|By Gopala Krishna Behara, Prasad Palli||
|December 8, 2012 03:00 PM EST||
The aim of the Architecture Assurance is to provide collaborative architecture processes for assuring complete implementation of the technical solutions that are aligned with the business drivers of an enterprise in a timely environment. The effective sharing of the information across different Business Units (BU) / departments within an enterprise and interoperability across IT systems would ensure the alignment of IT with business. The Architecture Assurance Group (AAG) is involved in reviewing the Project Architecture during the design and development phases of an application/system to help ensure successful project implementation. This review also ensures that the proposed system fits into the existing enterprise environment as well as the future architecture vision.
The goals of Architecture Assurance include some or all of the following:
- Identify inconsistencies in the architecture early, which reduces the cost and risk of changes required later in the life cycle
- Provide an overview of the compliance of architecture to mandated enterprise standards
- Identify where the standards may require modification
- Identify services that are currently application-specific but might be provided as part of the enterprise infrastructure
- Take advantage of advances in technology
- Communicate to management the status of the technical readiness of the project
- Identify and communicate significant architectural gaps to product and service providers
- Establish, own and manage Enterprise Architecture Content
- Provide architecture governance: guidelines and recommendations on business and IT architecture
- Ensure and enforce architecture compliance: review changes and deviations in business and IT architecture
- Resolve architectural ambiguities, issues and conflicts at the enterprise level
- Identify projects that have high architectural risk, and provide assistance to them early and often throughout the project
- Provide guidance to project managers and designers to direct architecture compliance
- Formally review projects to ensure compliance
- Leverage third-party assessments
- Leverage COT's products
The main benefits of these reviews are:
- Architecture is reviewed by a group of experienced architects across the enterprise
- Assistance in leveraging the existing architecture promoting the reusability
- Architecture for plug and play
- Promote simplification and standardization
- Proactively identify risks to the project
- Provide enterprise-wide context to project team
Maintain the integrity of the enterprise IT environment and expand the user community's access to Enter resources
- Does the project presents risk to the IT environment (e.g., infrastructure, other applications, users, enterprise policy)
- Allows Architecture Review Team to proactively recognize when modifications to the architecture are required
- Allows the project team to provide input to the extension of the proposed architecture
- Does the project leverage the existing common services where applicable
- Provides cost effectiveness across the enterprise
Architecture Assurance Methodology
The Architecture Assurance Group is a multi-disciplinary body that is responsible for the maintenance and enforcement of Architecture, Design standards and best practices across the programs/projects. The primary responsibility is to provide governance and ensure compliance of the defined enterprise / solution architecture.
Architecture Assurance is the key success factor in ensuring high quality deliverables for the architecture and design phases. The intent of the Architecture Assurance Process is to ensure that ongoing projects have the right architectural assumptions and that in-flight projects receive architectural guidance throughout the life cycle. This should be a collaborative effort to ensure that project designs and implementations are compliant with the defined architecture
A detailed Architecture Assurance process that achieves these goals is shown in Figure 1.
Architecture/Design Review(s) should be conducted at a stage when there is still time to correct any major inconsistencies or shortcomings in the program/project.
The Architecture/Design Review is typically targeted for the Analysis SDLC phase and at a point in time when:
- Business goals, business requirements, policies are defined
- Ball park clarity of hardware and software requirements & decisions are not finalized
- Project schedules / timelines are defined
- Project risk assessment is done
Architecture Review Criteria is:
- Start Early
- Drive and Participate in architecture workshop
- Establish relation with architecture & design teams
- Involve through architecture & design
- Involve and review the architecture and design decisions on an ongoing basis
- Review the intermittent and final architecture deliverables
- Share architecture best practices
- Mentor architecture and design teams as appropriate
- Architectural Risk Analysis and Mitigation
- Quality attribute analysis of architecture
- Failure and risk analysis of architecture
- Mentor on engineering best practices
- Mentor on Development method, tools & build practices
- Performance and other NFR related best practices
During the review, the architecture review team needs to extract the information like impacted groups, impacted systems, data feeds, software components required such as build, buy and reuse, security requirement, availability, scalability, error handling, capacity sizing, integration with third parties, data center/hosting facility, etc.
