Tag Archives: standards

TOGAF® 9 Certification Growth

By Andrew Josey, The Open Group, Director of Standards

Number of individuals certified continues to increase over past 12 months – now 37,800

The number of individuals certified in the TOGAF® 9 certification program as of November 21, 2014 is 37,800. This represents over 10,000 new certifications in the past twelve-month period. TOGAF continues to be adopted globally with certified individuals from over 100 different countries.

The certifications for the period ending October 1, 2014 are shown in the figure below:

By Andrew Josey

The top five countries are UK, USA, Netherlands, India and Australia.

Individuals certified by Country – TOP 10 Countries – October 2014

Rank # Individuals Country Percentage
1 5350 UK 14.68%
2 4488 USA 12.32%
3 3056 Netherlands 8.39%
4 2835 India 7.78%
5 2264 Australia 6.21%
6 1641 Canada 4.5%
7 1305 France 3.58%
8 1272 South Africa 3.07%
9 1117 China 3.07%
10 984 Finland 2.7%

 

An interactive map showing detailed information on the number of certifications is available at http://www.togaf.info/togaf-visualmap.html

TOGAF Visual Heat map Oct 1 2014

There are over 50 accredited TOGAF 9 training course providers worldwide. More information on TOGAF 9 Certification, including the directory of Certified People and official accredited training course calendar, can be obtained from The Open Group website at: http://www.opengroup.org/togaf9/cert.

By Andrew JoseyAndrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate® 2.0, IEEE Std 1003.1-2008 (POSIX), and the core specifications of the Single UNIX® Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

 

 

 

 

 

Leave a comment

Filed under Certifications, Standards, TOGAF, TOGAF®, Uncategorized

Global Open Trusted Technology Provider™ Standard

By Sally Long, Forum Director, Open Trusted Technology Forum, The Open Group

A First Line of Defense in Protecting Critical Infrastructure – A Technical Solution that can Help Address a Geo-political Issue

The challenges associated with Cybersecurity and critical infrastructure, which include the security of global supply chains, are enormous. After working almost exclusively on supply chain security issues for the past 5 years, I am still amazed at the number of perspectives that need to be brought to bear on this issue.

Recently I had the opportunity to participate in a virtual panel sponsored by InfoSecurity Magazine entitled: “Protecting Critical Infrastructure: Developing a Framework to Mitigate Cybersecurity Risks and Build Resilience”. The session was recorded and the link can be found at the end of this blog.

The panelists were:

  • Jonathan Pollet, Founder, Executive Director Red Tiger Security
  • Ernie Hayden, Executive Consultant, Securicon LLC
  • Sean Paul McGurk, Global Managing Principal, Critical Infrastructure Protection Cybersecurity, Verizon
  • Sally Long, Director, The Open Group Trusted Technology Forum

One perspective I brought to the discussion was the importance of product integrity and the security of ICT global supply chains as a first line of defense to mitigate vulnerabilities that can lead to maliciously tainted and counterfeit products. This first line of defense must not be ignored when discussing how to prevent damage to critical infrastructure and the horrific consequences that can ensue.

The other perspective I highlighted was that securing global supply chains is both a technical and a global geo-political issue. And that addressing the technical perspective in a vendor-neutral and country-neutral manner can have a positive effect on diminishing the geo-political issues as well.

The technical perspective is driven by the simple fact that most everything has a global supply chain – virtually nothing is built from just one company or in just one country. In order for products to have integrity and their supply chains to be secure all constituents in the chain must follow best practices for security – both in-house and in their supply chains.

The related but separate geo-political perspective, driven by a desire to protect against malicious attackers and a lack of trust of/from nation-states, is pushing many countries to consider approaches that are disconcerting, to put it mildly. This is not just a US issue; every country is concerned about securing their critical infrastructures and their underlying supply chains. Unfortunately we are beginning to see attempts to address these global concerns through local solutions (i.e. country specific and disparate requirements that raise the toll on suppliers and could set up barriers to trade).

The point is that an international technical solution (e.g. a standard and accreditation program for all constituents in global supply chains), which all countries can adopt, helps address the geo-political issues by having a common standard and common conformance requirements, raising all boats on the river toward becoming trusted suppliers.

To illustrate the point, I provided some insight into a technical solution from The Open Group Trusted Technology Provider Forum. The Open Group announced the release of the Open Trusted Technology Provider™ Standard (O-TTPS) – Mitigating Maliciously Tainted and Counterfeit Products. A standard of best practices that addresses product integrity and supply chain security throughout a product’s life cycle (from design through disposal). In February 2014, The Open Group announced the O-TTPS Accreditation Program that enables a technology provider (e.g. integrator, OEM, hardware or software component supplier, or reseller) that conforms to the standard to be accredited – positioning them on the public accreditation registry so they can be identified as an Open Trusted Technology Provider™.

Establishing a global standard and accreditation program like the O-TTPS – a program which helps mitigate the risk of maliciously tainted and counterfeit products from being integrated into critical infrastructure – a program that is already available and is available to any technology provider in any country regardless if they are based in the US, China, Germany, India, Brazil, or in any other country in the world – is most certainly a step in the right direction.

