NEA - Maturity Model

advertisement
e-Government Program (Yesser)
Maturity Model
Version 0.2
Date:1/1/2014
e-Government Program (Yesser)
NEA Maturity Model
Document Description
Document Title
Maturity Model
Document version
Document Status
Author
NEA Decision
0.2
Draft
NEA Team
Under Review
Versioning
Version
0.1
0.2
Date
11/25/2013
1/1/2014
Description of changes made
Draft document
Updated to add business initiation in level 2 of business linkage.
Document Validation
Version
0.1
0.2
Authors
Review by
SYED HUSAIN
SYED HUSAIN
Date
Status
DRAFT
DRAFT
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 2 / 19
e-Government Program (Yesser)
NEA Maturity Model
References
S/No
Description & Location
1
FEA – FEDERAL ENTERPRISE ARCHITECTURE/ http://www.whitehouse.gov/omb/e-gov/FEA
2
TOGAF® 9.1/ http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap43.html
3
4
US DEPARTMENT OF COMMERCE MATURITY MODEL
http://ocio.os.doc.gov/ITPolicyandPrograms/Enterprise_Architecture/PROD01_004935
ENTERPRISE ARCHITECTURE AS A STRATEGY – JEANNE W. ROSS, PETER WEIL, DAVID C. ROBERTSON
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 3 / 19
e-Government Program (Yesser)
NEA Maturity Model
Table of Contents
1.
2.
3.
Executive Summary ............................................................................................................... 6
Introduction ......................................................................................................................... 7
Maturity Model Phases.......................................................................................................... 9
3.1. EA Level 0 – No EA Program ............................................................................................. 9
3.2. EA Level 1 – Initial or Informal EA ..................................................................................... 9
3.3. EA Level 2 – EA Under Development ............................................................................... 10
3.4. EA Level 3 – Defined EA ................................................................................................ 11
3.5. EA Level 4 – Managed EA ............................................................................................... 12
3.6. EA Level 5 – Optimizing ................................................................................................. 13
4. Measuring Maturity ............................................................................................................ 14
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 4 / 19
e-Government Program (Yesser)
NEA Maturity Model
Table of Figures
Figure 1 Maturity Model .............................................................................................................. 7
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 5 / 19
e-Government Program (Yesser)
NEA Maturity Model
1.
Executive Summary
Organizations cannot implement Enterprise Architecture as a single project. They must
implement it as a coordinated program that evolves over time. An EA maturity model will
enable organizations to identify what stage of maturity they have reached and what actions to
take to reach the next level. Yesser has decided to adopt the U.S department of Commerce’s EA
maturity model, a TOGAF 9 recommendation, as it’s EA maturity definition and assessment
model.
Key Findings
• The maturity model consists of six stages, or levels. Organizations cannot skip stages or
the associated activities without introducing weaknesses into their EA programs.
• Agencies have to deal with two levels of maturity, maturity related to internal EA and
maturity related to whole of government EA, these are complimentary and have
synergistic effects on overall agency maturity.
• Organizations encounter risk and inefficiency from poorly managed processes, such as
lack of employee engagement, failure to comply with legal and regulatory requirements
and dissatisfied customers.
• Most enterprises are in the early stages of EA maturity, so IT leaders who are
championing new ideas in their organizations will benefit most from using this model.
Recommendations
• Make the maturity model part of the effort to educate senior management, so they
understand the phases of the EA journey.
• To illustrate the risks of not having EA, look for examples where the organization has
already failed because of poorly managed information and processes.
• Create scenarios for the organization that illustrate the benefits to be achieved at each
level of the maturity model.
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 6 / 19
e-Government Program (Yesser)
NEA Maturity Model
2.
Introduction
EA is the basic organizing principle of an organization, it describes the various layers of the
organization and how they relate to each other. The benefit of having an EA is that the
information EA typically consists of can be used to plan and develop the organization in a way
that makes it more efficient and responsive to customer needs.
Different organizations operate at different levels of maturity in terms of the processes and
procedures they follow to execute their organizational goals and objectives. One of the tasks of
the e-government authority of Saudi Arabia is to help government entities become more
mature in terms of their capabilities and activities.
The six maturity levels are as follows:
0. No EA Program
1. Initial or Informal EA
2. EA Under Development
3. Defined EA
4. Managed EA
5. Optimizing
0 None
Mature
1 Initial
2 Under
Development
3 Defined
4 Managed
Maturity
Gap and
migration plans
Explicit linkage are complete
EA is part of org
between
all EA
Ad hoc
culture, quality
artifacts
processes and
metrics are
documentation
captured.