Key activities of the Architecture Assurance Group are:
- Conduct planned and random formal architecture review workshops for projects and programs
- Analyze architecture quality attributes against requirements
- Conduct architecture failure and risk analysis and mitigation plan
- Identify areas of non-compliance and options to redress shortcomings
- Conduct formal/informal reviews of intermediate and final architecture deliverables to ensure ongoing compliance and quality
- Review and track architecture and design decisions
In this phase, Architecture Assurance look for a high-level functional fit and nonfunctional fitment of the solution. Also verifies the solution mapping with the design and various options provided for the solution, reasons for the choices, TCO analysis of each option, etc.
In this phase, the verification of the alignment of the solution with the architecture requirements is done. Proper realization of the Architecture Principles, Architecture Patterns, IT Strategy alignment are performed in this phase. Any deviation of the standards needs to be approved by the Architecture Assurance Group.
In this phase, the report will be reviewed in terms of Business, Data, application & Technology. Also, identification of the open items, action items and next steps will be addressed & communicated to the project team
The prepared report will be presented to the Program management & track the observations to the closure. In this Phase, we oversee the updated architecture artifacts
Architecture Review Process
To ensure smooth, timely, and low impact reviews, the involved parties should prepare within the guidelines below. The process flow is shown in Figure 2.
The project architecture team is responsible for:
- Developing a project description that provides sufficient detail for the review team to evaluate architectural risks, including the project size, business impact, NFRs, Architecture Principles
- Sharing project estimates
The Architecture Assurance Team is responsible for:
- Assessing projects for architectural impact during the Proposal/Project Initiation phase of the SDLC processes
- Providing guidance to projects through the design phase to ensure that the final design is architecturally compliant
- Prepare/Customize Architecture Templates, Architecture Checklist
- Participate in the Architecture Review meetings to provide support to project teams and to assist the Architecture Assurance Group in decision making.
- Analyze the filled up Checklist, Summarize the review findings
- Customize Architecture Metrics
As part of the Architecture Review Process the following standards of the system need to be reviewed and agreed
- Business Strategy, Goals & Vision
- IT Strategy
- Existing Budgets, Resource Plans, Project Plans
- Business Scope Description
- Use Case Specification
- Business Requirements Document (BRD)
- Service Level Agreements
- TCO Model (CAPEX/OPEX etc.) - Funding Status
- Build/Buy/Reuse(Retrofit) Considerations
- Business process modeling and workflow system
- Business Process Optimization
- Business Process Analysis
- Business Process Monitoring & SLA's
- Application platform
- Programming/scripting language
- Testing/monitoring tools
- User interface platform
- Enterprise application integration platform
- Conceptual Architecture
- Logical Architecture
- Physical Architecture
- Security Architecture
- Portal platform
- Architecture Frameworks
- Performance Tuning Plan
- Migration Plan
- Tool/Vendor Selection Results
- Data Strategy
- Logical Data Model (LDM)
- Physical Data Model (PDM)
- Data integration platform
- Reporting and data analysis platform
- Server platform and operating system
- Desktop platform and operating system
- Bill of Materials
- H/W & S/W Acquisition/Lease Plan
- Security Implementation/Management Plan
- Deployment Plan
- Operational Readiness Plan
- Release Plan
- Network infrastructure
- System Performance Report
- Disaster Recovery Plan
Architecture Assurance Lead will perform the following activities:
- Assign Review Team
- Disagreement/Issue Resolution
- Review Findings discussion and agreement & communication with the project/program team
Review members will:
- Commit to review all materials in advance
- Prepare detailed questions using this practice standard and Checklist as appropriate
- Conduct any preliminary research as necessary to be an informed team member
- Attend all review meetings
- Provide a final assessment and recommendation based on their interpretation of the impact of the proposed solution architecture and design on the Enterprise Architecture.
Authors like to thank Hari Kishan Burle, General Manager, Wipro Technologies for giving us the required time and support in many ways in bringing this article as part of Architecture Assurance Practice efforts.
"We are a modern development application platform and we have a suite of products that allow you to application release automation, we do version control, and we do application life cycle management," explained Flint Brenton, CEO of CollabNet, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 4, 2016 01:00 PM EST Reads: 746
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
Dec. 4, 2016 12:45 PM EST Reads: 2,112
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
Dec. 4, 2016 12:30 PM EST Reads: 1,664
The Internet of Things (IoT) promises to simplify and streamline our lives by automating routine tasks that distract us from our goals. This promise is based on the ubiquitous deployment of smart, connected devices that link everything from industrial control systems to automobiles to refrigerators. Unfortunately, comparatively few of the devices currently deployed have been developed with an eye toward security, and as the DDoS attacks of late October 2016 have demonstrated, this oversight can ...
