Establish Architecture Principles

o Business

Primacy of Principles

· These principles of information management apply to all organizations within the enterprise

· The only way we can provide a consistent and measurable level of quality information to decision-makers is if all organizations abide by the principles.

Maximize Benefit to the Enterprise

· Information management decisions are made to provide maximum benefit to the enterprise as a whole.

· Decisions made from an enterprise-wide perspective have greater long-term value than decisions made from any particular organizational perspective. Maximum return on investment requires information management decisions to adhere to enterprise-wide drivers and priorities

Information Management is Everybody's Business

· All organizations in the enterprise participate in information management decisions needed to accomplish business objectives.

· Information users are the key stakeholders, or customers, in the application of technology to address a business need. In order to ensure information management is aligned with the business, all organizations in the enterprise must be involved in all aspects of the information environment. The business experts from across the enterprise and the technical staff responsible for developing and sustaining the information environment need to come together as a team to jointly define the goals and objectives of IT.

Business Continuity

· Enterprise operations are maintained in spite of system interruptions.

Common Use Applications

· Development of applications used across the enterprise is preferred over the development of similar or duplicative applications which are only provided to a particular organization.

· Duplicative capability is expensive and proliferates conflicting data.

Compliance with Law

· Enterprise information management processes comply with all relevant laws, policies, and regulations.

· Enterprise policy is to abide by laws, policies, and regulations.

IT Responsibility

· The IT organization is responsible for owning and implementing IT processes and infrastructure that enable solutions to meet user-defined requirements for functionality, service levels, cost, and delivery timing.

Protection of Intellectual Property

· The enterprise's Intellectual Property (IP) must be protected. This protection must be reflected in the IT architecture, implementation, and governance processes

o Data

Data is an Asset

· Data is an asset that has value to the enterprise and is managed accordingly.

Data is Shared

· Users have access to the data necessary to perform their duties; therefore, data is shared across enterprise functions and organizations.

Data is Accessible

· Data is accessible for users to perform their functions.

Data Trustee

· Each data element has a trustee accountable for data quality.

Common Vocabulary and Data Definitions

· Data is defined consistently throughout the enterprise, and the definitions are understandable and available to all users.

Data Security

· Data is protected from unauthorized use and disclosure.

o Application

Technology Independence

· Applications are independent of specific technology choices and therefore can operate on a variety of technology platforms.

Ease-of-Use

· Applications are easy to use. The underlying technology is transparent to users, so they can concentrate on tasks at hand.

o Technology

Requirements-Based Change

· Only in response to business needs are changes to applications and technology made

Responsive Change Management

· Changes to the enterprise information environment are implemented in a timely manner.

Control Technical Diversity

· Technological diversity is controlled to minimize the non-trivial cost of maintaining expertise in and connectivity between multiple processing environments

Interoperability

· Software and hardware should conform to defined standards that promote interoperability for data, applications, and technology.

· Standards help ensure consistency, thus improving the ability to manage systems and improve user satisfaction, and protect existing IT investments, thus maximizing return on investment and reducing costs.

· Standards for interoperability additionally help ensure support from multiple vendors for their products, and facilitate supply chain integration.

IT Architecture Principle :

Analytical and reporting applications should use own datasets

Reporting should have separated environment to prevent interruptions and delays in the operational environment

Rationale

• Doing analytical reporting and analysis impacts data environment performance and could lock source, therefore affecting production and operations

• Building reports and analytical queries could take much time, while operational data could change during same time frame

• Analytical applications carries large risk to change operational data  

Implications

• Need for data replica for reporting and analytical queries 

• Replication mechanism needs to be designed properly in order to have updated and clean data in reporting environment

All components need clear ownership

All IT components and systems need to have clear ownership to clarify clear responsibilities, accountability and cost allocation.

Rationale

• It needs to be clear who is responsable and accountable for its design, construction and performance of each component 

• Clarifies who pays for changes in the component

Implications

• All functional components (processes, services, information) and IT components (data, services, applications and infrastructure) needs to have specific ownership 

• The owner facilitates design, maintenance and any changes to the component 

Application Architecture is decoupled

Decoupling front and back is required to provide better agility, independence, flexibility, re-use and better possibilities to scale and tune for performance. 

Rationale

• Front and back are separated from each other as they have different focus, one on customer intimacy, while the other is focused on operational excellence

• Separated independent components, layers and structures allow higher agility on its own and better re-use by other components and systems 

• Autonomy and self-sufficient components allow easier scalability and contribute to higher availability as failures stay isolated to its own components and do no affect complete systems assuming they are well designed

Implications

• Balance in decoupling needs to be analyzed and designed properly to avoid over complexity in applications, component architecture and data

• Design needs to focus first on Horizontal layering and then on vertical decoupling to maintain priorities between robustness and agility

IT solutions are scalable

IT systems are selected that can be scaled horizontally or otherwise vertically. IT systems are sized at current volumes and volume growth is monitored periodically. IT and business need to agree on capacity contingency to avoid system failure in case of minor volume increments.

Rationale

• Lifespan of IT systems is at least 3 years and therefore needs to be able to sustain future volumes

• Needs to ensure that IT can accommodate business for organic and non-organic growth and market opportunities

• Scaling and IT solution once built that have not been designed for growth can be costly and requires in most cases detailed a re-engineering of the solution

• Ability to scale systems in future will lower total cost of ownership as hardware cost is typically cheaper in future

Implications

• IT systems need to be able to scale vertically, or otherwise horizontally

• Predictive monitoring on IT resources usage needs to be put in place to alert on possible under capacity

• Adaptive auto scalability can also help to manage dynamic scalability and lower TCO

Access is authenticated and authorized

Users are identified and authenticated before using an IT system, and the user identity is used to determine the access rights. People should not have access to data and/or functionality for which they are not authorized. 

Rationale

• Any user should not be able to access functionality or data for which it is not authorized

• A holistic approach needs to be taken to ensure security at all levels to ensure authentication and authorization is properly managed and guaranteed 

Implications

• Users need to be able to identify and authenticate themselves before using an IT system.

• Users´access rights need to properly determined and implemented at application and managed through local or central repository of users  

Architecture Components are centralized

Central components are easier to manage since management eases consolidation and standardization.

Rationale

• Centralization eases better management, control and governance, consolidation and standardization and cost

• Centralization lowers total cost of ownership

Implications

• By default architecture components are placed centrally, or if in hybrid cloud environment, it could be dictated that certain components are centralized on both locations 

• The following components are recommended to centralize:

• Enterprise Service Bus (ESB)

• API Management (API Mgt)

• ETL/CDC

• Document Management (ECM)

• Printing Management

• Business intelligence (BI)

• Datawarehouse / Datalake

• Business Rules Engine (BRE)

• Business Process Management (BPM)

• Authentication, user registration

• Operational Tooling: Backup, monitoring, job scheduling

Design with Business Perspective

Business and functional processes must drive the design, development, operation, maintenance and monitoring of solutions.

Rationale

• To avoid the costs of implementing technology for technology’s sake

• Solution development should be driven by the business

• IT investments will be aligned with enterprise / business strategic goals

• Clarifies responsibilities, ownership and total cost of ownership

Implications

• Process design needs to be a vital part in every solution’s design. Tasks are designed around an objective or outcome instead of a single function

• Organizational change might be required to implement re-engineered work processes

• Always design for operational process monitoring in addition to technology monitoring