gea-nz-v3-0-application-and-ict-services-reference-model-and-taxonomy
TRANSCRIPT
Government
Enterprise
Architecture
GEA-NZ v3.0
Application and ICT Services Reference Model and Taxonomy
November 2014
Document Version 1.0 Page 2 of 80
Crown copyright ©. This copyright work is licensed under the Creative Commons Attribution 3.0 New Zealand licence. In essence, you are free to
copy, distribute and adapt the work, as long as you attribute the work to the Department of Internal Affairs and abide by the other licence terms.
To view a copy of this licence, visit http://creativecommons.org/licenses/by/3.0/nz/. Please note that neither the Department of Internal Affairs
emblem nor the New Zealand Government logo may be used in any way which infringes any provision of the Flags, Emblems, and Names Protection Act 1981 or would
infringe such provision if the relevant use occurred within New Zealand. Attribution to the Department of Internal Affairs should be in written form and not by
reproduction of the Department of Internal Affairs emblem or New Zealand Government logo.
Published by the Department of Internal Affairs www.ict.govt.nz
Document Version 1.0 Page 3 of 80
Document
Purpose
The Government Enterprise Architecture for New Zealand (GEA-NZ) Reference Models outline the following
artefacts for each dimension of the architecture:
- Reference taxonomy
- Structure and description
- Context within the GEA-NZ v3.0
- Description of artefacts and relationships with other artefacts across all dimensions
The objective of a Reference Model is to provide widely accepted core taxonomy, and an appropriate visual
representation of that taxonomy. A Reference Taxonomy defines the terminology, and provides a useful,
coherent, consistent, and structured description of the components of an Enterprise Architecture. The need
for reference architectures and associated taxonomies as part of a Government Enterprise Architecture is
described in the GEA-NZ v3.0 Context Document.
There are eight architecturally significant dimensions within the Government Enterprise Architecture for
New Zealand v3.0 framework (GEA-NZ v3.0). Each of these dimensions has a Reference Model which
includes relevant reference artefacts and relationships. Where appropriate the Reference Model has an
associated Reference Taxonomy.
GEA-NZ v3.0 uses reference taxonomies to provide categorisation terms to describe the architecture of
capabilities for use across All of Government (AoG), sectors, clusters, and agencies. Reference taxonomies
reduce complexity by abstracting, organising and simplifying complex information sets.
The overall consistency and cohesiveness of cross government services, shared services and common
capabilities, can be improved when government entities apply common reference taxonomies to deliver
consistent and aligned views of commonly required operational and technological services.
The usage of the GEA-NZ reference taxonomy, at government, agency and sector level, will help drive ICT
efficiencies and Transformation programmes through identification of opportunities for development or and
reuse of common solutions. This will enable the implementation of the Government ICT Strategy and Action
Plan to 2017 and Better Public Services: Results for New Zealanders.
Use of the GEA-NZ v3.0 reference model will:
- Provide common language to promote service, information, system and technology interoperability
- Promote the identification and demand aggregation of sharable and common capabilities to improve
the efficacy, utility and cost effectiveness of ICT across government
- Foster traceability of features to meet requirements
- Support the re-use of solutions and services
- Support the development and delivery of coherent AoG Common Capabilities portfolio
- Support the AoG Data Governance initiatives
Document Version 1.0 Page 4 of 80
Scope
This document provides a description of the GEA-NZ v3.0 Application and ICT Services Reference Model and
Taxonomy. This will provide the basis for developing specific Application and ICT Services reference
architectures and patterns. These reference architectures and patterns can be more readily used across
government where the terms from the reference taxonomy are used consistently.
This document does not include the description of the Application and ICT Services reference architecture or
the use of software tools to construct and manage GEA-NZ v3.0 models.
References to related documents are contained within the context of the document.
Audience
The intended audience of this document is (but not limited to):
- Agencies’ Enterprise, Application and Solution Architects
- Agencies and Business partners involved in development and delivery of business and technology
solutions
- ICT and Architect Managers
- ICT Security Specialists for Certification & Accreditation activities (C&A)
Authors
Regine Deleu – All-of-Government Enterprise Architect
Jim Clendon – Senior Enterprise Architecture Modeller
Phil Cutforth – All-of-Government Enterprise Architect
Approval
This document has been created following engagement with the Chief Architect Forum (CAF) and the
Government Enterprise Architecture Group (GEAG). The content will be subject to yearly review and
improvement. The Government Enterprise Architect team will manage revisions and will indicate priorities
for this work. Approval for changes will be sought through the GEAG.
Version Control
Version Date Comment Modified by Approved by Next Review Date
1.0 November
2014
Initial version Regine Deleu GEAG End 2015
Acknowledgements
This version of the GEA-NZ Application and ICT Services Reference Model and Taxonomy was developed by
the Government Enterprise Architecture team, part of System Transformation Team, Department of Internal
Affairs, New Zealand. It was peer-reviewed and approved by GEAG members.
Additionally, feedback received from a number of experts from various agencies was greatly appreciated.
Document Version 1.0 Page 5 of 80
Table of Contents
Document .......................................................................................................................................... 3
Purpose ............................................................................................................................................ 3
Scope ................................................................................................................................................ 4
Audience .......................................................................................................................................... 4
Authors ............................................................................................................................................ 4
Approval ........................................................................................................................................... 4
Version Control ................................................................................................................................ 4
Acknowledgements ......................................................................................................................... 4
Table of Contents ............................................................................................................................. 5
Executive Summary ............................................................................................................................ 7
Application and ICT Services Reference Model and Taxonomy .......................................................... 8
Introduction ..................................................................................................................................... 8
Principles .......................................................................................................................................... 9
Context within GEA-NZ 3.0 ............................................................................................................ 10
Benefits .......................................................................................................................................... 10
Development ................................................................................................................................. 12
Background .......................................................................................................................... 12
Approach ............................................................................................................................. 12
Tools .................................................................................................................................... 13
Application and ICT Services Reference Model ................................................................................ 14
Structure ........................................................................................................................................ 14
Application Domains ...................................................................................................................... 15
Corporate Applications ........................................................................................................ 17
Common Line of Business Applications ............................................................................... 29
End User Computing ............................................................................................................ 34
Data and Information Management Services ..................................................................... 39
Identity and Access Management Services ......................................................................... 47
Security Services .................................................................................................................. 53
ICT Components, Services and Tools ................................................................................... 58
Interfaces and Integration ................................................................................................... 67
Specialist Line of Business Applications .............................................................................. 70
Appendix – GEA-NZ v3.0 Application and ICT Services Reference Taxonomy in Context with Other
Artefacts .......................................................................................................................................... 71
Strategy and Policy ........................................................................................................................ 71
Performance .................................................................................................................................. 72
Business ......................................................................................................................................... 73
Customer ............................................................................................................................. 73
Channel ................................................................................................................................ 73
Product and Service ............................................................................................................. 74
People and Organisations .................................................................................................... 74
Document Version 1.0 Page 6 of 80
Process ................................................................................................................................. 75
Data and Information .................................................................................................................... 76
Application and ICT Services .......................................................................................................... 76
Infrastructure ................................................................................................................................. 77
Security and Privacy ....................................................................................................................... 78
Standards ....................................................................................................................................... 79
Document Version 1.0 Page 7 of 80
Executive Summary The Government Enterprise Architecture for New Zealand (GEA-NZ) Reference Models outline the following
artefacts for each dimension of the architecture framework:
- Reference taxonomy
- Structure and description
- Context within the GEA-NZ v3.0
- Description of artefacts and relationships with other artefacts across all dimensions
The objective of a Reference Model is to provide widely accepted core taxonomy, and an appropriate visual
representation of that taxonomy. A Reference Taxonomy defines the terminology, and provides a useful,
coherent, consistent, and structured description of the components of an Enterprise Architecture.
The GEA-NZ Application and ICT Services Reference Taxonomy consistently categorise and describe the
government –wide Application and ICT that support business capabilities. It is used for identifying
opportunities for cost reduction, collaboration, shared services, common capabilities and solution reuse in
ICT portfolios within and across agencies to effectively and efficiently support citizen centric service
transformation.
The usage of the GEA-NZ reference taxonomy, at government, agency and sector level, will help drive ICT
efficiencies through identification of opportunities for development or and reuse of common solutions. This
will ultimately support the implementation of the Government ICT Strategy and Action Plan to 2017 and
Better Public Services: Results for New Zealanders.
Use of the GEA-NZ v3.0 reference model will:
- Provide common language to promote service, information, system and technology interoperability
- Promote the identification and demand aggregation of sharable and common capabilities to improve
the efficacy, utility and cost effectiveness of ICT across government
- Foster traceability of features to meet requirements
- Support the re-use of solutions and services
- Support the development and delivery of coherent AoG Common Capabilities portfolio
- Support the AoG Data Governance initiatives
Document Version 1.0 Page 8 of 80
Application and ICT Services Reference
Model and Taxonomy
Introduction
The GEA-NZ Application and ICT Services describes business applications, including ‘X as a Service’, that
support the business processes. It includes core business, corporate and specialist line of business
applications, end user computing, data and information management, identity and access management and
security services. It also includes ICT components, services and tools, interfaces and integration.
At an All-of-Government level, the model facilitates a common understanding of application assets and ICT
services, identifying opportunities for sharing, reuse, and consolidation or renegotiation of licenses. It also
assists the GCIO assurance function by identifying application assets that will require maintenance or
renewal within the business planning horizon.
At an agency level, the model describes the application assets and ICT services of the agency, and helps
application portfolio management. Mapping their current and planned Information Systems to the
Application and ICT Services Reference Taxonomy categories should help agencies and sectors identify
opportunities for sharing, reuse, and consolidation or renegotiation of licenses.
The GEA-NZ Application and ICT Services Reference Taxonomy provide the basis for categorising applications
and their components. It categorises software that supports business. It does not include operating systems
that are used to operate hardware, as these are contained in the Infrastructure Reference Model.
Document Version 1.0 Page 9 of 80
The GEA-NZ Infrastructure Reference Taxonomy is an integral part of the Government Enterprise
Architecture for New Zealand v3.0 (GEA-NZ v3.0).
Principles
The value of reference models comes from applying them as part of business as usual practices and
capability acquisition across agencies in a consistent manner. They are used to provide a consistent view
across a complex system of business services and supporting ICT so that the delivery of government services
can become customer centric, and that investments can be made that benefits the system as a whole, not
just specific agencies in accordance with the guiding principles of the Government ICT Strategy and Action
Plan to 2017:
- Centrally led, collaboratively delivered
The Strategy and Action Plan will be led by the GCIO and delivered in collaboration with agency
chief executives.
- Customer centricity
Customer insights must inform service design and delivery. Customers should be shielded from
the internal complexities of Government.
- Trust and Confidence
Build public trust and confidence in government’s ability to maintain the privacy and security of
information. This underpins our ability to use digital channels.
- Simplify by design
Remove complexity, fragmentation and duplication, and reengineer business processes end–to-
end.
- Share by default
Capabilities must be shared by default rather than by exception.
Document Version 1.0 Page 10 of 80
Context within GEA-NZ 3.0
The GEA-NZ Application and ICT Services Reference Taxonomy is a core part of the GEA-NZ Application and
ICT Services Reference Model within the GEA-NZ v3.0 framework. The GEA-NZ Application and ICT Services
Reference Model provides the basis for categorising Application and ICT Services assets at a department or
agency level as well as Sector and AoG levels.
The following table shows the GEA-NZ Application and ICT Services Reference Model in context with the
other GEA-NZ reference models.
Ap
pli
cati
on
an
d I
CT
Se
rvic
es
represents a key mechanism for realising strategic goals,
through adoption of agile core business applications and
industry standard corporate support functions
Strategy and Policy
provides the ICT services that enables performance
measurement and control, and offers opportunities to
improve business efficiency through sharing and reuse
Performance
provides the application and ICT services that support
business services, processes, capabilities, information
sharing, and reuse
Business
sets requirements and provides the tools to manage,
model, structure, share, and exchange data and
information
Data and Information
provides the application and ICT service requirements for
technology and infrastructure services, and supporting
applications for infrastructure management (e.g. CMDB)
Infrastructure
provides the application and ICT service controls needed
to support security and privacy requirements
Security and Privacy
sets the application and ICT service requirements that
drive development and scope of corresponding standards
Standards
In the Appendix you can find tables showing the GEA-NZ Application and ICT Services Reference Taxonomy in
context with other artefacts.
Benefits
The GEA-NZ Application and ICT Services Reference Model will provide the following benefits to agencies,
sectors and their business partners involved in the delivery of public services and joint capabilities:
- Drives standardisation at the technology layer, improving the overall manageability, ensuring
technologies are directly referenced to business outcomes, and making understanding the impact of
changes more unambiguous.
- Provides a government wide common language for applications and ICT services.
- Identification of opportunities for sharing, re-use and consolidation of services to improve efficiencies
and effectiveness of current capabilities. To guide change towards shared common services.
- It will enable both ‘horizontal’ assessments of where multiple products are delivering the same
business service (consolidation and sharing opportunities), and ‘vertical’ assessments of where
different technology products have been implemented for the same or similar services
(standardisation and re-use opportunities.
- Provides a basis for the objective review of ICT investment by the government.
Document Version 1.0 Page 11 of 80
- For agencies’ Four Year Plan to help show what they will achieve and how it will be achieved aligning
to Better Public Services and all-of-government shared services.
- Enables more cost-effective and timely delivery of ICT services through a repository of standards,
principles and templates that support repeatable and consistent design and delivery of ICT capability,
as well as business and operational support services.
- Identification of opportunities for the consolidation and standardisation of applications and ICT
services.
- Baseline for agencies’ Services and API Catalogue and their Application portfolio and Catalogue;
- An engagement framework that translates a high-level logical view for capability definition and
delivery. From a practical perspective, to provide a tool kit for Enterprise Architects to use in their
daily work.
This will ultimately result in increased collaboration between agencies, reduced risks, reduced number of
incompatible systems across and within agencies, and it contributes to government-wide interoperability
commitments in an affordable manner.
In real terms, this will allow the Government to realise savings in two key areas:
Financial Management
Aligning the GEA-NZ Application and ICT Services Reference Model within the broader architectural
framework enables explicit links to be established from the performance layer through to the data and
application and infrastructure layers.
This will facilitate continuous, robust analysis of the relationship between ICT investments and the
associated impact on performance against required business outcomes.
Once established, these linkages will support evidence-based decision making around which technologies
and standards are most essential to ensure the continued provision of priority, fit-for-purpose and value for
money systems, services and applications.
User Productivity
Standardisation and rationalisation of diverse set of technical standards will improve productivity for not
only the user community and those responsible for the management and delivery of ICT services, but also
those involved with capability definition, development, acquisition, and delivery and integration
(introduction into service, and integrated logistics support management).
Improved standardisation will reduce existing barriers to workforce interoperability, service availability and
sharing, and data access and sharing capabilities, and deliver improved consistency across communication
and collaboration platforms.
ICT will realise increases in productivity driven by the reduced complexity which flows from having a
standardised, agreed set of application and ICT services.
Additionally, as a more standardised suite of approved technologies and platforms develops over time, the
number of applications which are supported by bespoke or specialised technologies will fall, reducing the
requirement to maintain highly specialised skills to support legacy applications.
Document Version 1.0 Page 12 of 80
Development
The GEA-NZ Application and ICT Services Reference Taxonomy has been adapted for New Zealand based on
the United States Federal Enterprise Architecture version 2 (US FEAF v2)1 Application and ICT Services
Reference Model combined with content developed for the NZ Defence Technology Reference Model. NZ
Defence based the development of their Technology Reference Model on the following sources:
- GEA-NZ v2.0 AoG Common Operating Environment (COE) and NZDF COE
- NATO C32 Taxonomy
- Australian Department of Defence (DoD) Integrated Defence Architecture3 (IDA)
- US Information Exchange Architecture (IEA).
- UK Government ICT Strategy, End User Device Programme – Conceptual Framework dated Apr 12.
The GEA-NZ v3.0 framework separates Application and ICT Services from Applications and ICT Services, so
only content from the NZ Defence Technical Reference Model that relates to Application and ICT Services
have been included.
We have deliberately used the term ICT services to remove any confusion between the services delivered by
government to customers / New Zealand, and what are ICT services which support the delivery of services by
government to customers / New Zealand.
Background
The GEA-NZ v3.0 Application and ICT Services Reference Taxonomy replaces the GEA-NZ v2.0 Service
Reference Taxonomy which re-used the NZ FEAF Service Reference Model.
The Service Reference Model abstracted ICT services from the underlying applications. While this approach
has merit in a Service Oriented Architecture for the most part applications are delivering the services
directly. This Service Reference Taxonomy was originally approved as part of the NZ FEAF, back in 2008, and
was essentially the same as the taxonomy in the US FEAF Service Reference Model developed in 2006 – 8
years ago.
There has been some adoption of this within agencies. However 8 years is a long time in the fast moving
world of ICT and technology so it is missing some concepts. As a result agencies have in turn adapted and
expanded the taxonomy to the extent that it no longer provides a common set of terms. For example the
GEA-NZ v2.0 COE Reference Architecture was defined using a new set of terms, with very few terms from the
older reference taxonomies being reused.
Approach
Our approach is to reuse and adapt reference taxonomies from other jurisdictions. Three major sources for
GEA-NZ v3.0 are the Australian Government Architecture v3.0 (AGA v3.0), the UK Reference Architecture
(UK-RA 2012), and the US FEAF v2.0.
Representatives from the Chief Architects Forum (CAF) and the Government Enterprise Architecture Group
(GEAG), and other agencies review and contribute to the taxonomies.
1 http://www.whitehouse.gov/sites/default/files/omb/assets/egov_docs/fea_v2.pdf
2 NATO C3 = North Atlantic Treaty Organisation Command, Control and Co-ordination Agency
3 Note: The ADF IDA closely follows the US FEAF model.
Document Version 1.0 Page 13 of 80
Tools
The master GEA-NZ v3.0 Application and ICT Services Reference Model has been developed using the
OpenText ProVision4 modelling tool using hierarchical models. The diagrams are published using .png files,
and the taxonomy data is published using Microsoft Excel.
Government Enterprise Architecture will migrate the master Application and ICT Services Reference
Taxonomy to the Sparx Systems Enterprise Architect5 modelling tool in the last quarter of 2014. The
Application and ICT Services Reference Taxonomy will subsequently be published in Sparx EA compatible file
formats.
4 OpenText ProVision was the tool selected by the State Services Commission for Enterprise Architecture modelling by agencies in 2008
5 Sparx Systems Enterprise Architect, Ultimate Edition, has been selected by Government Enterprise Architecture in August 2014 as the go forward tool for developing and maintaining GEA-NZ v3.0.
Document Version 1.0 Page 14 of 80
Application and ICT Services Reference
Model
Structure
The GEA-NZ Application and ICT Services Reference Taxonomy model is a simple hierarchical structure made
up of application domains, which are divided into application areas, which have categories. Application
categories may have multiple levels where more detail is required.
The diagram below shows the structure of the taxonomy and an approach for implementation using the
Open Group ArchiMate6 elements and relationships.