For a varied set of perspectives and opinions from critical infrastructure and supply chain subject matter experts, you can view the recording at the following link. Please note that you may need to log in to the InfoSecurity website for access:

http://view6.workcast.net/?pak=1316915596199100&cpak=9135816490522516

To learn more about the Open Trusted Technology Provider Standard and Accreditation Program, please visit the OTTF site: http://www.opengroup.org/subjectareas/trusted-technology

Sally LongSally Long is the Director of The Open Group Trusted Technology Forum (OTTF). She has managed customer supplier forums and collaborative development projects for over twenty years. She was the release engineering section manager for all multi-vendor collaborative technology development projects at The Open Software Foundation (OSF) in Cambridge Massachusetts. Following the merger of the OSF and X/Open under The Open Group, she served as director for multiple forums in The Open Group. Sally has a Bachelor of Science degree in Electrical Engineering from Northeastern University in Boston, Massachusetts.

Contact:  s.long@opengroup.org; @sallyannlong

Leave a comment

Filed under COTS, Cybersecurity, O-TTF, O-TTPS, OTTF, Security, Standards, supply chain, Supply chain risk, Uncategorized

The Open Group London 2014 – Day Two Highlights

By Loren K. Baynes, Director, Global Marketing Communications, The Open Group

Despite gusts of 70mph hitting the capital on Day Two of this year’s London event, attendees were not disheartened as October 21 kicked off with an introduction from The Open Group President and CEO Allen Brown. He provided a recap of The Open Group’s achievements over the last quarter including successful events in Bratislava, Slovakia and Kuala Lumpur, Malaysia. Allen also cited some impressive membership figures, with The Open Group now boasting 468 member organizations across 39 countries with the latest member coming from Nigeria.

Dave Lounsbury, VP and CTO at The Open Group then introduced the panel debate of the day on The Open Group Open Platform 3.0™ and Enterprise Architecture, with participants Ron Tolido, SVP and CTO, Applications Continental Europe, Capgemini; Andras Szakal, VP and CTO, IBM U.S. Federal IMT; and TJ Virdi, Senior Enterprise IT Architect, The Boeing Company.

After a discussion around the definition of Open Platform 3.0, the participants debated the potential impact of the Platform on Enterprise Architecture. Tolido noted that there has been an explosion of solutions, typically with a much shorter life cycle. While we’re not going to be able to solve every single problem with Open Platform 3.0, we can work towards that end goal by documenting its requirements and collecting suitable case studies.

Discussions then moved towards the theme of machine-to-machine (M2M) learning, a key part of the Open Platform 3.0 revolution. TJ Virdi cited figures from Gartner that by the year 2017, machines will soon be learning more than processing, an especially interesting notion when it comes to the manufacturing industry according to Szakal. There are three different areas whereby manufacturing is affected by M2M: New business opportunities, business optimization and operational optimization. With the products themselves now effectively becoming platforms and tools for communication, they become intelligent things and attract others in turn.

PanelRon Tolido, Andras Szakal, TJ Virdi, Dave Lounsbury

Henry Franken, CEO at BizzDesign, went on to lead the morning session on the Pitfalls of Strategic Alignment, announcing the results of an expansive survey into the development and implementation of a strategy. Key findings from the survey include:

  • SWOT Analysis and Business Cases are the most often used strategy techniques to support the strategy process – many others, including the Confrontation Matrix as an example, are now rarely used
  • Organizations continue to struggle with the strategy process, and most do not see strategy development and strategy implementation intertwined as a single strategy process
  • 64% indicated that stakeholders had conflicting priorities regarding reaching strategic goals which can make it very difficult for a strategy to gain momentum
  • The majority of respondents believed the main constraint to strategic alignment to be the unknown impact of the strategy on the employees, followed by the majority of the organization not understanding the strategy

The wide-ranging afternoon tracks kicked off with sessions on Risk, Enterprise in the Cloud and Archimate®, an Open Group standard. Key speakers included Ryan Jones at Blackthorn Technologies, Marc Walker at British Telecom, James Osborn, KPMG, Anitha Parameswaran, Unilever and Ryan Betts, VoltDB.

To take another look at the day’s plenary or track sessions, please visit The Open Group on livestream.com.

The day ended in style with an evening reception of Victorian architecture at the Victoria & Albert Museum, along with a private viewing of the newly opened John Constable exhibition.

IMG_3976Victoria & Albert Museum

A special mention must go to Terry Blevins who, after years of hard work and commitment to The Open Group, was made a Fellow at this year’s event. Many congratulations to Terry – and here’s to another successful day tomorrow.

Join the conversation! #ogchat #ogLON

Loren K. BaynesLoren K. Baynes, Director, Global Marketing Communications, joined The Open Group in 2013 and spearheads corporate marketing initiatives, primarily the website, blog and media relations. Loren has over 20 years experience in brand marketing and public relations and, prior to The Open Group, was with The Walt Disney Company for over 10 years. Loren holds a Bachelor of Business Administration from Texas A&M University. She is based in the US.

Leave a comment

Filed under ArchiMate®, Boundaryless Information Flow™, Business Architecture, Cloud, Enterprise Architecture, Enterprise Transformation, Internet of Things, Open Platform 3.0, Professional Development, Uncategorized

The Open Group London 2014 – Day One Highlights

By Loren K. Baynes, Director, Global Marketing Communications, The Open Group

On a crisp October Monday in London yesterday, The Open Group hosted the first day of its event at Central Methodist Hall, Westminster. Almost 200 attendees from 32 countries explored how to “Empower Your Business; Enabling Boundaryless Information Flow™”.

Just across the way from another landmark in the form of Westminster Abbey, the day began with a welcome from Allen Brown, President and CEO of The Open Group, before Magnus Lindkvist, the Swedish trendspotter and futurologist, began his keynote on “Competition and Creation in Globulent Times”.

