nea - maturity model · web viewe-government program (yesser) nea maturity model e-government...

e-Government Program (Yesser)

Version 0.2Date:1/1/2014

Maturity Model

e-Government Program (Yesser)NEA Maturity Model

Document Description

Document Title Maturity Model

Document version 0.2Document Status DraftAuthor NEA TeamNEA Decision Under Review

Versioning

Version Date Description of changes made0.1 11/25/2013 Draft document0.2 1/1/2014 Updated to add business initiation in level 2 of business linkage.

Document Validation

Version Authors Review by Date Status0.1 SYED HUSAIN DRAFT

0.2 SYED HUSAIN DRAFT

Confidential e-Government Program (Yesser)This document (either in whole or in part) cannot be modified or

reproduced without the prior written permission of the e-Government Program (Yesser) / 19


References

S/No Description & Location1 FEA – FEDERAL ENTERPRISE ARCHITECTURE/ http://www.whitehouse.gov/omb/e-gov/FEA2 TOGAF® 9.1/ http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap43.html

3 US DEPARTMENT OF COMMERCE MATURITY MODEL http://ocio.os.doc.gov/ITPolicyandPrograms/Enterprise_Architecture/PROD01_004935

4 ENTERPRISE ARCHITECTURE AS A STRATEGY – JEANNE W. ROSS, PETER WEIL, DAVID C. ROBERTSON



http://ocio.os.doc.gov/ITPolicyandPrograms/Enterprise_Architecture/PROD01_004935

http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap43.html

http://www.whitehouse.gov/omb/e-gov/FEA


Table of Contents

1. Executive Summary..................................................................................................................62. Introduction.............................................................................................................................73. Maturity Model Phases.............................................................................................................9

3.1. EA Level 0 – No EA Program................................................................................................93.2. EA Level 1 – Initial or Informal EA........................................................................................93.3. EA Level 2 – EA Under Development.................................................................................103.4. EA Level 3 – Defined EA...................................................................................................113.5. EA Level 4 – Managed EA.................................................................................................123.6. EA Level 5 – Optimizing....................................................................................................13

4. Measuring Maturity...............................................................................................................14




Table of Figures

Figure 1 Maturity Model.................................................................................................................7




1. Executive SummaryOrganizations cannot implement Enterprise Architecture as a single project. They must implement it as a coordinated program that evolves over time. An EA maturity model will enable organizations to identify what stage of maturity they have reached and what actions to take to reach the next level. Yesser has decided to adopt the U.S department of Commerce’s EA maturity model, a TOGAF 9 recommendation, as it’s EA maturity definition and assessment model.

Key Findings• The maturity model consists of six stages, or levels. Organizations cannot skip stages or

the associated activities without introducing weaknesses into their EA programs. • Agencies have to deal with two levels of maturity, maturity related to internal EA and

maturity related to whole of government EA, these are complimentary and have synergistic effects on overall agency maturity.

• Organizations encounter risk and inefficiency from poorly managed processes, such as lack of employee engagement, failure to comply with legal and regulatory requirements and dissatisfied customers.

• Most enterprises are in the early stages of EA maturity, so IT leaders who are championing new ideas in their organizations will benefit most from using this model.

Recommendations• Make the maturity model part of the effort to educate senior management, so they

understand the phases of the EA journey. • To illustrate the risks of not having EA, look for examples where the organization has

already failed because of poorly managed information and processes. • Create scenarios for the organization that illustrate the benefits to be achieved at each

level of the maturity model.




2. IntroductionEA is the basic organizing principle of an organization, it describes the various layers of the organization and how they relate to each other. The benefit of having an EA is that the information EA typically consists of can be used to plan and develop the organization in a way that makes it more efficient and responsive to customer needs. Different organizations operate at different levels of maturity in terms of the processes and procedures they follow to execute their organizational goals and objectives. One of the tasks of the e-government authority of Saudi Arabia is to help government entities become more mature in terms of their capabilities and activities. The six maturity levels are as follows:

0. No EA Program1. Initial or Informal EA2. EA Under Development3. Defined EA4. Managed EA5. Optimizing

Figure 1 Maturity Model

Some of the individual components that must be considered at the Enterprise level, as well as in the various Architecture disciplines include components of the following:

1. Architecture Process2. Architecture Development3. Business Linkage4. Senior Management Involvement5. Architecture Communication




6. IT Security7. Governance8. IT Investment and Acquisition Strategy

.