6 ArchiMate is an emerging standard for enterprise architecture modelling in the GEA-NZ Standards.
GEA-NZ v3.0 Application Reference Taxonomy StructureGEA-NZ v3.0 Application Reference Taxonomy StructureGEA-NZ v3.0 Application Reference Taxonomy StructureGEA-NZ v3.0 Application Reference Taxonomy StructureGEA-NZ v3.0 Application Reference Taxonomy Structure*CategorisationAgency Implementation (Using ArchiMate elements)Application AreaApplication CategoryApplication DomainApplication DomainApplication DomainApplication DomainApplication and ICTServices ReferenceTaxonomy
ArchiMate Data Object(Information Asset) ArchiMate ApplicationComponentArchiMate Application Function11 111
«assignment»«access» «generalisation»GEA-NZ v3.0 Application Reference Taxonomy Structure*
GEA-NZ v3.0 Application Reference Taxonomy StructureGEA-NZ v3.0 Application Reference Taxonomy StructureGEA-NZ v3.0 Application Reference Taxonomy StructureGEA-NZ v3.0 Application Reference Taxonomy StructureApplication AreaApplication DomainApplication DomainApplication DomainApplication DomainApplication and ICTServices ReferenceTaxonomy 11 11 1CategorisationAgency Implementation (Using ArchiMate elements) Application Category
ArchiMate Data Object(Information Asset) ArchiMate ApplicationComponentArchiMate Application Function «assignment»«access» «generalisation»
Document Version 1.0 Page 15 of 80
Application Domains
The GEA-NZ Application and ICT Services Reference Model include nine domains that can be used as a
common language to classify Application and ICT Services. These are the:
- Corporate Applications
- Common Line of Business Applications
- End User Computing
- Data and Information Management Services
- Identity and Access Management Services
- Security Services
- ICT Components, Services and Tools
- Interfaces and Integration
- Specialist Line of Business Applications
Document Version 1.0 Page 16 of 80
The domains and their related areas are shown in the following diagram:
A8 Interfaces and IntegrationA8 Interfaces and IntegrationA8 Interfaces and IntegrationA8 Interfaces and Integration
Application and ICT Services Reference TaxonomyApplication and ICT Services Reference TaxonomyApplication and ICT Services Reference TaxonomyApplication and ICT Services Reference Taxonomy
A8.01 IntegrationA8.01 IntegrationA8.01 IntegrationA8.01 Integration A8.03 InterfaceA8.03 InterfaceA8.03 InterfaceA8.03 InterfaceA8.02 Data InteroperabilityA8.02 Data InteroperabilityA8.02 Data InteroperabilityA8.02 Data Interoperability A8.04 GatewaysA8.04 GatewaysA8.04 GatewaysA8.04 GatewaysA9 Specialist Line of Business ApplicationsA9 Specialist Line of Business ApplicationsA9 Specialist Line of Business ApplicationsA9 Specialist Line of Business Applications
A5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA5 Identity and Access Management Services
A1 Corporate ApplicationsA1 Corporate ApplicationsA1 Corporate ApplicationsA1 Corporate ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business Applications
A6 Security ServicesA6 Security ServicesA6 Security ServicesA6 Security Services
A4 Data and Information Management ServicesA4 Data and Information Management ServicesA4 Data and Information Management ServicesA4 Data and Information Management Services
A7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7 ICT Components, Services and Tools
A3 End User ComputingA3 End User ComputingA3 End User ComputingA3 End User Computing
A1.04 Workforce CapabilityA1.04 Workforce CapabilityA1.04 Workforce CapabilityA1.04 Workforce CapabilityManagementManagementManagementManagementA1.07 ProcurementA1.07 ProcurementA1.07 ProcurementA1.07 ProcurementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.02 Financial and AssetA1.02 Financial and AssetA1.02 Financial and AssetA1.02 Financial and AssetManagementManagementManagementManagement
A4.02 Data and InformationA4.02 Data and InformationA4.02 Data and InformationA4.02 Data and InformationInteroperabilityInteroperabilityInteroperabilityInteroperability A4.08 Geospatial InformationA4.08 Geospatial InformationA4.08 Geospatial InformationA4.08 Geospatial InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationServicesServicesServicesServicesA3.05 Graphics and MultimediaA3.05 Graphics and MultimediaA3.05 Graphics and MultimediaA3.05 Graphics and Multimedia A3.04 Productivity SuiteA3.04 Productivity SuiteA3.04 Productivity SuiteA3.04 Productivity Suite
A1.10 Unified Communications andA1.10 Unified Communications andA1.10 Unified Communications andA1.10 Unified Communications andCollaborationCollaborationCollaborationCollaborationA2.03 Customer RelationshipA2.03 Customer RelationshipA2.03 Customer RelationshipA2.03 Customer RelationshipManagementManagementManagementManagementA2.01 Product and ServiceA2.01 Product and ServiceA2.01 Product and ServiceA2.01 Product and ServiceManagementManagementManagementManagement A2.04 Partner RelationshipA2.04 Partner RelationshipA2.04 Partner RelationshipA2.04 Partner RelationshipManagementManagementManagementManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.06 Customer ServiceA2.06 Customer ServiceA2.06 Customer ServiceA2.06 Customer Service
A1.13 Business Transformation andA1.13 Business Transformation andA1.13 Business Transformation andA1.13 Business Transformation andImprovementImprovementImprovementImprovementA2.05 Customer AccountingA2.05 Customer AccountingA2.05 Customer AccountingA2.05 Customer Accounting A2.02 MarketingA2.02 MarketingA2.02 MarketingA2.02 Marketing
A7.02 ICT ComponentsA7.02 ICT ComponentsA7.02 ICT ComponentsA7.02 ICT Components
A1.05 Corporate Governance andA1.05 Corporate Governance andA1.05 Corporate Governance andA1.05 Corporate Governance andStrategyStrategyStrategyStrategy A1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.06 Corporate Administration A1.12 Business Process ManagementA1.12 Business Process ManagementA1.12 Business Process ManagementA1.12 Business Process ManagementSystem (BPMS)System (BPMS)System (BPMS)System (BPMS)A1.01 Enterprise Resource PlanningA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource Planning(ERP)(ERP)(ERP)(ERP) A1.08 Business Intelligence andA1.08 Business Intelligence andA1.08 Business Intelligence andA1.08 Business Intelligence andAnalyticsAnalyticsAnalyticsAnalytics
A3.02 End User ToolsA3.02 End User ToolsA3.02 End User ToolsA3.02 End User Tools A3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.01 End User Device ManagementA3.01 End User Device ManagementA3.01 End User Device ManagementA3.01 End User Device Management
A6.04 Security ControlsA6.04 Security ControlsA6.04 Security ControlsA6.04 Security ControlsA6.01 Encryption ServicesA6.01 Encryption ServicesA6.01 Encryption ServicesA6.01 Encryption Services A6.02 Network Security ServiceA6.02 Network Security ServiceA6.02 Network Security ServiceA6.02 Network Security ServiceA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.06 Enterprise Security Management A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)ServicesServicesServicesServices
A4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.04 Data Quality Management
A6.05 Digital ForensicsA6.05 Digital ForensicsA6.05 Digital ForensicsA6.05 Digital Forensics
A4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.01 Data and InformationA4.01 Data and InformationA4.01 Data and InformationA4.01 Data and InformationArchitectureArchitectureArchitectureArchitectureA4.05 Data ProtectionA4.05 Data ProtectionA4.05 Data ProtectionA4.05 Data Protection A4.06 Database ManagementA4.06 Database ManagementA4.06 Database ManagementA4.06 Database ManagementA5.04 Authorisation and AccessA5.04 Authorisation and AccessA5.04 Authorisation and AccessA5.04 Authorisation and AccessManagement ServiceManagement ServiceManagement ServiceManagement ServiceA5.05 Directory ServiceA5.05 Directory ServiceA5.05 Directory ServiceA5.05 Directory Service A5.03 Authentication ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.02 Identity Administration andA5.02 Identity Administration andA5.02 Identity Administration andA5.02 Identity Administration andOperationsOperationsOperationsOperations A5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.01 Identity Governance andA5.01 Identity Governance andA5.01 Identity Governance andA5.01 Identity Governance andAccountabilityAccountabilityAccountabilityAccountability A5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.06 Identity Functional CoreA5.06 Identity Functional CoreA5.06 Identity Functional CoreA5.06 Identity Functional CoreComponentsComponentsComponentsComponents
A7.03 ICT Development EnvironmentA7.03 ICT Development EnvironmentA7.03 ICT Development EnvironmentA7.03 ICT Development Environmentand Toolsand Toolsand Toolsand ToolsA7.01 Business Process ManagementA7.01 Business Process ManagementA7.01 Business Process ManagementA7.01 Business Process ManagementToolsToolsToolsTools A7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation Services
A1.09 Business ContinuityA1.09 Business ContinuityA1.09 Business ContinuityA1.09 Business Continuity A1.11 Enterprise Content ManagementA1.11 Enterprise Content ManagementA1.11 Enterprise Content ManagementA1.11 Enterprise Content Management(ECM)(ECM)(ECM)(ECM)
A4.09 Content Management SystemA4.09 Content Management SystemA4.09 Content Management SystemA4.09 Content Management System
A7.05 Cloud ServicesA7.05 Cloud ServicesA7.05 Cloud ServicesA7.05 Cloud Services xA7.07 Host LayeringxA7.07 Host LayeringxA7.07 Host LayeringxA7.07 Host Layering
Application and ICT Services Reference TaxonomyApplication and ICT Services Reference TaxonomyApplication and ICT Services Reference TaxonomyApplication and ICT Services Reference Taxonomy A1 Corporate ApplicationsA1 Corporate ApplicationsA1 Corporate ApplicationsA1 Corporate ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business Applications
A8 Interfaces and IntegrationA8 Interfaces and IntegrationA8 Interfaces and IntegrationA8 Interfaces and Integration
A1.12 Business Process ManagementA1.12 Business Process ManagementA1.12 Business Process ManagementA1.12 Business Process ManagementSystem (BPMS)System (BPMS)System (BPMS)System (BPMS)
A8.01 IntegrationA8.01 IntegrationA8.01 IntegrationA8.01 Integration A8.02 Data InteroperabilityA8.02 Data InteroperabilityA8.02 Data InteroperabilityA8.02 Data Interoperability A8.03 InterfaceA8.03 InterfaceA8.03 InterfaceA8.03 Interface A8.04 GatewaysA8.04 GatewaysA8.04 GatewaysA8.04 Gateways
A5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7 ICT Components, Services and Tools
A4 Data and Information Management ServicesA4 Data and Information Management ServicesA4 Data and Information Management ServicesA4 Data and Information Management Services
A6 Security ServicesA6 Security ServicesA6 Security ServicesA6 Security Services
A1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.07 ProcurementA1.07 ProcurementA1.07 ProcurementA1.07 ProcurementA2.06 Customer ServiceA2.06 Customer ServiceA2.06 Customer ServiceA2.06 Customer Service
A6.04 Security ControlsA6.04 Security ControlsA6.04 Security ControlsA6.04 Security ControlsA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.06 Enterprise Security Management
A1.04 Workforce CapabilityA1.04 Workforce CapabilityA1.04 Workforce CapabilityA1.04 Workforce CapabilityManagementManagementManagementManagementA1.08 Business Intelligence andA1.08 Business Intelligence andA1.08 Business Intelligence andA1.08 Business Intelligence andAnalyticsAnalyticsAnalyticsAnalyticsA1.02 Financial and AssetA1.02 Financial and AssetA1.02 Financial and AssetA1.02 Financial and AssetManagementManagementManagementManagement
A4.07 Additional Data and InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationServicesServicesServicesServices
A1.05 Corporate Governance andA1.05 Corporate Governance andA1.05 Corporate Governance andA1.05 Corporate Governance andStrategyStrategyStrategyStrategy A1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.06 Corporate AdministrationA3 End User ComputingA3 End User ComputingA3 End User ComputingA3 End User Computing
A4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.04 Data Quality Management
A9 Specialist Line of Business ApplicationsA9 Specialist Line of Business ApplicationsA9 Specialist Line of Business ApplicationsA9 Specialist Line of Business Applications
A3.05 Graphics and MultimediaA3.05 Graphics and MultimediaA3.05 Graphics and MultimediaA3.05 Graphics and Multimedia A4.02 Data and InformationA4.02 Data and InformationA4.02 Data and InformationA4.02 Data and InformationInteroperabilityInteroperabilityInteroperabilityInteroperabilityA3.04 Productivity SuiteA3.04 Productivity SuiteA3.04 Productivity SuiteA3.04 Productivity Suite
A1.10 Unified Communications andA1.10 Unified Communications andA1.10 Unified Communications andA1.10 Unified Communications andCollaborationCollaborationCollaborationCollaborationA3.02 End User ToolsA3.02 End User ToolsA3.02 End User ToolsA3.02 End User Tools
A4.08 Geospatial InformationA4.08 Geospatial InformationA4.08 Geospatial InformationA4.08 Geospatial InformationA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.01 Data and InformationA4.01 Data and InformationA4.01 Data and InformationA4.01 Data and InformationArchitectureArchitectureArchitectureArchitectureA4.05 Data ProtectionA4.05 Data ProtectionA4.05 Data ProtectionA4.05 Data Protection A4.06 Database ManagementA4.06 Database ManagementA4.06 Database ManagementA4.06 Database Management
A2.03 Customer RelationshipA2.03 Customer RelationshipA2.03 Customer RelationshipA2.03 Customer RelationshipManagementManagementManagementManagement
A5.04 Authorisation and AccessA5.04 Authorisation and AccessA5.04 Authorisation and AccessA5.04 Authorisation and AccessManagement ServiceManagement ServiceManagement ServiceManagement ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.03 Authentication Service
A1.11 Enterprise Content ManagementA1.11 Enterprise Content ManagementA1.11 Enterprise Content ManagementA1.11 Enterprise Content Management(ECM)(ECM)(ECM)(ECM)
A5.06 Identity Functional CoreA5.06 Identity Functional CoreA5.06 Identity Functional CoreA5.06 Identity Functional CoreComponentsComponentsComponentsComponents A5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.99 Other Identity ServiceA6.01 Encryption ServicesA6.01 Encryption ServicesA6.01 Encryption ServicesA6.01 Encryption ServicesA7.02 ICT ComponentsA7.02 ICT ComponentsA7.02 ICT ComponentsA7.02 ICT Components
A2.05 Customer AccountingA2.05 Customer AccountingA2.05 Customer AccountingA2.05 Customer Accounting A2.02 MarketingA2.02 MarketingA2.02 MarketingA2.02 MarketingA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource Planning(ERP)(ERP)(ERP)(ERP)
A7.05 Cloud ServicesA7.05 Cloud ServicesA7.05 Cloud ServicesA7.05 Cloud Services
A1.09 Business ContinuityA1.09 Business ContinuityA1.09 Business ContinuityA1.09 Business Continuity
A6.02 Network Security ServiceA6.02 Network Security ServiceA6.02 Network Security ServiceA6.02 Network Security Service A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)ServicesServicesServicesServices
A1.13 Business Transformation andA1.13 Business Transformation andA1.13 Business Transformation andA1.13 Business Transformation andImprovementImprovementImprovementImprovement
A4.09 Content Management SystemA4.09 Content Management SystemA4.09 Content Management SystemA4.09 Content Management SystemA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.01 End User Device ManagementA3.01 End User Device ManagementA3.01 End User Device ManagementA3.01 End User Device Management
A6.05 Digital ForensicsA6.05 Digital ForensicsA6.05 Digital ForensicsA6.05 Digital ForensicsA5.02 Identity Administration andA5.02 Identity Administration andA5.02 Identity Administration andA5.02 Identity Administration andOperationsOperationsOperationsOperations A5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.01 Identity Governance andA5.01 Identity Governance andA5.01 Identity Governance andA5.01 Identity Governance andAccountabilityAccountabilityAccountabilityAccountability
A2.01 Product and ServiceA2.01 Product and ServiceA2.01 Product and ServiceA2.01 Product and ServiceManagementManagementManagementManagement A2.04 Partner RelationshipA2.04 Partner RelationshipA2.04 Partner RelationshipA2.04 Partner RelationshipManagementManagementManagementManagement
A5.05 Directory ServiceA5.05 Directory ServiceA5.05 Directory ServiceA5.05 Directory ServiceA7.01 Business Process ManagementA7.01 Business Process ManagementA7.01 Business Process ManagementA7.01 Business Process ManagementToolsToolsToolsTools A7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation Services
A2.08 Grants ManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.07 Emergency Management
A7.03 ICT Development EnvironmentA7.03 ICT Development EnvironmentA7.03 ICT Development EnvironmentA7.03 ICT Development Environmentand Toolsand Toolsand Toolsand Tools A7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.04 ICT Management ToolsxA7.07 Host LayeringxA7.07 Host LayeringxA7.07 Host LayeringxA7.07 Host Layering
Document Version 1.0 Page 17 of 80
Corporate Applications
Note: Detailed diagrams are available as .png files, and this table is available as an Excel file.
Name Description
A1 Corporate Applications These are standard corporate applications within government to support the
internal facing functions for managing staff, money and the way government
agencies run their business.
Note: The applications found in this domain can also be used as ICT services or
application components. Many commercial applications may contain elements
of applications listed here and specific software solutions may offer a mix of
these in one suite.
A1.01 Enterprise Resource
Planning (ERP)
Enterprise resource planning (ERP) is business management software; usually a
suite of integrated applications, that an organisation can use to collect, store,
manage and interpret data from many business activities. In the past ERP
solutions focused on back office functions but modern solutions often include
some key front office functions as well.
Note: Application Categories for ERP can be found under the Corporate
Applications and Core Business Applications areas.
Example ERP Modules are:
- Financial Accounting: General ledger, fixed asset, payables including
vouchering, matching and payment, receivables cash application and
collections, cash management, financial consolidation.
- Management Accounting: Budgeting cost management; activity based costing
- Human Resources: Recruiting, training, rostering, payroll, benefits, diversity
management, retirement, and separation.
- Manufacturing: Engineering, bill of materials, work orders, scheduling,
capacity, workflow management, quality control, manufacturing process,
manufacturing projects, manufacturing flow, product life cycle management.
- Order Processing: Order to cash, order entry, credit checking, pricing,
available to promise, inventory, shipping, sales analysis and reporting, sales
commissioning.
- Supply Chain Management: Supply chain planning, supplier scheduling,
product configurator, order to cash, purchasing, inventory, claim processing,
and warehousing (receiving, put away, picking and packing).
- Project Management: Project planning, resource planning, project costing,
work breakdown structure, billing, time and expense, performance units,
activity management.
- Customer Relationship Management: Sales and marketing, commissions,
service, customer contact, call center support - CRM systems are not always
considered part of ERP systems but rather Business Support systems (BSS).
- Self Service: Various "self–service" interfaces for customers, suppliers and/or
employees.
A1 Corporate ApplicationsA1 Corporate ApplicationsA1 Corporate ApplicationsA1 Corporate Applications A1.04 Workforce CapabilityA1.04 Workforce CapabilityA1.04 Workforce CapabilityA1.04 Workforce CapabilityManagementManagementManagementManagementA1.07 ProcurementA1.07 ProcurementA1.07 ProcurementA1.07 ProcurementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.02 Financial and AssetA1.02 Financial and AssetA1.02 Financial and AssetA1.02 Financial and AssetManagementManagementManagementManagementA1.10 Unified Communications andA1.10 Unified Communications andA1.10 Unified Communications andA1.10 Unified Communications andCollaborationCollaborationCollaborationCollaborationA1.13 Business Transformation andA1.13 Business Transformation andA1.13 Business Transformation andA1.13 Business Transformation andImprovementImprovementImprovementImprovementA1.05 Corporate Governance andA1.05 Corporate Governance andA1.05 Corporate Governance andA1.05 Corporate Governance andStrategyStrategyStrategyStrategy A1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.06 Corporate Administration A1.12 Business Process ManagementA1.12 Business Process ManagementA1.12 Business Process ManagementA1.12 Business Process ManagementSystem (BPMS)System (BPMS)System (BPMS)System (BPMS)A1.01 Enterprise Resource PlanningA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource Planning(ERP)(ERP)(ERP)(ERP) A1.08 Business Intelligence andA1.08 Business Intelligence andA1.08 Business Intelligence andA1.08 Business Intelligence andAnalyticsAnalyticsAnalyticsAnalyticsA1.09 Business ContinuityA1.09 Business ContinuityA1.09 Business ContinuityA1.09 Business Continuity A1.11 Enterprise Content ManagementA1.11 Enterprise Content ManagementA1.11 Enterprise Content ManagementA1.11 Enterprise Content Management(ECM)(ECM)(ECM)(ECM)
A1 Corporate ApplicationsA1 Corporate ApplicationsA1 Corporate ApplicationsA1 Corporate ApplicationsA1.12 Business Process ManagementA1.12 Business Process ManagementA1.12 Business Process ManagementA1.12 Business Process ManagementSystem (BPMS)System (BPMS)System (BPMS)System (BPMS)
A1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.03 Human Resource ManagementA1.07 ProcurementA1.07 ProcurementA1.07 ProcurementA1.07 Procurement A1.04 Workforce CapabilityA1.04 Workforce CapabilityA1.04 Workforce CapabilityA1.04 Workforce CapabilityManagementManagementManagementManagementA1.08 Business Intelligence andA1.08 Business Intelligence andA1.08 Business Intelligence andA1.08 Business Intelligence andAnalyticsAnalyticsAnalyticsAnalyticsA1.02 Financial and AssetA1.02 Financial and AssetA1.02 Financial and AssetA1.02 Financial and AssetManagementManagementManagementManagementA1.05 Corporate Governance andA1.05 Corporate Governance andA1.05 Corporate Governance andA1.05 Corporate Governance andStrategyStrategyStrategyStrategy A1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.06 Corporate AdministrationA1.10 Unified Communications andA1.10 Unified Communications andA1.10 Unified Communications andA1.10 Unified Communications andCollaborationCollaborationCollaborationCollaboration A1.11 Enterprise Content ManagementA1.11 Enterprise Content ManagementA1.11 Enterprise Content ManagementA1.11 Enterprise Content Management(ECM)(ECM)(ECM)(ECM)A1.01 Enterprise Resource PlanningA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource PlanningA1.01 Enterprise Resource Planning(ERP)(ERP)(ERP)(ERP)A1.09 Business ContinuityA1.09 Business ContinuityA1.09 Business ContinuityA1.09 Business ContinuityA1.13 Business Transformation andA1.13 Business Transformation andA1.13 Business Transformation andA1.13 Business Transformation andImprovementImprovementImprovementImprovement
Document Version 1.0 Page 18 of 80
A1.02 Financial and Asset
Management
Applications, software or services that support financial and asset
management. Financial management refers to the efficient and effective
management of money (funds) in such a manner as to accomplish the
objectives of the organisation. It is the specialised function directly associated
with the top management. It includes how to raise the capital, how to allocate
it i.e. capital budgeting. Not only about long term budgeting but also how to
allocate the short term resources like current assets. It also deals with the
dividend policies of the shareholders.
A1.02.01 Budget Planning and
Execution
Software that supports all activities undertaken to determine priorities for
future spending and to develop an itemised forecast of future funding and
expenditures during a specified period of time. This includes the collection and
use of performance information to assess the effectiveness of programs and
develop budget priorities and the legal (apportionment) and managerial
(allotment and sub-allotment) distribution of budget authority to achieve
results consistent with the formulated budget.
A1.02.02 General Ledger Software that supports accounting for assets, liabilities, fund balances,
revenues and expenses associated with the maintenance of government funds
and expenditure of government appropriations (salaries and expenses,
operations and maintenance, procurement, working capital, trust funds, etc.),
in accordance with applicable standards.
A1.02.03 Accounts Payable Software that manages and pays the funds owed.
A1.02.04 Accounts Receivable Software that supports collections and receivables, including deposits, fund
transfers, and receipts for sales or service.
A1.02.05 Asset Management Software that supports the tracking of information related to deploying,
operating, maintaining, upgrading, and disposing of assets cost-effectively.
Includes an inventory of assets.
A1.02.06 Expense Management Support the management and reimbursement of costs paid by employees or an
organisation.
A1.02.07 Financial Audit Software used to track and manage financial audit and support the
examination and verification of records for accuracy.
A1.02.08 Portfolio Management Software or services that provide the set of capabilities to support the
administration of a group of investments held by an organisation.
A1.03 Human Resource
Management
Applications, software or services that support human resource management.
Human resource management (HRM or simply HR) is a function in
organisations designed to maximize employee performance in service of their
employer’s strategic objectives. HR is primarily concerned with how people are
managed within organisations, focusing on policies and systems. HR
departments and units in organisations are typically responsible for a number
of activities, including employee recruitment, training and development,
performance appraisal, and rewarding (e.g., managing pay and benefit
systems). HR is also concerned with industrial relations, that is, the balancing of
organisational practices with regulations arising from collective bargaining and
governmental laws.
A1.03.01 Recruitment Software that supports the procedures for attracting and selecting high-quality,
productive employees with the right skills and competencies, in accordance
with merit system principles. This includes developing a staffing strategy and
plan, and establishing an applicant evaluation.
Document Version 1.0 Page 19 of 80
A1.03.02 Education / Training Software that supports the design, development, and implementation of a
comprehensive employee development and training approach to ensure that
agency employees have the right competencies.
A1.03.03 Personnel
Administration
Support the matching between an organisation’s employees and potential
opportunities as well as the modification, addition and general upkeep of an
organisation’s employee-specific information.
A1.03.03.01 Employee Records Software that manages employee personnel records and files.
A1.03.03.02 Time and Attendance Software that supports the set of capabilities to support the submission,
approval and adjustment of employee hours.
A1.03.03.03 Career Development and
Retention
Support the monitoring of performance as well as the professional growth,
advancement and retention of an organisation's employees.
A1.03.04 Staff Directory Software that supports the listing of employees and their whereabouts.
A1.03.05 Payroll Software that supports the administration, calculation and payment of
employee wages, bonuses, and deductions including tax.
A1.03.05.01 Salary Management Software and or services that support the calculation and payment of salaries
and payroll taxes.
A1.03.05.02 Benefits Software that supports the design, development, and implementation of
benefits programs for agency employees. This includes establishing and
communicating benefits programs, processing benefits actions, and interacting
as necessary with third party benefits providers.
A1.03.05.03 Awards Software that supports the administration of employee bonus and monetary
awards programs. Also includes software used to design, develop, and
implement pay for performance compensation programs to recognize and
reward high performance, with both base pay increases and performance
bonus payments.
A1.03.06 Team and
Organisation Management
Software that supports the hierarchy structure and identification of employees
within the various sub-groups of an organisation.
A1.03.07 Skills Management Software that supports the proficiency of employees in the delivery of an
organisation's products or services.
A1.03.08 Emergency
Notification
Software that enables designated individuals to communicate critical
information to many individuals across multiple devices.
A1.04 Workforce Capability
Management
Applications, software or services supports workforce management. Workforce
capability management encompasses all the activities needed to maintain a
productive workforce. It can be part of or overlap with HR management and
ERP systems.