In a very thought-provoking talk, Magnus pondered on how quickly the world now moves, declaring that we now live in a 47 hour world, where trends can spread quicker than ever before. Magnus argued that this was a result of an R&D process – rip off and duplicate, rather than organic innovation occurring in multiple places.

Magnus went on to consider the history of civilization which he described as “nothing, nothing, a little bit, then everything” as well as providing a comparison of vertical and horizontal growth. Magnus posited that while we are currently seeing a lot of horizontal growth globally (the replication of the same activity), there is very little vertical growth, or what he described as “magic”. Magnus argued that in business we are seeing companies less able to create as they are focusing so heavily on simply competing.

To counter this growth, Magnus told attendees that they should do the following in their day-to-day work:

  • Look for secrets – Whether it be for a certain skill or a piece of expertise that is as yet undiscovered but which could reap significant benefit
  • Experiment – Ensure that there is a place for experimentation within your organization, while practicing it yourself as well
  • Recycle failures – It’s not always the idea that is wrong, but the implementation, which you can try over and over again
  • Be patient and persistent – Give new ideas time and the good ones will eventually succeed

Following this session was the long anticipated launch of The Open Group IT4IT™ Forum, with Christopher Davis from the University of South Florida detailing the genesis of the group before handing over to Georg Bock from HP Software who talked about the Reference Architecture at the heart of the IT4IT Forum.

Hans Van Kesteren, VP & CIO of Global Functions at Shell, then went into detail about how his company has helped to drive the growth of the IT4IT Forum. Starting with an in-depth background to the company’s IT function, Hans described how as a provider of IT on a mass scale, the changing technology landscape has had a significant impact on Shell and the way it manages IT. He described how the introduction of the IT4IT Forum will help his organization and others like it to adapt to the convergence of technologies, allowing for a more dynamic yet structured IT department.

Subsequently Daniel Benton, Global Managing Director of IT Strategy at Accenture, and Georg Bock, Senior Director IT Management Software Portfolio Strategy at HP, provided their vision for the IT4IT Forum before a session where the speakers took questions from the floor. Those individuals heavily involved in the establishment of the IT4IT Forum received particular thanks from attendees for their efforts, as you can see in the accompanying picture.

In its entirety, the various presentations from the IT4IT Forum members provided a compelling vision for the future of the group. Watch this space for further developments now it has been launched.

IT4IT

The Open Group IT4IT™ Forum Founding Members

In the afternoon, the sessions were split into tracks illustrating the breadth of the material that The Open Group covers. On Monday this provided an opportunity for a range of speakers to present to attendees on topics from the architecture of banking to shaping business transformation. Key presenters included Thomas Obitz, Senior Manager, FSO Advisory Performance Improvement, EY, UK and Dr. Daniel Simon, Managing Partner, Scape Consulting, Germany.

The plenary and many of the track presentations are available at livestream.com.

The day concluded with an evening drinks reception within Central Hall Westminster, where attendees had the opportunity to catch up with acquaintances old and new. More to come on day two!

Join the conversation – @theopengroup #ogLON

Loren K. BaynesLoren K. Baynes, Director, Global Marketing Communications, joined The Open Group in 2013 and spearheads corporate marketing initiatives, primarily the website, blog and media relations. Loren has over 20 years experience in brand marketing and public relations and, prior to The Open Group, was with The Walt Disney Company for over 10 years. Loren holds a Bachelor of Business Administration from Texas A&M University. She is based in the US.

Leave a comment

Filed under architecture, Boundaryless Information Flow™, Business Architecture, Conference, Data management, Enterprise Architecture, Enterprise Transformation, Open Platform 3.0, Professional Development, Standards, Uncategorized

Open FAIR Blog Series – Five Reasons You Should Use the Open FAIR Body of Knowledge

By Jim Hietala, VP, Security and Andrew Josey, Director of Standards, The Open Group

This is the second in our blog series introducing the Open FAIR Body of Knowledge.

In this blog, we provide 5 reasons why you should use the Open FAIR Body of Knowledge for Risk Analysis:

1. Emphasis on Risk

Often the emphasis in such analyses is placed on security threats and controls, without due consideration of impact.  For example, we have a firewall protecting all our customer information – but what if the firewall is breached and the customer information stolen or changed? Risk analysis using Open FAIR evaluates both the probability that bad things will happen, and the impact if they do happen. By using the Open FAIR Body of Knowledge, the analyst measures and communicates the risk, which is what management cares about.

2. Logical and Rational Framework

It provides a framework that explains the how and why of risk analysis. It improves consistency in undertaking analyses.

3. Quantitative

It’s easy to measure things without considering the risk context – for example, the systems should be maintained in full patch compliance – but what does that mean in terms of loss frequency or the magnitude of loss? The Open FAIR taxonomy and method provide the basis for meaningful metrics.

4. Flexible

Open FAIR can be used at different levels of abstraction to match the need, the available resources, and available data.

5. Rigorous

There is often a lack of rigor in risk analysis: statements are made such as: “that new application is high risk, we could lose millions …” with no formal rationale to support them. The Open FAIR risk analysis method provides a more rigorous approach that helps to reduce gaps and analyst bias. It improves the ability to defend conclusions and recommendations.

In our next blog, we will look at how the Open FAIR Body of Knowledge can be used with other Open Group standards.

