ict strategy and architecture principles by ajay kumar uppal
TRANSCRIPT
®
®
Strategy and Enterprise
Architecture
Principles Ajay Kumar Uppal
®
Contents 1. Introduction 6 1.1 Purpose 6 1.2 Audience 6
2. Strategic Principles 7 3. Enterprise Architecture Principles 11 3.1 Overview 11 3.2 Principles Summary 11 3.2 Principles Summary 12 3.3 Rationale and Implication of the Principles 13 Value for money. 13 Don't reinvent the wheel 13 Vanilla First 14 No boundaries 14 XXXX Information 15 User friendly 15 Keep it scalable & robust 16 Keep it up 16 Keep it legal 17 Keep it safe 17 Keep it balanced 18
®
1. Introduction Within any organisation it is important to have clear principles for the Information Systems Strategy and Architecture. These principles provide the governance for the solutions that will be designed and deployed and set an overall framework for the architecture of the enterprise. The strategy is largely what we will do and when, the architecture how we will do it. . It is a reference document for the preparation of ITT and contractual documents.
1.1 Purpose The document provides a set of high level Strategic and Enterprise Architectural principles which will be used in the design and development of systems within XXXX Ltd
1.2 Audience The document will be a key reference point for the business and in particular for those engaged in the design and development of systems across XXXX Ltd. In particular the document is intended to provide high level guidance to Business Partners, Business Solution Managers, Solutions Architects, Project Managers, Business Analysts and procurement analysts.
®
®
2. Strategic Principles The summary of Strategic Principles specifically covers the period from the start of 20102011 Financial Year (Forward 2 Eleven) to March 2016. Ref Principle Rationale
Business Benefit
S000 Buy don’t Build Acquire industry standard products for solutions rather than building solutions,
● Reduce total cost of ownership● Reduce future maintenance and supplier tie in.
S001 Ring fencing non core capabilities.
Enables choice of solution e.g. outsourcing. These are business processes that are not part of our core competence e.g. HR.
● Access to best practice at cost effective price.● Predict and manage costs on fixed term basis
S002 Industry standardised Business Processes
Reduce support costs. Keeping core package as vanilla as possible reduces cost of implementation, operation and ongoing maintenance. Bespoke work to be done outside of the package. “Build your Own” only where there is a distinct market differentiator with added value.
● Best practice processes, cheaper operational cost,cheaper cost of change.
● Clarity of process.
S003 Industry standard products. Best of Breed.
Use of mainstream products, at the appropriate point in the technology lifecycle – neither leading edge nor obsolete. Mature proven benefits robust enough to service XXXX needs. Best of breed COTS (Commercial Off The Shelf) packages where possible rather than “build your own”
● Cheaper interfacing through compatibility,availability of staff to work with package.
● Predict and manage lifecycle change costs● Sweat assets
S004 Aim for acquisition of technology at the appropriate point in the product maturity cycle.
Unless driven by specific requirement (such as performance or scale, eschew immature or obsolete products. All products should be within support.
● Reduce risk of problems● Reduce risk of incompatibility● Reduce cost of maintenance and enhancement
S005 Commodity based
Provides Flexibility, Availability, Stability and a maturity of product and services.
● Reduced cost.● Improved choice of supplier.● Mature service and support offering
S006 Standards based approach
Standards enhance clarity and interoperability. Reduced dependence on bespoke solutions and supplier tiein. A standards based approach covers the full range of standards being adopted not just in the area of systems design but also in the areas of people, skills, processes and management.
● Reduced implementation and maintenance costs.● Flexibility of supplier.● Faster time to market.
®
Adoption of ITIL, CMMi, PRINCE, SFIA, TOGAF are examples of wider standards outside of the systems design community.
S007 Business Process Enablement
Systems to be designed to support well defined business processes. Focus on business needs and integration. Standard industry processes.
● Clarity of business process.● Flexible processes easily understood and modified
by the business.● Supports speed to market through clarity of
process.
S008 Regulation & Security
IT assets are valuable and must be protected. PO services, information and views that are presented to the public must be appropriately protected. PO service providers and suppliers must comply with legal requirements, policies, and regulations pertaining to confidentiality, integrity and availability.
● Protects brand image.● Protects our customers.● Protects our data.
S009 Manageable & Serviceable
Supports business processes and customer experience.
● Improves service to business and customer.
S010 RMG as a preferred supplier.
Treat RMG as preferred supplier of equal standing as other preferred suppliers. Objective cost based approach. Leverage group purchasing power
● Potential to move faster, potential to save money.
S011 Separate service layers
A service layer is a part of the architecture which performs a particular function, for example the communications network, or service management. This need to be designed so as that each layer is independent of the other layers, and that each communicates by means of standard interfaces. This architecture needs to extend into the structure of the contracts.
