Federal Enterprise Architecture - Digital Government Institute

Federal Enterprise ArchitectureUsing EA to Design Future-Ready Agenciesand Implement Shared ServicesScott A. Bernard, Ph.D.Scott_Bernard@omb.eop.govFederal Chief Enterprise ArchitectExecutive Office of the PresidentOffice of Management and Budget

Security and PrivacySecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsOMB Policy Directives on EAIT Shared ServicesStrategy(May 2012)Common Approach toFederal EA(May 2012)SVR MemoShared ServicesIs Action Item #6May 2, 2012IT Reform Agenda’s25-Point Plan(Dec 2010)M-11-29CIO Authorities Memo:Commodity IT (Aug 2011)Consumer Agency #7Consumer Agency #6Consumer RequirementsAgency #5Consumer RequirementsAgency #4Consumer RequirementsAgency #3Consumer RequirementsAgency #2WorkflowConsumer RequirementsAgency #1WorkflowProvider RequirementsAgency WorkflowRequirements Workflow Data ExchangeRequirements Workflow Data ExchangeWorkflow Data ExchangeWorkflow Data Exchange ApplicationsWorkflow Data Exchange ApplicationsData Exchange ApplicationsData Exchange Applications HostingData Exchange Applications HostingApplications HostingApplications HostingApplications HostingHostingHostingHostingMay 2, 2012SharedService2

Security and PrivacySecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsThe Role of Enterprise ArchitectureThe Common Approach toFederal Enterprise Architectureis OMB policy on EA standards.FEAv2 is the implementationof the Common Approach, itprovides design and analysismethods to support sharedservice implementation, DGS,IRM Strategic Plans, andPortfolioStat investment reviews.Consumer Agency #7Consumer Agency #6Consumer RequirementsAgency #5Consumer RequirementsAgency #4Consumer RequirementsAgency #3Consumer RequirementsAgency #2WorkflowConsumer RequirementsAgency #1WorkflowProvider RequirementsAgency WorkflowRequirements Workflow Data ExchangeRequirements Workflow Data ExchangeWorkflow Data ExchangeWorkflow Data Exchange ApplicationsWorkflow Data Exchange ApplicationsData Exchange ApplicationsData Exchange Applications HostingData Exchange Applications HostingApplications HostingApplications HostingApplications HostingHostingHostingHostingSharedServiceIRMStrategicPlan3

