enterprise architecture for digital transformation

Enterprise Architecture

for Digital Transformation

อ.ดนยรฐ ธนบดธรรมจาร

Line ID: Danairat

FB: Danairat Thanabodithammachari

+668-1559-1446

Agenda

• Why do we need Enterprise Architecture (EA)?

• What is an EA and key benefits?

• EA and ERP Implementation

• Building EA• Enterprise Reference model

• Business Architecture

• Application Architecture

• Data Architecture

• Technology Architecture

• Key EA Activities

• EA and Digital Transformation Master Plan

• Summary

2016, Danairat T. 3

Why do we need Enterprise Architecture

(EA)?

2016, Danairat T. 4

IT Silos

Database

Core App

2016, Danairat T. 5

IT Silos

Database

Core App

Database

Finance App

2016, Danairat T. 6

IT Silos

Database

Core App

Database

CRM App

Database

OtherApps

Database

HR App

Database

Finance App

2016, Danairat T. 7

IT Silos

Database

Core App

Database

CRM App

Database

OtherApps

Database

HR App

Database

Finance App

IT Silos make inefficient to scale the business

2016, Danairat T. 8

IT Silos

Database

Core App

Database

CRM App

Database

OtherApps

Database

HR App

Database

Finance App


2016, Danairat T. 9

IT Silos

Database

Core App

Database

CRM App

Database

OtherApps

Database

HR App

Database

Finance App


2016, Danairat T. 10

IT Silos

Database

Core App

Database

CRM App

Database

OtherApps

Database

HR App

Database

Finance App



Top Concerns from IT Silos

• แตละหนวยงานในองคกรใหขอมลท�ไมตรงกนแกลกคาผรบบรการ

• ขอมลรายงานผดพลาดเม�อตองใชในการตดสนใจดานธรกจ

• มหลายกระบวนการทางานท�ซ(าซอนกน• ขาดความคลองตว และใชเวลามากเม�อตองปรบปรงเพ�อ

รองรบบรการใหมๆ• ตองใชความพยายามอยางหนกในการทาใหทกๆระบบ

ผานการตรวจสอบดาน IT Audit, Regulatory Compliance, หรอ ISO ตางๆ

• ตองใชทกษะดาน IT หลากหลายเกนความจาเปนตอการดาเนนธรกจ

• IT เปน Bottleneck ตอการขบเคล�อนธรกจ


What is an EA and key benefits?



What is an Enterprise Architecture?A structure design to ensure alignment between the business and IT strategies

สถาปตยกรรมดาน IT/Digital ใหกบองคกร เพ�อเปนโครงสรางในการตอยอดธรกจไดอยางย�งยน


without EA vs. with EA

Quick build and difficult to scale

Difficult to apply security

Design for scale and maintain

Secure architecture for growth

VS.


without EA vs. with EA

FBT PAY GNTS

TRDS

Client

Customs

RREIPS Integrated A/C

Refunds

RBADef

PaymentsExcise

CR

PKI

ECI ADD AWA ELS

Client StaffRemoteStaff

TAXAGENTS

GCI

Call Centres

WOC

CCD

TASS

StaffPhone

ComplianceStaff

BOA

Refmaterial

Bus. Intel

NTS A/c

BEP

CDCCCWMS

BANK

DDDR

1

Data…….

Penalty

Business

IVR

1

FBT PAY GNTS

TRDS

Client

Customs

RREIPS Integrated A/C

Refunds

RBADef

PaymentsExcise

CR

PKI

ECI ADD AWA ELS

Client StaffRemoteStaff

TAXAGENTS

GCI

Call Centres

WOC

CCD

TASS

StaffPhone

ComplianceStaff

BOA

Refmaterial

Bus. Intel

NTS A/c

BEP

CDCCCWMS

BANK

DDDR

1

Data…….