5 Optimzing
Concerted
efforts to
optimize and
continuously
improve EA
Business
Case for EA
Immature
YELAF
NEA
Figure 1 Maturity Model
Some of the individual components that must be considered at the Enterprise level, as well as
in the various Architecture disciplines include components of the following:
1. Architecture Process
2. Architecture Development
3. Business Linkage
4. Senior Management Involvement
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 7 / 19
e-Government Program (Yesser)
NEA Maturity Model
5.
6.
7.
8.
Architecture Communication
IT Security
Governance
IT Investment and Acquisition Strategy
.
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 8 / 19
e-Government Program (Yesser)
NEA Maturity Model
3.
Maturity Model Phases
This section describes the Maturity Levels according to measurement areas.
3.1.
EA Level 0 – No EA Program
No Enterprise Architecture Program to speak of.
3.2.
EA Level 1 – Initial or Informal EA
Characteristics:
Architecture Process - Processes are ad hoc and localized. Some Enterprise Architecture
processes are defined. There is no unified architecture process across technologies or business
processes. Success depends on individual efforts.
Architecture Development - Enterprise Architecture processes, documentation, and standards
are established by a variety of ad hoc means and are localized or informal
Business Linkage - Minimal, or implicit linkage to business strategies or business drivers
Senior Management Involvement - Limited management team awareness or involvement in
the architecture process
Architecture Communication - The latest version of the Operating Unit's Enterprise
Architecture documentation is on the Web. Little communication exists about the Enterprise
Architecture process and possible process improvements
IT Security - IT Security considerations are ad hoc and localized
Governance - No explicit governance of architectural standards
IT Investment and Acquisition Strategy - Little or no involvement of strategic planning and
acquisition personnel in enterprise architecture process. Little or no adherence to existing
Standards Profile
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 9 / 19
e-Government Program (Yesser)
NEA Maturity Model
3.3.
EA Level 2 – EA Under Development
Characteristics:
Architecture Process - Basic Enterprise Architecture Process program is documented based on
YELAF guidance. The architecture process has developed clear roles and responsibilities.
Architecture Development - IT Vision, Principles, Business Linkages, Baseline, and Target
Architecture are identified. Architecture standards exist, but not necessarily linked to Target
Architecture. Technical Reference Model and Standards Profile framework established. EA
team is aware of NEA.
Business Linkage - Explicit linkage to business strategies, EA is involved in the initiation of any
new business initiatives.
Senior Management Involvement - Management awareness of Architecture effort
Architecture Communication - The Enterprise Architecture Web Pages are updated periodically
and is used to document architecture deliverables
IT Security - IT Security Architecture has defined clear roles and responsibilities
Governance - Governance of a few architectural standards and some adherence to existing
Standards Profile
IT Investment and Acquisition Strategy - Little or no formal governance of IT Investment and
Acquisition Strategy. Operating Unit demonstrates some adherence to existing Standards
Profile
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 10 / 19
e-Government Program (Yesser)
NEA Maturity Model
3.4.
EA Level 3 – Defined EA
Characteristics:
Architecture Process - The architecture is well defined and communicated to IT staff and
business management with Operating Unit IT responsibilities. The process is largely followed
Architecture Development - Gap Analysis and Migration Plan are completed. Fully developed
Technical Reference Model and Standards Profile. IT goals and methods are identified. The
architecture aligns with NEA.
Business Linkage - Enterprise Architecture is integrated with capital planning & investment
control and supports e-government.
Senior Management Involvement - Senior-management team aware of and supportive of the
enterprise-wide architecture process. Management actively supports architectural standards
Architecture Communication - Architecture documents updated regularly on Enterprise
Architecture Web Page
IT Security - IT Security Architecture Standards Profile is fully developed and is integrated with
Enterprise Architecture
Governance - Explicit documented governance of majority IT investments
IT Investment and Acquisition Strategy - IT acquisition strategy exists and includes compliance
measures to IT Enterprise Architecture. Cost-benefits are considered in identifying projects
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 11 / 19
e-Government Program (Yesser)
NEA Maturity Model
3.5.
EA Level 4 – Managed EA
Characteristics:
Architecture Process - Enterprise Architecture process is part of the culture. Quality metrics
associated with the architecture process are captured
Architecture Development - Enterprise Architecture documentation is updated on a regular
cycle to reflect the updated Enterprise Architecture. Business, Information, Application and
Technical Architectures defined by appropriate de-jure and de-facto standards. The
architecture continues alignment with NEA. An automated tool is used to improve the usability
of the architecture and report to NEA.
