Security Architecture

Behavioral Economics & Enterprise Architecture (2): Enterprise Architecture = Choice Architecture!

The promise of enterprise architecture is that it helps improve decision making. Typically, the role of the enterprise architect is to advise and enable other stakeholders to make better decisions. Therefore, Enterprise Architecture – more than anything else – is a social discipline, in that it demands social skills and interaction in order for practitioners to successfully engage with stakeholders and change their behavior.  Read more

Planning and Roadmapping: Modeling in ArchiMate

In our previous blog post on planning and roadmapping, we discussed the general idea of planning and roadmapping in the context of enterprise architecture and capability-based planning. We addressed different levels of roadmaps, ranging from short-term sprints of a few weeks to long-term, multi-year roadmaps. We also provided some first insights into the use of ArchiMate concepts for modeling roadmaps. In this installment, we want to go deeper into different ways of modeling the evolution of your architecture. 

Read more

Planning and Roadmapping: Introduction

A key driver for management in general and enterprise architecture in particular is to get a better grip on the future, on the evolution of your enterprise. A common technique to support this is roadmapping. A roadmap is a strategic plan that shows the main steps or milestones needed to achieve a desired outcome. It articulates the strategic direction of your enterprise and shows the path forward. It helps you identify what is needed and what the main dependencies and priorities are, and serves as a communication instrument to align the organization along a common course of action.

Read more

Organizing Architecture Governance With Workflow And Forms

– Marc Lankhorst, Fabian Aulkemeier

In a previous blog post on the features of our collaboration platform, we have explained how you can support people in working together on architectures and other models via structured workflows. In that post, we looked ahead at future features to support this kind of collaboration. Time to update you on the latest developments!

Read more

The Consumerization of Enterprise Architecture: Everyone’s an Architect! 

Enterprise architecture is often perceived as an abstract, conceptual, and somewhat esoteric discipline practiced by ‘high priests’ who provide guidance with their lofty ‘architecture principles.’ It’s true that architects are often concerned with overarching, cross-cutting concerns that are not always visible to the people ‘in the trenches,’ but this view of enterprise architecture is misguided at best and increasingly misses the mark.  

Read more

Enterprise Architecture and Agile/DevOps: Adaptive Enterprise Cornerstones

Marc Lankhorst, Fabian Aulkemeier 

Enterprise architecture, agile software development, and DevOps are sometimes seen as being at odds. We think they can fruitfully collaborate and interface, but how do you do that? How can you align the concepts and processes from these worlds and bridge the cultural gap? 

Read more

NATO Architecture Framework & ArchiMate: Work To Be Done for NAF & ArchiMate in Defence 

Kevin Wallis (MOD ISS) & Marc Lankhorst (BiZZdesign) 

In the previous instalments in this series, we discussed common drivers for architecture in defence and industry, commonalities between the architecture practice in defence and the civil sector, and why the ArchiMate language was chosen as a recommended standard for expressing architectures in the NATO Architecture Framework v4. In this final instalment, we discuss the work that still needs to be done for using ArchiMate in the context of NAF v4. 

Read more

6 Ways to Organize Your Architecture Models (Part 2)

In the previous installment of this architecture organization series, I wrote about organizing your model repository according to business, information and technology domains. I also explained the need to create separate current- and future-state models, and the separation between and model content and views. In this part of the series, I have a few more things to add on the topic of naming and modeling conventions, as well as advice on how to set up governance and quality assurance structure around your models. 

Read more

6 Ways to Organize Your Architecture Models (Part 1)

If you have some experience in modeling real-life, full-size architectures for large-scale organizations – preferably in the ArchiMate language, of course – you have likely come across the challenge of organizing your models in logical and manageable ways. In this two-part series, we’re going to share our top 6 ways to organize your architecture models. These six methods should help you keep your models neat and tidy while also supporting better outcomes for your strategic initiatives.