3. Maturity Model PhasesThis section describes the Maturity Levels according to measurement areas.

3.1. EA Level 0 – No EA Program

No Enterprise Architecture Program to speak of.

3.2. EA Level 1 – Initial or Informal EA

Characteristics: Architecture Process - Processes are ad hoc and localized. Some Enterprise Architecture processes are defined. There is no unified architecture process across technologies or business processes. Success depends on individual efforts.Architecture Development - Enterprise Architecture processes, documentation, and standards are established by a variety of ad hoc means and are localized or informalBusiness Linkage - Minimal, or implicit linkage to business strategies or business driversSenior Management Involvement - Limited management team awareness or involvement in the architecture processArchitecture Communication - The latest version of the Operating Unit's Enterprise Architecture documentation is on the Web. Little communication exists about the Enterprise Architecture process and possible process improvementsIT Security - IT Security considerations are ad hoc and localizedGovernance - No explicit governance of architectural standardsIT Investment and Acquisition Strategy - Little or no involvement of strategic planning and acquisition personnel in enterprise architecture process. Little or no adherence to existing Standards Profile




3.3. EA Level 2 – EA Under Development

Characteristics: Architecture Process - Basic Enterprise Architecture Process program is documented based on YELAF guidance. The architecture process has developed clear roles and responsibilities.Architecture Development - IT Vision, Principles, Business Linkages, Baseline, and Target Architecture are identified. Architecture standards exist, but not necessarily linked to Target Architecture. Technical Reference Model and Standards Profile framework established. EA team is aware of NEA. Business Linkage - Explicit linkage to business strategies, EA is involved in the initiation of any new business initiatives. Senior Management Involvement - Management awareness of Architecture effortArchitecture Communication - The Enterprise Architecture Web Pages are updated periodically and is used to document architecture deliverablesIT Security - IT Security Architecture has defined clear roles and responsibilitiesGovernance - Governance of a few architectural standards and some adherence to existing Standards ProfileIT Investment and Acquisition Strategy - Little or no formal governance of IT Investment and Acquisition Strategy. Operating Unit demonstrates some adherence to existing Standards Profile




3.4. EA Level 3 – Defined EA

Characteristics: Architecture Process - The architecture is well defined and communicated to IT staff and business management with Operating Unit IT responsibilities. The process is largely followedArchitecture Development - Gap Analysis and Migration Plan are completed. Fully developed Technical Reference Model and Standards Profile. IT goals and methods are identified. The architecture aligns with NEA.Business Linkage - Enterprise Architecture is integrated with capital planning & investment control and supports e-government.Senior Management Involvement - Senior-management team aware of and supportive of the enterprise-wide architecture process. Management actively supports architectural standardsArchitecture Communication - Architecture documents updated regularly on Enterprise Architecture Web PageIT Security - IT Security Architecture Standards Profile is fully developed and is integrated with Enterprise ArchitectureGovernance - Explicit documented governance of majority IT investmentsIT Investment and Acquisition Strategy - IT acquisition strategy exists and includes compliance measures to IT Enterprise Architecture. Cost-benefits are considered in identifying projects




3.5. EA Level 4 – Managed EA

Characteristics: Architecture Process - Enterprise Architecture process is part of the culture. Quality metrics associated with the architecture process are capturedArchitecture Development - Enterprise Architecture documentation is updated on a regular cycle to reflect the updated Enterprise Architecture. Business, Information, Application and Technical Architectures defined by appropriate de-jure and de-facto standards. The architecture continues alignment with NEA. An automated tool is used to improve the usability of the architecture and report to NEA. Business Linkage - Capital planning and investment control are adjusted based on the feedback received and lessons learned from updated Enterprise Architecture. Periodic re-examination of business driversSenior Management Involvement - Senior-management team directly involved in the architecture review processArchitecture Communication- Architecture documents are updated regularly, and frequently reviewed for latest architecture developments/standardsIT Security - Performance metrics associated with IT Security Architecture are capturedGovernance - Explicit governance of all IT investments. Formal processes for managing variances feed back into Enterprise ArchitectureIT Investment and Acquisition Strategy - All planned IT acquisitions and purchases are guided and governed by the Enterprise Architecture