● Quicker, cheaper change – changes can belocalised functionally and don’t require such bigprogrammes.
● Technology changes can be isolated so thatproducts can be changed without impacting onother products.
● Supplier tiein is reduced as parts of a servicecan be bench marked and alternatively sourcedwith lower business impact.
S012 Functionality exposed as business services layer.
Deliver as standard reusable services which are independent of the user interface.
● Enables speed to market of new products andservices which reuse existing services.
S013 Open Systems Improves flexible, scalable, adaptable and extensible capabilities. Enables rapid response to changing needs. When systems are open, they are more cost effective due to extended utility and broader selections of vendors for adding new or replacement solutions
● Reduced implementation and maintenance costs,● Flexibility of supplier.● Speed to market.● Transparency of process.
S014 Systems and Platform Rationalisation
Rationalize the total number of platforms and systems across the estate to add clarity, build strategic partnerships and reduce diversity which drives costs up. Reduces overall costs and manageability.
● Cost Reduction● Flexibility ● Time to market● Improves manageability.
®
S015 Support our commitments to universal access for all
We have commitments to support access by all members of society. We have commitments to reach the wider public through network reach. DDA, etc
● Discharge our commitments to government.● Support our public responsibilities.● Protects brand image.● Meets EU & UK legal obligations.● Supports our customers.
S016 Adopt “Green”, “Ecofriendly” and “sustainable” operating principles
Reduce our carbon footprint in line with government targets for public bodies. Aspire to exceed our commitments both in terms of time and volume. Ensure commitments such as RoHS are complied with.
● Reduced operating costs.● Improve brand image.● Avoid political embarrassments.● Meet EU and UK legal obligations.
S017 Build in security and operability
Ensure security and operational requirements are considered at the start of the design on added on at the end
● Ensure operability and compliance at lowest cost
®
®
3. Enterprise Architecture Principles 3.1 Overview An Enterprise Architecture Principle is a statement which directs the formulation of the architecture and guides its construction. Principles are used to validate and justify the decisions made about the architectural options and components, so that solutions move XXXX towards its architecture vision. These principles are linked via the IT strategic principles to the business principles that form part of XXXX's business strategy. All lower level IS principles such as design principles are linked to the Enterprise Architecture principles. The Enterprise Architecture Principles can be grouped together under 4 main headings as outlined in the following diagram.
®
3.2 Principles Summary Ref. Goal Principle
A001 Value for money.
Solutions must ensure awareness of all costs, benefits and risks associated with any architecture decision. Solutions should aspire to be cost base neutral.
A002 Don't reinvent the wheel
XXXX will reuse existing products and services delivered as separate business service layers. The use of COTS (Commercial Off The Shelf) packages is preferred to bespoke development. Where bespoke development is required it must enable reuse across XXXX.
A003 Vanilla First Solutions will adopt industry standard practices, and only deviate where the value of deviation can be demonstrated and any associated risk is mitigated.
A004 No boundaries Processes & systems must be able to operate across internal and external organisational boundaries and be independent of location
A005 XXXX Information
All data within the XXXX environment should be managed in line with the requirements of XXXX as a whole, adhering to XXXX current standard data definitions,
A006 User friendly
Applications should be easy to use. Most of the knowledge required to operate a system should be transferable to other systems. The underlying technology should be transparent to users, to enable them to concentrate on tasks at hand. Conform to all regulatory and legal obligations relating to disabled accessibility.
A007 Keep it scalable & robust
Solutions should be scalable and robust to support expected current and future volatility of business transactions.
A008 Keep it up
Systems and services should have an availability profile suitable to the business processes being supported.
A009 Keep it legal
XXXX must conform to regulatory and legislative commitments.
A010 Keep it safe
Security should not be an afterthought or addon. Security considerations should begin with the requirements phase of development and be treated as an integral part of the overall system design.
®
A011 Keep it balanced
XXXX will optimise the number of its applications, application vendors and technology platforms.
®
3.3 Rationale and Implication of the Principles
Ref A001
Goal Value for money.
Principle
Solutions must ensure awareness of all costs, benefits and risks associated with any architecture decision. Solutions should aspire to be cost base neutral.
Rationale
XXXX must target its spending most effectively.
Implications
When selecting applications and technology solutions, Total Cost of Ownership (TCO) must be one of the key decisionmaking criteria. Best of breed IT procurement and license management processes must be in place. Manageability should be considered as part of this principle as it contributes to the long term TCO.
Ref A002
Goal Don't reinvent the wheel
Principle
XXXX will reuse existing products and services delivered as separate business service layers. The use of COTS (Commercial Off The Shelf) packages is preferred to bespoke development. Where bespoke development is required it must enable reuse across XXXX.
