Principles and Standardization COIT Architecture and Policy Subcommittee

Transcription

1 Enterprise Information Technology Architecture Principles Enterprise Information Technology Architecture is most effective when it is based on principles that guide development, maintenance, and use. A principle describes a consistent decision-making process with a justification, implications, and executive agreement. Principles ensure consistency, articulate how to manage change and affect individual decision-making. They also define the criteria used to assess architectural decisions and future investments. Intended outcomes 1. Business and information technology leaders plan collaboratively 2. IT leaders plan and execute information technology initiatives to support business needs and application changes 3. Infrastructure and application life cycles are clearly linked to business process life cycles 4. IT leaders save time and money and reduce risk by using repeatable, reusable solutions that are developed and applied to similar problems 5. IT leaders focus on the value of the solution to the business rather than its affect on any specific project What are the qualities of a well defined principle? It is unambiguous and not open to interpretation It is clear and concise without jargon or acronyms. It is prescriptive. It is not created in the context of a specific project or initiative. It defines a course of action or defines what should not be done. Principle #1: Business Needs To Serve Customers Will Drive Information Technology Decisions The information environment changes in response to the needs of the business. Business events define the boundaries of the information technology environment. Changes in technology provide an opportunity to improve business processes and to address changing business needs. Includes the business and its perspective in the information technology decision process Minimizes the unintended effects on business from information technology changes Information technology builds what the business needs, not what it wants Being focused on business needs makes it easier to identify technical impacts when business events change 1

2 Principle #2: City makes IT investments based on an evaluation of the overall impact and benefit Decisions made with a City-wide perspective have greater long-term value to the enterprise than decisions made from any particular Department s perspective. A common governance structure is needed to support citywide investment decision making. Information management initiatives need to align to the Citywide IT plan To achieving the maximum citywide benefit, the City will need to change the way it plans, reviews, approves and funds information technology initiatives. Technology alone cannot bring about this change. City Departments will use the established technology standards to develop information management initiatives If a technology standard meets a defined business need, Departments may need to concede their own technology preferences for the greater benefit of the City Principle #3: Common business solutions that are usable by more than one Department are preferable to similar or duplicative solutions in every Department. Duplicative solutions have a higher cost and lead to conflicting data and data representations, making it more difficult and costly for City Departments to share information. A common technology and City Department infrastructure will support shared business solutions Departments will not develop solutions for their own use that are similar or duplicate the functions of a Citywide solution Application components should be shared across Departmental boundaries May require changes to legislation and government code to guide separate departments to act in a unified manner 2

3 Principle #4: Enterprise information must be secure to prevent unauthorized access, modification, or destruction Hacking, viruses, and terrorism are an increasing threat to information technology systems. The City needs to keep its systems and sensitive data secure by using security best practices and by conducting security assessments on a regular basis Secure systems will ensure the continuity of the City s business activities. Information must be safeguarded against inadvertent or unauthorized alteration, sabotage, disaster, or disclosure. Security considerations must be an integral part of architecture design, not an afterthought. Security must enable and not impede business activities Security policies must be developed, published, and maintained. Repairing insecure systems that are compromised is time consuming and costly Principle #5: Compliance with established standards will improve interoperability and consistency Use of proven technology will simplify software design, reduce application development time, facilitate learning, improve systems maintenance and support, and promote information sharing between Departments, ultimately reducing the total cost of ownership. Establish a process for setting, reviewing and revising standards periodically, and granting exceptions. Information technology policies and procedures must support this principle. Fewer products and configurations simplify the information technology environment Principle #6: Control Technical Diversity The City is currently supporting many different types of components and platforms in its processing environment. This diversity of technology makes managing the IT architecture more complicated, leading to higher maintenance and support costs. Controlling the technical diversity also has many advantages: components will have common and standard forms. With common platforms and standards, it will be easier to assess the impact of adding new components; predict the value and return 3

4 on investment; and increase the flexibility to accommodate technological change. Using common technology across the City also brings the benefits of economies of scale. Technical administration and support costs will be lower when the available resources can focus their time and effort on a common and shared set of technology. The target architecture must be used in conjunction with the organization s investment review process and technology insertion plans. If architecture is an integral component of IT decision-making helps control the introduction of incompatible products Policies, standards, and procedures that govern acquisition of technology must be tied directly to this principle Technology choices will be constrained by the choices available within the technology blueprint. Procedures for augmenting the acceptable technology set to meet evolving requirements will have to be developed and emplaced The technology baseline will not be frozen. Technology advances will change the technology blueprint when compatibility with the current infrastructure, improvement in operational efficiency, or a required capability has been demonstrated to promote controlled innovation Principle #7 Applications Must Easy to Use and Maintain The underlying technology of all applications should be as easy to use as possible so that employees can concentrate on supporting business activities. When applications are easy to use, employees can work in the enterprise's integrated information environment rather than developing isolated systems to accomplish the same task outside of the integrated information environment. Most of the knowledge required to operate one system can be applied to others, which decreases the need for training and reduces the risk that employees will use a system incorrectly. Applications that have a common underlying standard and technology are also easier to maintain. Applications will be required to have a common "look and feel" and support ergonomic requirements. The City needs to set a standard for applications to ensure a common look and feel and develop usability test criteria Guidelines for ease of use for user interfaces should be guided by the language of the interaction, customer physical infirmities (visual acuity, ability to use keyboard/mouse), and proficiency in the use of technology Applications should leverage standard reference architectures based on their type and required capabilities Applications should be implemented following best practices to ensure improved maintainability 4

5 Principle #8 Ensure Continuity for Critical Business Functions As the City becomes more dependent on systems for its daily operations, it must consider the reliability of such systems, beginning with their design and construction, and continuing through their daily use. Business premises throughout the enterprise must have the capability to continue their core business functions regardless of external events. Hardware failures, natural disasters, and data corruption should not be allowed to disrupt business critical activities. All critical enterprise business functions must be able to operate on alternative information delivery mechanisms. As the City becomes more dependent on shared system applications, it must establish practices to manage the risk of business interruption. These practices include periodic reviews, testing for vulnerability and exposure, and designing redundant or alternative capabilities ensuring that the City can continue to provide mission-critical services. Recoverability, redundancy, and maintainability should be addressed at the time of design Applications must be assessed for criticality and impact on the enterprise mission, in order to determine what level of continuity is required and what corresponding recovery plan is necessary Action: Build an Infrastructure Blueprint (Applying all principles) The Infrastructure Blueprint (IB) supports architectural analysis and reporting in the host infrastructure sub-architecture view of the overall Enterprise Architecture. The IB is a component- driven taxonomy that categorizes the network/voice systems/server/cloud related technology and vendor standards to support and enable the delivery of voice, data, video, and mobile service components and capabilities. The IB also unifies existing department infrastructure standards and provides guidance on standard configurations by providing a foundation to advance the reuse and standardization of technology and service components. Aligning agency capital investments to the IB leverages a common, standardized vocabulary, allowing inter-department discovery, collaboration, and interoperability. Departments will benefit from economies of scale by identifying and reusing the best solutions and technologies for applications that are developed/provided or subscribed to support their business functions, mission, and target architecture via Enterprise Agreements. 5

6 References: 1. Gartner Enterprise Architecture Program - R. Scott Bittler Research VP 2. California Enterprise Architecture Framework Version 2.0 August 01,