The Open FAIR Body of Knowledge consists of the following Open Group standards:

  • Risk Taxonomy (O-RT), Version 2.0 (C13K, October 2013) defines a taxonomy for the factors that drive information security risk – Factor Analysis of Information Risk (FAIR).
  • Risk Analysis (O-RA) (C13G, October 2013) describes process aspects associated with performing effective risk analysis.

These can be downloaded from The Open Group publications catalog at http://www.opengroup.org/bookstore/catalog.

Our other publications include a Pocket Guide and a Certification Study Guide.

62940-hietalaJim Hietala, CISSP, GSEC, is the Vice President, Security for The Open Group, where he manages all IT Security, Risk Management and Healthcare programs and standards activities. He participates in the SANS Analyst/Expert program and has also published numerous articles on Information Security, Risk Management, and compliance topics in publications including The ISSA Journal, Bank Accounting & Finance, Risk Factor, SC Magazine, and others.

 

andrew-small1Andrew Josey is Director of Standards within The Open Group. He is currently managing the standards process for The Open Group, and has recently led the standards development projects for TOGAF® 9.1, ArchiMate® 2.0, IEEE Std 1003.1-2008 (POSIX), and the core specifications of the Single UNIX® Specification, Version 4. Previously, he has led the development and operation of many of The Open Group certification development projects, including industry-wide certification programs for the UNIX system, the Linux Standard Base, TOGAF, and IEEE POSIX. He is a member of the IEEE, USENIX, UKUUG, and the Association of Enterprise Architects.

Leave a comment

Filed under Data management, digital technologies, Information security, Open FAIR Certification, RISK Management, Security, Uncategorized

The Open Group London 2014: Open Platform 3.0™ Panel Preview with Capgemini’s Ron Tolido

By The Open Group

The third wave of platform technologies is poised to revolutionize how companies do business not only for the next few years but for years to come. At The Open Group London event in October, Open Group CTO Dave Lounsbury will be hosting a panel discussion on how The Open Group Open Platform 3.0™ will affect Enterprise Architectures. Panel speakers include IBM Vice President and CTO of U.S. Federal IMT Andras Szakal and Capgemini Senior Vice President and CTO for Application Services Ron Tolido.

We spoke with Tolido in advance of the event about the progress companies are making in implementing third platform technologies, the challenges facing the industry as Open Platform 3.0 evolves and the call to action he envisions for The Open Group as these technologies take hold in the marketplace.

Below is a transcript of that conversation.

From my perspective, we have to realize: What is the call to action that we should have for ourselves? If we look at the mission of Boundaryless Information Flow™ and the need for open standards to accommodate that, what exactly can The Open Group and any general open standards do to facilitate this next wave in IT? I think it’s nothing less than a revolution. The first platform was the mainframe, the second platform was the PC and now the third platform is anything beyond the PC, so all sorts of different devices, sensors and ways to access information, to deploy solutions and to connect. What does it mean in terms of Boundaryless Information Flow and what is the role of open standards to make that platform succeed and help companies to thrive in such a new world?

That’s the type of call to action I’m envisioning. And I believe there are very few Forums or Work Groups within The Open Group that are not affected by this notion of the third platform. Firstly, I believe an important part of the Open Platform 3.0 Forum’s mission will be to analyze, to understand, the impacts of the third platform, of all those different areas that we’re evolving currently in The Open Group, and, if you like, orchestrate them a bit or be a catalyst in all the working groups and forums.

In a blog you wrote this summer for Capgemini’s CTO Blog you cited third platform technologies as being responsible for a renewed interest in IT as an enabler of business growth. What is it about the Third Platform is driving that interest?

It’s the same type of revolution as we’ve seen with the PC, which was the second platform. A lot of people in business units—through the PC and client/server technologies and Windows and all of these different things—realized that they could create solutions of a whole new order. The second platform meant many more applications, many more uses, much more business value to be achieved and less direct dependence on the central IT department. I think we’re seeing a very similar evolution right now, but the essence of the move is not that it moves us even further away from central IT but it puts the power of technology right in the business. It’s much easier to create solutions. Nowadays, there are many more channels that are so close in business that it takes business people to understand them. This explains also why business people like the third platform so much—it’s the Cloud, it’s mobile, social, it’s big data, all of these are waves that bring technology closer to the business, and are easy to use with very apparent business value that haven’t seen before, certainly not in the PC era. So we’re seeing a next wave, almost a revolution in terms of how easy it is to create solutions and how widely spread these solutions can be. Because again, as with the PC, it’s many more applications yet again and many more potential uses that can be connected through these applications, so that’s the very nature of the revolution and that also explains why business people like the third platform so much. So what people say to me these days on the business side is ‘We love IT, it’s just these bloody IT people that are the problem.’

Due to the complexities of building the next wave of platform computing, do you think that we may hit a point of fatigue as companies begin to tackle everything that is involved in creating that platform and making it work together?

The way I see it, that’s still the work of the IT community and the Enterprise Architect and the platform designer. It’s the very nature of the platform is that it’s attractive to use it, not to build it. The very nature of the platform is to connect to it and launch from it, but building the platform is an entirely different story. I think it requires platform designers and Enterprise Architects, if you like, and people to do the plumbing and do the architecting and the design underneath. But the real nature of the platform is to use it and to build upon it rather than to create it. So the happy view is that the “business people” don’t have to construct this.

