An architectural risk assessment is not a penetration test or merely a vulnerability scan. It is an engineering process with the aim of understanding, defining, and defending all the functional output from customers, line workers, corporate staff, and client-server interactions. Architectural risk assessments include ethical hacking, source code review, and the formation of a new network design. As Fred Donovan wrote in the Cutter Consortium Executive Update, Architectural Risk Assessment: Matching Security Goals to Business Goals, “Performed correctly, [an architectural risk assessment] will empower the technology staff and enable the business to focus less on security and more on customers.” According to Donovan, the first step of an architectural risk assessment is to conduct interviews Read more
Thoughts on developing a strategic plan for implementing EA programs, how to provide your teams with the technical skills needed to implement a service-oriented architecture, understanding what’s involved in creating a business architecture, and more.
Many enterprise architecture (EA) teams struggle with creating a program that demonstrates the level of strategic value that they believe EA should have. Even after following all the advice in frameworks and online articles, chief architects and CIOs still struggle as EA programs fail to reach their potential as an influencer of strategy execution across the enterprise. There are five steps that Cutter Senior Consultant Nick Malik advises EA teams must do to go from a tactical technical program to a strategic role. Ironically, these activities are somewhat tactical in nature. According to Malik, “this is block-and-tackle work”. In his recent Business & Enterprise Architecture Executive Report, “Climbing the Ladder: 5 Steps to Connect EA Read more
Simplicity is a great virtue but it requires hard work to achieve it and education to appreciate it. And to make matters worse: complexity sells better. — Edsger W. Dijkstra Architecture’s raison d’être is to manage complexity and enable value generation for the enterprise that rests on it. But does the enterprise of architecture always produce the architecture for the enterprise? My experience tells me that it often does not. Sometimes, though, in our finest moments, we manage to architect things of elegance that push our enterprises and industry to much higher levels. It may not all be by design; emergence may be a better explanation for some of our architectural accomplishments. So, what would Read more
The role of enterprise architecture and the enterprise architect has steadily grown in scope and in importance over the last two decades. Although many EA teams operate as part of the IT department, others are taking a more active position as they help to inform and guide strategy planning, investment and transformation at the enterprise-level. We have reached a stage where EA, as a discipline, is well-established within many enterprises as a core capability. But increasingly the boundary of “enterprise” architecture is extending beyond organizational boundaries. The domain of the enterprise architect is changing, as more and more “enterprise” architecture components are sourced externally. Social and environmental architectures are as important to an enterprise architecture Read more
Digital business requires change across a very wide range of areas. There is an increasing use of storage, vastly expanded networking requirements, and a rise in the virtualization of all equipment. Digital systems deployed on the network can be replicated, modeled, and situated anywhere, so we have seen virtual networks, virtual servers, virtual mobile solutions, and virtual workstations of all types. Virtualization creates a need for new management techniques that control, replicate, and abandon virtual components on an automatic basis and manage their various interactions. Information technology is moving outside the firm to the public cloud, either directly or connected through a hybrid cloud mechanism. All aspects of IT are becoming increasingly connected to all Read more
2015 is an anniversary year for Enterprise Architecture. It is 40 years since Richard Saul Wurman coined the phrase “Information Architecture” — in 1975. Information Architecture became Information Systems Architecture, and then Enterprise Architecture. I predict that enterprise architects will use this anniversary to reflect on the history of our discipline and its position within the organization structure. For a long time, EA was firmly part of the IT department. More recently the EA team has been found as a stand-alone unit, independent of IT or business. 40 years on, EA will increasingly establish its role as a key member of strategic decision making, capability evolution and organizational change management. To a certain extent, Enterprise Architects Read more
In the next three years, more enterprises will reposition their Enterprise Architecture practices to become architecture truly at the Enterprise level, going beyond using “Enterprise” as a mere prefix to what, in reality, has been an IT-centric architecture. There will be a critical mass of enterprises doing this — enough to make Enterprise Architecture understood as what it should have been in the first place. What are some of the changes we will see in Enterprise Architecture (EA) as this trend goes mainstream? More Business and IT collaboration in the activities of Enterprise Architecture More Enterprise Architects with skills that are enterprise-grade skills Enterprise Architecture that includes Business Architecture as the frame within which the Read more