>Frameworks and Enterprise Architecture

>

One of the issues facing IT professionals these days isn’t a scarcity of IT frameworks, but rather many good frameworks that can be in conflict if we do not sort them out.

Usually each framework is focused on a certain lifecycle, which on one hand helps align it to a certain view on things, but on the other hand complicates things further, because each framework attempts to be all things to all people, by covering an entire lifecycle.

Here are some examples of the frameworks and their associated lifecycles:

  • Enterprise architecture – the IT investment life cycle (Capital Planning and Investment Control, CPIC)
  • SDLC—the Systems Development Life Cycle
  • ITIL –the service lifecycle
  • PMBOK—the project lifecycle
  • CMMi—the process lifecycle
  • Configuration Management—the asset lifecycle

Each framework has plans that need to be developed, processes to be followed, reviews that get conducted, and go/no-go decisions issued.

If an organization attempts to introduce and utilize all these frameworks then there can result a major overlap of structures, processes, and reviews that can literally drive a project manager or program sponsor nuts!

The organization could grind to a standstill trying to comply with all these frameworks.

I believe that each framework has useful information and guidance for the organization to follow and that the key to implementing these is to determine which is the PRIMARY framework at various stages of IT. The other frameworks may overlap in the stages, but it is the primary framework that guides that each stage.

Here’s an example using a few of these:

  1. Enterprise architecture is the decision making framework for IT systems. It has a core function in influencing IT investment decisions based on the target architecture and transition plan and EA reviews of proposed new IT projects, products, and standards. Therefore, EA is the primary or dominant framework in the planning stage of IT (up to the IT investment decision).
  2. SDLC is the development framework for IT systems. SDLC has a core function is guiding the software development process. As such, SDLC is the primary framework for the development phase of the system (which comes after the IT investment decision and before operations and maintenance). Of course, SDLC has planning phases and O&M and disposition phases as well, but SDLC is the primary framework only in the development stage.
  3. ITIL is the service framework. It has a core function in determining how service will be delivered and supported. ITIL is the primary framework for the O&M stage of the system (this comes after the development and before the disposition of the system), since that is when the system needs service delivery and support. Again, ITIL has other stages that overlap with other frameworks, for example planning and configuration management, but ITIL is the dominant framework only in the O&M phase.

The other frameworks should conceptually also assume a primary role for specific phases of IT and then pass off that role to the next framework that is dominant in that particular area.

4. For example, maybe PMBOK would have a dominant framework role also in the planning phase, looking at cost, schedule, performance, resources, risks, and so on (this would be after the IT investment decision of EA and before the development or acquisition phases). Again that is not to say that PMBOK doesn’t shed light and provide requirements for other stages of IT—it does—but it just is not the primary framework for those other stages.

I believe it is only by developing a unified lifecycle and assigning primary framework “ownership” to each stage will we be able to develop a truly workable IT structure and process for our organizations. As the saying goes: ”Two kings cannot sit on one throne.” So too, two frameworks cannot be simultaneously guiding our project managers and program sponsors nor taking up valuable IT resources.

The end goal is a single, simple, step-by-step process for our projects to follow with clear actions, milestones, and reviews, rather than a web of confusion and siloed, redundant governance processes in play.

ITIL and Enterprise Architecture

>

Both EA and ITIL are emerging disciplines that are growing in importance and impact.

Here are their basic definitions:

EA synthesizes business and technical information and develops information products and governance services to enable better decision making.

ITIL (Information Technology Infrastructure Library) “provides a comprehensive, consistent set of best practices focused on the management of IT services processes. It promotes a quality approach to achieving business effectiveness and efficiency in the use of information systems. ITIL is focused on IT Service Management, which is “concerned with delivering and supporting IT services that are appropriate to the business requirements of the organization.” (ITIL IT Service Management Essentials, Pink Elephant)

To me, EA and ITIL are mutually supportive. Here’s how:

  • EA is a decision framework that provides for planning and governance. EA answers the question, what IT investment will we make?
  • ITIL is a service framework that provides for execution of IT services. IT answers the question, how will we support and deliver on the IT investments?

In short, EA is the discipline that handles the decision processes up to the IT Investment and ITIL handles the service management once the decision to invest in IT is made.

What are the considerations for EA and ITIL:

  • EA considers such things as return on investment, risk mitigation, business alignment, and technical compliance. EA focuses on business process improvement and new introduction of new technologies.
  • ITIL practices areas include such services as incident management, problem resolution, change management, release management, configuration management, capacity, availability, service continuity, service level management and more.

How are EA and ITIL similar in terms of requirements management and their goals?

Each seeks to understand the business requirements and satisfy their customers: EA for the requirements for proposed new IT investments and ITIL for the service required to support those.