Penalty

Business

IVR

1

Without Enterprise Architecture

Inefficient ITComplex and Delay Response

With Enterprise Architecture

Productive ITCloud, Big Data, Social, Mobile

VS. ERPNew DevOps

Security

WIFI

Mobile

IoT


Cloud, Big Data

Infra

Types of Architectures

Architecture DescriptionBusiness Architecture Creating business operating model, business services,

organization and business process/policy

Solution Architecture Creating an information system with its integration

Application Architecture Creating an application touch points with screen flows

and creating report results

Data Architecture Creating data model both structured and unstructured

data and governance framework

Technology and Infrastructure

Architecture

Creating digital infrastructure and smart office including

network, office automation, wireless, storage, cloud, big

data and security infrastructure

Enterprise Architecture Creating enterprise blueprint with facilitate all architects

and key users to build transitioning roadmap


Key Benefits from Enterprise Architecture

Benefit DescriptionProductivity Faster to build new service from existing IT inventory

Innovation Enterprise can be able to create new innovation by

using EA centralized repository

Cost Saving Cost saving with reusable process, application, data and

infrastructure

Reduce Risk EA governs the change impact analysis for new services

deployment

Digital platform establishment EA creates a foundation for digital business execution

including cloud, big data, social, mobile, and smart

workforce


Operating Model in Business

“The operating model is an abstraction representation of the necessary

level of business process integration and the necessary level of business

process standardization”

MIT Sloan Center, 2011

Diversify

Unify

Replication

Coordination

Leve

l o

f In

teg

rati

on

Level of Standardization


Operating Model

“The operating model is an abstraction representation of the necessary level

of business process integration and the necessary level of business process

standardization”

2016, Danairat T.22

Enterprise Architecture Maturity Model

Center for Information Center Systems Research (CISR) 2009 MIT Sloan CISR – Ross

Source: Enterprise Architecture as Strategy: Creating a Foundation for Business Execution, J.

Ross, P. Weill, D. Robertson, HBS Press, 2006



ITArchitecture

EnterpriseArchitecture






ITArchitecture

EnterpriseArchitecture

Current

State

Future

State





Building Enterprise Architecture


There are many of related standards/guidelines

CMMi

Six

Sigma ISO

9000

Score-

cards

Abstraction

IT R

ele

van

ce

Ho

list

icS

pe

cifi

c

Low High

CobiT

ISO

38500

ITIL

ISO 20000

ISO 27001

27002

(17799)

SOX

COSO

Basel III

TOGAF,

MIT Sloan,

ISO 42010


Digital Transformation Reference Model


EA

Who

What

How

Why

When

Digital Initiatives

Digital Platform

Business Services &

Business ObjectivesNew

Services

Optimized

Services

Obsoleted

Services

CEO

CFOCOOCMO

Big DataDigital

Security

“Innovation”

“Efficiency”

“Sustainability”

Cloud

Data Monetization

New Customers, Channels

IoT, Smart Devices

Business Process

Optimization/Outsourcing

Smart Workforce

Enterprise

Metamorphosis

Digital Organization

Business Process as a ServiceMore ControlMore Flexible

Vision,

Mission

Statements

Building Enterprise ArchitectureThe Digital Transformation Guideline

1. Select program or project to start (NOT high risk)

supported by C-Level

2. Establish Virtual Team maintain standard

architecture development method

3. Acquire and Maintain Knowledge of Enterprise

Architecture Development with change and feed

back communication system

4. Create architecture reference based on current

deployments

5. Develop new architecture layered model from

current deployment with business alignment and

operation life cycle consideration6. Replicate to new program or project development


Architecture PrinciplesNo. Name Statement

1 Primacy of Principles These principles of information management apply to all organizations within the enterprise.

2

Maximize Benefit to the

Enterprise Information management decisions are made to provide maximum benefit to the enterprise as a whole.

3

Information

Management is

Everybody's Business All organizations in the enterprise participate in information management decisions needed to accomplish business objectives.

4 Business Continuity Enterprise operations are maintained in spite of system interruptions.

5

Common Use

Applications

Development of applications used across the enterprise is preferred over the development of similar or duplicative applications

which are only provided to a particular organization.

6 Compliance with Law Enterprise information management processes comply with all relevant laws, policies, and regulations.

7 IT Responsibility

The IT organization is responsible for owning and implementing IT processes and infrastructure that enable solutions to meet user-

defined requirements for functionality, service levels, cost, and delivery timing.

8

Protection of

Intellectual Property

The enterprise's Intellectual Property (IP) must be protected. This protection must be reflected in the IT architecture,

implementation, and governance processes.

9 Data is an Asset Data is an asset that has value to the enterprise and is managed accordingly.

10 Data is Shared

Users have access to the data necessary to perform their duties; therefore, data is shared across enterprise functions and

organizations.

11 Data is Accessible Data is accessible for users to perform their functions.

12 Data Trustee Each data element has a trustee accountable for data quality.

13

Common Vocabulary

and Data Definitions Data is defined consistently throughout the enterprise, and the definitions are understandable and available to all users.