Business Linkage - Capital planning and investment control are adjusted based on the feedback
received and lessons learned from updated Enterprise Architecture. Periodic re-examination of
business drivers
Senior Management Involvement - Senior-management team directly involved in the
architecture review process
Architecture Communication- Architecture documents are updated regularly, and frequently
reviewed for latest architecture developments/standards
IT Security - Performance metrics associated with IT Security Architecture are captured
Governance - Explicit governance of all IT investments. Formal processes for managing
variances feed back into Enterprise Architecture
IT Investment and Acquisition Strategy - All planned IT acquisitions and purchases are guided
and governed by the Enterprise Architecture
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 12 / 19
e-Government Program (Yesser)
NEA Maturity Model
3.6.
EA Level 5 – Optimizing
Characteristics:
Architecture Process - Concerted efforts to optimize and continuously improve architecture
process
Architecture Development - A standards and waivers process are used to improve architecture
development process improvements
Business Linkage - Architecture process metrics are used to optimize and drive business
linkages. Business involved in the continuous process improvements of Enterprise Architecture
Senior Management Involvement - Senior management involvement in optimizing process
improvements in Architecture development and governance
Architecture Communication - Feedback on architecture process from all Operating Unit
elements is used to drive architecture process improvements. Architecture documents are
used by every decision maker in the organization for every IT-related business decision
IT Security - Feedback from IT Security Architecture metrics are used to drive architecture
process improvements.
Governance - Explicit governance of all IT investments. A standards and waivers process is used
to improve governance-process improvements.
IT Investment and Acquisition Strategy - No unplanned IT investment or acquisition activity.
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 13 / 19
e-Government Program (Yesser)
NEA Maturity Model
4.
Measuring Maturity
The table below is the evaluation matrix. For each of the eight characteristics, score your
organization according to the definitions below. This score is an evaluation of where your
organization is now. Appropriate artifacts that demonstrate the attainment of the maturity
level should be available to substantiate your score.
The score at each level depends on the level, for example a level 0 means a score of 0 while a
level 4 means a score of 4.
Evaluation
1. Architecture Process: Is there an established Enterprise Architecture process?
Level 0: Architecture process not established.
Score
Level 1: Ad-hoc and localized architecture process defined.
Level 2: Basic Enterprise Architecture Process program is documented based on
YELAF. The architecture process has developed clear roles and responsibilities.
Level 3: The architecture is well defined and communicated to IT staff and
business management with Operating Unit IT responsibilities. The process is
largely followed.
Level 4: Enterprise Architecture process is part of the culture, with strong
linkages to other core IT and business processes. Quality metrics associated with
the architecture process are captured. These metrics include the cycle times
necessary to generate Enterprise Architecture revisions, technical environment
stability, and time to implement a new or upgraded application or system.
Level 5: Concerted efforts to optimize and continuously improve architecture
process.
2. Architecture Development: To what extent is the development and progression of the
Operating Units' Enterprise Architecture documented?
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 14 / 19
e-Government Program (Yesser)
NEA Maturity Model
Level 0: No Enterprise Architecture documentation to speak of.
Level 1: Enterprise Architecture processes, documentation and standards are
established by a variety of ad hoc means, and are localized or informal.
Level 2: IT Vision, Principles, Business Linkages, Baseline, and Target
Architecture are documented. Architecture standards exist, but not necessarily
linked to Target Architecture. Technical Reference Model and Standards Profile
framework established.
Level 3: Gap Analysis and Migration Plan are completed. Architecture standards
linked to Business Drivers via Best Practices, IT Principles and Target Architecture.
Fully developed Technical Reference Model and Standards Profile.
Level 4: Enterprise Architecture documentation is updated on a regular cycle to
reflect the updated Enterprise Architecture. Business, Information, Application
and Technical Architectures defined by appropriate de-jure and de-facto
standards.
Level 5: Defined and documented Enterprise Architecture metrics are used to
drive continuous process improvements. A standards and waivers process are
used to improve architecture development process improvements.
Evaluation
Score
3. Business Linkage: To what extent is the Enterprise Architecture linked to business strategies
or drivers.
Level 0: No linkage to business strategies or business drivers.
Level 1: Minimal, or implicit linkage to business strategies or business drivers.
Level 2: Explicit linkage to business strategies or drivers. , EA is involved in the
initiation of any new business initiatives.
Level 3: Enterprise Architecture is integrated with capital planning and
investment control. Explicit linkage to business drivers and information
requirements.
Level 4: Capital planning and investment control are adjusted based on the
feedback received and lessons learned from updated Enterprise Architecture.
Periodic re-examination of business drivers.
Level 5: Architecture metrics are used to optimize and drive business linkages.
Business involved in the continuous process improvements of IT Architecture.
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 15 / 19
e-Government Program (Yesser)
NEA Maturity Model
Evaluation
4. Senior Management Involvement: To what extent are the senior managers of the
Operating Unit involved in the establishment and ongoing development of an IT
Architecture?