4 REKLAMAN A R E W E X T R A T Y G O D N I K - Ł O M Ż A u WTOREK 21 PAŹDZIERNIKA 2008Trzynasty raz zainaugurowano rok akademicki w Wyższej Szkole Agrobiznesu w ŁomżySolidne studia i niepowtarzalna atmosferaPo raz pierwszy Gaudeamus zabrzmiał dla blisko pięciuset studentów I roku. Od początku istnienia WSA wypuściła w świat rekordową liczbę absolwentów– 3 tys. 200. Dlatego śmiało można powiedzieć, że odegrała najważniejszą rolę w szkolnictwie wyższym wśród lokalnych uczelni świeckich.Ja ko pierw sza w re gio nie roz po -czę ła kształ ce nie na po zio mie ma gi -ster skim i ja ko je dy na zna la zła się wpierw szej trój ce naj lep szych uczel ni wPol sce w swo jej ka te go rii, wg ran kin gu„Rzecz po spo li tej” i „Per spek tyw”.Uczel nię chęt nie od wie dza ją wy bit neoso bi sto ści ze sce ny po li tycz nej z pre -zy den tem RP na cze le.W aka de mi ku i ze sty pen diumW paź dzier ni ku br. WSA za -kwa te ro wa ła w no wo cze snych aka -de mi kach stu dwu dzie stu stu den -tów, co sta no wi re kord w na szymre gio nie. Uczel nia jest płat na, alesty pen dium so cjal ne na stu diachsta cjo nar nych, któ re otrzy mu jebli sko 80 proc. stu den tów zo sta łousta lo ne w wy so ko ści cze sne go.Efekt jest ta ki, że tym ża kom uda -je się stu dio wać za dar mo.Wła dze uczel ni wspie ra ją zdol -nych i pra co wi tych. W cza sie In -au gu ra cji zo sta ły wrę czo ne 23 sty -pen dia Rek to ra WSA za naj wyż -sze wy ni ki w na uce za mi nio nyrok aka de mic ki. Za naj wyż sząśred nią 5,0 sty pen dium wy nio sło5 tys. zł. Za naj niż szą rów ną 4,69aż 4 tys. 690 zł. Łącz na kwo taRek tor skich Sty pen diów Na uko -wych to pra wie 120 tys. zł.W cza sie In au gu ra cji od by łasię rów nież ko lej na edy cja wrę cze -nia sty pen diów „Jan ko Mu zy -kant”. Ich ideą jest uho no ro wa niei fi nan so we wspar cie mło dzie żyzdol nej, ma ją cej istot ne osią gnię -cia na uko we, a znaj du ją cej się wtrud nej sy tu acji ma te rial nej. Sty -pen dia te trwa le zwią za ne są z hi -sto rią WSA. Po my sło daw cą ipierw szym spon so rem był Rek torWSA prof. Ro man En gler. Pierw -sza edy cja od by ła się w 1999 ro ku.Spon so ra mi by li lu dzie z re gio nułom żyń skie go. W su mie, wewszyst kich edy cjach uho no ro wa -no 178 mło dych lu dzi. Stu denc kiesty pen dia „Jan ko Mu zy kant” za -pew nia ją bez płat ne stu dia na do -wol nie wy bra nym kie run ku,miesz ka nie w jed nym z czte rechdo mów stu denc kich uczel ni, sty -pen dium ży wie nio we oraz fi nan so -we, tzw. kie szon ko we. W za mianstu den ci mu szą wy le gi ty mo wać sięwy so ką śred nią ocen oraz wy ko ny -wać pra ce na rzecz uczel ni w nie -wiel kim wy mia rze go dzin.WSA co rocz nie, ja ko je dy nauczel nia ofe ru je swo im stu den tomkil ka zu peł nie bez płat nych wy jaz -dów kra jo wych i za gra nicz nych.W in nych uczel niach stu den ci mu -szą za ta kie atrak cje sło no pła cić.Już w tym ro ku stu stu den tówI ro ku po pły nę ło w bez płat ny rejsdo Szwe cji na obóz in te gra cyj ny.Pod ko niec paź dzier ni ka cze ka ichbez płat ny wy jazd do Ber li na naszko le nie sa mo rzą du, a zi mą poraz ko lej ny bez płat ny – ty go dnio -wy wy jazd spor to wy w gó ry. Wcza sie wy jaz dów spor to wych WSAna nar tach na uczy ło się jeź dzićjuż po nad pół ty sią ca stu den tów.Wio sną i la tem od bę dą się re ga ty iuczel nia ny spływ ka ja ko wy.Za ra bia ją na cze sneZ my ślą o bez pie czeń stwie fi -nan so wym swo ich stu den tów,WSA oprócz wy jaz dów re kre acyj -nych i spor to wych ofe ru je wa ka -cyj ne wy jaz dy za rob ko we. Dzię kicze mu co rocz nie do pra cy w wa -ka cje wy jeż dża ok. 120 mło dychlu dzi. Po cząt ko wo wy jeż dża li doUSA, a te raz głów nie do An glii iIr lan dii. Wra ca ją cy z wa ka cji za -rob ko wych przy wo żą śred nio 10tys. zł, co z po wo dze niem wy star -cza im na sfi nan so wa nie ca łe goro ku stu diów.WSA pro wa dzi stu dia na po zio -mie li cen cjac kim, in ży nier skim,ma gi ster skim i stu dia po dy plo mo -we oraz kur sy, ofe ru jąc wy kształ ce -nie wyż sze w spe cjal no ściach ta -kich jak: na kie run ku in for ma ty ka -in ży nie ria opro gra mo wa nia; na kie -run ku to wa ro znaw stwo - ho te lar -stwo z ga stro no mią i tu ry sty ką, to -wa ro znaw stwo pro duk tów rol nych iżyw no ścio wych, or ga ni za cja przed -się wzięć han dlo wych i usłu go wych;na kie run ku rol nic two - ochro naśro do wi ska ob sza rów wiej skich,eko no mi ka rol nic twa, agro biz nes,agro no mia, no wo cze sne tech no lo -gie w użyt ko wa niu mlecz nym by -dła; na kie run ku pie lę gniar stwo –pie lę gniar stwo sta cjo nar ne i po mo -sto we; na stu diach po dy plo mo wych– in for ma ty ka sto so wa na, in for ma -ty ka dla na uczy cie li i rol nic two.AN NA REZ KO