Dec. 4, 2016 12:00 PM EST Reads: 746
"ReadyTalk is an audio and web video conferencing provider. We've really come to embrace WebRTC as the platform for our future of technology," explained Dan Cunningham, CTO of ReadyTalk, in this SYS-CON.tv interview at WebRTC Summit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 4, 2016 11:45 AM EST Reads: 368
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Dec. 4, 2016 11:15 AM EST Reads: 2,194
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Dec. 4, 2016 11:15 AM EST Reads: 5,727
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Dec. 4, 2016 11:15 AM EST Reads: 890
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 4, 2016 10:45 AM EST Reads: 871
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smar...
Dec. 4, 2016 09:45 AM EST Reads: 541
Extracting business value from Internet of Things (IoT) data doesn’t happen overnight. There are several requirements that must be satisfied, including IoT device enablement, data analysis, real-time detection of complex events and automated orchestration of actions. Unfortunately, too many companies fall short in achieving their business goals by implementing incomplete solutions or not focusing on tangible use cases. In his general session at @ThingsExpo, Dave McCarthy, Director of Products...
Dec. 4, 2016 09:30 AM EST Reads: 604
[slides] Agility for Digital Transformation | @CloudExpo @NewhouseConsult #Agile #DigitalTransformation
Successful digital transformation requires new organizational competencies and capabilities. Research tells us that the biggest impediment to successful transformation is human; consequently, the biggest enabler is a properly skilled and empowered workforce. In the digital age, new individual and collective competencies are required. In his session at 19th Cloud Expo, Bob Newhouse, CEO and founder of Agilitiv, drew together recent research and lessons learned from emerging and established compa...
Dec. 4, 2016 09:30 AM EST Reads: 795
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
Dec. 4, 2016 09:00 AM EST Reads: 567
"Venafi has a platform that allows you to manage, centralize and automate the complete life cycle of keys and certificates within the organization," explained Gina Osmond, Sr. Field Marketing Manager at Venafi, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 4, 2016 08:45 AM EST Reads: 808
Effectively SMBs and government programs must address compounded regulatory compliance requirements. The most recent are Controlled Unclassified Information and the EU's GDPR have Board Level implications. Managing sensitive data protection will likely result in acquisition criteria, demonstration requests and new requirements. Developers, as part of the pre-planning process and the associated supply chain, could benefit from updating their code libraries and design by incorporating changes. In...
Dec. 4, 2016 08:30 AM EST Reads: 1,004
"Coalfire is a cyber-risk, security and compliance assessment and advisory services firm. We do a lot of work with the cloud service provider community," explained Ryan McGowan, Vice President, Sales (West) at Coalfire Systems, Inc., in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Dec. 4, 2016 08:30 AM EST Reads: 780
Regulatory requirements exist to promote the controlled sharing of information, while protecting the privacy and/or security of the information. Regulations for each type of information have their own set of rules, policies, and guidelines. Cloud Service Providers (CSP) are faced with increasing demand for services at decreasing prices. Demonstrating and maintaining compliance with regulations is a nontrivial task and doing so against numerous sets of regulatory requirements can be daunting task...
Dec. 4, 2016 08:15 AM EST Reads: 788
CloudJumper, a Workspace as a Service (WaaS) platform innovator for agile business IT, has been recognized with the Customer Value Leadership Award for its nWorkSpace platform by Frost & Sullivan. The company was also featured in a new report(1) by the industry research firm titled, “Desktop-as-a-Service Buyer’s Guide, 2016,” which provides a comprehensive comparison of DaaS providers, including CloudJumper, Amazon, VMware, and Microsoft.
Dec. 4, 2016 08:15 AM EST Reads: 720
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, will discuss how AI can simplify cloud operations. He will cover the following topics: why clou...
Dec. 4, 2016 08:00 AM EST Reads: 707
Fact: storage performance problems have only gotten more complicated, as applications not only have become largely virtualized, but also have moved to cloud-based infrastructures. Storage performance in virtualized environments isn’t just about IOPS anymore. Instead, you need to guarantee performance for individual VMs, helping applications maintain performance as the number of VMs continues to go up in real time. In his session at Cloud Expo, Dhiraj Sehgal, Product and Marketing at Tintri, sha...
Dec. 4, 2016 08:00 AM EST Reads: 817