Level 0: No management team awareness or involvement in the architecture
process.
Score
Level 1: Limited management team awareness or involvement in the architecture
process.
Level 2: Occasional/selective management team involvement in the architecture
process with various degrees of commitment.
Level 3: Senior-management team aware of and supportive of the enterprisewide architecture process.
Management actively supports architectural
standards.
Level 4: Senior-management team directly involved in the architecture review
process.
Level 5: Senior-management team directly involved in the optimization of the
enterprise-wide architecture development process and governance.
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 16 / 19
e-Government Program (Yesser)
NEA Maturity Model
Evaluation
Score
5. Architecture Communication: To what extent are the decisions of Enterprise Architecture
practice documented?
Level 0: No documentation is available.
Level 1: Little communication exists about the Enterprise Architecture process
and possible process improvements. The DOC Enterprise Architecture Web Page
contains the latest version of the Operating Unit’s Enterprise Architecture
documentation.
Level 2: The Operating Unit Architecture Home Page, which can be accessed
from the DOC Enterprise Architecture Web Page is updated periodically and is
used to document architecture deliverables. Communication about arch
process via meetings, etc., may happen, but sporadic. Few tools (e.g., office
suite, graphics packages) are used to document architecture.
Level 3: Architecture documents updated and expanded regularly on DOC IT
Architecture Web Page. Periodic presentations to IT staff on Architecture
process, content. Tools are used to support maintaining architecture
documentation.
Level 4: Architecture documents are updated regularly, and frequently reviewed
for latest architecture developments/standards. Regular presentations to IT staff
on architecture content.
Level 5: Architecture documents are used by every decision maker
6. IT Security: To what extent is IT Security integrated with the Enterprise Architecture?
Level 0: No IT Security considerations in Enterprise Architecture.
Level 1: IT Security considerations are ad hoc and localized.
Level 2: IT Security Architecture has defined clear roles and responsibilities.
Level 3: IT Security Arch is fully developed and is integrated with IT Architecture.
Level 4: Performance metrics associated with IT Security Arch. are captured.
Level 5: Feedback from IT Security Arch. metrics are used to drive arch process
improvements.
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 17 / 19
e-Government Program (Yesser)
NEA Maturity Model
7. Governance: To what extent is an Enterprise Architecture governance (governing body)
process in place and accepted by senior management ?
Level 0: None. Everyone does their own thing.
Level 1: No explicit governance of architectural standards. Limited agreement
with governance structure.
Level 2: Governance of a few architectural standards (e. g. operating systems,
database management systems) and some adherence to existing Standards
Profile. Various degrees of understanding of the proposed governance structure.
Level 3: Explicit documented governance of majority IT investments. Formal
processes for managing variances. Senior management team is supportive of
enterprise-wide architecture standards and subsequent required compliance.
Level 4: Explicit governance of all IT investments. Formal processes for
managing variances feed back into Enterprise Architecture. Senior-management
team takes ownership of enterprise-wide architecture standards and
governance structure.
Level 5: Explicit governance of all IT investments. A standards and waivers
process is used to improve governance process improvements.
8. IT Investment and Acquisition Strategy: To what extent does the Enterprise
Architecture influence the IT Investment and Acquisition Strategy?
Level 0: No regard for Enterprise Architecture in formulation of strategic IT
Acquisition strategy by Operating Unit.
Level 1: Little or no involvement of strategic planning and acquisition personnel
in enterprise architecture process. Little or no adherence to existing
Standards Profile.
Level 2: Little or no form al governance of IT Investment and Acquisition
Strategy. Operating Unit demonstrates some adherence to existing Standards
Profile.
Level 3: IT acquisition strategy exists and includes compliance measures to IT
Enterprise Architecture. Operating Unit adheres to existing Standards Profile.
RFQ, RFI and RFP content is influenced by the Enterprise Architecture.
Acquisition personnel are actively involved in Enterprise Architecture governance
structure. Cost-benefits are considered in identifying projects.
Level 4: All planned IT acquisitions and acquisitions are guided and governed by
the Enterprise Architecture. RFI and RFP evaluations are integrated into the IT
Architecture planning activities.
Level 5: Operating Unit has no unplanned IT investment or acquisition activity.
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 18 / 19
e-Government Program (Yesser)
NEA Maturity Model
The final score is calculated using this simple formula
𝑛
𝑆𝑐𝑜𝑟𝑒 = (∑ 𝑥)/𝑛
𝑥=0
Where x is the individual scores taken from the score column above.
Confidential e-Government Program (Yesser)
This document (either in whole or in part) cannot be modified or
reproduced without the prior written permission of the e-Government Program (Yesser)
Page 19 / 19
Download