Document Version 1.0 Page 20 of 80
A1.04.01 Resource Planning and
Allocation
Software that supports the processes for identifying the workforce
competencies required to meet the agency’s strategic goals and for developing
the strategies to meet these requirements. The software also supports
procedures for attracting and selecting high-quality, productive employees with
the right skills and competencies, in accordance with merit system principles.
This includes developing a staffing strategy and plan; establishing an applicant
evaluation approach; announcing the vacancy, sourcing and evaluating
candidates against the competency requirements for the position; initiating
pre-employment activities; and hiring employees.
A1.04.02 Field Service
Management
Software to optimally plan and dispatch field service technicians and their
properly stocked vehicles to a customer's location in a timely manner in order
to deliver against their service commitments.
A1.04.02.01 Demand Management Software to help forecast work orders to plan the number and expertise of staff
that will be needed.
A1.04.02.02 Workforce Scheduler Software to predefined rules to automatically optimise the schedule and use of
resources (people, parts, vehicles).
A1.04.02.03 Workforce Dispatcher Software to automatically assigning work orders within predefined zones to
particular technicians.
A1.04.03 Contingent Workforce
Management
Software that supports the continuity of operations for an organisation's
business through the identification of surge or temporary personnel in addition
to agency staff.
A1.05 Corporate Governance
and Strategy
Applications, software or services that support corporate governance
functions. Corporate governance broadly refers to the mechanisms, processes
and relations by which corporations are controlled and directed. Governance
structures identify the distribution of rights and responsibilities among
different participants in the corporation (such as the board of directors,
managers, shareholders, creditors, auditors, regulators, and other
stakeholders) and include the rules and procedures for making decisions in
corporate affairs. Corporate governance includes the processes through which
corporations' objectives are set and pursued in the context of the social,
regulatory and market environment. Governance mechanisms include
monitoring the actions, policies and decisions of corporations and their agents.
Corporate governance practices are affected by attempts to align the interests
of stakeholders.
A1.05.01 Strategy and Planning Software that allows setting up the activities of determining strategic direction,
identifying and establishing programs, services and processes, and allocating
resources (capital and labour) among those programs and processes.
A1.05.02 Governance Software that supports decisions, actions, business rules and other matters
that govern an organisation.
A1.05.03 Compliance
Management
Compliance Management software and or services provide a common
framework and an integrated approach to manage all compliance requirements
faced by an agency. It enables companies to manage cross-industry mandates
and regulations such as SOX, OSHA, EH&S, and FCPA as well as industry focused
regulatory guidelines from FDA, FERC, FAA, HACCP, AML, Basel II, and Data
Retention laws.
Document Version 1.0 Page 21 of 80
A1.05.04 Internal Control Support the methods and procedures used by the organisation to safeguard its
assets, produce accurate accounting data and reports, contribute to efficient
operations, and encourage staff to adhere to management policies and mission
requirements.
A1.05.05 Corporate Policy Software that supports development and enforcement of corporate policy
within an organisation.
A1.05.06 Risk Management Software that allows planners to explicitly address uncertainty by identifying
and generating metrics, setting parameters, prioritizing, and developing
mitigations, and tracking risk.
A1.05.07 Corporate
Performance Management
Software that allows setting up performance metrics, planners to explicitly
address uncertainty by identifying and generating metrics, setting parameters,
prioritizing, and developing mitigations, and tracking risk.
A1.06 Corporate
Administration
Applications, software or services that support the day-to-day management
and maintenance of the internal administrative operations.
A1.06.01 Legal Advice Software that supports giving legal advice.
A1.06.02 Facilities Management Software that supports facilities management including the maintenance,
administration, certification, and operation of office buildings that are
possessions of the government / agency.
A1.06.03 Accommodation
Management
Software that supports managing the accommodation needs of the workforce.
A1.06.04 Media and Facilities
Reservations
Software that supports arrangements to track and secure the use of media and
facilities.
A1.06.05 Travel Software that supports activities associated with planning, preparing, and
monitoring of business-related travel expenses. This may include employees
and others supporting the work of the government.
A1.06.06 Issue Tracking Software that supports the management of a service center to respond to
government and contract employees' technical and administrative questions.
A1.07 Procurement Applications, software or services that supports procurement; the acquisition
of goods, services or works from an outside external source.
A1.07.01 Supplier Management Software used to manage the relationship and lifecycle of existing suppliers.
The purpose of Supplier Management is to obtain value for money from
suppliers and contracts. It ensures that underpinning contracts and agreements
align with business needs, Service Level Agreements and Service Level
Requirements. Supplier Management oversees process of identification of
business needs, evaluation of suppliers, establishing contracts, their
categorisation, management and termination.
Note: This has a close link to "Partner Relationship Management" in the
"Common Line of Business Application" area.
A1.07.01.01 Sourcing Management Support the supply of goods or services as well as the tracking and analysis of
costs for these goods.
A1.07.01.02 Supplier Contract
Management Supplier Contract Management (SPM) is about defining what a supplier is to
deliver in a contract.
Document Version 1.0 Page 22 of 80
A1.07.01.03 Supplier Performance
Management Supplier Performance Management (SPM) is about ensuring the supplier
delivers what has been promised in the contract.
A1.07.01.04 Supplier Balanced
Scorecard
A balanced scorecard includes a mixture of quantitative and qualitative
measures, including how key participants perceive the quality of the
relationship. These KPIs are shared between customer and supplier and
reviewed jointly, reflecting the fact that the relationship is two-way and
collaborative, and that strong performance on both sides is required for it to be
successful. Advanced organisations conduct 360 degree scorecards, where
strategic suppliers are also surveyed for feedback on their performance, the
results of which are built into the scorecard.
A1.07.02 Ordering / Purchasing Allow the placement of request for a product
A1.07.02.01 Supplier Catalogue
Management
Support the listing of available products or services that an organisation offers
and shopping cart / ordering functionality.
A1.07.02.02 Invoice Tracking and
Approval Software that manages inflow and outflows of "products", as well as data
about the level of "products" on hand and support the identification of where a
shipment or delivery is within the business cycle.
A1.07.02.03 Logistics and
Transportation
Provide for efficient freight and traffic management to receive purchased
goods and services.
A1.08 Business Intelligence and
Analytics
Software or services to support Business intelligence (BI). It includes
techniques and tools for the transformation of data and information into
meaningful and useful information and knowledge for business analysis
purposes.
Common functions of business intelligence technologies are reporting, online
analytical processing, analytics, data mining, process mining, complex event
processing, business performance management, benchmarking, text mining,
predictive analytics and prescriptive analytics.
A1.08.01 Data Warehouse A data warehouse (DW, DWH), or an enterprise data warehouse (EDW), is a
system used for reporting and data analysis. Integrating data from one or more
disparate sources creates a central repository of data, a data warehouse (DW).
Data warehouses store current and historical data and are used for creating
trending reports for senior management reporting such as annual and quarterly
comparisons.
The data stored in the warehouse is uploaded from the operational systems
(such as marketing, sales, etc.). The data may pass through an operational data
store for additional operations before it is used in the DW for reporting.
A1.08.01.01 Data Mart A data mart is the access layer of the data warehouse environment that is used
to get data out to the users. The data mart is a subset of the data warehouse
that is usually oriented to a specific business line or team. Data marts are small
slices of the data warehouse. Whereas data warehouses have an enterprise-
wide depth, the information in data marts may pertain to a single department.
A1.08.01.02 Data Mining Software that provides for the efficient discovery of non-obvious, valuable
patterns and relationships within a large collection of data.
A1.08.01.03 Decision Support Software or services that support business or organisational decision-making
activities. Supports the management, operations, and planning levels of an
organisation and helps to make decisions, which may be rapidly changing and
not easily specified in advance.
Document Version 1.0 Page 23 of 80
A1.08.01.04 Online Analytical
Processing (OLAP ) Software or services that support a process to swiftly answer multi-dimensional
analytical (MDA) queries and enable users to interactively analyse
multidimensional data from multiple perspectives. An OLAP consists of three
basic analytical operations: consolidation, drill-down, and slicing and dicing.
A1.08.01.05 Online Transaction
Processing (OLTP ) Online transaction processing (OLTP) is a class of information systems that
facilitate and manage transaction-oriented applications, typically for data entry
and retrieval transaction processing.
A1.08.01.06 Predictive Analysis Software and or services to provide predictive analysis. Predictive analysis is
about finding and quantifying hidden patterns in the data using complex
mathematical models that can be used to predict future outcomes. Predictive
analysis is different from OLAP in that OLAP focuses on historical data analysis
and is reactive in nature, while predictive analysis focuses on the future. These
systems are also used to support Customer Relationship Management (CRM).
A1.08.02 Knowledge and
Discovery Management
Software that supports knowledge and discovery management.
A1.08.02.01 Data and Information
Analysis Software and or services to support the analysis and inspection of data and
information. This feeds into:
- Data and Information Modelling
- Data Categorisation
- Data Cleaning
- Data Transformation
A1.08.02.02 Information Retrieval Software that provides access to data and information for use by an
organisation and its stakeholders.
A1.08.02.03 Knowledge Capture Software that facilitates collection of data and information.
A1.08.02.04 Knowledge Distribution
and Delivery Software that supports the transfer of knowledge to the end customer.
A1.08.02.05 Simulation Software or services that help manipulate information to identify patterns and
create possible changes.
A1.08.02.06 Survey Data Collection Software or services that support methods to collect information from a
sample of individuals in a systematic way for empirical research in social
sciences, marketing and official statistics.
A1.08.03 Business Intelligence
Reporting
Software and or services that supports analysis, reporting and statistics for
Business Intelligence.
A1.08.03.01 Ad hoc Reporting Software tools or services that support the creation and display of individually
designed and structured reports with self-service access to meaningful data.
A1.08.03.02 Balanced Scorecard A semi-standard structured report supported by proven design methods and
automation tools that can be used by managers to keep track of the execution
of activities by the staff within their control and to monitor the consequences
arising from these actions.
Document Version 1.0 Page 24 of 80
A1.08.03.03 BI Dashboard A dashboard is "an easy to read, often single page, real-time user interface,
showing a graphical presentation of the current status (snapshot) and historical
trends of an organisation’s key performance indicators to enable instantaneous
and informed decisions to be made at a glance.
In real-world terms, "dashboard" is another name for "progress report" or
"report." Often, the "dashboard" is displayed on a web page that is linked to a
database which allows the report to be constantly updated. A dashboard can
be created as a 'mashup' of data from different sources.
Note: This is not to be confused with a balanced scorecard.
A1.08.03.04 On Demand Reporting Software tools or services that support on-demand reporting. An on-demand
report is a formatted version of a report run with the currently available data
and viewed immediately. When you run an on-demand report, you can specify
the parameter values to use; the report is then formatted using the current
data and displayed in the report viewer.
A1.08.03.05 Standardised / Canned Software or services that support the creation and display of standard reports
with self-service access to meaningful data.
A1.08.04 Operational Data
Store (ODS)
An operational data store (ODS) is a database designed to integrate data from
multiple sources for additional operations on the data. Unlike a master data
store the data is not passed back to operational systems. It may be passed for
further operations and to the data warehouse for reporting.
Because the data originates from multiple sources, the integration often
involves cleaning, resolving redundancy and checking against business rules for
integrity. An ODS is usually designed to contain low-level or atomic (indivisible)
data (such as transactions and prices) with limited history that is captured "real
time" or "near real time" as opposed to the much greater volumes of data
stored in the data warehouse generally on a less-frequent basis.
A1.08.05 Statistical Analytics Software or services that support the study of a collection, organisation,
analysis, and interpretation of data.
A1.08.06 Data Profiling Software that supports all forms of data analysis of extremely large, complex
data sets (big data) that are manipulated for business consumption.
Data profiling is the process of examining the data available in an existing data
source (e.g. a database or a file) and collecting statistics and information about
that data. The purpose of these statistics may be to:
- Find out whether existing data can easily be used for other purposes.
- Improve the ability to search the data by tagging it with keywords,
descriptions, or assigning it to a category.
- Give metrics on data quality including whether the data conforms to
particular standards or patterns.
- Assess the risk involved in integrating data for new applications, including the
challenges of joins.
- Assess whether metadata accurately describes the actual values in the source
database.
- Understanding data challenges early in any data intensive project, so that late
project surprises are avoided. Finding data problems late in the project can
lead to delays and cost overruns.
- Have an enterprise view of all data, for uses such as master data management
where key data is needed, or data governance for improving data quality.
A1.09 Business Continuity Software or services to support the business continuity. This includes Health
and Safety Management, Disaster Management.
Document Version 1.0 Page 25 of 80
A1.09.01 Health & Safety Software and or services that support the security and physical well-being of an
organisation's employees.
A1.09.02 Disaster Management Software and or services that support the emergency processes and recovery
of the physical facilities and people in case of a disaster.
A1.10 Unified Communications
and Collaboration
Software and or services that support unified communications and
collaboration.
A1.10.01 Calendaring Software and or services that provide users with an electronic version of a
calendar, an appointment book, address book, and/or contact list.
A1.10.02 Communications
Integration
Software and or services that support the integration and coordination
between different communication types that delivers the value of unified
communications. It includes the ability to contact people with a range of
different types of communications technology as appropriate for the situation
and person, presence across different communication types, and follow-me
functionality across different communication types.
A1.10.03 Electronic Meeting
and Collaboration
Software and or services for sharing presentations, electronic whiteboards,
screens with other meeting participants. These may be delivered bundled as
part of video conferencing tools, or delivered separately.
A1.10.04 Email Server Software and or services for delivering, storing and managing e-mail. Electronic
mail, commonly referred to as email or e-mail, is a method of exchanging
digital messages from an author to one or more recipients. Modern email
operates across the Internet or other computer networks. Email systems are
based on a store-and-forward model. Email servers accept, forward, deliver
and store messages.
A1.10.05 Event / News
Management
Software and or services that provides users with frequently updated content
to which they subscribe.
A1.10.06 Instant Messaging Software and or services that provides Instant messaging (IM). These
technologies support a form of communication over the Internet that offers
quick transmission of text-based messages from sender to receiver. In push
mode between two or more people using personal computers or other devices,
along with shared clients, instant messaging basically offers real-time direct
written language-based online chat. The user's text is conveyed over a network,
such as the Internet. It may address point-to-point communications as well as
multicast communications from one sender to many receivers. More advanced
instant messaging allows enhanced modes of communication, such as live voice
or video calling, video chat and inclusion of hyperlinks to media.
A1.10.07 Social Software Software that supports the capturing, storing and presentation of
communication, usually written but may include audio and video as well.
Interactive tools handle mediated interactions between a pair or group of
users. They focus on establishing and maintaining a connection among users,
facilitating the mechanics of conversation and talk.
A1.10.08 Syndication
Management
Software and or services that supports web feed formats used to publish
frequently updated works, such as blog entries, news headlines, audio, and
video, in a standardised format. This can include ATOM feeds, RSS etc.
Document Version 1.0 Page 26 of 80
A1.10.09 Video Software and or services for communicating with people using video. Video is
the technology of electronically capturing, recording, processing, storing,
transmitting, and reconstructing a sequence of still images representing scenes
in motion.
A1.10.10 Voice Software for communicating with people using voice or audio channels.
A1.10.11 Voicemail Software for storing voicemail, delivering notifications and managing access to
stored messages. Voice-mail is a computer based system that allows users and
subscribers to exchange personal voice messages; to select and deliver voice
information; and to process transactions relating to individuals, organisations,
products and services, using an ordinary telephone.
A1.10.99 Other Unified
Communications and
Collaboration
Other Unified Communications and Collaboration software.
A1.11 Enterprise Content
Management (ECM)
Software and or services that support Enterprise Content Management. ECM is
an umbrella term covering document management, Web content
management, search, collaboration, records management, digital asset
management (DAM), workflow management, capture, and scanning. ECM is
primarily aimed at managing the life-cycle of information from initial
publication or creation all the way through archival and eventually disposal.
Note: The underlying modules / applications components / services are found
in "Records and Content Management".
A1.12 Business Process
Management System (BPMS)
The Business Process Management System (BPMS) is considered a critical
component of operational intelligence (OI) solutions to deliver real-time,
actionable information. This real-time information can be acted upon in a
variety of ways - alerts can be sent or executive decisions can be made using
real-time dashboards. OI solutions use real-time information to take
automated action based on pre-defined rules so that security measures and or
exception management processes can be initiated.
Note: BPM is viewed as a bridge between Information Technology (IT) and
Business.
Note: The components that make up BPMS are found in the application area
"Business Process Management Tools". For the purposes of the ART we have
taken this approach as while BPMS is a recognised application system or suite
the components can be found in many other applications as core building
blocks for those applications.
Document Version 1.0 Page 27 of 80
A1.13 Business Transformation
and Improvement
Software and or services that supports business transformation. Business
transformation is about making fundamental changes in how business is
conducted. Business improvement is about making evolutionary changes, and
includes the practice of Business Process Improvement (BPI). This application
area covers the software tools to manage both transformation and
improvement.
Business transformation is achieved by realigning the way staff work, how the
organisation is structured and how technology is used. Typically organisations
go through several stages in transforming themselves:
- Recognising the need to change and gaining consensus amongst stakeholders
that dramatic change is necessary.
- Agreeing what form the change should take the objectives of the change and
a vision that describes a better future.
- Understanding what the organisation is changing from and what needs to
change in detail.
- Designing the new organisational way of working and its support and
management.
- Testing and implementing changes, usually in waves, typically over a number
of years.
- Bedding in the change so that the organisation cannot move back to how it
was and achieves the intended benefits.
Business Process Improvement is a systematic approach to help an organisation
optimize its underlying processes to achieve more efficient results.
A1.13.01 Business Change
Management
Software and or services that support Change Management. Change
Management is the process, tools and techniques to manage the people-side of
change to achieve the required business outcome. It also incorporates the
organisational tools that can be utilised to help individuals make successful
personal transitions resulting in the adoption and realisation of change.
- Process: Planning for change, Managing change, Reinforcing change.
- Tools: Individual change model, Communications, Sponsorship, Coaching,
Training, Resistance management.
A1.13.02 Portfolio Management Software and or services that support the centralized management of
processes, methods, and technologies used by project managers and project
management offices to analyse and collectively manage current or proposed
projects based on numerous key characteristics.
A1.13.03 Programme
Management
Software and or services that support Program Management. Programme
Management is the process of managing several related projects. It provides
oversight of the purpose and status of the projects in a program and can use
this oversight to support project-level activity to ensure the program goals are
met by providing a decision-making capacity that cannot be achieved at project
level.
A1.13.04 Project Management Software and or services that provides capabilities for cost estimation and
planning, scheduling, cost control and budget management, resource
allocation, collaboration, communication, quality management and
documentation or administration systems, which are used to deal with the
complexity of large projects.
Project management is the application of knowledge, skills, tools and
techniques to project activities to meet project requirements.
Project management is accomplished through the application and integration
of the project management processes of initiating, planning, executing,
monitoring and controlling, and closing.
Document Version 1.0 Page 28 of 80
A1.13.05 Requirements
Management
Software and or services used to document, analyse, trace, prioritize and agree
on requirements for an initiative and communicate with the relevant
stakeholders.
Document Version 1.0 Page 29 of 80
Common Line of Business Applications
Note: Detailed diagrams are available as .png files, and this table is available as an Excel file.
Name Description
A2 Common Line of Business
Applications
These are standard business applications within government to support the
outward facing functions for managing touch-points with customers, partners
and anyone who interacts with government.
Note: The applications found in this domain can also be used as ICT services or
application components. Many commercial applications may contain elements
of applications listed here and specific software solutions may offer a mix of
these in one suite.
A2.01 Product and Service
Management
Software and or services that facilitate the creation and maintenance of
products and services.
A2.01.01 Product and Service
Lifecycle Management
These applications are used to manage the lifecycle of a product from idea
through to retiring a product. Features include: managing product
requirements, modelling products, providing detailed product specifications,
introducing new products, managing existing products, retiring products,
forecasting, and implement marketing and offer strategies.
A2.01.02 Product and Service
Catalogue Management
Product and Service Catalogue Management is the ability to create and
maintain products that can be offered to customers. More specifically, it is the
ability to explicitly model the structure of a product, then create and centrally
manage the instances (or “catalogue”) of products based upon that structure.
Products are not always discreet, single items. A product can be a number of
components associated together and sold as a single purchasable entity.
Therefore the product may be comprised of multiple components, tangible or
intangible, such as services, features, devices, etc., that are “assembled”
together to form a single sellable entity. Some of the components within a
product will be enabled by shared / common / reusable services (e.g., location
finder). Some of the components within a product will be enabled by shared /
common / reusable resources. These underlying services and resources may be
managed by different parts of the organisation.
A2.01.03 Product and Service
Performance Management
These applications are used to manage the performance of products and
services. Features include: campaign tracking, revenue reporting, cost
reporting, capacity analysis, cost management, inventory optimisation, and
sourcing determination.
A2.02 Marketing Software and or services to facilitate marketing and promotion of products and
services.
A2.02.01 Sales and Marketing
Management
Software and or services to manage promotions of a product or service and
capture of new business.
A2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2.03 Customer RelationshipA2.03 Customer RelationshipA2.03 Customer RelationshipA2.03 Customer RelationshipManagementManagementManagementManagementA2.01 Product and ServiceA2.01 Product and ServiceA2.01 Product and ServiceA2.01 Product and ServiceManagementManagementManagementManagement A2.04 Partner RelationshipA2.04 Partner RelationshipA2.04 Partner RelationshipA2.04 Partner RelationshipManagementManagementManagementManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.06 Customer ServiceA2.06 Customer ServiceA2.06 Customer ServiceA2.06 Customer ServiceA2.05 Customer AccountingA2.05 Customer AccountingA2.05 Customer AccountingA2.05 Customer Accounting A2.02 MarketingA2.02 MarketingA2.02 MarketingA2.02 Marketing A2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2 Common Line of Business ApplicationsA2.06 Customer ServiceA2.06 Customer ServiceA2.06 Customer ServiceA2.06 Customer Service A2.03 Customer RelationshipA2.03 Customer RelationshipA2.03 Customer RelationshipA2.03 Customer RelationshipManagementManagementManagementManagementA2.05 Customer AccountingA2.05 Customer AccountingA2.05 Customer AccountingA2.05 Customer Accounting A2.02 MarketingA2.02 MarketingA2.02 MarketingA2.02 MarketingA2.01 Product and ServiceA2.01 Product and ServiceA2.01 Product and ServiceA2.01 Product and ServiceManagementManagementManagementManagement A2.04 Partner RelationshipA2.04 Partner RelationshipA2.04 Partner RelationshipA2.04 Partner RelationshipManagementManagementManagementManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.08 Grants ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.07 Emergency ManagementA2.07 Emergency Management
Document Version 1.0 Page 30 of 80
A2.02.02 Brand Management Software and or services to support the application of a trade name to a
product or service as well as developing an awareness for the name
A2.02.03 Marketing Surveys Software and or services to support surveys to collect useful information from
an organisation's customers.