14 Data Security

Data is protected from unauthorized use and disclosure. In addition to the traditional aspects of national security classification, this

includes, but is not limited to, protection of pre-decisional, sensitive, source selection-sensitive, and proprietary information.

15

Technology

Independence Applications are independent of specific technology choices and therefore can operate on a variety of technology platforms.

16 Ease-of-Use Applications are easy to use. The underlying technology is transparent to users, so they can concentrate on tasks at hand.

17

Requirements-Based

Change Only in response to business needs are changes to applications and technology made.

18

Responsive Change

Management Changes to the enterprise information environment are implemented in a timely manner.

19

Control Technical

Diversity

Technological diversity is controlled to minimize the non-trivial cost of maintaining expertise in and connectivity between multiple

processing environments.

20 Interoperability Software and hardware should conform to defined standards that promote interoperability for data, applications, and technology.


Zachman Framework

• Zachman developed a

structure or framework for

defining and capturing an

architecture

• This framework provides

for 6 perspectives or

“windows” from which to

view the enterprise.

2016, Danairat T.

TOGAF Architecture Development Method

The ADM method consists of eight main phases. As preliminary work, the enterprise

architecture framework and architecture principles are fixed for the effort. In the

following, a short description of the phases.

A. Architecture vision is the analysis phase of EA project. The project is organized;

the scope and domain requirements and constraints are stated. Business scenarios

can be used for this.

B. In the Business architecture phase, the current baseline architecture is stated,

target architecture is designed and a gap analysis between the two takes place.

C. Information systems architecture consists of the parts Data and Applications. For

Data architecture, the types and sources of data needed in the enterprise are

defined and a data model is created. A gap analysis is conducted and data model is

compared with the business architecture. As to the applications, the applications

needed to meet the specified business requirements and data model are turned into

an applications architecture and are checked back with the business architecture.

D. For Technology architecture, the previous phases deliver inputs. In this phase, a

baseline architecture is stated, and the target technology architecture is designed.

E. Opportunities and solutions is the evaluation phase, where the solutions are

selected.

F. Migration planning is the point for checking dependencies in the environment and

preparing for implementation of the target architecture.

G. Implementation and Governance is about the administration of implementation

and deployment phase of the development project.

H. Architecture change management is the maintenance phase. A new baseline is

created and changes in business environment are monitored as well as new

technology opportunities.

www.opengroup.org


Business Architecture & IT Architecture

Architecture

Business

Architecture

Application ArchitectureApplication Architecture

Data

Architecture

Data

Architecture

Technology ArchitectureTechnology Architecture

Enterprise

Architecture

IT

Architecture

Business

Architecture

Opportunities Management, Change Management,

Governance, Maturity, Continuum


The Enterprise Reference Model

Customer Data Product Data Payment Data Accounting Org. Hierarchy

Enterprise Information Management

Data Centric

Process Centric

User Centric

Enterprise Infrastructure

System

Monitoring

and

Management

Security/

Auditing

and

Identity

Management

H/W, Storage, OS, Database, AppServer Platform

Decision Centric

Insight

and

Monitoring

- Benchmarking

- Performance

Ranking

Sales and

Marketing

Or

Citizen

Relationship

Management

-Innovation

-Sales

-Trading

Regulatory

Compliance

- Audit

- ISO

- Law

- Policy

Corporate

Admin.

- HR

- Procurement

- Accounting

- Finance

- Facility

- Organization

Development

Core Services- The Service Systems to deliver

core business values

Access Channels- Kiosk, Web, Tablet, Mobile, Social Network, etc.

Integration and

Channel Systems- Gateway System, Proxy Service, Clearing House


Enterprise Reference Model (ERM)

Insight

and

Monitoring

Sales and

Marketing

Or

Citizen

Relationship

Management

Regulatory

Compliance

Corporate

Admin.