Rationale
XXXX should avoid duplicating existing functionality as it proliferates conflicting data and processes, with the related operational costs. Enhancing the capability of existing XXXX applications to deliver business functionality is usually more costeffective.
Implications
Solution documentation should describe all options considered, and the rationale for the option selected.
®
Ref A003
Goal Vanilla First
Principle
Solutions will adopt industry standard practices, and only deviate where the value of deviation can be demonstrated and any associated risk is mitigated.
Rationale
Customised solutions increase costs, take longer to implement and have greater risks. Customisation inhibits standard upgrade paths.
Implications
XXXX will adopt ‘industry standard’ processes and ‘vanilla’ application packages, in preference to customising packages to fit established XXXX custom & practice. XXXX will use standard products to ensure device independence is maintained. Any deviation by exceptional approval...
Ref A004
Goal No boundaries
Principle
Processes & systems must be able to operate across internal and external organisational boundaries and be independent of location
Rationale
XXXX requires effective communication across organisational boundaries to increase the effectiveness of its operations, improve service levels and reduce costs.
Implications
The XXXX applications, information and technology architecture will conform to open and industry standards that promote interoperability and choice. Integration should be built into the architecture at the beginning
®
Ref A005
Goal XXXX Information
Principle
All data within the XXXX environment should be managed in line with the requirements of XXXX as a whole, adhering to XXXX current standard data definitions,
Rationale
Data is the foundation of our decisionmaking ability. Data must be holistically managed to ensure availability, accuracy and consistency across XXXX.
Implications
Management of data at an enterprise level requires unique data definitions, a common understanding of who masters which data, and the timely provision of the appropriate data to the appropriate parties. Individual data solutions may appear compromised or overcomplex when viewed independently, but will provide holistic data when viewed across the enterprise. Solutions must consider endtoend business processes and the related data lifecycle in order to satisfy enterprise requirements for data.
Ref A006
Goal User friendly
Principle
Applications should be easy to use. Most of the knowledge required to operate a system should be transferable to other systems. The underlying technology should be transparent to users, to enable them to concentrate on tasks at hand. Conform to all regulatory and legal obligations relating to disabled accessibility.
Rationale
User productivity suffers as the need to understand the underlying technology increases. Training is kept to a minimum, and the risk of using a system improperly is low.
Implications
All aspects of heuristic design principles must be considered when designing the humancomputer interface of a system.
®
Ref A007
Goal Keep it scalable & robust
Principle
Solutions should be scalable and robust to support expected current and future volatility of business transactions.
Rationale
Changes in business requirements’ will force solutions to adapt to changes in transactional throughput, number of users, growth of products etc. XXXX solutions must accommodate these variances without interruption to service.
Implications
Capacity planning is critical and should be incorporated into early design, along with the appropriate service management processes. Solutions should be tested to design limits accommodating any projected growth, rather than any lower projectlevel limits.
Ref A008
Goal Keep it up
Principle
Systems and services should have an availability profile suitable to the business processes being supported.
Rationale
Customer facing operations are critical to XXXX's reputation.
Implications
Resilience, redundancy and recovery should begin with the requirements phase of development and be an integral part of design. Solutions and technology components must be assessed for criticality and impact to the business, in order to determine what level of continuity is required and what corresponding recovery plan is necessary.
®
Ref A009
Goal Keep it legal
Principle
XXXX must conform to regulatory and legislative commitments.
Rationale
Conformance to regulatory commitments, including the Disability Discrimination Act, will maintain confidence of the Public, Industries and Government.
Implications
Projects should engage with Legal & Compliance teams early in their lifecycle to understand their responsibilities’ and also to ensure that these teams are aware of the possible issues that may arise.
Ref A010
Goal Keep it safe
Principle
Security should not be an afterthought or addon. Security considerations should begin with the requirements phase of development and be treated as an integral part of the overall system design.
Rationale
Security requirements are pervasive across an organisation and a holistic approach will deliver effective and efficient solutions and mitigate business and personal vulnerability.
Implications
Projects should engage with the security team early in their lifecycle to understand their responsibilities’ and also to ensure that the security team is aware of the possible issues that may arise. Security sign off of solutions is vital.
®
Ref A011
Goal Keep it balanced
Principle
XXXX will optimise the number of its applications, application vendors and technology platforms.
Rationale
XXXX aims to reduce the complexity of its IT landscape by driving down the number of applications, vendors and technology platforms. Reducing the number and variety of applications and infrastructure technologies reduces the cost of software and hardware licenses, application and technology support and integration costs. The drive for reduction must be balanced with the need to avoid lockin to technology sets or vendors. This reduces the risk of technology deadends and maintains XXXX's ability to negotiate across multiple vendors.
Implications
XXXX will have a controlled blend of applications, technologies and vendors.