A2.02.04 Campaign
Management
Software and or services to manage the lifecycle of marketing campaigns.
Ideally this should leverage a single consistent view of the customer data. It
provides design, execution, analytics and refinement.
A2.03 Customer Relationship
Management
Software and or services to support customer relationship management (CRM).
Software used to plan, schedule, and control the activities between the
customer and the enterprise, both before and after a product or service is
offered.
A2.03.01 Customer Contact and
Profile Management
Software and or services to provide a comprehensive view of all customer
interactions, including calls, e-mail, correspondence and meetings; also
provides for the maintenance of a customer’s account, business and personal
information. It can automatically synchronize suitable appointment dates,
times, and methods for customer contact.
A2.03.02 Customer Order and
Registration Management
Software and or services to support customer order and registration that
allows order creation and tracking.
A2.03.03 Customer Account
Management
Software and or services to support the retention and delivery of a service or
product to an organisation's clients.
A2.03.04 Customer Self
Management
Software and or services to support customer self-management that can
include:
- Browsing the product and services catalogue.
- Viewing product and services eligibility.
- Shopping cart driven order management.
- Reporting problems and troubleshooting.
- Setting preferences, alerts and notifications.
- Access to guidelines and tutorials.
- Access to Call center agents.
- Account management.
- Self registration to online services.
- Service requests management.
- Service request submission.
- Service request amendment.
- Service request closure.
A2.03.05 Customer Problem
Management
Software and or services to support customer problem management that
allows problem qualification & reception.
A2.03.06 Customer Analytics Software and or services that supports the analysis of an agency’s customers,
customer experiences, as well as the scoring of third-party information as it
relates to customers. This also includes handling comments and feedback from
customers.
Document Version 1.0 Page 31 of 80
A2.04 Partner Relationship
Management
Software and or services that supports the effective collaboration between an
organisation and its business partners, providers, particularly members of the
distribution chain (e.g. channel and alliance partners, resellers, agents, brokers
and dealers) and other third parties that support operations and service
delivery to an organisation’s customers; includes performance evaluation of
partners, if necessary.
This becomes increasingly important as government products and services are
delivered through non-agency channels.
A2.04.01 Partner Contract and
SLA Management
Software and or services that support partner contract and SLA management
including features such as: issue reception, collection, analysis, violation
management, and reporting.
A2.04.02 Partner Account
Management
Software and or services that support the retention and delivery of a service or
product to an agency's partners.
A2.04.03 Partner Contact and
Profile Management
Software and or services that provides a comprehensive view of all partner
interactions, including calls, e-mail, correspondence and meetings; also
provides for the maintenance of a customer’s account, business and
organisational information.
A2.04.04 Partner Problem
Management
Software and or services that support partner problem qualification &
reception features such as: ID validation, reception of problems from various
sources, problem triage, and access to a complete partner problem history
database... It also includes problem lifecycle management, problem resolution,
problem reporting.
A2.04.05 Partner Analytics Software and or services for the analysis of an agency's partners, partner
collaboration, partner engagement, as well as the scoring of partner
information. This also includes handling comments and feedback from
partners.
A2.05 Customer Accounting Software and or services for financial interactions with the customers of
Government, business and individuals.
A2.05.01 Customer Financial
Account Management
Software and or services that support financial account management for
customer financial transactions with the agency.
A2.05.02 Customer Invoicing
and Statement Management
Software and or services that support the management of customer invoices
and statements produced by the agency.
A2.05.03 Customer Collections Software and or services that is concerned with financial transactions which
include receipts and payments from / to Customers.
A2.05.04 Customer Debts and
Recovery
Software and or services that handles customer debts and recovery.
A2.06 Customer Service Software and or services that supports activities associated with providing an
agency’s customers with information regarding the agency’s service offerings
and managing the interactions and relationships with those customers.
These tools can also be used by partners involved in providing service to
customers.
A2.06.01 Contact Centre / Help
Desk
Software and or services that support activities associated with providing an
agency’s customers with information regarding the agency’s service offerings
and managing the interactions and relationships with those customers.
Document Version 1.0 Page 32 of 80
A2.06.02 Contact Centre
Management
Software and or services that support Contact Centre Management. Contact
Centre Management handles telephone sales and/or service to the end
customers. Application services include; contact centre workforce management
(including virtual operators that may work outside the call centre), queue
management (including call backs where customer choose to be called back
rather than wait, and automatic call distributing queuing (ACDQ), quality
monitoring, analysis, and reporting.
A2.06.03 Contact Centre
Knowledge Base
Software and or services that support a Contact Centre Knowledge base. This
provides instant, reliable answers to agents, for example process guides,
product guides, frequently asked questions, escalation etc. Includes; search,
ability to collaborate with other departments, and reporting on knowledge
base usage.
A2.06.04 Case Management Software and or services that support the management of the life cycle of a
particular claim or investigation within an agency to include creating, routing,
tracing, assignment and closing of a case as well as collaboration among case
handlers.
Note: The terms case management is fairly generic, and we can find specific
instances of case management for example order management, problem
management, grant management etc.
A2.06.05 Online Interactive
Assistance
Software and or services that provide an electronic interface for customers
receive assistance from customer service personnel.
A2.06.06 Online Guidelines Software and or services that provide an electronic interface to educate and
assist customers.
A2.06.07 Translation Software Software and or services that supports or enables translation functionality. This
does not include software for other purposes that can be used in multiple
languages. Also known as multi-lingual support.
A2.06.08 Payment Systems Software and or services that support the use of credit cards or electronic
funds transfer for payment and collection of products or services. Examples:
PayPal, cash, Bitcoin, etc. Also known as point of sale systems (POS).
A2.07 Emergency Management Software that supports delivery of emergency management services.
A2.07.01 Emergency
Management Information
System (EMIS)
Software that supports emergency management information collection and
management. For continuity and inter-operability between emergency
management stakeholders, EMIS supports an infrastructure that integrates
emergency plans at all levels of government and non-government involvement
for all four phases of emergencies.
Common features of the software include Geographic Information Systems
(GIS), weather and plume modelling, resource management, and Command,
Control, and Communication (C3) functions.
A2.07.02 Hospital Incident
Command System (HICS)
A Hospital Incident Command System (HICS) is an incident command system
(ICS) designed for hospitals and intended for use in both emergency and non-
emergency situations. It provides hospitals of all sizes with tools needed to
advance their emergency preparedness and response capability—both
individually and as members of the broader response community.
Document Version 1.0 Page 33 of 80
A2.07.03 Emergency
Communications System (ECS)
An Emergency Communication System (ECS) is any system (typically, computer-
based) that is organised for the primary purpose of supporting one-way and
two-way communication of emergency messages between both individuals and
groups of individuals. These systems are commonly designed to integrate the
cross-communication of messages between varieties of communication
technologies, forming a unified communication system intended to optimize
communications during emergencies.
A2.08 Grants Management Software that supports grants management, where a grant of money is made
to an organisation or individual for a specific purpose.
A2.08.01 Grant Receipt of
Proposals
Portal for the receipt of grant proposals.
A2.08.02 Grant Administration Software that supports the administration and monitoring of grants.
A2.08.03 Grant Review Software that supports the review process for grants.
A2.08.04 Grant Announcement Portal that posts and publishes announcements of grants to be funded.
Document Version 1.0 Page 34 of 80
End User Computing
Note: Detailed diagrams are available as .png files, and this table is available as an Excel file.
Name Description
A3 End User Computing The End User Computing application domain brings together the various
applications and ICT services needed to support a range of end user computing
devices, from traditional PC's through to smart phones and tablets and
personalisation services.
A3.01 End User Device
Management
Software and or services that controls the hardware and software
environments, as well as documents of end users (individuals and or
organisations).
Note: Security aspects are covered under "Security Services".
A3.01.01 Application
Compatibility Testing
Tool to automate the analysis of applications to determine compatibility with
device operating systems.
A3.01.02 Application
Deployment
Mechanism to install packaged applications to workstations and other end user
devices running locally installed applications. See also "Packaging Tools".
A3.01.03 Application Discovery Application Discovery is a tool that can be used to discover which applications
are being used within an agency. Discovery tools may be agent-less or require
agents and may use a variety of means to discover applications.
A3.01.04 OS Deployment The OS Deployment tools are used to deploy (patched) operating system
images. See also "Packaging Tools".
A3.01.05 Packaging Tools Tools or solution set for packaging applications for delivery to an end user
device. See also" OS Deployment" and "Application Deployment".
A3.01.06 Patch Manager Tools to automatically remediate manage installation of and report on
operating system and application software patches. The applicability of this
functional component is mainly focussed on fat device desktop and fat device
laptop.
A3.01.07 Persona Manager Persona Manager tools maintain information relevant to a particular user
(settings, preferences, and configuration) and determine how it is managed
across devices and contexts.
A3 End User ComputingA3 End User ComputingA3 End User ComputingA3 End User ComputingA3.05 Graphics and MultimediaA3.05 Graphics and MultimediaA3.05 Graphics and MultimediaA3.05 Graphics and Multimedia A3.04 Productivity SuiteA3.04 Productivity SuiteA3.04 Productivity SuiteA3.04 Productivity SuiteA3.02 End User ToolsA3.02 End User ToolsA3.02 End User ToolsA3.02 End User Tools A3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.01 End User Device ManagementA3.01 End User Device ManagementA3.01 End User Device ManagementA3.01 End User Device Management A3 End User ComputingA3 End User ComputingA3 End User ComputingA3 End User ComputingA3.05 Graphics and MultimediaA3.05 Graphics and MultimediaA3.05 Graphics and MultimediaA3.05 Graphics and Multimedia A3.04 Productivity SuiteA3.04 Productivity SuiteA3.04 Productivity SuiteA3.04 Productivity SuiteA3.02 End User ToolsA3.02 End User ToolsA3.02 End User ToolsA3.02 End User Tools A3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.03 Mobile ApplicationsA3.01 End User Device ManagementA3.01 End User Device ManagementA3.01 End User Device ManagementA3.01 End User Device Management
Document Version 1.0 Page 35 of 80
A3.01.08 Policy Compliance
Manager
Policy Compliance Manager tools monitor configuration against policy for
compliance and initiates action if the configuration does not comply with the
relevant policy.
Note: Policy Compliance Manager, Policy Manager and Security Configuration
Manager are often, though not always, implemented using the same software
technology.
A3.01.09 Policy Manager Tools to manage deployment and enforcement of policy on the configuration
and settings of devices and their operating systems. NB: Policy Compliance
Manager, Policy Manager and Security Configuration Manager are often,
though not always, implemented using the same software technology.
A3.01.10 Security Configuration
Manager
Tools to manage, report on and enforce required security configuration of
client devices. NB: Policy Compliance Manager, Policy Manager and Security
Configuration Manager are often, though not always, implemented using the
same software technology.
A3.01.11 Self Service
Application Store
A Self-Service App Store allows users to self-select, and automatically provision
applications onto their devices. This may include workflow functionality to
allow for line-management approval or to control expenditure, license
consumption and financial approval.
A3.01.12 User Data Manager User Data Manager tools provide access to users’ files regardless of their
environment. This functional building block does NOT guarantee off-line
access, but may deliver that as an additional feature.
A3.01.13 Virtualisation
Compatibility Testing
Tool to automate the analysis of applications to determine compatibility with
application virtualisation. Note: these tools are often implemented in
combination with Application Compatibility Testing.
A3.01.14 Virtual Desktop
Manager
Virtual Desktop Manager tools manage the allocation and configuration of
virtual desktops and virtual desktop pools to PC's and other end user devices.
A3.01.15 Privacy and Policy
Enforcement Management
Tools to manage, report on and enforce required privacy and policy
configuration of client devices.
A3.01.99 Other End User
Configuration Management
Other End User Configuration Management tools.
A3.02 End User Tools End User Tools consists of all of the utility applications that are available for use
by the users of the Standard Operating Environment (SOE). There will be a
variance of the utilities required between devices. In addition, some operating
systems deliver these capabilities as part of the operating system’s native
capabilities. Therefore care needs to be taken not to merely provide a utility
because it is in this list, but instead to ensure that these capabilities are
delivered by the complete SOE while minimising the number of utilities
delivered as separate applications.
Note: Productivity, Mobile Applications, Unified Communications and
Collaboration, and Visualisation have specific application areas and are not
include here.
A3.02.01 Additional Language
Support
Software and or services that support additional languages. This gives the use
the ability to enter, display and spell-check additional languages as required.
Māori should be installed as a default.
Document Version 1.0 Page 36 of 80
A3.02.02 Audio Tools Audio Tools are required to adjust and tune audio components installed in the
devices. There are some tools resident in the OS, but advanced functionality
can be gained from using the native tools that are provided with the audio
components.
A3.02.03 File Compression and
Extraction
File compression software and or services. File Compression is the capability to
compress files for storage or transit and extract files that have been
compressed. There are formats that are commonly used such as ZIP, which
require an additional software component or could be supported natively in
the Operating System being run.
A3.02.04 File Screen Saver An application that displays an image on and end user device display after a
pre-set time to hide applications and the information they display when
running on that device to minimise the opportunity for unauthorised access.
Screen Savers include the ability to auto-lock a device.
A3.02.05 Display Tools Display Tools are required to attach additional monitors / projectors and to
change resolution states etc. Some display tools are resident in the OS, but
advanced functionality can be gained by using the native tools that are
provided with the display adapter.
A3.02.06 Legacy Browser
Support
Legacy Browser Support services provide the ability to display web applications
that require legacy browsers, for example some applications require Internet
Explorer 6 proprietary extensions.
A3.02.07 PDF Reader PDF Reader is the software required to read PDF files. This is a basic tool that
does not allow editing of the PDF file. This software is subject to regular version
updates which can be problematic for users and cause issues in locked down
environments. Because of this, the software is a perfect candidate for
Application Virtualisation technology.
A3.02.08 Power Management
Tools
Power Management Tools allow changes to be made to the power scheme on
the device. This can reduce the energy consumption on the device or ensure
power saving doesn't affect expected operation. As an example, users would
turn off hibernation if they were going to be doing a presentation. Power
settings have the potential to save an organisation a substantial amount of
money, when the savings per device are multiplied by the number of devices
installed.
A3.02.09 Runtime Environment Runtime Environments (also known as Development frameworks) such as a
Java runtime environment or .NET are required to allow applications or applets
based on those frameworks to execute. Incompatibility issues can arise when
different versions of the frameworks are required on a single device. This can
be resolved using Application Virtualisation Client and its associated backend
technologies, as each virtual bubble forms an isolation barrier.
A3.02.10 Web Application
Frameworks
Web Application Frameworks are required to run web application components
developed in that framework. Examples of these frameworks are Adobe Flash
and Air or Microsoft Silverlight.
A3.02.11 Web Browser Web Browser provides the interface to all web based content, be it on the
Internet or Intranet. Often the delivery of web applications is underestimated
because of a perception that it’s simply browser based. Web applications often
require additional applets or plug-ins for the application to work or to be
displayed for the visually impaired. These factors need to be considered to
ensure usability and security is not compromised.
Document Version 1.0 Page 37 of 80
A3.02.12 Secure Remote Access Solution providing secure access from outside the boundaries of the agency to
a user’s end user computing environment. Enables authorised individuals to
remotely access the user interface of a computing resource for the purpose of
installation, configuration, auditing or process management.
A3.02.99 Other End User Tools Other end user tools without a defined application category.
A3.03 Mobile Applications Mobile applications are deployed on mobile devices such as smart phones and
tablets.
A3.04 Productivity Suite Productivity Suite is the core suite of bundled applications that support the
most commonly used office activities such as; Word processor, Spreadsheet,
Email clients, Presentation software, Drawing tools, Publishing software, and
Database application.
A3.04.01 Image Manipulation Software used to create or edit images. Includes: vector and raster drawings,
colour manipulation, image filtering, etc.
A3.04.02 Email Clients Email Clients also known as Mail User Agents - MUA.
A3.04.03 Presentation Software used to display information, normally in the form of a slide show.
A3.04.04 Publishing Software used to publishing.
A3.04.05 Spreadsheet Software used to create, update and/or read a two-dimensional matrix of rows
and columns.
A3.04.06 Word Processing Software used for the composition, editing, formatting and/or possibly printing
of print material.
A3.04.07 Follow-me Printing A service for sending documents to a print queue that can be accessed by any
networked printer when the user authenticates with that printer.
A3.04.99 Other Productivity
Suite
Other Productivity Suite software that does not have an existing application
category.
A3.05 Graphics and Multimedia Software and or services that supports visualisation.
A3.05.01 Charting Software to develop graphical representation of data in which the data is
represented by symbols such as bars, lines, slices, dots, size, etc.
A3.05.02 Computer Aided
Design (CAD)
Software that supports the use of computer technology for the process of
design and design-documentation and includes software or environments
which provide the user with input-tools for the purpose of streamlining design
processes; drafting, documentation, and manufacturing processes.
A3.05.04 Idea Mapping Software that is used to create diagrams of relationships between concepts,
ideas or other pieces of information.
A3.05.05 Multimedia Software to manage, develop and manipulate content from a combination of
different content forms such as text, audio, still images, animation, video, or
interactivity.
A3.05.06 Photographic Software that supports the capture, storage, and manipulation of photographic
images.
Document Version 1.0 Page 38 of 80
A3.05.07 Video Editors Software that enables a person to manipulate animated or video visual images
on a computer.
A3.05.99 Other Visualisation
Applications
Other visualisation software that does not have an existing application
category.
Document Version 1.0 Page 39 of 80
Data and Information Management Services
Note: Detailed diagrams are available as .png files, and this table is available as an Excel file.
Name Description
A4 Data and Information
Management Services
Software and or services that support management of government data and
information and the alignment with standards, quality initiatives, good practice
accessibility, etc. This includes the development, execution and supervision of
plans, policies, programmes and practices that control, protect, deliver and
enhance the value of data and information assets.
A4.01 Data and Information
Architecture
Software and or services that support data and information architecture which
is composed of models, policies, rules or standards that govern which data is
collected, and how it is stored, arranged, integrated, and put to use in data
systems and in organisations. Data and Information is one of the architecture
dimensions that form the pillars of an enterprise architecture or solution
architecture
A4.01.01 Data and Information
Categorisation
Software and or services that supports the creation and maintenance of
relationships between data entities, naming standards and categorisation and
allows classification of data and information into specific layers or types to
support an organisation.
A4.01.02 Data and Information
Modelling
Software and or services to support data and information modelling to define
and analyse data requirements needed to support the business.
A4.01.03 Data Representation
Languages
Software languages used for data representation, such as XML, JSOW, SDL,
GSML and other markup languages.
A4.01.04 Metadata
Management
Software that supports the maintenance and administration of data that
describes data.
A4.02 Data and Information
Interoperability
Software and services that support data and information interoperability.
Interoperability is the ability of making systems and organisations work
together (inter-operate) to allow for information exchange,
A4.02.01 Data and Information
Catalogue
Software and or services that support the cataloguing of data and information
assets.
A4.02.02 Data Extraction,
Transformation and Loading
Software that supports the extraction of data from a data source, the
manipulation and change of data to a different format and the population of
data destination with the transformed data.
A4 Data and Information Management ServicesA4 Data and Information Management ServicesA4 Data and Information Management ServicesA4 Data and Information Management ServicesA4.02 Data and InformationA4.02 Data and InformationA4.02 Data and InformationA4.02 Data and InformationInteroperabilityInteroperabilityInteroperabilityInteroperability A4.08 Geospatial InformationA4.08 Geospatial InformationA4.08 Geospatial InformationA4.08 Geospatial InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationServicesServicesServicesServices A4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.01 Data and InformationA4.01 Data and InformationA4.01 Data and InformationA4.01 Data and InformationArchitectureArchitectureArchitectureArchitectureA4.05 Data ProtectionA4.05 Data ProtectionA4.05 Data ProtectionA4.05 Data Protection A4.06 Database ManagementA4.06 Database ManagementA4.06 Database ManagementA4.06 Database ManagementA4.09 Content Management SystemA4.09 Content Management SystemA4.09 Content Management SystemA4.09 Content Management SystemA4 Data and Information Management ServicesA4 Data and Information Management ServicesA4 Data and Information Management ServicesA4 Data and Information Management ServicesA4.07 Additional Data and InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationA4.07 Additional Data and InformationServicesServicesServicesServices A4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.04 Data Quality ManagementA4.02 Data and InformationA4.02 Data and InformationA4.02 Data and InformationA4.02 Data and InformationInteroperabilityInteroperabilityInteroperabilityInteroperability A4.08 Geospatial InformationA4.08 Geospatial InformationA4.08 Geospatial InformationA4.08 Geospatial InformationA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.03 Data and Records GovernanceA4.01 Data and InformationA4.01 Data and InformationA4.01 Data and InformationA4.01 Data and InformationArchitectureArchitectureArchitectureArchitectureA4.05 Data ProtectionA4.05 Data ProtectionA4.05 Data ProtectionA4.05 Data Protection A4.06 Database ManagementA4.06 Database ManagementA4.06 Database ManagementA4.06 Database ManagementA4.09 Content Management SystemA4.09 Content Management SystemA4.09 Content Management SystemA4.09 Content Management System
Document Version 1.0 Page 40 of 80
A4.02.03 Data Integration and
Exchange
Software services that enable elements of distributed business applications to
interoperate and the software development necessary to facilitate such
integration. These elements can share function, content, and communications
across heterogeneous computing environments. Includes data import and
export between systems and or services.
A4.02.04 Data Mapping Software that supports the process of creating data element mappings
between two distinct data models. Data mapping is used as a first step for a
wide variety of data integration tasks.
A4.02.05 Metadata Extraction Software and or services that support metadata extraction. It includes:
- Automatically extracts preservation-related metadata from digital files.
- Output metadata in a standard format (XML) for use in preservation activities.
Can be used for preservation data processes and activities, resource discovery
and other.
A4.02.06 Records Linking /
Association
Software and or services that support the correlation between logical data and
information sets.
A4.03 Data and Records
Governance
Software and or services that supports data and records governance. Data
governance encompasses the people, processes, and information technology
required to create a consistent and proper handling of an organisation's data
across the business enterprise. It is a set of processes that ensures that
important data assets are formally managed throughout the enterprise. Data
governance ensures that data can be trusted and that people can be made
accountable for any adverse event that happens because of low data quality. It
is about putting people in charge of fixing and preventing issues with data so
that the enterprise can become more efficient. Data governance also describes
an evolutionary process for a company, altering the company’s way of thinking
and setting up the processes to handle information so that it may be utilised by
the entire organisation. It’s about using technology when necessary in many
forms to help aid the process.
Note: Note: In New Zealand (Australia and Canada) we have a view that
something is inherently a record because it provides evidence of a transaction;
therefore almost all content including data and documents are also records.
However most software has been developed to support the US model where
records only becomes records only after someone or some process has
formally declared them to be a record.
Note: "Data Quality Management" can be part of "Data Governance".
A4.03.01 Data Lifecycle
Management
Software and or services that support a policy-based approach to managing the
flow of an information system's data throughout its life cycle: from creation
and initial storage to the time when it becomes obsolete and is deleted.