I do believe, by the way, that many of the people in The Open Group will be on the side of the builders. They’re supposed to like complexity and like reducing it, so if we do it right the users of the platform will not notice this effort. It’s the same with the Cloud—the problem with the Cloud nowadays is that many people are tempted to run their own clouds, their own technologies, and before they know it, they only have additional complexity on their agenda, rather than reduced, because of the Cloud. It’s the same with the third platform—it’s a foundation which is almost a no-brainer to do business upon, for the next generation of business models. But if we do it wrong, we only have additional complexity on our hands, and we give IT a bad name yet again. We don’t want to do that.

What are Capgemini customers struggling with the most in terms of adopting these new technologies and putting together an Open Platform 3.0?

What you currently see—and it’s not always good to look at history—but if you look at the emergence of the second platform, the PC, of course there were years in which central IT said ‘nobody needs a PC, we can do it all on the mainframe,’ and they just didn’t believe it and business people just started to do it themselves. And for years, we created a mess as a result of it, and we’re still picking up some of the pieces of that situation. The question for IT people, in particular, is to understand how to find this new rhythm, how to adopt the dynamics of this third platform while dealing with all the complexity of the legacy platform that’s already there. I think if we are able to accelerate creating such a platform—and I think The Open Group will be very critical there—what exactly should be in the third platform, what type of services should you be developing, how would these services interact, could we create some set of open standards that the industry could align to so that we don’t have to do too much work in integrating all that stuff. If we, as The Open Group, can create that industry momentum, that, at least, would narrow the gap between business and IT that we currently see. Right now IT’s very clearly not able to deliver on the promise because they have their hands full with surviving the existing IT landscape, so unless they do something about simplifying it on the one hand and bridging that old world with the new one, they might still be very unpopular in the forthcoming years. That’s not what you want as an IT person—you want to enable business and new business. But I don’t think we’ve been very effective with that for the past ten years as an industry in general, so that’s a big thing that we have to deal with, bridging the old world with the new world. But anything we can do to accelerate and simplify that job from The Open Group would be great, and I think that’s the very essence of where our actions would be.

What are some of the things that The Open Group, in particular, can do to help affect these changes?

To me it’s still in the evangelization phase. Sooner or later people have to buy it and say ‘We get it, we want it, give me access to the third platform.’ Then the question will be how to accelerate building such an actual platform. So the big question is: What does such a platform look like? What types of services would you find on such a platform? For example, mobility services, data services, integration services, management services, development services, all of that. What would that look like in a typical Platform 3.0? Maybe even define a catalog of services that you would find in the platform. Then, of course, if you could use such a catalog or shopping list, if you like, to reach out to the technology suppliers of this world and convince them to pick that up and gear around these definitions—that would facilitate such a platform. Also maybe the architectural roadmap—so what would an architecture look like and what would be the typical five ways of getting there? We have to start with your local situation, so probably also several design cases would be helpful, so there’s an architectural dimension here.

Also, in terms of competencies, what type of competencies will we need in the near future to be able to supply these types of services to the business? That’s, again, very new—in this case, IT Specialist Certification and Architect Certification. These groups also need to think about what are the new competencies inherent in the third platform and how does it affect things like certification criteria and competency profiles?

In other areas, if you look at TOGAF®, and Open Group standard, is it really still suitable in fast paced world of the third platform or do we need a third platform version of TOGAF? With Security, for example, there are so many users, so many connections, and the activities of the former Jericho Forum seem like child’s play compared to what you will see around the third platform, so there’s no Forum or Work Group that’s not affected by this Open Platform 3.0 emerging.

With Open Platform 3.0 touching pretty much every aspect of technology and The Open Group, how do you tackle that? Do you have just an umbrella group for everything or look at it through the lens of TOGAF or security or the IT Specialist? How do you attack something so large?

It’s exactly what you just said. It’s fundamentally my belief that we need to do both of these two things. First, we need a catalyst forum, which I would argue is the Open Platform 3.0 Forum, which would be the catalyst platform, the orchestration platform if you like, that would do the overall definitions, the call to action. They’ve already been doing the business scenarios—they set the scene. Then it would be up to this Forum to reach out to all the other Forums and Work Groups to discuss impact and make sure it stays aligned, so here we have an orchestration function of the Open Platform 3.0 Forum. Then, very obviously, all the other Work Groups and Forums need to pick it up and do their own stuff because you cannot aspire to do all of this with one and the same forum because it’s so wide, it’s so diverse. You need to do both.

The Open Platform 3.0 Forum has been working for a year and a half now. What are some of the things the Forum has accomplished thus far?

They’ve been particularly working on some of the key definitions and some of the business scenarios. I would say in order to create an awareness of Open Platform 3.0 in terms of the business value and the definitions, they’ve done a very good job. Next, there needs to be a call to action to get everybody mobilized and setting tangible steps toward the Platform 3.0. I think that’s currently where we are, so that’s good timing, I believe, in terms of what the forum has achieved so far.

Returning to the mission of The Open Group, given all of the awareness we have created, what does it all mean in terms of Boundaryless Information Flow and how does it affect the Forums and Work Groups in The Open Group? That’s what we need to do now.

What are some of the biggest challenges that you see facing adoption of Open Platform 3.0 and standards for that platform?

They are relatively immature technologies. For example, with the Cloud you see a lot of players, a lot of technology providers being quite reluctant to standardize. Some of them are very open about it and are like ‘Right now we are in a niche, and we’re having a lot of fun ourselves, so why open it up right now?’ The movement would be more pressure from the business side saying ‘We want to use your technology but only if you align with some of these emerging standards.’ That would do it or certainly help. This, of course, is what makes The Open Group as powerful as not only technology providers, but also businesses, the enterprises involved and end users of technology. If they work together and created something to mobilize technology providers, that would certainly be a breakthrough, but these are immature technologies and, as I said, with some of these technology providers, it seems more important to them to be a niche player for now and create their own market rather than standardizing on something that their competitors could be on as well.