Read more

cyber-security-pink

Protect Your Enterprise Analyze Your Security With Architecture Models

In a previous blog on cybersecurity, I wrote about the essential steps to keep your organization safe in an increasingly dangerous digital environment:

Read more

enterprise-studio-blog-header-1-2

Using the TOGAF Enterprise Continuum to Classify Architectures Descriptions

Previously, I wrote about  the need to digitize change capabilities and how enterprise architecture can support and provide value to your organization. I also discussed how to categorize architecture descriptions along different levels of abstraction. But there is one dimension I didn’t dive into: How generic or specific is the architecture description compared to your organization?  

Over the past decade, reference architectures have been developed and many have been published. They are a very useful start describing an enterprise, and the architectures are more or less specific to our enterprise. I don’t want to lose myself in academic discussions about what should be classified as what, so I will focus on the big points of the idea behind. Read more

Cyber Security 5 Steps to Stay Safe in a Dangerous World

Cybersecurity threats are ever increasing. It is sometimes said there are two kinds of organizations: those who know they have been breached, and those who don’t know it yet. To mitigate the risk and damage associated with cybersecurity, it’s important to know how to assess these risks and improve your defenses via security-by-design. It’s also important to plan for what to do if (and when) things do go sideways. 

Read more

How to Not Fail When Implementing Strategy

Defining a good strategy is difficult, especially in this rapidly moving digital world. But realizing your strategy is even more complicated. After all, how do you ensure a strategy is implemented in a coordinated, coherent way? How do you manage all of the moving parts?

Read more

5 Key Practices in Implementing Digital Transformation

The effective use of digital technologies is paramount in a competitive environment. To succeed, you don’t need a separate digital strategy; you need a business strategy for the digital age. But digital transformation is difficult to manage because it requires you to change many moving parts of your enterprise, much like redesigning and rebuilding an airplane while in flight.

Read more

Powerful Analysis Techniques (7) – Risk, Security & Compliance Analyses

In the final installment of this blog series, I want to address the domain of risk, security and compliance, an area of increasing importance for architects, process designers and others. As an example, in some previous blogs, I have already outlined the new EU General Data Protection Regulation (GDPR) and its impact. In one of my posts, I used a simple example of data classification and how you can use this to assess your application landscape. Read more

7 Powerful Analysis Techniques to Get More Business Value from Your Models

Strategists, architects, process experts, software developers, data managers and other professionals involved in changing the enterprise often put substantial effort in creating all kinds of useful models of their designs. In many cases, such business models, enterprise architecture models, business process models, software models, data models and more are only used to specify some design, i.e., to describe what should be built. But there is much more value to be had from these models, by using powerful analysis techniques to create new insights. Read more

Are You Ready for the GDPR? The Test Results

In two previous blogs, I discussed the impact of the new EU General Data Protection Regulation and 8 things architects can do to help their organization comply with this far-reaching regulation. We also made available our ’How ready are you for the GDPR?’ test, which determines whether your organization is doing enough to prepare for the important regulation. Read more

8 Steps Enterprise Architects Can Take to Deal with GDPR

In my previous blog post, I described the new EU General Data Protection Regulation (GDPR) that will go into effect in May 2018, and I outlined its profound effects on organizations, not just in Europe but around the globe. This regulation, and related EU Directives such as the ePrivacy Directive and the Network and Information System Security (NIS) Directive, force organizations to rethink how they deal with personal, privacy-sensitive data. In this blog, I want to address the steps you can take as an architect to help your organization comply with these regulations.

Read more

7 Things Every Enterprise Architect Needs to Know About the GDPR

The General Data Protection Regulation (GDPR) is a stringent EU Regulation on privacy protection, which will go into effect in May 2018. Enterprise architects can play an important role in helping their organization be GDPR-compliant. Are you aware of the impact of the GDPR on your organization? Read more

The Value of Enterprise Architecture in Managing Risk, Compliance and Security

In this blog post, we discuss the value of an integrated approach to managing risk, compliance and security in the enterprise, using enterprise architecture as a backbone.

Read more