Common Approach Meta-ModelLevels ofScopePrimaryOutcomesProgramElementsFramework5

Primary Outcomes• Service Delivery• Functional Integration• Resource Optimization• Authoritative ReferenceWhile there are many positive outcomes that EAcontributes to, these four outcomes are “primary” inthat they represent areas of direct, positive impactthat architectures can make within and betweenagencies and with customers and partners externalto government6

EA Project Levels of Scope• International• National• Federal• Sector• Agency• Segment• System• ApplicationThese levels of scope promote consistency in architecturemethods to promote comparability and support varying levels ofcomplexity. Solution Architecture is done in a similar way at alllevels of scope, using the Collaborative Planning Method (CPM)7

EA Program Basic Elements1. Governance2. Principles3. Method4. Tools5. Standards6. Use7. Reporting8. AuditThese basic elements ensure that agency EA programs arecomplete and can be effective in developing solutions thatsupport planning and decision-making.8

Element 1: Governance9

Element 2: PrinciplesGeneral EA Principles• Future-Ready• Investment Support• Shared Services• Interoperability Standards• Information Access• Security and Privacy• Technology AdoptionDesign/Analysis Principles• Strategic Drivers• Business Activities• Technology Enablement10

Element 3: Method for EA ProjectsThe Collaborative Planning Methodology (CPM) is arepeatable process that consists of steps that requireintegrated multi-disciplinary activities to affect change withthe collaboration of leaders, stakeholders, planners, andimplementers.It is inclusive of the full planning and implementation lifecycleand is intended for use at all levels of scope.11

Element 3: Method (continued)1.1Engage Sponsor andAssess StakeholderNeeds2.1Iden fy Organiza onsand Service Providers toEngage3.1Formalize Collabora vePlanning Team andLaunch Planning4.1Define Funding Strategyand Make Decision5.1Operate with the NewCapabili es1.2Analyze and ValidateNeeds2.2Analyze Opportuni esto Leverage3.2Refine the Vision forPerformance andOutcomes4.2Obtain Resources andValidate Plan5.2Measure PerformanceAgainst Metrics1.3Formulate Case toAddress the Needs2.3Determine Whether toLeverage3.3Analyze the CurrentState, DetermineAdjustments, and Planthe Target State4.3Execute the Plan5.3Analyze and ProvideFeedback1.4Iden fy and EngageGovernance3.4Formulate theIntegrated Plan andRoadmap3.5Ini ate Execu onGovernance12

Element 4: EA Tools• Repository website and content to create a visual representation ofarchitecture in its current and future states• Decomposable views of the overall architecture and specific architectures• Over-arching “management views” of the architecture• Strategic planning products and performance measures• Business process documentation to answer questions and solve problems• Physical / logical design of data entities, objects, applications, and systems• Physical and logical design of networks & cloud computing environments• Configuration management and quality standards• Security and risk solutions for physical, information, personnel andoperational needs13