So this is a sign of a relatively immature industry because every industry that starts to mature around certain topics begins to work around open standards. The more mature we grow in mastering the understanding of the Open Platform 3.0, the more you will see the need for standards arise. It’s all a matter of timing so it’s not so strange that in the past year and a half it’s been very difficult to even discuss standards in this area. But I think we’re entering that era really soon, so it seems to be good timing to discuss it. That’s one important limiting area; I think the providers are not necessarily waiting for it or committed to it.

Secondly, of course, this is a whole next generation of technologies. With all new generations of technologies there are always generation gaps and people in denial or who just don’t feel up to picking it up again or maybe they lack the energy to pick up a new wave of technology and they’re like ‘Why can’t I stay in what I’ve mastered?’ All very understandable. I would call that a very typical IT generation gap that occurs when we see the next generation of IT emerge—sooner or later you get a generation gap, as well. Which has nothing to do with physical age, by the way.

With all these technologies converging so quickly, that gap is going to have to close quickly this time around isn’t it?

Well, there are still mainframes around, so you could argue that there will be two or even three speeds of IT sooner or later. A very stable, robust and predictable legacy environment could even be the first platform that’s more mainframe-oriented, like you see today. A second wave would be that PC workstation, client/server, Internet-based IT landscape, and it has a certain base and certain dynamics. Then you have this third phase, which is the new platform, that is more dynamic and volatile and much more diverse. You could argue that there might be within an organization multiple speeds of IT, multiple speeds of architectures, multi-speed solutioning, and why not choose your own speed?

It probably takes a decade or more to really move forward for many enterprises.

It’s not going as quickly as the Gartners of this world typically thinks it is—in practice we all know it takes longer. So I don’t see any reason why certain people wouldn’t certainly choose deliberately to stay in second gear and don’t go to third gear simply because they think it’s challenging to be there, which is perfectly sound to me and it would bring a lot of work in many years to companies.

That’s an interesting concept because start-ups can easily begin on a new platform but if you’re a company that has been around for a long time and you have existing legacy systems from the mainframe or PC era, those are things that you have to maintain. How do you tackle that as well?

That’s a given in big enterprises. Not everybody can be a disruptive start up. Maybe we all think that we should be like that but it’s not the case in real life. In real life, we have to deal with enterprise systems and enterprise processes and all of them might be very vulnerable to this new wave of challenges. Certainly enterprises can be disruptive themselves if they do it right, but there are always different dynamics, and, as I said, we still have mainframes, as well, even though we declared their ending quite some time ago. The same will happen, of course, to PC-based IT landscapes. It will take a very long time and will take very skilled hands and minds to keep it going and to simplify.

Having said that, you could argue that some new players in the market obviously have the advantage of not having to deal with that and could possibly benefit from a first-mover advantage where existing enterprises have to juggle several balls at the same time. Maybe that’s more difficult, but of course enterprises are enterprises for a good reason—they are big and holistic and mighty, and they might be able to do things that start-ups simply can’t do. But it’s a very unpredictable world, as we all realize, and the third platform brings a lot of disruptiveness.

What’s your perspective on how the Internet of Things will affect all of this?

It’s part of the third platform of course, and it’s something Andras Szakal will be addressing as well. There’s much more coming, both at the input sites, everything is becoming a sensor essentially to where even your wallpaper or paint is a sensor, but on the other hand, in terms of devices that we use to communicate or get information—smart things that whisper in your ears or whatever we’ll have in the coming years—is clearly part of this Platform 3.0 wave that we’ll have as we move away from the PC and the workstation, and there’s a whole bunch of new technologies around to replace it. The Internet of Things is clearly part of it, and we’ll need open standards as well because there are so many different things and devices, and if you don’t create the right standards and platform services to deal with it, it will be a mess. It’s an integral part of the Platform 3.0 wave that we’re seeing.

What is the Open Platform 3.0 Forum going to be working on over the next few months?

Understanding what this Open Platform 3.0 actually means—I think the work we’ve seen so far in the Forum really sets the way in terms of what is it and definitions are growing. Andras will be adding his notion of the Internet of Things and looking at definitions of what is it exactly. Many people already intuitively have an image of it.

The second will be how we deliver value to the business—so the business scenarios are a crucial thing to consider to see how applicable they are, how relevant they are to enterprises. The next thing to do will pertain to work that still needs to be done in The Open Group, as well. What would a new Open Platform 3.0 architecture look like? What are the platform services? What are the ones we can start working on right now? What are the most important business scenarios and what are the platform services that they will require? So architectural impacts, skills impacts, security impacts—as I said, there are very few areas in IT that are not touched by it. Even the new IT4IT Forum that will be launched in October, which is all about methodologies and lifecycle, will need to consider Agile, DevOps-related methodologies because that’s the rhythm and the pace that we’ve got to expect in this third platform. So the rhythm of the working group—definitions, business scenarios and then you start to thinking about what does the platform consist of, what type of services do I need to create to support it and hopefully by then we’ll have some open standards to help accelerate that thinking to help enterprises set a course for themselves. That’s our mission as The Open Group to help facilitate that.

