Fast, risk-based system portfolio investment decisions with EA method & tools
- Client: US Department of Defense
- Sector: Defense (finance / audit)
- Project: System audit readiness
Many systems duplicated between commands resulted in high cost and complex audit traceability.
Needed to account for risks of “what could go wrong” with respect to compliance (new regulations), operations and security, and needed to account for audit-relevant information in the architecture, such as “how many open notice of findings are there against system XYZ?”.
Needed to make the analysis “automatically repeatable” and easily maintainable, to account for system changes.
Determined several types of analysis were needed: (1) redundancy/overlap, (2) system health vs. criticality, (3) process impact, (4) TIME chart (Tolerate, Invest, Maintain, Eliminate).
Determined overall problem context and challenges by conducting stakeholder interviews. Prioritized key analysis areas, and prioritized systems of relevance for key analysis.
Produced all outputs in a visual ”live” dashboard, using an easy-to-modify KPI based approach. Using KPMG EA tools/infrastructure to “get started quickly”, developed baseline architecture (applications, capabilities, risks/controls, processes, audit findings). Collected and normalized application information in a central repository.
Identified system overlap using a consistent, rational approach
Injected risk factors into decision making – in addition to typical “cost” / “criticality” assessments, this allows recommendations to take into account “what could go wrong”
The qualitative analysis results provided a “data-driven” basis for next steps and opportunity analysis
Supported holistic planning based on up-to-date, relevant information, and alignment/support of budgeting process
Easy-to-maintain / modify assets were delivered that can “monitor” system portfolio landscape for changes and produce updated dashboards automatically
As part of an audit readiness assessment, the client wanted to analyze value vs. risk of system investments. A multi-level analysis was done using Software AG ARIS/EA platform and our customized approaching, producing a “TIME” (Tolerate, Invest, Maintain, Eliminate) chart to clearly show which systems to invest, and which to retire (based on quantitative data analysis).
Agile Digital Transformation Enablement for a Multi-Year Major Program
- Client: International Audit Firm
- Sector: Audit
- Project: Internal Audit Modernization (IAM)
- After studying the market for this major offering, the Audit Firm realized that every move was a “zero sum” game, and intended to grow the overall market with new innovations in products and delivery.
- The following areas were identified for the program: definition of new, innovative Internal Audit products, change of the delivery operating model, build of a global technology platform for projects, and development of an Intelligent Content Engine, using AI capabilities.
- A three year program was stood up, that included 11 countries (member firms) and was tasked to implement changes within three years.
- A lightweight agile approach combined with a right-size architecture governance capability keeps teams focused on incremental delivery without sacrificing “the big picture”.
- A tight integration between program strategy (what to sell), portfolio management / architecture (how do we get there), and program management/organizational change management is essential for leadership to “steer the ship”.
- An up-front investment in architecture “wires everything together”, simplifies communication, and increases transparency at every level of the program, including leadership / product owners, business experts, and technology specialists.
- Enabled accelerated and transparent delivery using an “Agile Playbook” approach and tools, aligning leadership, technical teams (UI/UX experts, software developers, infrastructure architects) with business, org. change, and marketing / operations teams.
- Delivered a product-lifecycle managed catalog (“what to sell”), and associated business capability model (“what is needed” to get there) and new service delivery processes (“how to operate”).
- Facilitated coordination of 18 product/technology risk reviews across 11 countries.
- Leveraging the capability model and processes, delivered best-fit technology solution options and roadmap, using a requirements evaluation process for COTS SW products and a multi-layer technology solution evaluation approach for “platform” infrastructure.
The project was ambitious and complex: new technology, new service operating models, and new organizational change / outsourcing models. In addition to typical needs for any digital transformation project (good leadership / communication, committed teams, and strong delivery), this program had the added complexities of “established legacy technology” culture vs. “leading edge technology” market demands, multiple countries / cultures requiring customized solution variants, and the stand-up of new operational support and sales teams.
Our EA team was brought in to provide leadership and integration at every level, using automated digital transformation tools (ARIS, JIRA) in combination with tailored “just enough governance” approach (Agile Playbook).
Enterprise Architecture & Engineering services assessment & future state design
- Client: US Audit Firm IT Department
- Sector: Consulting services
- Project: Phase I: EA&E Modernization
Continued strong growth in technology demand, combined with a high-touch “expert for every problem”, had created a highly reactive vs proactive environment – leading to unsatisfactory service to the business. In the context of a larger IT transformation initiative, it became critical for Enterprise Architecture & Engineering (EA&E) services to be a partner to complex business units, who want to be agile (and run their own specialized “IT shops”) but still require enterprise technology services.