Core Services

System

Monitoring

and

Management

Security/

Auditing

and

Identity

Management



1. ชวยทาใหการมอง IT จากภาพของธรกจ

2. ชวยทาใหมองเหนบรการและกระบวนการทางานทางธรกจไดอยางครอบคลมและเปนระบบ

3. ชวยทาใหมองเหนความสอดคลองระหวาง Business กบ IT ไดในระดบ Strategic View

4. เปนจดเร�มตนของการทารายละเอยดในระยะตอไป

ERM ชวยทาใหการมองภาพความสอดคลองระหวาง Business และ IT ในระดบ High Level เพ�อ:-


Sample Enterprise Reference Model


Enterprise Architecture RepositoryOwner: Business Units


Enterprise Architecture Repository

Owner: Technology Unit

Owner: Business Unit


Enterprise Architecture RepositoryOwner: Technology Unit


Group Workshop - The Future State

Enterprise Reference Model

Enterprise Reference Model

Team Name: xxx

1. Name, Company, E-mail




Write down your

future state

New

Changed

Retired

Unchanged

Business

Insight

and

Monitoring

Sales and

Marketing

Regulatory

Compliance

Corporate

Admin.

Core Business

Processing Systems

System

Monitoring

and

Management

Security/

Auditing

and

Identity

Management




Key Deliverables from Enterprise Architecture

Deliverables Description1. EA Reference Model Describe the dependency between business and IT

2. EA Repository Enterprise assets inventory with the components

relationships for change impact analysis

3. IT Configuration Model for

better problem solving

Diagrams and artifacts for the system problem solving

with traceability

4. Business Transitioning

Roadmap

The transitioning phase for EA capability improvement

5. EA Governance framework Sustainable framework for digital business growth


Enterprise Architecture and ERP


Digital Organization Chart


CEO

Innovation

Chief of Digital Strategy

Customer Care

Service Science

Key Performance Innovation

Digital Marketing

Operation

Operation BU1

Operation BU2

Operation BU3

Operation BU4

Operation BU5

Corporate Management

CFO

PMO

Budgeting

HR

HCM

HRM

CIO

IT Architecture and Security

Shared Services

DevOpsTeam


Business Architecture

Application Architecture

Data Architecture

Technology Architecture

Security Architecture

Risk Management

ChiefGovernance

Regulation and Compliance

Steering committee

Enterprise Architecture and ERP

ERPEnterpriseResourcePlanning

EAEnterprise

Architecture

Shared Interest

• Enterprise perspective

• Migration path to move toward target architectures

• ConsistentEA methodology statewide

Targeted Interest

• Informed by EA

• Segment Level

• Stake Holders

• Implement Bulletproof

Opportunities and Stewardship for:- Improved performance- Introduction of new capabilities- Expanded responsibilities- Reduced costs- Leverage new technology

Aligning Enterprise Architecture and ERP, ODOT Chief Information Officer


EA and SAP system

ARM Research, www.amrresearch.com


EA and Digital Transformation Activities


Incremental vs. Iterative

Incremental

Iterative


EA and Digital Transformation Activities

Phase Agenda Who

Expected

Duration

Finished

Date Remark

Architecture Vision and Business Architecture

Build Future State Architecture Vision that captures key view of Future State Business Architecture

CEO, CMO, COO, CFO, Business Executives, PMO, CIO , Audit, HR

2 days

Application and Data Architecture

Capture baseline Current State and Building Target State of Application and Data Architecture

CIO, Head of Dev, Business Executives, IT Security

2 days


Capture baseline Current State and Building Target State of Technology Architecture

CIO, Head of IT Operation, IT Admin, IT Security

2 days

Strategic Roadmap Build Strategic Roadmap, Define EA Governance focus areas and programs

Business Executives, PMO, CIO , Audit, HR

2 days Present to CEO for EA delivery

EA Governance Build EA Governence Business Executives, PMO, CIO , Audit, HR

2 days Present to CEO for EA delivery


Practical Business Process Improvement


Business Architecture and BPMN4 phases of business process development


I.T.

Claim Requester

Data Validator

Approval Analyst

Finance

App

Requests

Data

Capture

Data

Validation

Data

Validate?Y

N

Incomplete

Data Rejected

Reports

2. Tag Screen ID to the activities which required user interaction

Save

Validate

Data State

Claim

Amount

Calculation

Claim Policy

Knowledge

Base

Save

Approved

StateY

N

Insufficient

Justification

Rejected Reports

Approve?