A4.03.02 Master Data
Management
Software and or services that supports a set of processes and tools that
consistently define and manage the non-transactional data entities of an
organisation, which may include reference data. It has the objective of
providing processes for collecting, aggregating, matching, consolidating,
quality-assuring, and distributing such data throughout an organisation to
ensure consistency and control in the ongoing maintenance and application use
of this information.
Document Version 1.0 Page 41 of 80
A4.03.03 Records Disposal Software and or services that supports the process of records disposal. In
records management there are five possible disposal outcomes under the NZ
Public Records Act 2005 Subsection 20:
- Destruction.
- Transfer to another government agency.
- Transfer to Archives NZ for long term preservation and availability.
- Discharge to another entity, e.g. another government department.
- Sale.
Disposal supports these steps:
> Step 1 - A record becomes inactive because a passive or active trigger:
- No person or mechanism is continuing to alter it – we observe the lack of
activity, and after a period of time we conclude that it is inactive.
- A later version has been created and/or a record has been superseded and
this record should No longer be in current use.
- In some cases a person or mechanism closes/finalises the record to prevent
any further changes to the content and to some attributes.
> Step 2 - The record is retained for a period of time after last alteration. This
period could be seconds (keep the sent data packet until recipient
acknowledges receipt) through to decades.
> Step 3 - The record disposal action occurs – destruction or transfer to an
archival authority, discharge.
A4.03.03.01 Records Transfer to Chief
Archivist
Software and or services that support the transfer of control of the record to
the chief archivist. This may, or may not, involve transfer of the actual records.
Note: In records management the term 'archival' is not a proxy for storage.
A4.03.03.02 Records Destruction Software and or services that supports the destruction of records.
A4.03.03.03 Records Discharge Software and or services that supports the discharge of records.
A4.03.03.04 Records Transfer Software and or services that support the transfer of the control of records
from one government agency to another. This may, or may not, involve
transfer of the actual records.
A4.03.03.05 Records Sale Software and or services that support the sale of the records from a
government agency to a buyer.
A4.03.04 Controlled Vocabulary Software and or services that provides a way to organize knowledge for
subsequent retrieval. They are used in subject indexing schemes, subject
headings, thesauri, taxonomies and other forms of knowledge organisation
systems. Controlled vocabulary schemes mandate the use of predefined,
authorised terms that have been preselected by the designer of the vocabulary,
in contrast to natural language vocabularies, where there is no restriction on
the vocabulary.
A4.04 Data Quality
Management
Software and or services to ensure that data are fit for their intended uses in
operations, decision making and planning and to ensure internal consistency of
the data.
A4.04.01 Data Cleansing Software and or services that support the cleaning of data and information.
Cleansing can including merging data, removing duplicates, identifying
authoritative sources, fixing data entry errors, marking suspect records.
A4.04.02 Data Enrichment Software and or services that support data enrichment. Data enrichment is a
general term that refers to processes used to enhance, refine or otherwise
improve raw data. This idea and other similar concepts contribute to making
data a valuable asset for almost any modern business or organisation.
Document Version 1.0 Page 42 of 80
A4.04.03 Data Integrity Software and or services that support data integrity. Data integrity refers to
maintaining and assuring the accuracy and consistency of data over its entire
life-cycle, and is a critical aspect to the design, implementation and usage of
any system which stores, processes, or retrieves data.
A4.04.04 Data Quality
Assurance
Software and or services that support data quality assurance. Data quality
assurance is the process of profiling the data to discover inconsistencies and
other anomalies in the data, as well as performing data cleansing activities (e.g.
removing outliers, missing data interpolation) to improve the data quality.
These activities can be undertaken as part of data warehousing or as part of the
database administration of an existing piece of applications software.
A4.05 Data Protection Software and or services that support data security and protection.
Note: Other aspects of data security are covered under the application domain
"Security Services".
A4.05.01 Data Access Levels Software and or services that support adding access levels to data entities,
attributes and record level content.
A4.05.02 Data Archiving Software and or services that support data archiving. Data archiving is the
process of moving data that is no longer actively used to a separate data
storage device for long-term retention. Data archives consist of older data that
is still important and necessary for future reference, as well as data that must
be retained for regulatory compliance. Data archives are indexed and have
search capabilities so that files and parts of files can be easily located and
retrieved.
Note: Data archives are often confused with data backups, which are copies of
data. Data backups are used to restore data in case it is corrupted or destroyed.
In contrast, data archives protect older information that is not needed for
everyday operations but may occasionally need to be accessed.
A4.05.03 Data Erasure Software and or services that support data erasure (also called data clearing or
data wiping) is a software-based method of overwriting the data that aims to
completely destroy all electronic data residing on a hard disk drive or other
digital media. Permanent data erasure goes beyond basic file deletion
commands, which only remove direct pointers to the data disk sectors and
make the data recovery possible with common software tools. Unlike
degaussing and physical destruction, which render the storage media unusable,
data erasure removes all information while leaving the disk operable,
preserving IT assets and the environment. New flash memory–based media
implementations, such as solid-state drives or USB flash drives can cause data
erasure techniques to fail allowing remnant data to be recoverable.
A4.05.04 Data Masking Software and or services that support the masking of data entities at attribute
and record level to support privacy of information such as a credit card
number, passwords, and for the creating of test data.
A4.05.05 Data Replication Software and or services that support the replication of data so that data is not
lost in the event of a failure of the storage hardware. This is related to but
different from backup and restore.
A4.06 Database Management Software and or services that support database management.
Document Version 1.0 Page 43 of 80
A4.06.01 Database
Management System (DBMS)
Database management systems (DBMSs) are computer software applications
that interact with the user, other applications, and the database itself to
capture and analyse data. A general-purpose DBMS is designed to allow the
definition, creation, querying, update, and administration of databases.
Note: Database Management System covers database, administration, tuning,
backup, recovery, upgrades, etc.
A4.06.02 Database
Administration
Registering and monitoring users, enforcing data security, monitoring
performance, maintaining data integrity, dealing with concurrency control, and
recovering information if the system fails.
A4.06.03 Database Backup and
Recovery
Software and or services that creates copies of databases which may be used to
restore the original after a data loss event or to restore and stabilize data sets
to a consistent, desired state.
A4.06.04 Database Tuning Database maintenance includes software tools and or services to monitor,
tune, upgrade, migrate and optimise databases. It also includes tablespace
maintenance.
A4.07 Additional Data and
Information Services
Software and or services that supports data and information services.
Note: "Enterprise Content Management" is in the "Corporate Applications"
domain. "Data Mining" and "Data Profiling" are covered in the "Business
Intelligence and Analytics" in area A1.
A4.07.01 Auto Categorisation Auto Categorisation is an approach to use technology to automatically
determine what a piece of electronic content is and how to address it. In the
context of records management, auto categorisation can be helpful in two
areas: determining whether a piece of content is a record or not and then
assigning that record to its logical spot in the classification scheme.
The technology analyses the record to determine what it is and where it goes.
In most cases this analysis is based on the content of the record itself. For a
record that contains text-type information, such as Microsoft Word, email,
PDFs, project files, and others, the text can be analysed. For records that are
images, some solutions can use character recognition technologies like OCR
and barcodes to extract meaning from the image and analyse that.
For other types of content, and even for some of these types as well in some
systems, the application analyses the metadata of the record. For email this
might include date sent and address of the sender, while for a Word document
it might include the title of the document or its author. Even the file format
itself could provide initial analysis; for an engineering firm, for example, the
mere fact that a document is a CAD drawing or a .dwg file could be enough to
start the classification process (though it would almost certainly not end there).
A4.07.02 Digital Rights
Management
Software and or services that support the claim and ownership of intellectual
capital and artefacts belonging to an organisation.
A4.07.03 Digital Conversion Software that supports scanning and the interpretation into digital formats.
Depending on the reason for an image being scanned there may be special
requirements as to the quality of the image. For example scanning a tax invoice
does not need to be high quality whereas LINZ scanning a map for a record of a
property needs to have a very high quality image. Includes 3D scanning of
objects.
Document Version 1.0 Page 44 of 80
A4.07.04 Enterprise Search Software and or services that support the search information within an
enterprise (though the search function and its results may still be public).
Enterprise search can be contrasted with web search, which applies search
technology to documents on the open web, and desktop search, which applies
search technology to the content on a single computer.
Enterprise search systems index data and documents from a variety of sources
such as: file systems, intranets, document management systems, e-mail, and
databases. Many enterprise search systems integrate structured and
unstructured data in their collections. Enterprise search systems also use
access controls to enforce a security policy on their users.
A4.07.05 Optical Character
Recognition (OCR)
Software that supports scanning and the interpretation of images into digital
formats. Depending on the reason for an image being scanned there may be
special requirements as to the quality of the image. For example scanning a tax
invoice does not need to be high quality whereas LINZ scanning a map for a
record of a property needs to have a very high quality image. Includes 3D
scanning of objects.
A4.07.06 Data and Information
Analytics
Software and or services to support text, voice, video, sound analytics. This
involves information retrieval, lexical analysis to study word frequency
distributions, pattern recognition, tagging/annotation, information extraction,
data mining techniques including link and association analysis, visualisation,
and predictive analytics. The overarching goal is, essentially, to turn text, voice,
video, sound into data for analysis, via application of natural language
processing (NLP) and analytical methods.
A4.07.07 Version Control Software and or services to support version control. Most commonly run as
stand-alone applications, but revision control is also embedded in various types
of software such as word processors and spreadsheets.
Note: It is also covered by the "Content Control" application category within
the "Content Management" application area and in various content
management systems.
A4.07.99 Other Data and
Information Services
Other Data and Information Services without a defined application category.
A4.08 Geospatial Information Software and or services that supports geospatial information. Geospatial
information is information describing the location and names of features
beneath, on or above the earth's surface.
A4.08.01 Cartography Software that supports the creation of maps. Includes hydrography.
A4.08.02 Collection and
Manipulation of Satellite and
Aerial Photographs
Software which supports the modification or analysis of imagery information.
A4.08.03 Geometric Networks Software that supports modelling of common networks and infrastructures
found in the real world. Water distribution, electrical lines, gas pipelines,
telephone services, and water flow in a stream are all examples of resource
flows that can be modelled and analysed using a geometric network.
A4.08.04 Geocoding (Forward
Geocoding)
Software that supports Geocoding. This is sometimes called forward geocoding
and is the process of enriching a description of a location, most typically a
postal address or place name, with geographic coordinates from spatial
reference data such as building polygons, land parcels, street addresses, ZIP
codes (postal codes) and so on. Geocoding facilitates spatial analysis using
Geographic Information Systems and Enterprise Location Intelligence systems.
Document Version 1.0 Page 45 of 80
A4.08.05 Geospatial Data
Analysis
Supports the application of statistical analysis and other informational
techniques to geographically based data. Also known as Geostatistics.
A4.08.06 Geospatial Data
Collection
Software that supports the collection or management of geospatial
information. Includes hydrographic data collection
A4.08.07 Hydrological
Modelling
Software that supports Hydrologic modelling. They are primarily used for
hydrologic prediction and for understanding hydrologic processes.
A4.08.08 Imagery Software that supports the collection of information via satellite and aerial
photography.
A4.08.09 Reverse Geocoding Software that supports Reverse Geocoding. Reverse geocoding is the process of
enriching geographic coordinates with a description of the location, most
typically a postal address or place name.
A4.08.10 Spatial Data
Infrastructure
Software that supports linking online spatial data and allowing it to be
discovered, accessed and used.
A4.08.11 Topological Modelling Software that supports modelling utilising the topological properties of spatial
objects. Topology is one of the mechanisms to describe relationships between
spatial objects. Thus, it is the basis for many spatial operations.
A4.08.12 Spatial Data Modelling Software that supports modelling of spatial data. This includes:
- Vector data representation as discrete points, lines, and polygons.
- Raster data representation of landscapes as a rectangular matrix of square
cells.
- Projections
- Tiling.
It supports the Geo Service Standards.
A4.09 Content Management
System
Software used to track, store and retrieve content. It is usually capable of
keeping track of the different versions created by different users (history
tracking).
A4.09.01 Content
Categorisation
Software and or services that support the categorisation of content, both
electronic and physical, and artefacts using metadata for aggregation,
A4.09.02 Content Control Software and or services that support the control of content and artefacts used
by an organisation and its stakeholders. Content control is used to put in place
defined processes around the development, publication and
withdrawal/retirement of documents.
A4.09.03 Content Library On line repository of content, documents, letters, speeches, web sites, books,
or articles to be shared.
A4.09.04 Content Publishing Software and or services that supports the collection, managing, and publishing
of information in any form or medium, including intranet, internet, etc. When
stored and accessed via computers, this information has come to be referred
to, simply, as content or, to be precise, digital content. Digital content may take
the form of text (such as electronic documents), multimedia files (such as audio
or video files), or any other file type that follows a content lifecycle requiring
management.
Document Version 1.0 Page 46 of 80
A4.09.05 Content Workflow Software and or services that supports routing documents (or pages) between
users responsible for working on them. This is often used to implement a
review and sign-off process for new or updated content.
Workflow is the management of who exactly is working on a ContentElement
or ContentTemplate, what exactly they are doing, and when. The workflow
reporting system sends messages to others working on a page, with details of
actions taken.
Different workers can have assigned roles. Notification may be sent to the roles
rather than the individuals.
Typical roles are writers, copy editors, editors, illustrators, graphic artists, rights
clearance managers, lawyers, (multilingual) localizers, and publishers.
Note: This is specialised workflow software. Generic workflow software and
services can be found in the ICT Service Components domain.
Document Version 1.0 Page 47 of 80
Identity and Access Management Services
Note: Detailed diagrams are available as .png files, and this table is available as an Excel file.
Name Description
A5 Identity and Access
Management Services
Software and services to support Identity and access management (IAM),
identifying, controlling and auditing interactions with government assets. This
enables the security discipline of authorised access to the right resources at the
right times for the right reasons.
A5.01 Identity Governance and
Accountability
Software and or services at which entities create, monitor, and enforce rules,
guidelines, and requirements for executing the IDESG functional elements
across communities or actors. Unlike the administration and operations layer,
the governance and accountability layer is specifically intended to address
cross entity efforts rather than enterprise or internal governance.
A5.01.01 Policy / Rule /
Requirements Development
Software and or services for creating a trust framework including identifying or
adopting rules, requirements, and policy for governing the use of identities and
identity technology within a specific community.
A5.01.02 Identity Accreditation Software and or services for the evaluation, approval and formal recognition
that an entity is capable of carrying out certification or assessment activities for
a trust framework.
A5.01.03 Identity Certification Software and or services for the evaluation, approval and formal recognition
that an entity is capable of carrying out certification or assessment activities for
a trust framework of assessing, validating, and determining that a product or
service provider meets the defined requirements of a trust framework.
A5.01.04 Identity Reporting Software and or services to support identity performance reporting; such as
revocation lists, user accounts list, incidents, recovery, redress etc.
A5.01.05 Role / Persona
Engineering & Modelling
Software and or services to support modelling of personas and roles within an
organisation.
A5.01.06 Separation of Duties
(SoD) Compliance
Software and or services to enforce separation of duties for tasks where
additional fail safes are required or advisable to prevent loss due to fraud or
mistake.
A5.01.07 Identity Conformance Software and or services to support the process of reviewing and collecting
evidence of an entity’s conformance with enterprise rules, policies, and
requirements.
A5.02 Identity Administration
and Operations
Software and or services to administer and support the basic operations and
functions that may occur in online identity-related interactions — grouped into
core operations. Not all elements will be invoked in every identity interaction,
and some may be invoked multiple times. While logically some functions are
likely to occur before or after others, there is no explicit order specified in the
model.
A5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA5 Identity and Access Management Services A5.04 Authorisation and AccessA5.04 Authorisation and AccessA5.04 Authorisation and AccessA5.04 Authorisation and AccessManagement ServiceManagement ServiceManagement ServiceManagement ServiceA5.05 Directory ServiceA5.05 Directory ServiceA5.05 Directory ServiceA5.05 Directory Service A5.03 Authentication ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.02 Identity Administration andA5.02 Identity Administration andA5.02 Identity Administration andA5.02 Identity Administration andOperationsOperationsOperationsOperations A5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.01 Identity Governance andA5.01 Identity Governance andA5.01 Identity Governance andA5.01 Identity Governance andAccountabilityAccountabilityAccountabilityAccountability A5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.06 Identity Functional CoreA5.06 Identity Functional CoreA5.06 Identity Functional CoreA5.06 Identity Functional CoreComponentsComponentsComponentsComponents A5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA5 Identity and Access Management ServicesA5 Identity and Access Management Services A5.04 Authorisation and AccessA5.04 Authorisation and AccessA5.04 Authorisation and AccessA5.04 Authorisation and AccessManagement ServiceManagement ServiceManagement ServiceManagement ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.03 Authentication ServiceA5.06 Identity Functional CoreA5.06 Identity Functional CoreA5.06 Identity Functional CoreA5.06 Identity Functional CoreComponentsComponentsComponentsComponents A5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.99 Other Identity ServiceA5.02 Identity Administration andA5.02 Identity Administration andA5.02 Identity Administration andA5.02 Identity Administration andOperationsOperationsOperationsOperations A5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.07 Identity InteroperabilityA5.01 Identity Governance andA5.01 Identity Governance andA5.01 Identity Governance andA5.01 Identity Governance andAccountabilityAccountabilityAccountabilityAccountabilityA5.05 Directory ServiceA5.05 Directory ServiceA5.05 Directory ServiceA5.05 Directory Service
Document Version 1.0 Page 48 of 80
A5.02.01 Role Management Software and or services providing centralised or federated role management
function to a single set of organisations and services regardless of geographic
location.
A5.02.02 Identity Workflow
Design and Implementation
Software and or services to design and implement workflow solutions to
Identity & Access Management requirements.
A5.02.03 Identity Provisioning Software and or services supporting the provisioning of approved identities and
access controls such as the creation of accounts on target enterprise
applications in response to a user profile.
A5.02.04 Identity Updates
(Periodic & Event Based)
Software and or services by which an entity updates accounts, attributes,
credentials, and other identity information to determine eligibility for an
entitlement; may be periodic in nature or event based (e.g., marriage, end of
subscription, etc.), including revocation.
A5.02.05 Identity Recovery Software and or services to support identity recovery; this includes the
continuity of credentials, attributes, and other identity services following a
security or privacy event (e.g., data breach, disruption of services, etc.) All
ecosystem participants are responsible for executing recovery activities.
A5.02.06 Identity Redress Software and or service that support reconciliation of errors that occur during
the operations and processes of an identity system. All ecosystem participants
must execute redress activities.
A5.02.07 Identity Assurance Software and or services to determine, with some level of certainty, that a
claim to a particular identity by some entity can be trusted to be the claimant's
"true" identity.
A5.02.08 Identity Entitlement &
Access Audit
Software and or services to enable an organisation to certify users, and support
the process of reviewing and collecting evidence of an entity’s conformance
with the rules, policies, and requirements for a trust framework or community.
This is essentially an audit of the entitlements that personnel hold to ensure
they do not have entitlements that they should not hold.
A5.03 Authentication Service Software and or services used to confirm the identity of a user.
A5.03.01 Adaptive
Authentication
Software and or service that support a risk based approach to authentication
where the complexity of the authentication "challenge" is determined by the
risk of the transaction. Factors considered in determining the risk include the
profile of the user, connection type, IP geolocation and keystroke dynamics)
A5.03.02 Authentication
Brokerage
Software and or service that support centralised responsibility for
authenticating the consumer and issuing them with a credential that can be
used to access services.
A5.03.03 Multi-factor
Authentication
Software and or service that supports multi-factor authentication that requires
the presentation of two or more of the three authentication factors, being the
knowledge factor (something the user "knows), the possession factor
(something the user "has") and the inherence factor (something the user "is").
A5.03.04 Out of Band
Authentication
Software and or service that supports authentication performed over a
network or channel separate from the primary network or channel - used in
multi-factor authentication. An example of this is sending users a one-time
password via their cell phone, which is required to complete the authentication
process.
Document Version 1.0 Page 49 of 80
A5.03.05 Biometrics Software and or service that supports biometrics; biometric identifiers are the
distinctive, measurable characteristics used to label and describe individuals.
Biometric authentication is used as a form of identification and access control.
It is also used to identify individuals in groups that are under surveillance.
Biometric identifiers are often categorised as physiological versus behavioural
characteristics.
- Physiological characteristics are related to the shape of the body. Examples
include, but are not limited to fingerprint, palm veins, face recognition, DNA,
palm print, hand geometry, iris recognition, retina and odour/scent.
- Behavioural characteristics are related to the pattern of behaviour of a
person, including but not limited to typing rhythm, gait, and voice.
A5.03.06 Simple Key
Management Protocol (SKIP)
Software and or services that support Simple Key Management Protocol (SKIP)
- a protocol developed by Sun Microsystems to handle key management across
IP networks and VPNs. (http://www.networksorcery.com/enp/rfc/rfc2356.txt)
A5.03.07 Web Services Security
(WS Security)
Software and or services that support Web Services Security (WS Security);
describes enhancements to SOAP (Simple Object Access Protocol) messaging to
provide message integrity, message confidentiality and single message
authentication.
A5.04 Authorisation and Access
Management Service
Software and or services to provide authorised access management to
resources.
A5.04.01 Enterprise SSO SSO = Single Sign On.
Software and or services to store and transmit encrypted user credentials
across local and network boundaries, including domain boundaries. SSO stores
the credentials in the credential database. Because SSO provides a generic
single sign on solution, middleware applications and custom adapters can take
advantage of SSO to securely store and transmit user credentials across the
environment. End users do not have to remember different credentials for
different applications.
A5.04.02 Federation Service Software and or services to maintain the relationship between identity
providers and service providers whereby authentication is performed by the
identity provider and is then used by service providers to make authorisation
decisions.
A5.04.03 Access Control Software and or services to support provisioning of user access rights based on
their assumed roles or attributes.
A5.04.04 Web Access
Management
Software and or services to control access to web resources, providing
authentication management, policy based authorisations, and reporting
services.
A5.04.05 Web SSO SSO = Single Sign On.
Software and or services to support users to access resources over the internet
using a single set of user credentials. The user provides a set of credentials to
log onto different web sites that belong to different organisations.
A5.04.06 Delegation Service Software and or services to support a delegation service, such as where
consent is provided for legal or financial liable transactional activities.
Document Version 1.0 Page 50 of 80
A5.05 Directory Service Software and or services that store, organize and provide access to information
held within a directory, which can be considered a map between ‘objects’ and
information about those objects, typically described as ‘attributes’. Attributes
of objects can be made secure so that only users with the available permissions
are able to access it.
Examples of directory services include Active Directory, Open LDAP, e-Directory
and other implementations of the X.500 ISO/IEC 9594 directory services
standards.
A5.06 Identity Functional Core
Components
Software and or services that provide the basic identity operations that may
occur in online identity-related interactions — grouped into core operations.
Not all elements will be invoked in every identity interaction, and some may be
invoked multiple times. While logically some functions are likely to occur
before or after others, there is no explicit order specified in the model.