Overall, there were people, process, and technology problems. This resulted in three main issues:
- Unsatisfactory service reliability and quality – due to too much focus on technology instead of solutions, lack of product/service lifecycle processes, and ineffective architecture/design consistency and standards.
- Insufficient return on investment – due to a lack of business understanding and collaboration (causing duplicate technology investments), too few experts delivering too many high-touch/custom services, and a tactical project focus.
- Missed innovation opportunities – due to lack of organization / solution alignment, minimal agility / speed / flexibility, and lack of investment prioritization.
- Priority concern areas exposed, using a combination of our EA toolkit accelerators and interviews, a root cause analysis and maturity score matrix – such as intra-IT organizational collaboration issues, capacity planning, business technology resiliency, lifecycle management, and investment prioritization.
- EA&E organization was re-designed, including optimal use of onshore/offshore individual roles and organizational units. This resulted in “internal improvement” (e.g., skill / training gaps), and better “external service partnership” (e.g., between other enterprise IT areas such as helpdesk and portfolio management, and business specialized “IT shops”).
- End-to-end processes re-designed in context of a business partnership improvement, processes were re-designed to modernize basic EA&E services (e.g., technology lifecycle management) and holistic end-to-end services (e.g., “Demand-to-solution” process). This process re-design included newly-clarified organization roles (also utilizing more cost-effective offshore resources), identified risks and controls for compliance and “keep the lights on” priorities, and identified key technology capabilities needed for enablement.
Better, faster system portfolio investment decisions with EA method & tools
- Client: Multinational grocer
- Sector: Retail (grocery)
- Project: Merger with US grocer
- Merger situation presented opportunity for application portfolio consolidation
- Needed to identify overlapping system capabilities
- Need to account for risks of “what could go wrong” with respect to operations and security
When looking at application rationalization, determine two types of analysis were needed: (1) redundancy/overlap, and (2) 4-quadrant investment analysis (answering the question “which systems should we invest in, or eliminate?).
Stakeholder interviews were invaluable to determine overall merger/consolidation context and challenges to set the context for a proper tool stack recommendation (prioritized key analysis areas, and systems of relevance).
Using EA tools/infrastructure helped to “get started quickly” and get the team quickly off the ground. The EA tool was used to collected and normalized specific application information in a central repository, as well as to develop a baseline architecture (applications, capabilities, risks).
The produced outputs, such as reports and graphs to depicting “how much redundancy is there” (i.e., spreadsheet) and “what should we do about it” (i.e., 4-quadrant analysis), were used to communicate the project results to the stakeholders that did not have access to the EA tool, and enabled them to provide feedback.
- Overview of the as-is applications in a structured inventory, including high-level decision-relevant data, such as cost or risk.
- Redundant system identification in preparation of the merger’s key priorities.
- Heat map as the “data-driven” basis for system roadmap creation.
- Key system changes to prioritize “which processes get the most attention” first
As part of a merger initiative, we were asked to provide system portfolio rationalization recommendations based on custom client conditions – not just “general” factors, but industry- and client-situation-specific relevant analysis.
We aligned best-practice metrics with those that were relevant for the merger initiative, using a professional tool based approach (ARIS by Software AG). Results were produced that were audience relevant, providing key recommendations to retire or invest in specific systems.
Modern Application/Cloud Enterprise Architecture & Roadmap
Client: State Department of Transportation
For one of the world’s largest transportation and engineering services agencies, the challenge was clear: aging infrastructure and mounting technical debt from legacy applications were impacting service reliability, maintenance costs, and agility needed to build and deliver transportation services of the future.
Approach and insights
Address the problem in three phases: first, analyze the existing application and infrastructure portfolio, understanding the value from a business capability perspective; second, design a modern future state architecture, timing existing technology retirements with the right mix of future hybrid on-premise and cloud services; third, recommend an “achievable” future state operating model that balances agility and governance.
Analyze current state. Using a mix of data collection forms (from business and IT) and service discovery (CMDB / ServiceNow), we used an EA modeling and analysis repository to build “just enough” architecture to paint a layered “TOGAF-style” picture, including business capabilities, applications, and infrastructure. This revealed significant IT equipment risks (with approximately 60% of IT infrastructure beyond useful life). A business-centric application analysis revealed that 50% of the 342 applications needing to be eliminated or consolidated (mostly relying on technology that was at risk of End-Of-Life), and 19% of applications appropriate for cloud modernization.
Design future state architecture. A simplified & consolidated application landscape was designed to optimize the future state architecture, applying design patterns to applications (e.g., hybrid cloud, hybrid + edge), considering for a realistic gradual migration (e.g., applying a Strangler pattern)
Recommend a future-state operating model. After interviewing staff to understand the client’s existing IT services capabilities, an “achievable” future state operating model was designed. Major recommendations included the establishment of a Cloud Center of Excellence (CCOE) and Modern Enterprise Architecture service. This combination of services were designed to improve cloud capabilities and overall service delivery agility, and at the same time drive enterprise adoption of standards (e.g., compliance with data privacy and security policies).