Payment

Claim Requests

Data

Claim Requests

Data

Claim Requests

Data

Hospital Data

Validated Data Status

Claim Policy

Approved Status

PaymentData

SCN-DV01

SCN-CA01

SCN-FIN01

การปรบปรงดาน Business ProcessSample Case: Request Approval Process


3. Build All User Interaction Screens

SCN-DV01

Data Received Date: Branch ID:15-May-14 CHOL-0003

Data Validation User: dvuser001

Claim Date Short Desc Amount Details Select

12-May-14 xxxxxxxxx 5,000 Details





SubmitReject

3.1. หนาจอของ Data Validator

SCN-CA01

Data Received Date: Branch ID:15-May-14 CHOL-0003

Claim Analyst User: causer001

Claim Date Short Desc Amount Details Select



3.2. หนาจอของ Approval Analyst

SubmitReject

การปรบปรงดาน Business ProcessSample Case: Request Approval Process


Current

• กระบวนการทางานซ(าซอน

• การทางานลาชา

• ยากตอการเพ�มบรการใหมๆ

• ตนทนการดแลสง

• เกดความเส�ยงตอความผดพลาด

การปรบปรงดาน Business ProcessCurrent and Target State


Current

• กระบวนการทางานซ(าซอน

• การทางานลาชา

• ยากตอการเพ�มบรการใหมๆ

• ตนทนการดแลสง

• เกดความเส�ยงตอความผดพลาด

Target

• เพ�มความเรวของบรการ โดยตดงานท�ซ(าซอน

• ใชระบบไอทเขาชวยในการตรวจสอบ ขอมล

• ผบรหารไดรบขอมลถกตอง รวดเรว

• งายตอการตอยอด

การปรบปรงดาน Business ProcessCurrent and Target State


IoT and Social Network Integration

• Enrich customer profile

• Improve customer relationship

• Improve business rules and approval conditions

• Create Innovation

• Enhance operational transparency

Michael Moyal, Blue Corw, 2008

Sensor


Practical Application Architecture


Banking, Government

Functional and Non Functional

Operation Management/ Automation

Telco, Retails

Manufacturing

User Features, Functions

Ease of Use and Response Time

High Availability

Distributed Solution

GRID/Cloud

Access Control, Security

Governance, Standard and Compliance


Application Development Framework

An application framework

represents the partial

implementation of a specific area of an application


Design PatternsMVC – Model View Controller


Design PatternsProxy Pattern


Packaged Application

A packaged application is a large-grained

Commercial-Off-The-Shelf (COTS) product that

provides a significant amount of capability (and

reuse)

• The amount of custom development required is

greatly reduced. • Primary focus is on configuring the application


When to use which methodology

Complicated

Waterfall Projects

V-Model Projects

Simple

Complex

Anarchy

Difficulty of Supported Technology

Dif

ficu

lty

of

Re

qu

ire

me

nts

Agile Projects

Chaotic Projects


Waterfall Model

Requirements

Design

Develop

Testing

Deployment


V-Model

Requirements

High Level Design

Detailed Specs

Development

Unit Testing

Integration Testing

AcceptanceTesting

Validation

Validation

Validation


Agile – Scrum Method


How to Measure the Success Level

0 Non-existent when

There is no process for designing and specifying applications. Typically, applications are obtained based on

vendor-driven offerings, brand recognition or IT staff familiarity with specific products, with little or no

consideration of actual requirements.

1 Initial/Ad Hoc when

There is an awareness that a process for acquiring and maintaining applications is required. Approaches to

acquiring and maintaining application software vary from project to project. Some individual solutions to

particular business requirements are likely to have been acquired independently, resulting in inefficiencies

with maintenance and support.

2 Repeatable but Intuitive when

There are different, but similar, processes for acquiring and maintaining applications based on the expertise

within the IT function. The success rate with applications depends greatly on the in-house skills and

experience levels within IT. Maintenance is usually problematic and suffers when internal knowledge is lost

from the organization. There is little consideration of application security and availability in the design or acquisition of application software.


Application Development and Management Maturity Model

CobiT 5, isaca.org


3 Defined when

A clear, defined and generally understood process exists for the acquisition and maintenance of application

software. This process is aligned with IT and business strategy. An attempt is made to apply the documented

processes consistently across different applications and projects. The methodologies are generally inflexible

and difficult to apply in all cases, so steps are likely to be bypassed. Maintenance activities are planned,

scheduled and coordinated.

4 Managed and Measurable when

There is a formal and well-understood methodology that includes a design and specification process, criteria

for acquisition, a process for testing and requirements for documentation. Documented and agreed-upon

approval mechanisms exist to ensure that all steps are followed and exceptions are authorized. Practices and

procedures evolve and are well suited to the organization, used by all staff and applicable to most application requirements.