Element 6: UseThe Common Approach supports:• Shared-Services Implementation• Cloud-First Implementation• Digital Strategy – Mobile & Web• TechStats / PortfolioStats• Security and Privacy Control Design• Business Process Improvement• Big Data• Data Center Consolidation• Voice, Data, Video Convergence15

Element 7: Reporting Annual submission to OMB that “tells the story” of the agency’suse of IT to enable mission, support, and commodity functions. Due April 1 st – these are public documents, nothing sensitive in it. Format Guidelines: Main Body: a) Synopsis of IRM Strategic Plan and goalsb) Enterprise-wide business and technology architecturec) Transition Plan milestones Appendix 1: IT Asset Inventory Appendix 2: IT Commodity Consolidation Plan (M-11-29) Appendix 3: Agency Shared Services Plan (improve quality & uptake) Appendix 4: EA Program Assessment / Project Value Measurement16

Element 8: Audit• Roadmap (Appendix 4)provides an evaluation of:– EA Program maturity– The value of EA projects• Uses EA Management MaturityFramework v2 (EAMMF), Aug 201017

The Federal Enterprise ArchitectureVersion 2.0 (FEAv2)Implementing the Common Approach18

Common Approach & FEAv2Common ApproachFEAv2 DoDAF OtherThe Common Approach to Federal Enterprise Architecture(Common Approach) accelerates supports the identification ofopportunities for shared services and design alternatives. TheFederal EA version 2 (FEAv2) will be released in January 2013and aligns with the standards of the Common Approach.19

FEAv2: Major ComponentsFEAv2 aligns with the Common Approachand has three major components:• Standards:– Framework– Artifacts• Methods:– Common Approach– Collaborative Planning Method (former FSAM)• Analytics / Reporting:– Consolidated Reference Model– Ex 53 & 300– Enterprise RoadmapCommon ApproachFEA DoDAF Other20

FEAv2 Standards: Framework & ArtifactsThe standard artifact list consistsof the “core” artifacts that needto be considered and/or tailoredto support a robust set of EAartifacts for the organizationEA 3 CubeLevel/ThreadStrategicGoals &Initiatives(I)BusinessProducts &Services(B)Data &Information(D)Systems &Applications(SA)Networks &Infrastructure(NI)Security(SP)Standards(ST)Workforce(W)ArtifactID #Artifact Name(* Composite Artifact)ZachmanMappingDODAFMappingS-1 Strategic Plan* C6/R1 AV-1S-2 SWOT Analysis C5/R1S-3 Concept of Operations Scenario AV-1S-4 Concept of Operations Diagram C2/R1 OV-1S-5 Balanced Scorecard * C6/R4, C6/R5B-1 Business Plan* C2/R2, C5R1B-2 Node Connectivity Diagram C3/R1 OV-2B-3 Swim Lane Process Diagram * C4/R2 OV-5B-4 Core Business Process/Service Artifact Model List C2/R2 OV-5B-5 Business Process/ Product Matrix * C4/R2B-6 Use Case Narrative & Diagram C6/R3, C6/R4 OV-6a, SV-10aB-7 Investment Business Case*D-1 Knowledge Management Plan C1/R1, C1/R2D-2 Information Exchange Matrix* C3/R2, C4/R2 OV-3D-3 Object State-Transition Diagram C1/R3 OV-6b, SV-10bD-4 Object Event Sequence Diagram C2/R2, C5/R3 OV-6c, SV-10cD-5 Logical Data Model C1/R3 OV-7, SV-11D-6 Physical Data Model C1/R4D-7 Workflow Activity/Entity (CRUD) DiagramMatrix * C1/R3, C4/R2 SV-9D-8 Data Dictionary / Object Library C1/R5 AV-2SA-1 System Interface Diagram C3/R4, C3R2 SV-1SA-2 System Communication Description C2/R4, C3/R2 SV-2SA-3 System Interface Matrix * C2/R4 SV-3SA-4 Dataflow System Flow Diagram Diagram C2/R3 SV-4SA-5 System/Operations Matrix * C2/R4 SV-5SA-6 Systems Data Exchange Matrix * C2/R3 SV-6SA-7 System Performance Matrix * C2/R3 SV-7SA-8 Evolution Diagram C2/R4 SV-8SA-9 System Web Application Diagram Interfaces C2/R3NI-1 Network Connectivity Diagram C3/R5NI-2 Network Inventory C3/R5NI-3 Capital Equipment Inventory C3/R5NI-4 Building Blueprints * C3/R5NI-5 Network Center Diagram Diagram C3/R5NI-6 Cable Plant Diagram C3/R5NI-7 Rack Elevation Diagram C3/R5SP-1 Security and Privacy Plan* C4/R5SP-2 Solutions Description C4/R5SP-3 Security System Accreditation ControlsDocument* C4/R5SP-4 Continuity Of Operations Plan* C4/R5SP-5 Disaster Recovery Procedures * C4/R5ST-1 Technical Standards Profile C3/R4 TV-1ST-2 Technology Forecast C3/R4 TV-2, SV-9W-1 Workforce Plan* C4/R1W-2 Organization Chart C4/R2 OV-4W-3 Knowledge and Skills Profile C4/R3 OV-4Strategic Plan/Priority Goals21