The future state architecture and operating model changes were justified using a TBM (Technology Business Management) approach to building holistic financial model that included three choices: (1) Refresh hardware only (2) Refresh hardware + public cloud modernization (3) Refresh hardware + private cloud modernization. This helped the client strike the right balance between cost, risk, and service agility.
The completion of the project helped the client to build a strong business case for agency funding needed to modernize application service delivery. This was shown to provide the following key benefits:
- Ability to quickly scale up and down
- Faster deployment and delivery
- Increased opportunities to leverage automation
- Improved measurement, continuous improvement, and business insight through advanced built-in cloud service provider analytics
In addition, we exported the EA modeling and analysis repository for the client, providing a “head-start” to build out a sustainable, automated EA repository to continue alignment of business needs with technology landscape.
Process and policy harmonization enable architecture governance
- Client: Global manufacturer
- Sector: Industrial manufacturing
- Project: Policy & process harmonization
- The client supports multiple lines of business that do not adhere to disjointed/legacy EA policies that are in conflict with many common client practices.
- EA policies were not well understood by the users and not adhered to.
- In addition to this, the project scope is also to harmonize all policies, processes, and standards within common ITSM functions and Information Security functions.
- Previous attempts at implementing policies and processes were not successful.
- Tools are viewed as the solution to issues and underlying causes are often not addressed.
- There is a clear need for standardized policies and processes.
- Organizational Change Management is a critical success factor to policy adoption and adherence.
- When processes are implemented, some have been designed to a higher level of maturity than may be needed and contribute to the employee resistance to change.
- Tools are viewed as the solution to issues and underlying causes are often not addressed.
- Inclusive group decision rights and broad accountability present challenges in successfully implementing and governing policies and processes
- Policies that follow industry standards, and auxiliary business architecture views (capabilities, use cases, etc.), as well as other architecture views and models in relation to the target application design, such as applications or data
- Policies that are “right-sized” for the organization’s current maturity level
- A capability model in various transition states, that is used to define the various phases to reach the target operating model, after the central policies and processes are established
- Address the underlying process and requirements challenges (“what do we want to be in the future?”) prior to beginning a tool selection process
Enterprise Architects were brought in to develop policies and standards for the client. These were written with usability, scalability, and applicability in mind.
This was done in conjunction with the development of the ITSM and Information Security processes/policies in order to ensure a consistent approach and avoid conflicting overlap.
The EA team then worked with Organizational Change Management to design and roll-out a holistic training and hypercare program to ensure a smooth rollout.
EA CoE centralizes high-quality information for faster, better decision making
- Client: US Department of Defense
- Sector: Defense (finance / audit)
- Project: EA CoE
- Excessive waste and duplication between commands (i.e. systems and processes)
- Difficulty preforming audits because of de-centralized, out-of-date information
- Difficulty planning IT landscape to align with priorities and budgeting process
- Determined overall context and challenges by conducting strategy analysis and stakeholder interviews
- Prioritized stakeholder needs and capability impacts, to determine highest-priority EA efforts
- Using EA tools / infrastructure to “get started quickly”, developed basic EA methods, EA governance processes, and baseline architecture (strategy/business, information systems, data).
- Installed permanent client EA Center of Excellence (CoE) by conducting end-to-end EA CoE services: vendor selection, EA platform installation/integration, training, governance, value communication, operational “helpdesk” services.
- Developed priority IT architecture segments to provide key analysis and IT roadmap planning services
- “Connect the dots” between various efforts (i.e. IT controls work, system interface work, process work, etc.)
- Reduce inter-team ”call for information” every time a new analysis/audit-relevant information is needed
- Increase accuracy and “reliability” of information, especially when efforts depend on other areas (“you can trust the information you’re looking at), and answer day-to-day questions in a friendly way (i.e. dashboards)
- Support holistic planning based on up-to-date, relevant information, and align/support budgeting process
As part of an audit readiness program, the client wanted to reduce the “redundancy” of data between work streams, aligning processes, risks/controls, systems and data to help make more accurate decisions. Additionally, it was desired to increase the transparency of “data quality” to contribute to more informed decisions (i.e. which systems to retire, which processes have the highest risk, etc.).
We responded by analyzing BPA / EA tools in a selection process, then providing end-to-end EA CoE services including technical installation, training/adoption, governance, and customization to provide fast, relevant value for the client’s objectives. A multi-workstream EA CoE was created to provide quality, on-demand service to audit readiness work groups.