CobiT 5, isaca.org


5 Optimized when

Application software acquisition and maintenance practices are aligned with the defined process. The

approach is component based, with predefined, standardized applications matched to business needs. The

approach is enterprise wide. The acquisition and maintenance methodology is well advanced and enables

rapid deployment, allowing for high responsiveness and flexibility in responding to changing business

requirements. The application software acquisition and implementation methodology is subjected to

continuous improvement and is supported by internal and external knowledge databases containing reference

materials and good practices. The methodology creates documentation in a predefined structure that makes production and maintenance efficient.



CobiT 5, isaca.org

Practical Data Management Improvement


Operation Team

Head of Business Units

Executives

Discovering the Enterprise Data

Master Data

Executive Summary Data

Transactional Data


Discovering The Enterprise Data Drill in the Executive Reports

Transactional Data

Master Data

Master Data Transactional Data

Master Data

Transactional Data

Transactional Data

Master Data

Transactional Data

Master Data

Transactional Data

Master Data

Master Data

Transactional Data

Master Data

Transactional Data

Master Data


Big Data PlatformIntegrate, Analyze

Storage Server and Network Infrastructure

App1Executive

ReportsApp…

Advanced

Analytics

Syst

em

Mo

nit

ori

ng

Syst

em

Se

curi

ty

Physical Data Center

Access Agents

StaffsPartners ManagersCustomers Executives Experts

Event

Processing

NoSQL,

Hadoop

Business

Rules

Digital Business Platform

f(x)

Data Quality

The state of completeness, validity,

consistency, timeliness and accuracy that

makes data appropriate for an enterprise use

Three Main Data Quality Metrics

• Business Relevance• Executive Reports/Critical Business Process

• Accountability

• Controllability and Track-ability


N

o.

Master/

Transactional

/

Summary

Data

Data

Name

Owner Used by

Critical

Business

Processes

(Y/N)

Use By

Executive

Reports

(Y/N)

Change

Control

(Y/N),

Change

Procedur

e

Sample

Data

Structure,

Data Type,

Data Range

Current Issues

With % of Records

are align with its

profiling

Remarks

Enterprise Data Management Worksheet



0 Non-existent when

Data are not recognized as corporate resources and assets. There is no assigned data ownership or individual

accountability for data management. Data quality and security are poor or non-existent.

1 Initial/Ad Hoc when

The organization recognizes a need for effective data architecture and management. There is an ad hoc

approach for specifying security requirements for data architecture and management, but no formal

communications procedures are in place. No training on data architecture and management takes place.

Responsibility for data management is not clear.

2 Repeatable but Intuitive when

The awareness of the need for effective data architecture and management exists throughout the

organization. Data ownership at a high level begins to occur. Security requirements for data management are

documented by key individuals. Some monitoring within IT is performed on data management key activities

(e.g., backup, restoration, disposal). Responsibilities for data management are informally assigned for key IT staff members.

Data Management Maturity Model

CobiT 5, isaca.org



3 Defined when

The need for data management within IT and across the organisation is understood and accepted.

Responsibility for data architecture and management is established. Data ownership is assigned to the

responsible party who controls integrity and security. Data management procedures are formalized within IT,

and some tools for backup/restoration and disposal of equipment are used. Some monitoring over data

management is in place. Basic performance metrics are defined. Training for data management staff members

is emerging.

4 Managed and Measurable when

The need for data management is understood, and required actions are accepted within the organisation.

Responsibility for data ownership and management are clearly defined, assigned and communicated within

the organisation. Procedures are formalized and widely known, and knowledge is shared. Usage of current

tools is emerging. Goal and performance indicators are agreed to with customers and monitored through a well-defined process. Formal training for data management staff members is in place.


CobiT 5, isaca.org



5 Optimized when

The need for data architecture and management and the understanding of all required actions is

understood and accepted within the organisation. Future needs and requirements are explored

in a proactive manner. The responsibilities for data ownership and data management are clearly

established, widely known across the organisation and updated on a timely basis. Procedures

are formalized and widely known, and knowledge sharing is standard practice. Sophisticated

tools are used with maximum automation of data management. Goal and performance

indicators are agreed to with customers, linked to business objectives and consistently

monitored using a well-defined process. Opportunities for improvement are constantly explored. Training for data management staff members is instituted.


