In the previous installment of this architecture models series, I wrote about organizing your model repository according to business, information and technology domains. I also explained the need to create separate current- and future-state models, and the separation between and model content and views. In this part of the series, I have a few more things to add on the topic of naming and modeling conventions, as well as advice on how to set up governance and quality assurance structure around your models.
Governance, Risk & Compliance
If you have some experience in modeling real-life, full-size architectures for large-scale organizations – preferably in the ArchiMate language, of course – you have likely come across the challenge of organizing your models in logical and manageable ways. In this two-part series, we’re going to share our top 6 ways to organize your architecture models. These six methods should help you keep your models neat and tidy while also supporting better outcomes for your strategic initiatives.
Cybersecurity threats are ever increasing. It is sometimes said there are two kinds of organizations: those who know they have been breached, and those who don’t know it yet. To mitigate the risk and damage associated with cybersecurity, it’s important to know how to assess these risks and improve your defenses via security-by-design. It’s also important to plan for what to do if (and when) things do go sideways.
In modern enterprises, change is no longer a simple, top-down affair. All levels of the organization need to be involved, and everyone from shop-floor employees to the CEO need to work on local improvements to business processes. Lean projects and agile product development teams must rapidly innovate digital environments, strategists need to invent and experiment with new business models, project and program portfolio managers have to decide on investment allocations, and those responsible for domains like risk management and regulatory compliance have to do their part. This “all hands on deck” approach requires enterprise-wide transparency and visibility of plans, structures, opportunities and constraints.
Defining a good strategy is difficult, especially in this rapidly moving digital world. But realizing your strategy is even more complicated. After all, how do you ensure a strategy is implemented in a coordinated, coherent way? How do you manage all of the moving parts?
The effective use of digital technologies for Digital Transformation is paramount in a competitive environment. To succeed, you don’t need a separate digital strategy; you need a business strategy for the digital age. But digital transformation is difficult to manage because it requires you to change many moving parts of your enterprise, much like redesigning and rebuilding an airplane while in flight.
Enterprises need to create and maintain registers of why, where and how they are processing personal data from EU citizens. Creating and maintaining these registers in Enterprise Studio helps to ensure you create consistent and coherent registers that conform to your baseline enterprise design. In this blog I would like to show you how you can use Enterprise Studio to support this specific GDPR use case: the creation and maintenance of the registers of all personal data.
Powerful Analysis Techniques
In the final installment of this blog series, I want to address the domain of risk, security and compliance, an area of increasing importance for architects, process designers and others. As an example, in some previous blogs, I have already outlined the new EU General Data Protection Regulation (GDPR) and its impact. In one of my posts, I used a simple example of data classification and how you can use this to assess your application landscape. Read more
In the previous installment in this blog series, we looked into planning and analyzing change in the enterprise by linking the life cycles of elements such as applications and projects. But how do you decide what to do with, for example, your application landscape? Which applications need to be improved, re-platformed, functionally upgraded, or phased out?
As discussed in the introduction of this blog series, the maturation of the business architecture discipline makes the role of model-based support for design, analysis and decision-making increasingly important. Therefore, we introduced you to several useful techniques for business architecture modeling and how they are supported by Enterprise Studio. In this blog, we will discuss an approach to modeling a blueprint of one of the core domains of business architecture: Organization Mapping.
In my two previous blog posts, I described dependency analysis and impact analysis. These two kinds of analysis focus on what you might call the steady state of your enterprise, or the enterprise at rest. But there is also the enterprise in motion, where we look at the behavior of the enterprise, in particular its business processes.
Strategists, architects, process experts, software developers, data managers and other professionals involved in changing the enterprise often put substantial effort in creating all kinds of useful models of their designs. In many cases, such business models, enterprise architecture models, business process models, software models, data models and more are only used to specify some design, i.e., to describe what should be built. But there is much more value to be had from these models, by using powerful analysis techniques to create new insights. Read more
In my previous blog I wrote about the importance of models to successfully complete a merger, acquisition or divestiture. Of course, one organization’s divestiture may be another one’s acquisition. In this blog post I’ll share one my personal experiences as a consultant, supporting two government agencies that were in the middle of this process.
Organizations involved in major strategic changes such as mergers, acquisitions and divestitures often focus mostly on the financial and market aspects of the change. What is the impact on your market share? How can you increase buying power from your suppliers? What cost savings can be realized by exploiting synergies? Read more
In two previous blogs, I discussed the impact of the new EU General Data Protection Regulation and 8 things architects can do to help their organization comply with this far-reaching regulation. We also made available our ’How ready are you for the GDPR?’ test, which determines whether your organization is doing enough to prepare for the important regulation. Read more
In my previous blog post, I described the new EU General Data Protection Regulation (GDPR) that will go into effect in May 2018, and I outlined its profound effects on organizations, not just in Europe but around the globe. This regulation, and related EU Directives such as the ePrivacy Directive and the Network and Information System Security (NIS) Directive, force organizations to rethink how they deal with personal, privacy-sensitive data. In this blog, I want to address the steps you can take as an architect to help your organization comply with these regulations.
The General Data Protection Regulation (GDPR) is a stringent EU Regulation on privacy protection, which will go into effect in May 2018. Enterprise architects can play an important role in helping their organization be GDPR-compliant. Are you aware of the impact of the GDPR on your organization? Read more
Few companies have a systematic and reliable way of translating their business strategy into action across all relevant parts of the organization. Research on digital transformations by MIT Sloan  distinguishes between the ‘what’ (what does an organization want to achieve) and the ‘how’ Read more
In this blog post, we discuss the value of an integrated approach to managing risk, compliance and security in the enterprise, using enterprise architecture as a backbone.