of these really had a complete holistic approach, as the role is identified currently, or at least how the needs have been identified in the marketplace.

Some have gaps

Some are quite close, but quite a few have gaps in one of the areas that should be touched, like strategy, operations, processes, or technology. We currently try to identify and fill that gap. That’s one point.

The other one is that most of the techniques used by the business architect are very well- embedded in academic research and are often and sometimes already used by different roles as well.

I’m thinking of things like the systems approach, and the systems thinkers have quite a few techniques. There are also techniques developed by IBM, HP, and Capgemini on the business architecture, which are well-versed and well-embedded in academic research of the past 20, 30 years. So, it’s not just a set of techniques that are built together. These are really based on insights which we have gained over several decades.

Gardner: Very good. I understand that many of these resources and the ability to take part in some of these working groups are all available on the newly redesigned Open Group website. That would be opengroup.org online and easily found from search.

I want to close up by thanking our guests. We’ve been discussing the burgeoning role of, and the opportunity for, business architecture and its practitioners in a dynamic global business environment.

This podcast is coming to you as a sponsored activity in conjunction with The Open Group Conference in Austin, Texas, the week of July 18, 2011.

So thanks to our guests. We’ve been joined by Harry Hendrickx, Chief Technology Officer, CME Industry Unit in HP’s Enterprise Services, and also a Certified Global Enterprise Architect. Thank you, Harry.

Hendrickx: Thank you, Dana.

Gardner: And also Dave van Gelder, Global Architect in the Financial Services Strategic Business unit at Capgemini. Thank you, Dave.

van Gelder: Thank you, Dana.

Gardner: We’re also here with Mieke Mahakena. She is the Label Leader for Architecture in the Training Portfolio at Capgemini Academy, and also a Certified Architect. Thank you, Mieke.

Mahakena: You are welcome, Dana.

Gardner: Peter Haviland, Head of the Architecture Services for Americas at Ernst & Young has also joined us. Thank you, Peter.

Haviland: Thanks, Dana. Thanks everyone.

Gardner: And lastly, Kevin Daley, Chief Architect in the Technology and Innovation Group at IBM Global Business Services. Thanks so much, Kevin.

Daley: Thank you, Dana. Again, thanks to everyone else also.

Gardner: This is Dana Gardner, Principal Analyst at Interarbor Solutions. Thanks again for listening, and come back next time.

Listen to the podcast. Find it on iTunes/iPod and Podcast.com.

Copyright The Open Group 2011. All rights reserved.

Dana Gardner is the Principal Analyst at Interarbor Solutions, which identifies and interprets the trends in Services-Oriented Architecture (SOA) and enterprise software infrastructure markets. Interarbor Solutions creates in-depth Web content and distributes it via BriefingsDirect™ blogs, podcasts and video-podcasts to support conversational education about SOA, software infrastructure, Enterprise 2.0, and application development and deployment strategies.

2 Comments

Filed under Business Architecture