CobiT 5, isaca.org


Practical Infrastructure Asset and Configuration

Management


Group workshop - Business Services and IT Alignment

1.5 hrs. brainstorm and 15 mins. presentation

Call Center MarketingCore

ServiceFinance HR

App01

App02

App03

App04

App05

App06

App07

App08

App09

App10

App11

App12

DB01

DB03

DB02 DB04 DB05

DB06

DB11DB10

DB09

DB07DB08


Logical Configuration Management Model

User Interface Layer

Process Server Layer

Data Bus Layer

Application Layer

Database Layer

ODS/DW Layer

OS Host Layer

HW Layer

Network Storage Layer

Network Layer

Service Layer

Mo

nit

ori

ng

/ M

an

ag

em

en

t La

yer

Se

curi

ty L

aye

r


Logical Configuration Management ModelExample – HR Service

User Interface Layer

Process Server Layer

Data Bus Layer

Application Layer

Database Layer

ODS/DW Layer

OS Host Layer

HW Layer

Network Storage Layer

Network Layer

Service Layer

Mo

nit

ori

ng

/ M

an

ag

em

en

t La

yer

Se

curi

ty L

aye

r

HR Service

Internet Web Content Mgmt

HR Core App

HR DB

Sys-lin001 Sys-lin002 Sys-lin003 Sys-lin004

HW-001 HW-002 HW-003

SAN-001

Intra-Network

Web Proxy

OS Security

DB SecurityDB Mgmt

App Mgmt

OS Mgmt

Network Mgmt

Storage Mgmt

HW Mgmt

Web Mgmt

Network Security

data001/ ws

data001/ ws

data002/ ws

data001,

data002

deploy

on

deploy

on

deploy

on

deploy

on

mount mount mount mount


Current IT Architecture

• เพ�มบรการใหมๆ ยาก

• ตองใชตนทนสงในการขยายระบบ

• ใชเวลามากในการแกปญหา

• เกดความเส�ยงสงตอการดาเนนธรกจ

IT Architecture ImprovementCurrent and Target State


App

1

App

2

Ap

p3App

4

App

5

Access Layer

Application Layer

DB Platform Layer

ws/portlets

App

3

Digital PlatformDigital Platform

Customers Operation Staffs Executives Business Partners

ws/portlets ws/portlets ws/portlets ws/portlets

Unified Access and Control PlatformUnified Access and Control Platform

Current Technology Architecture

• เพ�มบรการใหมๆ ยาก

• ตองใชตนทนสงในการขยายระบบ

• ใชเวลามากในการแกปญหา

• เกดความเส�ยงสงตอการดาเนนธรกจ

Target Technology Architecture

• สราง common platform

• เพ�มความยดหยนใหกบเง�อนไขบรการใหม

• สามารถผลด application ไดเรวข(น

• ลดความเส�ยงตอการดาเนนการ

Technology Architecture ImprovementCurrent and Target State


Technology Architecture Maturity Level

0 Non-existent whenManaging the technology infrastructure is not recognized as a sufficiently important topic to be addressed.

1 Initial/Ad Hoc whenThere are changes made to infrastructure for every new application, without any overall plan. Although

there is an awareness that the IT infrastructure is important, there is no consistent overall approach.

Maintenance activity reacts to short-term needs. The production environment is the test environment.

2 Repeatable but Intuitive whenThere is a consistency amongst tactical approaches when acquiring and maintaining the IT infrastructure.

Acquisition and maintenance of IT infrastructure are not based on any defined strategy and do not consider

the needs of the business applications that must be supported. There is an understanding that the IT

infrastructure is important, supported by some formal practices. Some maintenance is scheduled, but it is

not fully scheduled and co-ordinated. For some environments, a separate test environment exists.

3 Defined whenA clear, defined and generally understood process exists for acquiring and maintaining IT infrastructure. The

process supports the needs of critical business applications and is aligned to IT and business strategy, but it

is not consistently applied. Maintenance is planned, scheduled and co-ordinated. There are separate

environments for test and production.

Technology Infrastructure Operation Maturity Model

CobiT 5, isaca.org


4 Managed and Measurable whenThe acquisition and maintenance process for technology infrastructure has developed to the point where it

works well for most situations, is followed consistently and is focused on reusability. The IT infrastructure

adequately supports the business applications. The process is well organized and proactive. The cost and lead

time to achieve the expected level of scalability, flexibility and integration are partially optimized.