Method (continued)1.1Engage Sponsor andAssess StakeholderNeeds2.1Iden fy Organiza onsand Service Providers toEngage3.1Formalize Collabora vePlanning Team andLaunch Planning4.1Define Funding Strategyand Make Decision5.1Operate with the NewCapabili es1.2Analyze and ValidateNeeds2.2Analyze Opportuni esto Leverage3.2Refine the Vision forPerformance andOutcomes4.2Obtain Resources andValidate Plan5.2Measure PerformanceAgainst Metrics1.3Formulate Case toAddress the Needs2.3Determine Whether toLeverage3.3Analyze the CurrentState, DetermineAdjustments, and Planthe Target State4.3Execute the Plan5.3Analyze and ProvideFeedback1.4Iden fy and EngageGovernance3.4Formulate theIntegrated Plan andRoadmap3.5Ini ate Execu onGovernance23

FEAv2: Consolidated Reference Model2003-05 FEA RMsThe CRM consists of a set of interrelated “reference models” designed tofacilitate cross-agency analysis and the identification of duplicativeinvestments, gaps and opportunities for collaboration within and acrossagencies. Through the use of the CRM and vocabulary, IT portfolios can bebetter managed and leveraged across the federal government.24

FEAv2: The CRM’s Reference ModelsPRM – BRM – DRM – ARM – IRM – SRMThe Reference Models from have evolved from five in FEAv1 to sixin FEAv2. Each Reference Model consists of the following areas:Taxonomy – Provides for categorization and inventories.Methods – Incorporates associated best practices.Use Cases – Describes how the reference model will be applied andused in the federal government. This area will apply the referencemodels to the Collaborative Planning Method (CPM). Each referencemodel will have at least three use cases.Touch Points – The relationship between all of the reference models.25

Using EA to SupportShared Services Implementation26

Websites &Content Mgmt.Infrastructure& Asset Mgmt.Email , Help Desk,& CollaborationRecords Mgmt.HR Mgmt.Financial Mgmt.PerformanceMgmt.GeospatialFederal HealthArchitectureOnline Service CatalogIT Shared Service Concept OverviewLevelsInter-Agency Lines of Business / Business CentersIntra-Agency Shared Service CentersCategoriesCommodityAdministrativeMissionServices(Examples)ChannelsPublic, Private, Hybrid CloudsInternal & External Host Networks / SystemsUncle Sam’s ListStandards “Common Approach” to USG Architecture Business Models / Strategic Sourcing27