Both disciplines are goal-oriented in terms of wanting to improve effectiveness and efficiency:

  • EA prescribes in planning, what are the right things we should we be doing (effectiveness) and in governance, how should we be doing them (efficiency) relative to IT investments.
  • ITIL prescribes in service delivery, what are the right service deliverables (effectiveness) and in service support, how we should be providing service support (efficiency).

While EA and ITIL are complementary, ITIL picks up where EA leaves off—after the IT investment decision, but before the service execution.

>Portfolio Management and Enterprise Architecture

>

Enterprise architecture and portfolio management are closely linked activities. EA drives IT investment management (including the IT portfolio select, control, and evaluate phases) by conducting technical reviews of proposed new IT projects, products, and standards, and IT investment management provides important information updates to the EA (baseline, target, and transition plan).

In Architecture and Governance Magazine, Issue 3 Volume 2, Nuttall and Houghton provide an overall framework that goes “Beyond Portfolio Management to Comprehensive Application Governance.”

The framework includes three main areas and one supporting process area, as follows:

  1. Application and License Management (tactical)—“It manages the demand side and user requests, the contract and compliance aspects of determining the number of licenses that are contractually allowed, along with the projects that bring new products into the portfolio while retiring older products that have been removed. In many ITIL organizations, a help desk/service desk would handle the demand for applications, while the license management aspects are often assigned to the procurement and/or configuration management functions.”
  2. Application Portfolio Management (strategic)—“determines the appropriate mix of applications in the portfolio. It s highly dependent on the strategic business drivers for the corporation and includes: portfolio strategy development, optimization, and planning.” Portfolio strategy development determines the drivers and priority of those. Portfolio optimization determines the right mix of applications to support those goals. And portfolio planning determines the risks and constraints in implementing the portfolio, such as architecture, infrastructure, and resource constraints.
  3. Financial Management—“budget and forecasting, account management, and allocations management;” these enable the planning of what money is available for the portfolio and what money is spent for applications.
  4. Supporting Processes—other process areas that impact portfolio management include: “knowledge management, communications management, management reporting, architecture strategy, risk management, operational delivery, and support management.”

“One thing is certain, though, as technology continues to drive productivity, comprehension of application governance will become an even more essential step for companies wishing to manage their risks and costs while continuing to gain strategic value from their portfolios.”

I think this model is very helpful in decomposing the traditional definition of governance from the strategic functions of portfolio selection, control, and evaluation to the additional tactical, strategic, and financial aspects involved in managing it. Particularly, I believe it is useful to separate out the business demand (licenses, new systems and technologies) from the portfolio development and optimization (“the right mix” to satisfy user needs). Additionally, the breakout of financial management from the portfolio development is important in making the distinction between the roles of the Investment Review Board/Enterprise Architecture Board and the financial or resources group that actually budget and accounts for the funding aspect of IT spend.

Nuttall and Houghton do not go into any depth with the supporting processes, so these are presented as high level touch points or supporting processes without any particular explanation of how they support portfolio management and governance.

One critical item, the authors did not include, but should have included is the Systems Development Life Cycle, which take the IT portfolio and governs it from planning through analysis, design, development, testing, deployment, operations and maintenance, and ultimately to disposition. The success of moving systems projects through the SDLC will impact the make-up of future portfolio decisions.

>What can ITIL teach us about EA

>The Information Technology Infrastructure Library (ITIL) and User-Centric Enterprise Architecture are both customer driven and focused on providing users what they need to carry out the mission of the organization. Both are about achieving results.

ITIL and user-centric EA look like they compete, but really are mutually supportive. Here’s how:

  • ITIL is a framework of best practices that seek to provide information technology service support and delivery to the end-user; User-centric EA focuses on the end-user and seeks to provide them useful and usable products and services.
  • ITIL looks to match service levels to user requirements; user-centric EA looks to match technology solutions to business and information requirements.
  • The ITIL framework has both a business perspective and an IT perspective — sounds familiar to EA? EA synthesizes business and technology information for enhancing decision making.
  • ITIL looks at all the following: business, applications, infrastructure, security, service, and planning; EA’s views include business, performance, information, service components, technology, security, and develops the plans for these.
  • ITIL is an outgrowth of the United Kingdom’s Office of Government Commerce; EA is rooted in the United States Clinger-Cohen Act and the Office of Management and Budget’s Federal Enterprise Architecture.
  • ITIL provides goals and activities for all types of IT processes including: the management of configuration, incidents, problems, change, service levels, finance, availability, security, capacity, and continuity; EA provides an as-is, to-be, and transition plan for information systems and technologies in relation to performance, business, and information requirements. Both ITIL and EA are looking to enhance mission execution.

At the end of the day, both ITIL and user-centric EA provide a framework and structure for IT to better service the business and its end-users. ITIL will provide for the process side and EA will do the same for the planning and governance.