3.6. EA Level 5 – Optimizing

Characteristics: Architecture Process - Concerted efforts to optimize and continuously improve architecture processArchitecture Development - A standards and waivers process are used to improve architecture development process improvementsBusiness Linkage - Architecture process metrics are used to optimize and drive business linkages. Business involved in the continuous process improvements of Enterprise ArchitectureSenior Management Involvement - Senior management involvement in optimizing process improvements in Architecture development and governanceArchitecture Communication - Feedback on architecture process from all Operating Unit elements is used to drive architecture process improvements. Architecture documents are used by every decision maker in the organization for every IT-related business decision

IT Security - Feedback from IT Security Architecture metrics are used to drive architecture process improvements.Governance - Explicit governance of all IT investments. A standards and waivers process is used to improve governance-process improvements.IT Investment and Acquisition Strategy - No unplanned IT investment or acquisition activity.




4. Measuring MaturityThe table below is the evaluation matrix. For each of the eight characteristics, score your organization according to the definitions below. This score is an evaluation of where your organization is now. Appropriate artifacts that demonstrate the attainment of the maturity level should be available to substantiate your score.The score at each level depends on the level, for example a level 0 means a score of 0 while a level 4 means a score of 4.

Evaluation Score1. Architecture Process: Is there an established Enterprise Architecture process?Level 0: Architecture process not established.

Level 1: Ad-hoc and localized architecture process defined.

Level 2: Basic Enterprise Architecture Process program is documented based on YELAF. The architecture process has developed clear roles and responsibilities.

Level 3: The architecture is well defined and communicated to IT staff and business management with Operating Unit IT responsibilities. The process is largely followed.

Level 4: Enterprise Architecture process is part of the culture, with strong linkages to other core IT and business processes. Quality metrics associated with the architecture process are captured. These metrics include the cycle times necessary to generate Enterprise Architecture revisions, technical environment stability, and time to implement a new or upgraded application or system.

Level 5: Concerted efforts to optimize and continuously improve architecture process.

2. Architecture Development: To what extent is the development and progression of the Operating Units' Enterprise Architecture documented?




Level 0: No Enterprise Architecture documentation to speak of.

Level 1: Enterprise Architecture processes, documentation and standards are established by a variety of ad hoc means, and are localized or informal.

Level 2: IT Vision, Principles, Business Linkages, Baseline, and Target Architecture are documented. Architecture standards exist, but not necessarily linked to Target Architecture. Technical Reference Model and Standards Profile framework established.

Level 3: Gap Analysis and Migration Plan are completed. Architecture standardslinked to Business Drivers via Best Practices, IT Principles and Target Architecture. Fully developed Technical Reference Model and Standards Profile.

Level 4: Enterprise Architecture documentation is updated on a regular cycle to reflect the updated Enterprise Architecture. Business, Information, Application and Technical Architectures defined by appropriate de-jure and de-facto standards.

Level 5: Defined and documented Enterprise Architecture metrics are used to drive continuous process improvements. A standards and waivers process are used to improve architecture development process improvements.

Evaluation Score3. Business Linkage: To what extent is the Enterprise Architecture linked to business strategies or drivers.Level 0: No linkage to business strategies or business drivers.

Level 1: Minimal, or implicit linkage to business strategies or business drivers.

Level 2: Explicit linkage to business strategies or drivers. , EA is involved in the initiation of any new business initiatives.

Level 3: Enterprise Architecture is integrated with capital planning and investment control. Explicit linkage to business drivers and information requirements.

Level 4: Capital planning and investment control are adjusted based on the feedback received and lessons learned from updated Enterprise Architecture. Periodic re-examination of business drivers.

Level 5: Architecture metrics are used to optimize and drive business linkages. Business involved in the continuous process improvements of IT Architecture.