Tolido-RonRon Tolido is Senior Vice President and Chief Technology Officer of Application Services Continental Europe, Capgemini. He is also a Director on the board of The Open Group and blogger for Capgemini’s multiple award-winning CTO blog, as well as the lead author of Capgemini’s TechnoVision and the global Application Landscape Reports. As a noted Digital Transformation ambassador, Tolido speaks and writes about IT strategy, innovation, applications and architecture. Based in the Netherlands, Mr. Tolido currently takes interest in apps rationalization, Cloud, enterprise mobility, the power of open, Slow Tech, process technologies, the Internet of Things, Design Thinking and – above all – radical simplification.

 

 

Leave a comment

Filed under architecture, Boundaryless Information Flow™, Certifications, Cloud, digital technologies, Enterprise Architecture, Future Technologies, Information security, Internet of Things, Open Platform 3.0, Security, Service Oriented Architecture, Standards, TOGAF®, Uncategorized

Enterprise Architecture: A Practitioner View

By Prasad Palli and Dr. Gopala Krishna Behara, Wipro

Overview of Enterprise Architecture

IT organizations as usual are always ready to take challenges and start the journey in defining/refining their IT strategies and aligning with business strategies. During this journey, enterprises adopt a framework / methodology / best-practice / pattern / process called “Enterprise Architecture” which will help them to structure their processes and address growth together.

The effective management and exploitation of information through IT is a key factor to business success, and an indispensable means to achieving competitive advantage. Enterprise Architecture addresses this need, by providing a strategic context for the evolution of the IT system in response to the constantly changing needs of the business environment.

Without Enterprise Architecture

Based on our experience in Enterprise Architecture consulting, we highlight the common mistakes/frequent issues faced by the organizations in the absence of Enterprise Architecture.

Strategy

  • No link to business strategic planning and budget process
  • Slow and ineffective decision-making
  • Inability to rapidly respond to changes driven by business challenges
  • Lack of focus on enterprise requirements
  • Lack of common direction and synergies
  • Focusing on the art or language of EA rather than outcomes
  • Incomplete visibility of the current and future target Enterprise Architecture vision

Governance

  • Inability to predict impacts of future changes
  • Confusing “IT Architecture” With “Enterprise Architecture”
  • Lack of governance
  • Strict following of EA frameworks
  • “Ivory Tower” approach
  • Lack of communication and feedback
  • Limiting the EA team to IT resources
  • Lack of performance measures
  • No measurement criteria for EA metrics
  • Picking a tool before understanding your business needs

Technology

  • Increased gaps and architecture conflicts
  • Lack of commonality and consistency due to the absence of standards
  • Dilution and dissipation of critical information and knowledge of the deployed solutions
  • Rigidity, redundancy and lack of scalability and flexibility in the deployed solutions
  • Over-standardization
  • Non-adoption of Next Generation Technologies
  • Lack of integration, compatibility and interoperability between applications
  • Complex, fragile and costly interfaces between incongruent application

Enterprise Architecture Perspective

The main drivers of Enterprise Architecture of the enterprise are:

  • Highly optimized and flexible processes (Business & IT)
  • Ability to integrate seamlessly with systems within the enterprise and partners
  • Highly optimized and shared IT infrastructure
  • Loosely coupled systems to quickly respond to new processes or new product or new channel – Business value generation
  • Well mapping of business processes to application to information to technology
  • Strict adherence to regulatory and compliance factors

This article highlights our framework of Enterprise Architecture and its roadmap for the development and management of various components. It depicts how these components work together, what are the various measures of business units, enterprise and their outcome. The framework includes putting in place the proper organizational structure and hybrid business/IT roles, consolidating and standardizing information and data stores, and integrating applications and infrastructure to support the right business processes across the enterprise.

The key Components of Enterprise Architecture are depicted below.

EA1

EA – Practical Experience

Enterprise Architecture is not a one-time event, nor limited to specific projects or business units. EA is an on-going, iterative process that provides:

  • A common vision of the future shared by business and IT; business aware of IT and vice-versa
  • Guidance in the selection, creation and implementation of solutions driven by business requirements
  • Support for the various enterprise business lines through improved information sharing – provides plan for the integration of information and services at the design level across business lines
  • A means to control growing complexities of technology by setting enterprise-wide, leverageable standards for information technology
  • Defines an approach for the evaluation, consideration and assimilation of new and emerging technology innovations to meet business requirements

Some of the key aspects that teams will come across during EA execution:

  • EA is NOT a project: This is one of common mistake that most enterprises do. Enterprise Architecture is NOT a project, which can be delivered within specified timeframe. Enterprise Architecture is more of a culture that enterprises must adopt like SDLC process.
  • EA is NOT about review : Generally, people tend to think that EA is always for review and do policing team/individual performance and provide review reports to higher management. Instead EA is of bringing standards and making enterprise flexible to address changes as needed for business growth.
  • EA is NOT a one-time activity: The success of EA is possible only when enterprises will adopt it as part of their culture. For this to happen, Enterprise Architecture should execute as an iterative and on-going process and educate all stakeholders (business, portfolio managers, architects, program/project managers, designers, developers, operations, partners etc.) about the initiative and make them responsible for EA success.
  • EA is NOT for IT: Most of the times Enterprise Architecture initiative is driven by IT organizations without much involvement from Business. This is the first step towards a big failure. Depending upon the approach (whether it is top-down or bottom-up), business should be aware of what’s happening in the Enterprise Architecture initiative and be actively participating in the program when needed. Business is as equally responsible as IT for the success of an EA initiative.
  • EA is NOT a strategy: There is a common view across organizations that Enterprise Architecture is more of a strategy and teams like solution architecture, portfolio management and design & development and operations streams doesn’t have a role to play. In fact, the aforementioned teams are key contributors to Enterprise Architecture definition and its success by inculcating EA standards and best practices in their day-to-day activities.
  • EA is NOT all about cost-reduction: Most of the enterprises will look at EA from cost savings perspective that puts lot of pressure on IT to show some immediate benefits in terms of savings. With this kind of pressure, EA will get off track and be seen as more of a tactical initiative rather than strategic. Enterprises should start looking at EA more from Business-IT alignment, agility, innovation etc. which are strategic in nature along with cost savings.
  • EA is NOT one-man show: Enterprise Architecture is neither a CIO job or CFO or any CXO. It’s everybody’s job within an enterprise. During the EA strategy definition phase, probably more leadership involvement is needed and at EA implementation stage all the stakeholders will have a role to play and contribute one way or another.
  • EA is all about communication: One of the common mistakes that most enterprises do during the EA program is the team will work in silos and build huge pile of documents without having proper communication sessions within enterprise. At a minimum, the EA team should spend 50% of efforts towards communicating EA artifacts with the team and successful medium is through meetings rather than sending over emails or website.
  • Measure EA: During the initial stages of an EA program, the team should define measuring criteria/factors of EA (for ex: customer satisfaction, time to market, agility, cost savings, standardization, resources skills, trainings/certification etc.). Without these factors defined, EA will end up in ad-hoc planning which leads to chaos and frustrates leadership.
  • Adoption of Latest Technology Trends on EA: Traditional EA is more of the “Ivory Tower” approach which is modeled as framework-centered and tool-driven. Most of the EA function is technology-centric and defined as a one-time initiative. Application built on Traditional EA principles are business-constraint before they are completed. The Next Generation Enterprise Architecture (NGEA) is business-centric, global, agile, continuous and social digital network. Also, the organizations adopt latest digital capabilities like social web, SOA, big data analytics, omni channel customer management, cloud computing, virtualization, Internet of Things and so on. These technologies are interrelated and fit together to define Next Generation Enterprise Architecture for an organization.

The vision of an enterprise is shifting from Traditional EA to Digital Architecture which addresses Networked Community Capabilities (interacting with users through social media), globalization (Borderless Enterprise), innovation of products and services (open, closed & virtual innovation), collaboration (enable employees in decision-making, location flexibility, schedule flexibility), flexibility (flexibility to choose the technologies, infrastructure, applications).

The following diagram shows the Next Generation EA Model.

EA2

  • Network-centric enterprise: Online communities, workforce (network/social collaboration), business partners, customers and the marketplace
  • Enterprise resources: Teams, project-centric, process-based work conducted by communities
  • Business partners: Strategic partners and suppliers can be engaged together in operations
  • Customers: Customer care communities
  • Outside enterprise: Regulators, influencers, crowdsourcing participants, software developers and other interested parties
  • Third party vendors: Packaged vendors like SAP, Oracle ERP etc.
  • New channels: Web, mobile devices, Social business environments (communities of all functional types and audiences) and CRM

Conclusions

This article attempts to demonstrate practical views of an Enterprise Architect in improving the success rate of EA across the organizations. There is no hard and fast rule that enterprises should adopt to one particular framework or standard or approach. They can choose to adopt any industry specific framework, however it can be customized as per the needs of the enterprise. It does not force fit EA programs to any industry framework. The deliverables of EA should integrate with business planning, focus on business architecture and defining/streamlining business outcome metrics.

EA program definition should not span for years. It should deliver business value in months or weeks. Also, the program output should be actionable. Always measure impact but not activity.

Apart from these steps, enterprise should think about following other key aspects like:

  • Should have strong leadership commitments
  • Not always as-Is instead it can start with defining future state
  • Start with the highest-priority business outcomes

Use the right diagnostic tools — EAs must have a broad set of tools to choose from:

  • Ensure the program outputs are actionable
  • Measure impact, not activity
  • Adopt Next Generation Enterprise Architecture patterns
  • Socialize, listen, crowd source and be transparent
  • Do not re-architect legacy systems for the sake of re-architecting: most old systems should be wrapped, then replaced
  • Prepare to measure degree of success before starting on with the new architecture initiative
  • Do not over-design your systems of innovation or under-design the systems of differentiation or record

References

1.http://www.opengroup.org/architecture/togaf7-doc/arch/p4/comp/comp.htm

Acknowledgements

The authors would like to thank Hari Kishan Burle, Raju Alluri of Architecture Group of Wipro Technologies for giving us the required time and support in many ways in bringing this article as part of Enterprise Architecture Practice efforts.

Authors

PalliPrasad Palli is a Practice Partner in the Enterprise Architecture division of Wipro. He has a total of 17 years of IT experience. He can be reached at prasad.palli@wipro.com

 

BeharaDr. Gopala Krishna Behara is a Senior Enterprise Architect in the Enterprise Architecture division of Wipro. He has a total of 18 years of IT experience. He can be reached at gopalkrishna.behra@wipro.com

 

Disclaimer

The views expressed in this article/presentation are that of authors and Wipro does not subscribe to the substance, veracity or truthfulness of the said opinion.

1 Comment

Filed under Enterprise Architecture, Enterprise Transformation, Governance, IT, Standards