Security and PrivacySecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsSecurity and Privacy ControlsArchitectural Components of a ServiceConsumer RequirementsAgency #5Consumer RequirementsAgency #4Consumer RequirementsAgency #3Consumer RequirementsAgency #2WorkflowConsumer RequirementsAgency #1WorkflowProvider RequirementsAgency WorkflowRequirements Workflow Data ExchangeRequirements Workflow Data ExchangeWorkflow Data ExchangeWorkflow Data Exchange ApplicationsWorkflow Data Exchange ApplicationsData Exchange ApplicationsData Exchange Applications HostingData Exchange Applications HostingApplications HostingApplications HostingApplications HostingHostingHostingHostingComponent1. RequirementsConsumer Agency #7Consumer Agency #6DescriptionThis includes the strategic and tactical requirements for thetype(s) of functionality that the service has to provide toconsumers. The type of requirements depends on the typeof service area, number and diversity of participatingagencies, sensitivity of information/data being exchanged.2. Workflow Business processes that function through the shared service.The design of a process must support the functionalrequirements from #1.SharedService3. Data Exchange The part of the business process in #2 that involves thecreation, exchange, manipulation, storage, or deletion ofdata and information.4. Applications This includes the software and hardware that provide thefunctionality and data exchange capabilities that areidentified in #2 and #3.5. Hosting This is the infrastructure that the application(s) are hosted in.This includes cloud-based, client-server hosting solutions.6. Security andPrivacyThe logical, physical, process, and personnel controls thatachieve required levels of protection and risk mitigation forthe service.28

Implementation: Two Work StreamsIntra-Agency Shared ServicesInter-Agency Shared ServicesAgency CIOs Owner Managing PartnersCommodity IT Scope LOBs / Business CentersImplementation of Agency EnterpriseArchitecture/Shared Service PlansMigrations, EA Plans2012 Focus Service ImprovementKeyDeliverableAssessment, Benchmarks, RoadmapIntra-AgencyService Center(Dept. CIOs)Inter-AgencyLOBs / BCs(Managing Partners)Commodity IT• Budget• Financial• GIS• HR• Websites/CMS• Email/Collaboration• Mobile/Wireless• Performance• Security8

Implementation and Initial Focus• IT infrastructure• Enterprise IT systems• Business systems“Run”“Walk”Initial Focus“Crawl”• Maximize the purchasing power of agencycontracts for commodity IT acquisitions (e.g.,PC contracts, email systems, etc.)7

IT Shared Service RolesManagingPartnerSupplierCustomers• Managing Partner. The Federal agency that establishes and maintains theshared service with approval by agency leadership for intra-agency services,or by OMB for inter-agency services.• Customer. The Federal agency or bureau that contracts with and pays themanaging partner to receive a shared service.• Supplier. A government or commercial organization that actually providesthe shared service to consumers. Managing partners contract withsuppliers using Federal-wide contract vehicles whenever practicable.R-3

Architectural Components of a ServiceComponent1. RequirementsDescriptionThis includes the strategic and tactical requirements for the type(s) offunctionality that the service has to provide to consumers. The type ofrequirements depends on the type of service area, number and diversityof participating agencies, sensitivity of information/data being exchanged.2. Workflow Business processes that function through the shared service. The designof a process must support the functional requirements from #1.3. Data Exchange The part of the business process in #2 that involves the creation,exchange, manipulation, storage, or deletion of data and information.4. Applications This includes the software and hardware that provide the functionalityand data exchange capabilities that are identified in #2 and #3.5. Hosting This is the infrastructure that the application(s) are hosted in. Thisincludes cloud-based, client-server hosting solutions.6. Security and Privacy The logical, physical, process, and personnel controls that achieverequired levels of protection and risk mitigation for the service.R-11

Using Enterprise Architecture toStandardize and Improve InformationSharing Environments33

Multi-Level StandardsInformation Sharing EnvironmentsEOs12286123331282913388134671352713526135491355613587Top SecretSecretConfidentialNSSISNSD-42Sensitive But Unclassified / PIIUnclassified34

QuestionsScott BernardScott_Bernard@omb.eop.govFederal Chief Enterprise ArchitectOffice of Management and BudgetOffice of E-Government and IT