A5.06.01 Registration
Components
Components that support the process that establishes a digital identity for the
purpose of issuing or associating a credential.
A5.06.01.01 Identity Application Supports process by which an entity or agent requests initiation of registration.
A5.06.01.02 Registration Attribute
Control
Supports process of managing and releasing attributes for the purposes of
registration.
A5.06.01.03 Registration Attribute
Verification Supports process of confirming or denying that claimed identity attributes are
correct and meet the pre-determined requirements for accuracy, assurance,
etc.
A5.06.01.04 Registration Decision Supports decision that an entity does or does not meet the pre-determined
eligibility requirements for a digital identity or credential.
A5.06.02 Credentialing
Components
Components that support the process to bind an established digital identity
with a credential.
A5.06.02.01 Credential Provisioning Supports process by which ownership of a credential is conferred, confirmed,
or associated with a digital identity.
A5.06.02.02 Token Binding Supports process of binding a physical or electronic token to a credential.
A5.06.02.03 Attribute Binding Supports process of binding attributes to a credential.
A5.06.02.04 Identity Revocation Supports process by which an issuing authority renders a digital identity, issued
credential, token, or verified attribute invalid for authentication or
authorisation.
A5.06.03 Authentication
Components
Components that support the process determining the validity of one or more
credentials used to claim a digital identity.
A5.06.03.01 Authentication Request Supports process by which authentication is initiated by an entity.
A5.06.03.02 Credential Presentation Supports process by which an entity submits a credential for the purposes of
authentication.
A5.06.03.03 Credential Validation Supports process of establishing the validity of the presented credential.
A5.06.03.04 Authentication Decision Supports decision to accept or not accept the results of the credential
validation process.
Document Version 1.0 Page 51 of 80
A5.06.04 Authorisation
Components
Components that support the process of granting or denying specific requests
for access to resources.
A5.06.04.01 Authorisation Request Supports process by which authorisation is initiated by an entity.
A5.06.04.02 Authorisation Attribute
Control
Supports process of managing and releasing attributes for the purposes
authorisation.
A5.06.04.03 Authorisation Attribute
Verification
Supports process of confirming or denying that claimed attributes are correct
and meet the pre-determined requirements for authorisation; typically, these
attributes for authorisation have not been bound to the credential or
previously available to the organisation making the authorisation decision.
A5.06.04.04 Authorisation Decision Supports decision to grant and deny access to a resource based on the results
of the authorisation processes and policies.
A5.06.05 Transaction
Intermediation
Processes and procedures that limit linkages between transactions and
facilitate credential portability.
A5.06.05.01 Identity Blinding Support process by which service providers involved in a transaction are
prevented from observing each other (i.e., a relying party does not know which
credential service provider an entity is utilizing in a transaction or vice versa).
Based upon the transaction type and the number of service providers involved,
blinding may be done to prevent a single, multiple, or all transactional partners
from viewing the other participating services.
A5.06.05.02 Identity Pseduonymisation Supports process by which an intermediary prevents service providers from
linking a digital identity with a particular person or entity.
A5.06.05.03 Transaction Consent Supports process by which consent is granted to an intermediary, such as in
conducting liability transactions (Land Online, Lawyers, Accountants etc.), or
sharing personal information.
A5.07 Identity Interoperability Software and services to support processes and procedures that limit linkages
between transactions and facilitate credential portability. This allows entities in
the identity ecosystem establish and maintain the ability to communicate and
exchange identity data.
A5.07.01 Identity Mapping Software and or service to support the mapping of different identities on
various platforms, user repositories and applications to a single identity. It can
be used with a range of authentication mechanisms to allow one repository to
authenticate the user and for this to be passed to another platform for
authorisation even when the identities differ.
A5.07.02 Identity Credential
Exchange
Software and or service to support the process of facilitating technical
(including semantic) interoperability to support credential portability between
participants within a specific community or across the identity ecosystem.
A5.07.03 Identity Policy / Rule
Exchange
Software and or service to exchange policy and rules for governing the use of
identities and identity technology.
A5.07.04 Identity Translation Software and or service by which one identity format is translated to another
for consumption by different entities involved in a transaction.
Document Version 1.0 Page 52 of 80
A5.07.05 Security Assertion
Markup Language (SAML)
Software and or services that support Security Assertion Markup Language
(SAML) - an XML-based framework for exchanging security information
expressed in the form of assertions about subjects, where a subject is an entity
(either human or computer) that has an identity in some security domain.
SAML is expected to play a key role in the federal-wide e-Authentication
initiative and is supported by both the Liberty Alliance and WS Security.
A5.99 Other Identity Service Other identity service and or software without a specific application area or
application category.
Document Version 1.0 Page 53 of 80
Security Services
Note: Detailed diagrams are available as .png files, and this table is available as an Excel file.
Name Description
A6 Security Services The Security Services domain defines the methods of protecting information
and information systems from unauthorised access, use, disclosure, disruption,
modification or destruction in order to provide integrity, confidentiality and
availability. That is, protecting the assets at rest and in-transit.
A6.01 Encryption Services Software and or services that ensure network protection and information
assurance through encryption and decryption. Defines the methods of
protecting information and information systems from unauthorised access,
use, disclosure, disruption, modification, or destruction in order to provide
integrity, confidentiality and availability. Biometrics, two-factor identification,
encryption, and technologies based on the NIST FIPS-140 standards are
particular areas of focus.
A6.01.01 Crypto Key
Management
Software and or services that support Crypto Key Management (CKM) or Key
Variable Management (KVM) which includes all of the activities involved in the
handling of cryptographic keys during the entire life cycle of the keys, in
accordance with an agreed security policy. These can be used in addition to
certificates and digital signatures.
A6.01.02 Drive Encryption Encryption of data stored on local drives or encryption of the complete local
drive for thick clients.
A6.01.03 Information
Encryption
Software and or services to protect the information that is exchanged across
organisations networks, and/or externally with other organisations. Includes
protection of information at rest, particularly in Cloud architecture. Includes
products used to apply cryptographic protection to a data set, file or drive.
A6.01.04 Network Encryption Software and or services used to apply crypto services at the network transfer
layer.
A6.01.05 Removable media
encryption
Software that provides device encryption for portable storage devices.
A6.02 Network Security Service Software and or service to support security requirements in and across ICT
networks.
Note: Network Encryption is covered under the Encryption Services.
A6.02.01 Infrastructure Guard Connect networks of different security policy and usage areas to control traffic
flow in-between the networks following a set of predefined rules for
Infrastructure Services.
A6.02.02 Internet Protocol
Security (IPSec)
Software and or services that support Internet Protocol Security (IPSec).
A6 Security ServicesA6 Security ServicesA6 Security ServicesA6 Security Services A6.04 Security ControlsA6.04 Security ControlsA6.04 Security ControlsA6.04 Security ControlsA6.01 Encryption ServicesA6.01 Encryption ServicesA6.01 Encryption ServicesA6.01 Encryption Services A6.02 Network Security ServiceA6.02 Network Security ServiceA6.02 Network Security ServiceA6.02 Network Security ServiceA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.06 Enterprise Security Management A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)ServicesServicesServicesServicesA6.05 Digital ForensicsA6.05 Digital ForensicsA6.05 Digital ForensicsA6.05 Digital Forensics A6 Security ServicesA6 Security ServicesA6 Security ServicesA6 Security Services A6.04 Security ControlsA6.04 Security ControlsA6.04 Security ControlsA6.04 Security ControlsA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.06 Enterprise Security ManagementA6.01 Encryption ServicesA6.01 Encryption ServicesA6.01 Encryption ServicesA6.01 Encryption Services A6.02 Network Security ServiceA6.02 Network Security ServiceA6.02 Network Security ServiceA6.02 Network Security Service A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)A6.03 Public Key Infrastructure (PKI)ServicesServicesServicesServicesA6.05 Digital ForensicsA6.05 Digital ForensicsA6.05 Digital ForensicsA6.05 Digital Forensics
Document Version 1.0 Page 54 of 80
A6.02.03 Network Access
Control
Software and or services that provides the configuration of devices connecting
to the network based on endpoint security (such as OS patch level, antivirus
updates, host IPS, etc.) user and system authentication and network security
enforcement. The NAC will protect the network by preventing non-compliant
clients from accessing the network at the IP-level. In case of non-compliance a
remote user will be redirected to a network quarantine segment where the
client can be updated to the level of required compliancy. Includes VLAN
assignment.
A6.02.04 Secure Multipurpose
Internet Mail Extensions
(S/MIME)
Software and or services that support Secure Multipurpose Internet Mail
Extensions (S/MIME); provides a consistent way to send and receive secure
MIME data. Based on the Internet MIME standard, S/MIME provides
cryptographic security services for electronic messaging applications:
authentication, message integrity and non-repudiation of origin (using digital
signatures) and data confidentiality (using encryption). S/MIME is not restricted
to mail: it can be used with any transport mechanism that transports MIME
data, such as HTTP.
A6.02.05 Secure Sockets Layer
(SSL)
Software and or services that support Secure Sockets Layer (SSL); an open, non-
proprietary protocol for securing data communications across computer
networks. SSL is sandwiched between the application protocol (such as HTTP,
Telnet, FTP and NNTP) and the connection protocol (such as TCP/IP, UDP). SSL
provides server authentication, message integrity, data encryption and optional
client authentication for TCP/IP connections.
A6.02.06 Secure Shell (SSH) Software and or services that support Secure Shell (SSH); a strong method of
performing client authentication. Because it supports authentication,
compression, confidentiality and integrity, SSH is used frequently on the
Internet. SSH has two important components: RSA certificate exchange for
authentication and Triple DES for session encryption.
A6.02.07 Transport Layer
Security (TLS)
Software and or services that support the Transport Layer Security (TLS)
standard for the next generation SSL. TLS provides communications privacy
over the Internet. The protocol allows client/server applications to
communicate in a way that is designed to prevent eavesdropping, tampering or
message forgery.
A6.03 Public Key Infrastructure
(PKI) Services
Software and or services that manage Public Key Infrastructure (PKI) that
includes policies and procedures needed to create, manage, distribute, use,
store, and revoke digital certificates.
A6.03.01 Digital Certificate
Management
Software and or services to manage and use certificates to secure access to
information.
A6.03.01.01 Client Authentication
(Personal Certificates) Software and or services to provide authentication of personal certificates for
client applications during the handshake in order to confirm their identity.
A6.03.01.02 Digital Certificate
Revocation
Software and or services to support the revocation of digital certificates.
A6.03.01.03 Digital Certificate Issuing Software and or services used by a certification authority (CA) to issue digital
certificates and secure access to information.
A6.03.01.04 Digital Certificate
Authentication Software and or services to support Digital Certificate Authentication;
authentication implementation for controlling access to network and Internet
resources through managing user identification. An electronic document
(digital certificate) is issued and used to prove identity and public key
ownership over the network or Internet.
Document Version 1.0 Page 55 of 80
A6.03.02 Digital Signature
Management
Software and or services that support Digital Signature Management that
specifies a digital signature algorithm (DSA) appropriate for applications
requiring a digital, rather than written, signature. The DSA authenticates the
integrity of the signed data and the identity of the signatory. The DSA may also
be used to prove that data was actually signed by the generator of the
signature.
Digital signatures can provide non-repudiation, meaning that the signer cannot
successfully claim they did not sign a message, while also claiming their private
key remains secret; further, some non-repudiation schemes offer a time stamp
for the digital signature, so that even if the private key is exposed, the
signature is valid.
A6.03.02.01 Document Signing Software and or services to create a digital signature for a document using such
data as account numbers, transaction amounts and timestamp. This is to
preserve data integrity and ensure authenticity, rendering any changes made
to a document after it has been electronically signed, and invalid. This
cryptographically binds an electronic identity to an electronic document.
A6.03.02.02 Time Stamping Service Software and or services to provide a trusted time stamping service. Digital
signatures can also provide non-repudiation; some non-repudiation schemes
offer a time stamp for the digital signature, so that even if the private key is
exposed, the signature is valid.
A6.03.02.03 Transaction Signing Software and or services to create a digital signature for a transaction using
such data as account numbers, transaction amounts and timestamp. This is to
preserve data integrity and ensure authenticity, rendering any changes made
to a transaction after it has been electronically signed, and invalid. This
cryptographically binds an electronic identity to an electronic transaction.
A6.03.05 Key Generation Software and or services to generate keys.
A6.04 Security Controls Software that supports security controls.
A6.04.01 Application
Whitelisting
Software and or services to only allow approved applications to run on user’s
device.
A6.04.02 Content Security
Control
Software used to control information content received or sent via web, email
or other means, between networks, organisations, or domains/zones
(especially over the Internet). Includes content filtering and application of
censorship or classification rules on material (files, documents).
A6.04.03 Decommissioning and
Disposal
Software and or services to support system decommissioning, media
sanitisation destruction and disposal.
A6.04.04 Device Port Manager Controls read & write access to external ports & portable storage devices (USB
devices at a minimum).
A6.04.05 Perimeter Protection Software and or service to securely control network access to and/or from a
device, or between network zones/domains includes host firewalls, gateways,
data diodes, cross domain solutions.
A6.04.06 Physical Access
Security Services
Software to regulate entry to facilities, turnstiles, gates, campuses, doors,
equipment rooms, racks, server and network devices, and cabling
infrastructure, etc.
Document Version 1.0 Page 56 of 80
A6.04.07 Radio Spectrum
Security Controls
Software to or services that protect information and assets implying RF
spectrum devices such as mobile phone jammers, electronic counter measures
(ECM) equipment, remote controlled improvised explosive devices (RCIED).
A6.04.08 Virus Protection Software used to prevent, detect, and remediate infection or self-replicating
programs that run and spread by modifying other programs, files or operating
systems of government computing assets. Anti-virus Tools provide protection
against viruses and other threats at the device level. Common components
that are included are real time, scheduled and manual scans.
A6.04.99 Other Security
Controls
Other security control software and or services that do not have a specific
application category.
A6.05 Digital Forensics Software or services that support the practice of gathering, retaining, and
analysing computer-related data for investigative purposes in a manner that
maintains the integrity of the data.
A6.05.01 Computer Forensics Software and or services that support computer forensics. Computer forensics
explains the current state of a digital artefact; such as a computer system,
storage medium or electronic document. The discipline usually covers
computers, embedded systems (digital devices with rudimentary computing
power and on-board memory) and static memory (such as USB pen drives).
Computer forensics can deal with a broad range of information; from logs (such
as internet history) through to the actual files on the drive.
A6.05.02 Mobile Device
Forensics
Software and or services that support mobile device forensics. Mobile device
forensics is a sub-branch of digital forensics relating to recovery of digital
evidence or data from a mobile device. It differs from Computer forensics in
that a mobile device will have an inbuilt communication system and proprietary
storage mechanisms.
Mobile devices are also useful for providing location information; either from
inbuilt gps/location tracking or via cell site logs, which track the devices within
their range.
A6.05.03 Network Forensics Software and or services that support network forensics. Network forensics
involves monitoring and analysis of computer network traffic, both local and
WAN/internet, for the purposes of information gathering, evidence collection,
or intrusion detection.
A6.05.04 Forensic Data Analysis Software and or services that support forensic data analysis. Forensic data
analysis examines structured data with the aim to discover and analyse
patterns of fraudulent activities resulting from financial crime.
A6.05.05 Database Forensics Software and or services that support database forensics. Database forensics is
a branch of digital forensics relating to the forensic study of databases and
their metadata. Investigations use database contents, log files and in-RAM data
to build a timeline or recover relevant information.
A6.06 Enterprise Security
Management
Software and or services that supports security management for an
organisation.
A6.06.01 Intrusion Prevention Software and or service to prevent unauthorised access to a government
network or information system.
Document Version 1.0 Page 57 of 80
A6.06.02 Intrusion Detection Software products that gather and analyse information from various areas
within a computer or a network to identify possible security breaches, which
include both intrusions (attacks from outside the organisations) and misuse
(attacks from within the organisations.)
Products that monitor network and/or system activities for malicious activities
or policy violations and produces reports to a Management Station. Some
services may attempt to stop an intrusion attempt but this is neither required
nor expected of a monitoring system. Intrusion detection and prevention
services are primarily focused on identifying possible incidents, logging
information about them, and reporting attempts. In addition, organisations use
them for other purposes, such as identifying problems with security policies,
documenting existing threats, and deterring individuals from violating security
policies.
A6.06.03 Security Audit Trail
and Capture
Software that supports the set of capabilities to support the identification and
monitoring of activities within an application, system, or network.
A6.06.04 Security Configuration
Manager
Software and or services to manage, report on and enforce required security
configuration of client devices. Also known as audit logging, where it describes
the set of capabilities to support the identification and monitoring of activities
within an application, system, or network.
A6.06.05 Security Incident
Management
Software that supports the set of capabilities to provide active response and
remediation to a security incident that has allowed unauthorised access to a
government information system. Covers the detection, reporting, and
resolution management of information security incidents.
A6.06.06 Security Intelligence
and Analysis
Software and or services that support security intelligence and analysis.
A6.06.07 Security Metrics Software and or services to support the key performance indicators measuring
effective security management such as event detection, incidents, and
vulnerabilities addressed.
A6.06.08 Security Reporting Software and or services to support reporting across incidents, intrusions,
threats etc. in order to track conformance of security services against
organisational security and privacy policy.
Document Version 1.0 Page 58 of 80
ICT Components, Services and Tools
Note: Detailed diagrams are available as .png files, and this table is available as an Excel file.
Name Description
A7 ICT Components, Services
and Tools
Software and services for operational management and maintenance of
applications, ICT components and services.
A7.01 Business Process
Management Tools
Software and or services that allows organisations to abstract business process
from technology infrastructure and support the managerial approach through
enabling technology, bridging organisational and technology silos.
A7.01.01 Business Activity
Monitoring (BAM)
Business activity monitoring (BAM) is Software and or services that aids in
monitoring of business activities, as those activities are implemented in
computer systems.
One of the most visible features of BAM solutions is the presentation of
information on dashboards that contain key performance indicators (KPIs) used
to provide assurance and visibility of activity and performance. This
information is used by technical and business operations to provide visibility,
measurement, and assurance of key business activities. It is also exploited by
event correlation to detect and warn of impending problems.
Although BAM systems usually use a computer dashboard display to present
data, BAM is distinct from the dashboards used by business intelligence (BI)
insofar as events are processed in real-time or near real-time and pushed to
the dashboard in BAM systems, whereas BI dashboards refresh at
predetermined intervals by polling or querying databases. Depending on the
refresh interval selected, BAM and BI dashboards can be similar or vary widely.
Note: Some BAM solutions additionally provide trouble notification functions,
which allow them to interact automatically with the trouble ticket system. For
example, whole groups of people can be sent e-mails, voice or text messages,
according to the nature of the problem. Automated problem solving, where
feasible, can correct and restart failed processes.
A7.01.02 Business Process
Modelling and Simulation
Process modelling tools provide business users with the ability to model their
business processes, implement and execute those models, and refine the
models based on as-executed data. As a result, business process modelling
tools can provide transparency into business processes, as well as the
centralisation of corporate business process models and execution metrics.
Process Modelling and simulation functionality allows for pre-execution “what-
if” modelling and simulation. Post-execution optimisation is available based on
the analysis of actual as-performed metrics.
A7.01.03 Business Process
Engine (BPE)
A business process engine (BPE) is a software framework that enables the
execution and maintenance of process workflows. It provides business process
interaction and communication between different data/process sources spread
across one or more IT applications and services. BPE automates linking
processes and their activities in an enterprise IT environment.
A7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7.02 ICT ComponentsA7.02 ICT ComponentsA7.02 ICT ComponentsA7.02 ICT Components A7.03 ICT Development EnvironmentA7.03 ICT Development EnvironmentA7.03 ICT Development EnvironmentA7.03 ICT Development Environmentand Toolsand Toolsand Toolsand ToolsA7.01 Business Process ManagementA7.01 Business Process ManagementA7.01 Business Process ManagementA7.01 Business Process ManagementToolsToolsToolsTools A7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.05 Cloud ServicesA7.05 Cloud ServicesA7.05 Cloud ServicesA7.05 Cloud Services xA7.07 Host LayeringxA7.07 Host LayeringxA7.07 Host LayeringxA7.07 Host LayeringA7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7 ICT Components, Services and ToolsA7.02 ICT ComponentsA7.02 ICT ComponentsA7.02 ICT ComponentsA7.02 ICT ComponentsA7.05 Cloud ServicesA7.05 Cloud ServicesA7.05 Cloud ServicesA7.05 Cloud ServicesA7.01 Business Process ManagementA7.01 Business Process ManagementA7.01 Business Process ManagementA7.01 Business Process ManagementToolsToolsToolsTools A7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation ServicesA7.06 Core ICT Operation Services A7.03 ICT Development EnvironmentA7.03 ICT Development EnvironmentA7.03 ICT Development EnvironmentA7.03 ICT Development Environmentand Toolsand Toolsand Toolsand Tools A7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.04 ICT Management ToolsA7.04 ICT Management ToolsxA7.07 Host LayeringxA7.07 Host LayeringxA7.07 Host LayeringxA7.07 Host Layering
Document Version 1.0 Page 59 of 80
A7.01.04 Business Process
Monitoring
Business process monitoring tools provide real-time scrutiny of an activity or
set of activities that have been set up to accomplish a specific organisational
goal. As part of a larger business process management initiative, business
process monitoring enables an organisation to measure and analyse process
performance to identify critical process problems pro-actively, using data to
make decisions that will improve the speed, quality and efficiency of business
processes.
A7.01.05 Workflow Engine A workflow engine is a software application that defines a process, the rules
governing process decisions, and routes information. It is a key component in
workflow technology and typically makes use of a database server.
A workflow engine manages and monitors the state of activities in a workflow,
such as the processing and approval of a loan application form, and determines
which new activity to transition to according to defined processes (workflows).
The actions may be anything from saving an application form in a document
management system to sending a reminder e-mail to users or escalating
overdue items to management. A workflow engine facilitates the flow of
information, tasks, and events. Workflow engines may also be referred to as a
Workflow Orchestration Engines.
Workflow engines mainly have three functions:
- Verification of the current status: Check whether the command is valid in
executing a task.
- Determine the authority of users: Check if the current user is permitted to
execute the task.
- Executing condition script: After passing the previous two steps, workflow
engine begins to evaluate condition script in which two processes are carried
out, if the condition is true, workflow engine execute the task, and if execution
successfully complete, it returns the success, if not, it reports the error to
trigger and roll back the change.
A workflow engine is a core technique for task allocation software application,
such as BPM in which the workflow engine allocates task to different executors
with communicating data among participants. A workflow engine can execute
any arbitrary sequence of steps, for example, a healthcare data analysis.
A7.02 ICT Components ICT Components that can be used to make new business applications and
services or is used in business processes.
A7.02.01 Alerts Components that generate alerts based upon settings or rules.
A7.02.02 Inbound
Correspondence Component
Components to support externally initiated communication between an
organisation and its stakeholders.