Evaluation Score4. Senior Management Involvement: To what extent are the senior managers of theOperating Unit involved in the establishment and ongoing development of an ITArchitecture?Level 0: No management team awareness or involvement in the architecture process.

Level 1: Limited management team awareness or involvement in the architecture process.

Level 2: Occasional/selective management team involvement in the architecture process with various degrees of commitment.

Level 3: Senior-management team aware of and supportive of the enterprise-wide architecture process. Management actively supports architectural standards.

Level 4: Senior-management team directly involved in the architecture review process.

Level 5: Senior-management team directly involved in the optimization of the enterprise-wide architecture development process and governance.




Evaluation Score5. Architecture Communication: To what extent are the decisions of Enterprise Architecturepractice documented?Level 0: No documentation is available.

Level 1: Little communication exists about the Enterprise Architecture process and possible process improvements. The DOC Enterprise Architecture Web Page contains the latest version of the Operating Unit’s Enterprise Architecture documentation.

Level 2: The Operating Unit Architecture Home Page, which can be accessed from the DOC Enterprise Architecture Web Page is updated periodically and is used to document architecture deliverables. Communication about arch process via meetings, etc., may happen, but sporadic. Few tools (e.g., office suite, graphics packages) are used to document architecture.

Level 3: Architecture documents updated and expanded regularly on DOC IT Architecture Web Page. Periodic presentations to IT staff on Architecture process, content. Tools are used to support maintaining architecture documentation.

Level 4: Architecture documents are updated regularly, and frequently reviewed for latest architecture developments/standards. Regular presentations to IT staff on architecture content.

Level 5: Architecture documents are used by every decision maker

6. IT Security: To what extent is IT Security integrated with the Enterprise Architecture?Level 0: No IT Security considerations in Enterprise Architecture.

Level 1: IT Security considerations are ad hoc and localized.

Level 2: IT Security Architecture has defined clear roles and responsibilities.

Level 3: IT Security Arch is fully developed and is integrated with IT Architecture.

Level 4: Performance metrics associated with IT Security Arch. are captured.

Level 5: Feedback from IT Security Arch. metrics are used to drive arch process improvements.




7. Governance: To what extent is an Enterprise Architecture governance (governing body) process in place and accepted by senior management ?Level 0: None. Everyone does their own thing.

Level 1: No explicit governance of architectural standards. Limited agreement with governance structure.

Level 2: Governance of a few architectural standards (e. g. operating systems, database management systems) and some adherence to existing Standards Profile. Various degrees of understanding of the proposed governance structure.

Level 3: Explicit documented governance of majority IT investments. Formal processes for managing variances. Senior management team is supportive of enterprise-wide architecture standards and subsequent required compliance.

Level 4: Explicit governance of all IT investments. Formal processes for managing variances feed back into Enterprise Architecture. Senior-management team takes ownership of enterprise-wide architecture standards and governance structure.

Level 5: Explicit governance of all IT investments. A standards and waivers process is used to improve governance process improvements.8. IT Investment and Acquisition Strategy: To what extent does the EnterpriseArchitecture influence the IT Investment and Acquisition Strategy?Level 0: No regard for Enterprise Architecture in formulation of strategic IT Acquisition strategy by Operating Unit.

Level 1: Little or no involvement of strategic planning and acquisition personnel in enterprise architecture process. Little or no adherence to existing Standards Profile.

Level 2: Little or no form al governance of IT Investment and Acquisition Strategy. Operating Unit demonstrates some adherence to existing Standards Profile.

Level 3: IT acquisition strategy exists and includes compliance measures to IT Enterprise Architecture. Operating Unit adheres to existing Standards Profile. RFQ, RFI and RFP content is influenced by the Enterprise Architecture. Acquisition personnel are actively involved in Enterprise Architecture governance structure. Cost-benefits are considered in identifying projects.

Level 4: All planned IT acquisitions and acquisitions are guided and governed by the Enterprise Architecture. RFI and RFP evaluations are integrated into the IT Architecture planning activities.

Level 5: Operating Unit has no unplanned IT investment or acquisition activity.




The final score is calculated using this simple formula

Score=¿

Where x is the individual scores taken from the score column above.



nea - maturity model · web viewe-government program (yesser) nea maturity model e-government...

Documents