A7.02.03 Notifications Component that sends a notification based upon an alert or rules.
A7.02.04 Outbound
Correspondence Component
Components to support internally initiated communication between an
organisation and its stakeholders.
A7.02.05 Personalisation Personalisation allows a user or customer to change preferences about user
interfaces / portals in terms of the way that data is displayed, levels of detail,
and even language.
A7.02.06 Rating Engine Component that rates atomic events or transactions based on upon rules
applied to data associated with the event or transaction. Rates can be event or
transaction specific, for example each lookup of a database cost $x.xx, or that
can use customer specific rates, so that each lookup of a database, for
customer xyz cost $x.xx.
Document Version 1.0 Page 60 of 80
A7.02.07 Storefront / Shopping
Cart
Component to support the online equivalent of the supermarket cart, where
orders and merchandise are placed.
A7.02.08 Subscriptions Allow users to subscribe and unsubscribe to a service.
A7.02.99 Other ICT
Components
Any other ICT Components for which there no applicable application category.
Note: Components may be found in a number of the application areas.
A7.03 ICT Development
Environment and Tools
Software and or services that forms development environments and related
tools.
A7.03.01 Development
Frameworks
Development frameworks such as a Java runtime environment or .NET are
required to allow applications or applets based on those frameworks to
execute. Incompatibility issues can arise when different versions of the
frameworks are required on a single device. This can be resolved using
Application Virtualisation Client and its associated backend technologies, as
each virtual bubble forms an isolation barrier.
A7.03.02 Development
Resource Libraries
A collection of resources used to develop software which may include pre-
written code and subroutines, classes, values or type specifications.
A7.03.03 Forms Management Software and or services that support the creation, modification, and usage of
physical or electronic documents used to capture information within the
business cycle.
A7.03.04 Integrated
Development Environment
Software and or services that provides comprehensive facilities to computer
programmers for software development.
A7.03.05 Mash-up Editor Software and or services that uses and combines data, presentation or
functionality from two or more sources to create new services. The main
characteristics of the mash-up are combination, visualisation, and aggregation.
A7.03.06 Software
Configuration Management
Software to track and control changes in the software including the
establishment of baselines and revision control.
A7.03.07 Software
Development Kit
Software development tools that allow for the creation of applications for a
certain software package, software framework, hardware platform, computer
system, video game console, operating system, or similar platform.
A7.03.08 Testing Tools Software and or services that support testing of infrastructure, software, and
services against requirements.
A7.03.08.01 Security Testing Tools Software and or service to support security testing, for example penetration
testing of web portals, networks, ICT assets.
A7.03.08.02 Test Automation Tools Software and or services that support automated testing of infrastructure,
software, and services against requirements.
A7.03.09 User Innovation
Toolkit
Software toolkit based on the idea that manufacturers possess the knowledge
of the solution possibilities, while the users possess the knowledge about
needs.
A7.03.10 Validation Tools Software tools that check web pages for accessibility and syntactical
correctness of code.
A7.03.99 Other Development
Environment and Tools
Any other development environment or tools without a suitable application
category.
Document Version 1.0 Page 61 of 80
A7.04 ICT Management Tools ICT Management tools support the day to day operations and management of
ICT. It includes tools enabling the ICT support organisation to quickly resolve or
escalate issues and problems, improve root cause isolation, and provide higher
levels of business user satisfaction. Using this business view, IT support
organisations manage incidents, problems and service requests throughout
their life cycles at a more efficient and effective rate.
A7.04.01 Fault Management Software and or services that detects, isolates, and corrects malfunctions in a
telecommunications network and compensates for environmental changes.
This includes maintaining and examining error logs, accepting and acting on
error detection notifications, tracing and identifying faults, carrying out
sequences of diagnostics tests, correcting faults, reporting error conditions,
and localizing and tracing faults by examining and manipulating database
information.
A7.04.02 ICT Configuration
Management Database (CMDB)
A configuration management database (CMDB) is a repository that acts as a
data warehouse for information technology (IT) organisations. Its contents are
intended to hold a collection of IT assets that are commonly referred to as
configuration items (CI), as well as descriptive relationships between such
assets. When populated, the repository becomes a means of understanding
how critical assets such as information systems are composed, what their
upstream sources or dependencies are, and what their downstream targets
are.
CMDBs are used to keep track of the state of different things that are normally
referred to as assets, such as products, systems, software, facilities, and people
as they exist at specific points in time, as well as the relationships between
such assets. The maintenance of such state related information allows for
things like the reconstruction of such assets, at any point in their existence, as
well as for things such as impact analysis, in the cases of root cause analysis or
change management.
A7.04.03 ICT Definitive Media
Library (DML)
A Definitive Media Library (DML) is a secure Information Technology repository
in which an organisation's definitive, authorised versions of software media are
stored and protected. Before an organisation releases any new or changed
application software into its operational environment, any such software
should be fully tested and quality assured. The Definitive Media Library
provides the storage area for software objects ready for deployment and
should only contain master copies of controlled software media Configuration
Items (CIs) that have passed appropriate quality assurance checks, typically
including both procured and bespoke application and gold build source code
and executables. In the context of the ITIL best practice framework, the term
Definitive Media Library supersedes the term Definitive Software Library
referred to prior to version ITIL v3. In conjunction with the Configuration
Management Database (CMDB), it effectively provides the DNA of the data
center i.e. all application and builds software media connected to the CMDB
record of installation and configuration.
The Definitive Media Library (DML) is a primary component of an organisation's
release and provisioning framework and service continuity plan.
A7.04.04 Monitoring Software and or services that continuously records performance, capacity use,
throughput of computer hardware or software and provides notification about
deviations from normal.
Note: This includes utilities that are deployed down to the infrastructure level
to monitor hardware performance and generate log files etc.
Document Version 1.0 Page 62 of 80
A7.04.05 Software Asset
Management
Software and or services that supports license management. Software asset
management (SAM) is a business practice that involves managing and
optimizing the purchase, deployment, maintenance, utilisation, and disposal of
software applications within an organisation.
The goals of SAM are to reduce information technology (IT) costs and limit
business and legal risk related to the ownership and use of software, while
maximizing IT responsiveness and end-user productivity.
Note: A software license manager is different from a software asset
management tool, which end-user organisations employ to manage the
software they have licensed from many software vendors.
A7.04.06 Software Distribution Software and or services that supports distribution of software, propagation,
installation and upgrade of written computer programs, applications and
components.
A7.04.07 Software License
Manager
A software license manager is a software management tool used by
Independent software vendors or by end-user organisations to control where
and how software products are able to run. License managers protect software
vendors from losses due to software piracy and enable end-user organisations
to comply with software license agreements. License managers enable
software vendors to offer a wide range of usage-centric software licensing
models, such as product activation, trial licenses, subscription licenses, feature-
based licenses, and floating licensing from the same software package they
provide to all users.
Note: A software license manager is different from a software asset
management tool, which end-user organisations employ to manage the
software they have licensed from many software vendors.
A7.04.08 ICT Diagnostic Tools Diagnostic tools to examine the state and configuration of ICT infrastructure,
network, and software applications.
A7.04.09 Network Management
Tools
Tools that pertain to the operation, administration, maintenance, and
provisioning of networked systems. Network management is essential to
command and control practices and is generally carried out of a network
operations center.
A7.04.99 Other ICT
Management Tools
Any other ICT Management Tools that do not have an application category.
A7.05 Cloud Services The Cloud Services area contains a range of ICT services that are provided
externally to the agency such as cloud service and XaaS (X as a Service).
A7.05.01 Cloud Computing
Services
Cloud computing services are large groups of remote servers networked to
allow the centralised data storage, and online access to computer services or
resources. Cloud computing services can support various "X as a Service"
models such SaaS, PaaS, IaaS, UCaaS.
A7.05.01.01 Community Cloud Community cloud shares infrastructure between several organisations from a
specific community with common concerns (security, compliance, jurisdiction,
etc.), whether managed internally or by a third-party, and either hosted
internally or externally. The costs are spread over fewer users than a public
cloud (but more than a private cloud), so only some of the cost savings
potential of cloud computing are realised.
Document Version 1.0 Page 63 of 80
A7.05.01.02 Hybrid Cloud Hybrid cloud is a composition of two or more clouds (private, community or
public) that remain distinct entities but are bound together, offering the
benefits of multiple deployment models. Hybrid cloud can also mean the ability
to connect collocation, managed and/or dedicated services with cloud
resources.
Gartner, Inc. defines a hybrid cloud service as a cloud computing service that is
composed of some combination of private, public and community cloud
services, from different service providers. A hybrid cloud service crosses
isolation and provider boundaries so that it can’t be simply put in one category
of private, public, or community cloud service. It allows one to extend either
the capacity or the capability of a cloud service, by aggregation, integration or
customisation with another cloud service.
A7.05.01.03 Personal Cloud Personal cloud is a collection of digital content and services which are
accessible from any device. The personal cloud is not a tangible entity. It is a
place which gives users the ability to store, synchronize, stream and share
content on a relative core, moving from one platform, screen and location to
another. Created on connected services and applications, it reflects and sets
consumers’ expectations for how next-generation computing services will
work.
The four primary types of personal cloud in use today are: Online cloud, NAS
device cloud, server device cloud, and home-made clouds.
A7.05.01.04 Private Cloud Private cloud is cloud infrastructure operated solely for a single organisation,
whether managed internally or by a third-party, and hosted either internally or
externally. Undertaking a private cloud project requires a significant level and
degree of engagement to virtualize the business environment, and requires the
organisation to re-evaluate decisions about existing resources. When done
right, it can improve business, but every step in the project raises security
issues that must be addressed to prevent serious vulnerabilities. Self-run data
centres are generally capital intensive. They have a significant physical
footprint, requiring allocations of space, hardware, and environmental
controls. These assets have to be refreshed periodically, resulting in additional
capital expenditures. They have attracted criticism because users "still have to
buy, build, and manage them" and thus do not benefit from less hands-on
management, essentially lacking the economic model that makes cloud
computing such an intriguing concept.
A7.05.01.05 Public Cloud A cloud is called a "public cloud" when the services are rendered over a
network that is open for public use. Public cloud services may be free or
offered on a pay-per-usage model. Technically there may be little or no
difference between public and private cloud architecture, however, security
consideration may be substantially different for services (applications, storage,
and other resources) that are made available by a service provider for a public
audience and when communication is effected over a non-trusted network.
Generally, public cloud service providers like Amazon AWS, Microsoft and
Google own and operate the infrastructure at their data centre and access is
generally via the Internet. AWS and Microsoft also offer direct connect services
called "AWS Direct Connect" and "Azure ExpressRoute" respectively, such
connections require customers to purchase or lease a private connection to a
peering point offered by the cloud provider.
Document Version 1.0 Page 64 of 80
A7.05.02 Infrastructure as a
Service (IaaS)
In the most basic cloud-service model & according to the IETF (Internet
Engineering Task Force), providers of IaaS offer computers – physical or (more
often) virtual machines – and other resources. (A hypervisor, such as Xen,
Oracle VirtualBox, KVM, VMware ESX/ESXi, or Hyper-V runs the virtual
machines as guests. Pools of hypervisors within the cloud operational support-
system can support large numbers of virtual machines and the ability to scale
services up and down according to customers' varying requirements.) IaaS
clouds often offer additional resources such as a virtual-machine disk image
library, raw block storage, and file or object storage, firewalls, load balancers,
IP addresses, virtual local area networks (VLANs), and software bundles.[49]
IaaS-cloud providers supply these resources on-demand from their large pools
installed in data centres. For wide-area connectivity, customers can use either
the Internet or carrier clouds (dedicated virtual private networks).
To deploy their applications, cloud users install operating-system images and
their application software on the cloud infrastructure. In this model, the cloud
user patches and maintains the operating systems and the application
software. Cloud providers typically bill IaaS services on a utility computing
basis: cost reflects the amount of resources allocated and consumed.
A7.05.03 Platform as a Service
(PaaS)
In the PaaS models, cloud providers deliver a computing platform, typically
including operating system, programming language execution environment,
database, and web server. Application developers can develop and run their
software solutions on a cloud platform without the cost and complexity of
buying and managing the underlying hardware and software layers. With some
PaaS offers like Microsoft Azure and Google App Engine, the underlying
computer and storage resources scale automatically to match application
demand so that the cloud user does not have to allocate resources manually.
The latter has also been proposed by an architecture aiming to facilitate real-
time in cloud environments.
A7.05.04 Software as a Service
(SaaS)
Software as a service (SaaS) is a software licensing and delivery model in which
software is licensed on a subscription basis and is centrally hosted. It is
sometimes referred to as "on-demand software". SaaS is typically accessed by
users using a thin client via a web browser. SaaS has become a common
delivery model for many business applications, including office & messaging
software, payroll processing software, DBMS software, management software,
CAD software, development software, accounting, collaboration, customer
relationship management (CRM), enterprise resource planning (ERP), invoicing,
human resource management (HRM), enterprise content management (ECM)
and service desk management.
Note: A New Zealand Government Common Capability is called Enterprise
Content Management as a Service (ECMS) and is an example of SaaS.
A7.05.05 Unified
Communications as a Service
(UCaaS)
In the UCaaS model, multi-platform communications over the network are
packaged by the service provider. The services could be in different devices,
such as computers and mobile devices. Services may include IP telephony,
unified messaging, video conferencing and mobile extension etc.
A7.05.99 Other ICT Services Any other ICT services which do not have an applicable application category.
A7.06 Core ICT Operation
Services
Services that support core ICT operations. This includes server configurations,
network operation services, file services, etc.
Document Version 1.0 Page 65 of 80
A7.06.01 Application Server In a three-tier environment, a separate computer (application server) performs
the business logic, although some part may still be handled by the user's
machine. After the popularity of the Web exploded in the mid-1990s,
application servers became Web-based.
An application server's function is dedicated to the efficient execution of
procedures (programs, routines, scripts) for supporting its applied applications.
It acts as a set of components accessible to the software developer through an
API defined by the platform itself.
A7.06.02 Communications
Server
Communications servers are open, standards-based computing systems that
operate as a carrier-grade common platform for a wide range of
communications applications and allow equipment providers to add value at
many levels of the system architecture.
A7.06.03 Compute / Simulation
Server
High performance servers used in simulation and modelling synthetic
environments such as gaming, defence, mining, and medical industries.
A7.06.04 Database Server Refers to a collection of information organised in such a way that a computer
program can quickly select desired pieces of data. A database management
system (DBMS) is a software application providing management,
administration, performance, and analysis tools for databases.
A7.06.05 File Server A file server is a computer attached to a network that has the primary purpose
of providing a location for shared disk access, i.e. shared storage of computer
files (such as documents, sound files, photographs, movies, images, databases,
etc.) that can be accessed by the workstations that are attached to the same
computer network.
A7.06.06 Mail Server A mail server is a computer that serves as an electronic post office for email.
Mail exchanged across networks is passed between mail servers that run
specially designed software. This software is built around agreed-upon,
standardised protocols for handling mail messages and any data files (such as
images, multimedia or documents) that might be attached to them.
A7.06.07 Management Server A centralised device that receives information from sensors or agents on
devices from around the network, allowing specialist personnel to analyse and
manage the performance of those devices via a management console.
A7.06.08 Media Server Provide optimised management of media-based files such as audio and video
streams and digital images.
A7.06.09 Name Server / DNS A name server is a computer hardware or software server that implements a
network service for providing responses to queries against a directory service.
It translates an often humanly-meaningful, text-based identifier to a system-
internal, often numeric identification or addressing component. This service is
performed by the server in response to a service protocol request.
An example of a name server is the server component of the Domain Name
System (DNS), one of the two principal name spaces of the Internet. The most
important function of DNS servers is the translation (resolution) of human-
memorable domain names and hostnames into the corresponding numeric
Internet Protocol (IP) addresses, the second principal name space of the
Internet which is used to identify and locate computer systems and resources
on the Internet.
A7.06.10 Portal Server Portals represent focus points for interaction, providing integration and single-
source corporate information.
Document Version 1.0 Page 66 of 80
A7.06.11 Print Server A print(er) server is a device that connects printers to client computers over a
network. It accepts print jobs from the computers and sends the jobs to the
appropriate printers, queuing the jobs locally to accommodate the fact that
work may arrive more quickly than the printer can actually handle it.
A7.06.12 Proxy Server A proxy server is a server (a computer system or an application) that acts as an
intermediary for requests from clients seeking resources from other servers. A
client connects to the proxy server, requesting some service, such as a file,
connection, web page, or other resource available from a different server and
the proxy server evaluates the request as a way to simplify and control its
complexity. Proxies were invented to add structure and encapsulation to
distributed systems. Today, most proxies are web proxies, facilitating access to
content on the World Wide Web and providing anonymity.
A7.06.13 Storage Server Storage devices are designed to provide shared storage access across a
network. These devices provide extended storage capabilities to the network
with reduced costs compared to traditional file servers.
A7.06.14 Web Server A computer that provides World Wide Web services on the Internet. It includes
the hardware, operating system, Web server software, TCP / IP protocols, and
the Web site content (Web pages). If the Web server is used internally and not
by the public, it may be known as an "intranet server."
A7.06.99 Other Server
Configurations
Other server applications types not defined.
A7.07 Business Rules
Management Tools
Software and or services that allows organisations to abstract and execute
business rules from technology infrastructure and support the managerial
approach through enabling technology, bridging organisational and technology
silos.
A7.07.01 Business Rules
Management System (BRMS)
A BRMS or Business Rule Management System is a software system used to
define, deploy, execute, monitor and maintain the variety and complexity of
decision logic that is used by operational systems within an organisation or
enterprise. This logic, also referred to as business rules, includes policies,
requirements, and conditional statements that are used to determine the
tactical actions that take place in applications and systems.
A BRMS includes, at minimum:
- A repository, allowing decision logic to be externalised from core application
code.
- Tools, allowing both technical developers and business experts to define and
manage decision logic.
- A runtime environment, allowing applications to invoke decision logic
managed within the BRMS and executes it using a business rules engine.
A7.07.02 Business Rules Engine A business rules engine is a software system that executes one or more
business rules in a runtime production environment. The rules might come
from legal regulation ("An employee can be fired for any reason or no reason
but not for an illegal reason"), company policy ("All customers that spend more
than $100 at one time will receive a 10% discount"), or other sources. A
business rule system enables these company policies and other operational
decisions to be defined, tested, executed and maintained separately from
application code. Rule engines typically support rules, facts, priority (score),
mutual exclusion, preconditions, and other functions.
Document Version 1.0 Page 67 of 80
Interfaces and Integration
Note: Detailed diagrams are available as .png files, and this table is available as an Excel file.
Name Description
A8 Interfaces and
Integration
The Interfaces and Integration application area refers to the collection of
software and services that support how agencies will interface and integrate
both internally and externally. This includes interfaces and integration with
back office / legacy assets as well as the use of gateways and portals as points
with which to integrate.
A8.01 Integration Defines the software services enabling elements of distributed business
applications to interoperate. In particular, service integration offers a set of
architecture services such as platform and service location transparency,
transaction management, basic messaging between two points, and
guaranteed message delivery.
A8.01.01 Services Integration In SOA compliant systems/services, provides the application functionality to
manage SOA-based integration, including the Services Registry.
A8.01.02 Enterprise Service Bus In SOA compliant systems/services, the software layer used for designing and
implementing the interaction and communication between mutually
interacting software applications in SOA environments.
A8.01.03 Enterprise Application
Integration (EAI)
Support the redesigning of disparate information systems into one system that
uses a common set of data structures and rules.
A8.01.03.01 Broker Refers to software used to 'broker' interfaces; typically with legacy systems
that are not SOA compliant. This includes integration with various protocol or
software specific adapters. Also includes mapping of data as it passes from the
source system to the destination system(s).
A8.01.03.02 Adapter Refers to a protocol or software specific interface, typically for integration to a
legacy system that is not SOA-enabled. Examples of adapters include API
wrapper, FTP, Database, Message queuing, Siebel adapter.
A8.01.03.03 File Transfer Refers to software or protocols specifically used for file transfer handling; such
as FTP or SFTP protocols, and specialist utility applications.
A8.01.04 Legacy Integration Support the communication between newer generation hardware/software
applications and the previous major generation of hardware/software
applications.
A8.02 Data Interoperability Data Interoperability defines the software and or services for sharing data and
services across disparate systems and vendors.
A8.02.01 Data Structure
Dictionary
This service holds the data definition, structure, and metadata and mapping
rules used by the data transformation service to map incoming messages to the
required destination services or software.
A8 Interfaces and IntegrationA8 Interfaces and IntegrationA8 Interfaces and IntegrationA8 Interfaces and IntegrationA8.01 IntegrationA8.01 IntegrationA8.01 IntegrationA8.01 Integration A8.03 InterfaceA8.03 InterfaceA8.03 InterfaceA8.03 InterfaceA8.02 Data InteroperabilityA8.02 Data InteroperabilityA8.02 Data InteroperabilityA8.02 Data Interoperability A8.04 GatewaysA8.04 GatewaysA8.04 GatewaysA8.04 GatewaysA8 Interfaces and IntegrationA8 Interfaces and IntegrationA8 Interfaces and IntegrationA8 Interfaces and IntegrationA8.01 IntegrationA8.01 IntegrationA8.01 IntegrationA8.01 Integration A8.02 Data InteroperabilityA8.02 Data InteroperabilityA8.02 Data InteroperabilityA8.02 Data Interoperability A8.03 InterfaceA8.03 InterfaceA8.03 InterfaceA8.03 Interface A8.04 GatewaysA8.04 GatewaysA8.04 GatewaysA8.04 Gateways
Document Version 1.0 Page 68 of 80
A8.02.02 Data Transformation
Service
The Data Transformation Service takes incoming messages and transforms and
maps the data to the output format needed by the destination service or
software.
A8.03 Interface Software or services supporting the communicating, transporting and
exchanging information through a common dialog or method. Delivery
Channels provide the information to reach the intended destination, whereas
Interfaces allow the interaction to occur based on a predetermined framework.
A8.03.01 Service Discovery Software or services supporting the method in which applications, systems or
web services are registered and discovered.
For example: Universal Description, Discovery and Integration (UDDI) are a
platform-independent, Extensible Markup Language (XML)-based registry by
which businesses worldwide can list themselves on the Internet, and a
mechanism to register and locate web service applications. UDDI is an open
industry initiative, sponsored by the Organisation for the Advancement of
Structured Information Standards (OASIS), for enabling businesses to publish
service listings and discover each other, and to define how the services or
software applications interact over the Internet.
A8.03.02 Service Description /
Interface
Software or services supporting the method for publishing the way in which
web services or applications can be used.
For example: The Web Services Description Language (WSDL) is an XML-based
interface definition language that is used for describing the functionality
offered by a web service. The acronym is also used for any specific WSDL
description of a web service (also referred to as a WSDL file), which provides a
machine-readable description of how the service can be called, what
parameters it expects, and what data structures it returns.
A8.03.03 API Software components that use an application programming interface (API) to
communicate with each other. May include specifications for routines, data
structures, object classes, and variables.
A8.03.04 Electronic Business
eXtensible Markup Language
(ebXML)
Electronic Business using eXtensible Markup Language, commonly known as e-
business XML, or ebXML as it is typically referred to, is a family of XML based
standards sponsored by OASIS and UN/CEFACT whose mission is to provide an
open, XML-based infrastructure that enables the global use of electronic
business information in an interoperable, secure, and consistent manner by all
trading partners.
A8.03.05 RESTful APIs RESTful APIs do not require XML-based Web service protocols (SOAP and
WSDL) to support their interfaces as they use HTTP. Representational State
Transfer (REST) is a style of software architecture for distributed hypermedia
systems such as the World Wide Web.
A8.03.06 Web API A Web API is a development in Web services where emphasis has been moving
to simpler representational state transfer (REST) based communications.
RESTful APIs do not require XML-based Web service protocols (SOAP and
WSDL) to support their interfaces.
A8.03.07 Web Services (WS-*) A Web service is a method of communication between two electronic devices
over a network. It is a software function provided at a network address over
the Web with the service always on as in the concept of utility computing.
“WS-“is a prefix used to indicate specifications associated with Web Services
and there exist many WS* standards including WS-Addressing, WS-Discovery,
WS-Federation, WS-Policy, WS-Security, and WS-Trust, WS-
SecureConversation, WS-Federation, WS-Authorisation, WS-Privacy, WS-Test.
Document Version 1.0 Page 69 of 80
A8.03.99 Other Application
Interfaces
Other application interfaces.
A8.04 Gateways Software and or services used for information-layer gateways and automated
electronic interfaces between networks or systems. Does not extend to
boundary protection devices. Provides the various gateways that are used to
provide automated electronic interfaces with external organisations or parties,
and internally between communities of interest or network domains.
A8.04.01 B2B Software and or services that provides B2B (Business to Business) gateway
functionality. Includes variations such as C2G (Citizen to Government), G2G
(Government to Government), and B2G (Business to Government).
A8.04.02 Command and Control Software and or services that provides system-system gateway interaction for
the exchange of C2 critical information, such as Battle Management System
'tracks', obstacles, events, items of interest. Typical standard here would be the
Multilateral Interoperability Programme (MIP) JC3IEDM (STANAG 2252).
A8.04.03 Formal Messaging Software and or services that provides system-system gateway interaction for
official, mission critical messaging services that typically have attributes such as
non-repudiation, full-traceability (audit tracking), guaranteed delivery
timelines.
A8.04.04 Informal Messaging Software and or services that provide system-system gateway interaction for
email services. This may just be an enterprise application, such as Microsoft
Exchange, or an external providers own services.
A8.04.05 Remote Access Software and or services that provides system-system gateway functionality to
manage user remote-access to the organisations networks or systems. Typically
web-based using VPN protocol and thin-client delivery.
A8.04.06 SMS/MMS Software and or services that provides system-system gateway interaction for
SMS or MMS messaging services.
A8.04.07 Web Access Software and or services that provides system-system gateway functionality to
manage web-based access.
A8.04.99 Other Gateways Software and or services that provides other gateway types.
For example:
- Intelligence; provides system-system gateway interaction for exchange of
intelligence-led information. Typical standard here would be the MAJIIC data
model.
Document Version 1.0 Page 70 of 80
Specialist Line of Business Applications
The Specialist Line of Business Applications domain is intended to be used by agencies to add the unique
business applications used to support specific functions within that agency, or could be a unique application
supporting multiple agencies, for example within a sector such as health.
Note: The specific line of business applications should have direct alignment to the Business Reference
Taxonomy sub business functions or line of business.
Note: This domain should not contain common business applications; a common application is where
multiple agencies have an implementation of a business application category.
Document Version 1.0 Page 71 of 80
Appendix – GEA-NZ v3.0 Application and ICT Services Reference
Taxonomy in Context with Other Artefacts These tables are showing the relationship of the GEA-NZ Application and ICT Services Reference Taxonomy in context with other artefacts. The legend used in the tables
consists of solid black ‘ticks’ showing a direct and easily attributable dependency, and a lighter grey ‘tick’ that indicates a reduced level or limited dependency applicability.
Strategy and Policy
Str
ate
gy
an
d P
oli
cy
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
Government ICT Strategy and
Action Plan
This is the guiding document for government ICT strategy for
delivery of integrated digital services, information assurance and
the realisation of the economic potential of the government’s
information holdings.
� � � �
�
Better Public Services Results A set of ten goals for improving public services across New
Zealand. �
� � �
Government Common
Capability Roadmap
The prioritisation and sequencing of government common
capabilities produced by the GCIO. � � � � � � �
Action Plan / Government
Common Capability Matrix
Traceability from the Action Plan to government common
capabilities produced by GCIO. � � � �
Better Public Service /
Government Common
Capability Matrix
Traceability from better public services to government common
capabilities. �
�
�
�
Architecture Governance
Recommendations
Architecture governance recommendations the implementation of
controls for the design of all architectural components and
activities, to ensure effective evolution of architectures within the
agency. It sets out compliance with internal and external
standards and regulations, and guidelines that ensure
accountability for the architectural solutions within and across
agencies.
� � � �
�
Four Year Plans and Excellence
Horizons
Central agencies’ view across all agencies’ Four Year Plan,
Excellence Horizon Programme and transformation programmes. � � �
� � �
AoG Risk and Assurance
Framework
GCIO Assurance artefacts including operational and project
assurance frameworks. � � � � �
Agency and Sector
Agency Four Year Plan Four-Year Plans set out what the agency is seeking to achieve and
how it plans to achieve this. It sets out how the agency intends to
address challenges facing delivery of its strategy, including how it
will manage within existing funding levels.
https://www.ssc.govt.nz/four-year-plans
�
� �
� �
� �
Agency Change Portfolio This is the pipeline of potential change initiatives that are being
contemplated at agency and sector level. � � � �
� �
Agency Investment Plans These are the planned investments, prioritised and drawn from
the change portfolio, which the agency/sector intends to
undertake within its planning horizon. �
� �
� �
�
Business Motivation Model The BMM captures business requirements across different
dimensions to justify what the agency is aiming to achieve, how it
plans to get there, and how it assesses the result. It will provide a
scheme and structure for developing, communicating, and
managing business plans.
�
Agency Information Systems
Strategic Plan (ISSP)
The ISSP is the information technology component of the overall
business strategy. It should cover the following aspects: people,
data, policies, processes and systems.
http://www.ssc.govt.nz/node/5860
�
� �
� �
� �
Agency ICT roadmaps Agency roadmaps guided by ISSP, Strategy and Action Plan, and
internal ICT initiatives. � � � � � � �
Agency Architecture
Governance Framework
Architecture governance framework sets out the controls for the
design of all architectural components and activities, to ensure
effective evolution of architectures within the agency. It ensures
the compliance with internal and external standards and
regulations, and ensures the accountability for the architectural
solutions within and across the agency.
�
� � � �
� �
Legislation List of acts that are administered by the agency.
� �
Agency Policy and Governance List of relevant agency policies and related governance structures,
including Investment, risk and assurance, enterprise programme
management (EPMO), and enterprise design authority. � � �
� � �
Agency Risk and Assurance
Framework
Agencies are required to maintain an enterprise risk and
assurance model and an associated hierarchy of risk registers. � � � � � � �
Document Version 1.0 Page 72 of 80
Performance P
erf
orm
an
ce
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
AoG Enterprise Architecture
Maturity Assessment tool
Enterprise Architecture (EA) maturity assessment guides
agencies to improve their enterprise architecture capability to
the level needed to achieve their strategic goals.
� �
�
Action Plan Performance Targets GCIO and Cabinet targets for government ICT transformation.
� � � � � �
Better Public Services
Performance Results
Better Public Services (BPS) results are State Services
Commission targets for improving public service outcomes. �
�
Benchmarking Administrative and
Support Services
Benchmarking Administrative Support Services (BASS) is an
annual Treasury benchmarking service to support agencies to
make value for money assessments, with target-setting, and
the tracking of improvements over time.
�
� � �
Performance Improvement
Framework
Performance Improvement Framework (PIF) is a SSC review of
agency's fitness-for-purpose today and for the future using the
PIF Framework. It looks at the current state of an agency, then
how well placed it is to deal with the issues that confront it in
the medium-term future. It looks at the areas where the
agency needs to do the most work to make itself fit-for-
purpose.
�
� � �
Technology Performance
Framework
BASS and PIF are coarse-grained and we need more fine
grained ICT specific measurements. � � � � � �
� � �
Agency
Agency Enterprise Architecture
Maturity Assessment results and
improvement plan
Results of the Enterprise Architecture Maturity Assessment and
a plan to improve the maturity level of EA within the agency. �
� �
� � � � �
Agency Performance
Improvement Model The agency SSC PIF report and associated modelling supporting
performance improvement. Includes the Four Year Excellence
Horizon.
� � � � � �
Agency Specific Customer
Performance Measurements
Agency customer related targets which need to be met.
Agency Specific Action Plan
Performance Targets
Action plan agency related targets which need to be met.
� � � � � �
Agency Specific Better Public
Services Performance Targets
Better Public Services (BPS) agency related targets which need
to be met.
� � � � � �
Agency Benchmarking
Administrative Support Services
Report
The agency annual Treasury benchmarking (BASS) report
supporting the agency to make value for money assessments,
with target-setting, and tracking of improvements over time.
� � � � � �
Agency Data and Information
Quality Measurements
Agency related data and information quality targets.
Agency Application Portfolio Risk
/ Currency Heat Map
An overview of effectiveness and sustainability risks across the
agency’s application portfolio. � � � � � �
Agency Technology Performance
Measurements
Agency related technology performance targets. � � � � � �
� � �
Document Version 1.0 Page 73 of 80
Business
Customer
Bu
sin
ess
Cu
sto
me
r
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
AoG Customer Personas and
Profiles
The customer personas and profiles are defined by R9
(business) and R10 (individual) and provide a means of cross
agency alignment within the context of these result areas. (R9
and R10)
AoG Customer Experience and
Usability
Customer experience and usability is the sum of all experiences
a customer has with government and this over the duration of
the relationship with the customer. This includes awareness,
discovery, attraction, interaction, purchase, enrol, use,
cultivation and advocacy.
Organisation and Individual
Customer Identity and Access
Management
Addresses the mission-critical need to ensure correspondence
of identity and appropriate access to resources across business
and technology while meeting privacy and other compliance
requirements.
�
� � �
� �
Agency
Agency Customer Personas and
Profiles
The agency specific customer personas and profiles are defined
by the agency and will provide an oversight of the different
kind of customers for that agency.
Customer Experience Customer experience is the sum of all experiences a customer
has with the agency and its services, and this over the duration
of their relationship with the customer. This includes
awareness, discovery, attraction, interaction, purchase, enrol,
use, cultivation and advocacy.
Customer / Channel Matrix Shows the relationship between the agency’s customers and
the channels. � � �
� � �
Customer / Product and Service
Matrix
Shows the relationship between the agency’s customers and
their products and services.
� � � �
Channel
Bu
sin
ess
Ch
an
ne
l
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
AoG Channel Strategy A co-ordinated cross-agency channel strategy for government
that covers business and citizen services across all channels
including digital/mobile, assisted, face-to-face, call centre, etc. �
�
� � �
AoG Channel Types The channel types defined by R9 (for business) and R10 (for
individual persons) will be provided as a means of cross agency
alignment. �
�
� � �
AoG Channel Catalogue An AoG channel catalogue with channels such as www.govt.nz. �
�
� Agency
Channel Catalogue An agency specific channel catalogue. �
� � � Channel / Product and Service
Matrix
Shows the relationship between the agency’s channels and
their product and services. �
� � �
Document Version 1.0 Page 74 of 80
Product and Service B
usi
ne
ss
Pro
du
ct a
nd
Se
rvic
e
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
Business Reference Taxonomy Business reference taxonomy defines the business terminology,
and provides a coherent description and conceptual structure
of the functions and services for New Zealand. � � � �
�
Agency
Product and Service Catalogue An agency’s product and services catalogue.
�
�
Product and Service /
Organisational Structure Matrix
Shows the relationship between the agency’s product and
services and their organisational structure. I.e. which
department is responsible for which product or services.
�
�
Product and Service / Process
Matrix
Shows the relationship between the agency’s product and
services and their processes. I.e. which process produces,
handles, changes which product or services.
�
� �
People and Organisations
Bu
sin
ess
Pe
op
le a
nd
Org
an
isa
tio
ns
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
New Zealand Public Sector The structure of New Zealand’s Public Sector, this includes the
public services, state services, state sector and public sector
and the government sectors and clusters.
https://www.business.govt.nz/procurement/pdf-
library/agencies/NZ-Public-Sector-agencies-list.pdf
�
�
New Zealand Industry Sectors This provides an overview of all the industry sectors that make
up New Zealand’s economy. This is provided by MBIE.
http://www.mbie.govt.nz/what-we-do/business-growth-
agenda/sectors-reports-series
�
�
Agency
Delivery Partners Shows an overview of the agency’s vendors and business
partners. � � � � �
Agency Organisational Structure Shows an overview of the organisational structure of the
agency. � � �
�
Workforce Plan Describes how the agency's workforce composition and
development will evolve in response to agency strategy and
transformation. � � � �
�
Document Version 1.0 Page 75 of 80
Process B
usi
ne
ss
Pro
cess
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
Accelerated Delivery
Methodology
The Accelerated Delivery Methodology (ADM) improves the
collaboration between agencies, the speed and quality of
projects and will decrease costs of large scale business cases
and funding requirements. The ADM was developed by DIA for
all-of-government projects.
Business Process Management
Maturity Assessment Tool
Business Process Management (BPM) maturity assessment tool
and guidelines for using a subset of the BPMN to describe high
level business processes consistently across government.
Note: Full BPMN would be used where processes are to be
automated using standards such as BPEL (Business Process
Execution Language).
Agency
Business Process Management Business process management (BPM) is a management
discipline that focuses on improving agencies performance by
managing and optimising their business processes. It enables
agencies to be more efficient, more effective and more capable
of change than a functionally focused, traditional hierarchical
management approach. These processes impact the cost and
revenue generation of an agency. The Agency BPM should
include:
* Library of current state business processes
* Project based library of future state processes
* Process / Business Application matrix
� � � �
�
Process Inventory Inventory of all the business processes within the agency and
the interactions between processes, products, services,
information and infrastructure. � � � �
�
BPM Maturity Assessment
Results and Improvement Plan
Results of the Business Process Management Maturity
Assessment and a plan to improve the maturity level of
Business Process Management within the agency.
Document Version 1.0 Page 76 of 80
Data and Information D
ata
an
d I
nfo
rma
tio
n
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
AoG Data Asset Catalogue This is a catalogue of important data and information assets
required, produced across government. This includes template
and guidelines. �
�
�
Data Reference Taxonomy The data and information reference taxonomy defines a
standard means by which data may be described, categorised,
and shared, and it facilitates discovery and exchange of core
information across organisational boundaries. Includes a
conceptual data model which is a simple abstract data model
used for communicating ideas to a wide range of stakeholders.
�
�
�
Data and Information Quality
Framework.
Framework to insure the quality of the data and information
within and across agencies. � � �
Party Domain Model The party domain model describes the management of the
core identity, relationships and channel preferences of a Party,
where a Party is defined as an individual or organisation with
which NZ Government interacts or about which NZ
Government holds information.
Data and Information
Governance Maturity Assessment
Tool
Data and Information Governance maturity assessment tool
and guidelines are focussed on the use, management and
quality of data and information within an agency. It is a low-
cost tool, developed by DIA, to help agencies assess current
level of maturity and to develop appropriate structures and
processes towards the next level of maturity.
�
�
�
Agency
Data Asset Catalogue This is a catalogue of important data and information assets
required or produced by an agency in order to deliver its
products and services to customers. �
�
�
Data and Information Maturity
Assessment Results and
Improvement Plan
Results of the data and information governance maturity
assessment and an optional plan to improve the maturity level
of data and information governance within the agency �
�
� � � �
Application and ICT Services
Ap
pli
cati
on
an
d I
CT
Se
rvic
es
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
AoG Business Application Asset
Catalogue
Catalogue of the significant business applications across
government taken from the collective agency business
application catalogues. This includes template and guidelines. �
�
�
Application and ICT Service
Reference Taxonomy
The application and ICT service reference taxonomy provides
the basis for categorising applications and their components. � �
�
Common Services and API
Catalogue
Catalogue of the common services and APIs across
government. This includes template and guidelines. � �
�
Agency
Application Portfolio / Catalogue Inventory and management of applications and ICT services
used by the agency. At minimum this should be based on GCIO
template that captures classification, ownership, maintenance
risks, operational cost, investment plan etc.
�
�
� � � �
Total Cost of Ownership Models Calculation of the total cost of ownership of application assets
and services over a given period (usually 5-7 years) including
depreciation, cost of capital, maintenance, licensing,
enhancements, and operating costs (business and technology)
for all components.
�
�
� � � �
Services and API Catalogue Catalogue of the agency specific services and APIs. � � � � � � ICT Service Inventory and Service
Management Model
ICT Service Inventory and Service Management Model. � �
�
Document Version 1.0 Page 77 of 80
Infrastructure In
fra
stru
ctu
re
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
AoG Infrastructure Asset
Catalogue
Catalogue maintained by DIA’s Commercial Strategy and
Delivery for generally available government common
infrastructure capabilities. � � � � � � � � � �
Infrastructure Reference
Taxonomy
The infrastructure reference taxonomy provides a
categorisation schema for IT infrastructure assets
Agency
Infrastructure Asset Catalogue Catalogue application and ICT services available to an agency
maintained by an agency's ICT department. � � � � � � � � � �
Infrastructure Asset Management The inventory and management of which applications exist and
their main characteristics such as flexibility, maintainability,
owner, operational cost, investment plan etc. �
� � � � � � � �
Total Cost of Ownership Models Calculation of the total cost of ownership of infrastructure
assets and services over a given period (usually 5-7 years)
including depreciation, cost of capital, maintenance, licensing,
enhancements, and operating costs (business and technology)
for all components.
�
� � � � � � � �
Agency Configuration
Management Database
The Agency Configuration Management Database (CMDB)
contains all relevant information about the components of the
information systems used in an agency's IT services and the
relationships between those components. Shown here as part
of the application and ICT services and infrastructure areas as it
typically maps the application and ICT services to the actual
platforms and hardware they are deployed on.
�
� � � �
� � �
Document Version 1.0 Page 78 of 80
Security and Privacy S
ecu
rity
an
d P
riv
acy
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
NZ Security and Privacy Policies,
Regulations and Laws
Privacy Act; NZISM 2014; PSR 2014 (incorporating SIGS, PSM
and NZISM); NZ Cyber Security Strategy (Jun 2011);
� � � �
National and International
Security and Privacy Standards
ISO/IEC-270xx:2011 series; AS/NZS ISO 31000:2009 Risk
Management; NIST-SP-800-53;
� � � �
Security and Privacy Guidelines
and Best Practice
CMU OCTAVE Allegro Risk Assessment methodology; SABSA
Security Maturity Framework; COBIT; OWASP
� � � �
AoG Guidelines and Assurance Risk Assessment Process – Information Security; Cloud
Computing – Information Security and Privacy Considerations
[104 Questions]; � � � � �
� �
Common Threats and
Vulnerabilities Taxonomies7
DSD (ASD) Top 4 Mitigation Strategies8; ISO/IEC-27002; SANS;
GEA-NZ v3.0 Taxonomies; Cyber Critical Security Controls (Top
20)9;
� � � � � �
� �
Security and Privacy Maturity
Assessment Tools and Guidelines
GCPO Privacy Maturity Assessment Framework; ICT Security
Maturity Assessment; � � � �
Agency
Agency/Sector Specific Security
and Privacy Policies and
Guidelines
[Information] Security Strategy; Information Security Policy;
Security Risk Management Policy/Plan; System/Service Security
Policy/Plan.
Additional security and privacy regulations and guidelines for
an agency, such as: Business Continuity and Disaster Recovery
Plans; ICT Incident Management Plans; Standard Operating
Procedures; Audit reports; PKI Management Plans (CP, CPS,
etc.); Assurance/Performance metrics and reporting; Security
Architecture(s);
�
�
� �
Agency Specific Threats and
Vulnerabilities Taxonomies
Threats and vulnerability taxonomies are inputs to risk
assessments. Agencies should identify threats and
vulnerabilities specific to their business from the AoG
mandated and advisory sources (above, and as regularly
revised by GCSB/NCSC); Configuration Management Database
(CMDB); Asset Register; Approved Software Catalogue.
� � � � � �
� �
Agency Security and Privacy Risk
Artefacts
Risk Register: Agencies are required to maintain a hierarchy of
risk registers from agency to specific projects, teams and
system levels. Security related items to be included at each
level, in a suitable format.
Risk Action Plan: Agencies are required to produce risk action
(mitigation) plans for each system, project, service and other
unique environment or capabilities deemed critical to agency
operations.
� � � � �
� � �
Agency Security and Privacy
Maturity Assessment Results and
Improvement Plan
Results for all security and/or privacy maturity assessments
(including the Cloud Considerations Questionnaire) conducted
by the agency, and an associated plan to improve the maturity
level of security and privacy within the agency.
� � �
�
� �
Project Related Security and
Privacy Assessments
(Certification and Accreditation)
The Certificate and report (results) from the C&A process for
projects, systems, services deemed critical to the agency’s
operations, to ensure compliance with government and
agency’s security regulations.
Results for an agency specific project performing the security
and privacy maturity assessment to make sure the project is in
line with the government and agency’s regulations around
security and privacy.
�
� �
� � �
7 Threats and Vulnerability taxonomies are inputs to Information Security Risk Assessments.
8 http://www.asd.gov.au/infosec/mitigationstrategies.htm
9 http://www.cpni.gov.uk/advice/cyber/Critical-controls/ or; http://www.sans.org/critical-security-controls/ or; http://www.counciloncybersecurity.org/practice-areas/technology
Document Version 1.0 Page 79 of 80
Standards S
tan
da
rds
Art
efa
ct
De
scri
pti
on
AR
T G
uid
es
/ In
form
s
Art
efa
ct
AR
T U
ses
/ C
on
sum
es
Art
efa
ct
AR
T C
ate
go
rise
s
AR
T D
esc
rib
es
AR
T A
ids
Tra
cea
bil
ity
AR
T A
ids
Pri
ori
tisa
tio
n
AR
T I
de
nti
fie
s In
ve
stm
en
t
Are
as
AR
T I
de
nti
fie
s D
up
lica
tio
n
AR
T I
de
nti
fie
s R
isk
Are
as
AR
T P
rov
ide
s C
om
mo
n
Lan
gu
ag
e
All of Government
GEA-NZ Standards These are the technical interoperability standards for which the
Government Enterprise Architecture team are responsible to
manage, co-ordinate and publish. �
�
�
National and International
Standards and Guidelines
GEA-NZ aligned reference to National and International
Standards and Guidelines � � �
Agency
Agency Standards These are the technical standards for which the agency is
responsible to manage, co-ordinate and publish. � � � � �
Document Version 1.0 Page 80 of 80