5 Optimized whenThe acquisition and maintenance process for technology infrastructure is proactive and closely aligned with

critical business applications and the technology architecture. Good practices regarding technology solutions

are followed, and the organization is aware of the latest platform developments and management tools. Costs

are reduced by rationalizing, standardizing, optimizing infrastructure components and by using automation. A

high level of technical awareness can identify optimum ways to proactively improve performance, including

consideration of outsourcing options. The IT infrastructure is seen as the key enabler to leveraging the use of IT.

Technology Architecture Maturity LevelTechnology Infrastructure Operation Maturity Model

CobiT 5, isaca.org


EA and Digital Transformation Master Plan


Initiatives Projects 2016 2017 2018 2019

H1 H2 H1 H2 H1 H2 H1 H2

Executive

Intelligence and

external integration

Data Interoperability

Information Service for

Business Partner

Dev Stabilization DevOps Standards

Business Process

Optimization

&

Application

Consolidation

Identify Processes and PMO

Core Processes

Optimization

Applications Consolidation

Open Data for PPP

Business Intelligence

Digital Platform Cloud, Big Data Platform

Governance Framework

IoT and Social Integration

Network and Office

Automation

Digital Transformation Master Plan(DX Master Plan)

Standardization & Optimization

Growth


Enterprise Architecture Governance


Enterprise Architecture Governance Process

Business Architecture

Information System

Architecture


EA Roadmap and Project Portfolio

Management

IT Development, Operation &

Change Mgmt

Business Goals Planning

(Business and EA)

Create Business Initiatives

(Business and EA)

Create Business Process

(Business and EA)

Create Application Architecture

(Business, DevTeam and EA)

Create Data Architecture(Business,

Information MgmtTeam and EA)

Define Development Technology (Dev

Team and EA)

Define Monitoring and Management Technology

(Operation Team and EA)

Define Security Technology

(Security Team and EA)

Define Integration Technology

(Integration Team and EA)

Create EA Roadmap (EA)

Define Projects and Business Cases (Planning Team

and EA)

Create IT Solution Architecture (Dev

Team and EA)

IT Solution Building(Dev Team)

IT Solution Deployment and Operation Change

Control(Operation Team and

EA)

Define IT Operation Maintenance

(Operation Team)

Red Color is EA main involve process

Business Goals Planning and Business Initiatives

Activities and Deliverables

Business Executives

Business

Process/De

velopment Owner

CIO Enterprise Architect

IT Audit and Control

Head of IT

Development

Head of IT Operation

Create Business Goals A/R R C I I I I

Business Operation

Model/ Business and IT Capability

A/R R C C C I I

Business Objectives

A/R R C I I I I

Create Business Initiatives

C A/R C C C I I

Responsible, Accountable, Consulted, Informed

Create Business Processes


Business Executives

Business

Process/

Development Owner



Head of IT Development


Develop Baseline

Business Process

Description

C A/R C I I I I

Develop Target

Business Process

Description

C A/R C I I I I

Perform Gap Analysis

C A/R C I I I I

Provide requirements

to the Data,

Application, and

Technology

Architectures

C A/R C C C I I

Finalize the Business

Process

C A/R C I I I I


Create Application Architecture


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Application Architecture

Strategy (Consolidate, Plug and Play Strategy)

I R C C C A/R C

Create Application

Portfolio Baseline (Application Landscape)

I R C C R A/R R

Business Processes and

ApplicationDependencies

I A/R I I I R I

Relationship to Application

Capability Increments Transitioning

I R C C C A/R C


Create Data Architecture


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Data Architecture Strategy

(Consolidate, Information as a Service)

A R C C C R C

Create Enterprise Data Platform (Data Landscape)

A R C C C R R

Application and DataDependencies

I R I I I A/R(IT Data Management

Team)

C

Relationship to Data

Capability Increments Transitioning

I R C C C A/R(IT Data Management

Team)

C


Define Development Technology


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Create Standard

Development Technology (Open, Unify Tool Set)

I I C C C A/R R

Create Standard User

Interaction Development Technology

I I C C C A/R R

Create Standard Business

Process Management Development Technology

I I C C C A/R R

Create Standard Application

Server and Database Technology

I I C C C A/R R


Define Monitoring and Management Technology


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Create Standard Monitoring

and Management Technology

I I C C C R A/R

Create Standard Network/

Operating System

Monitoring and Management Technology

I I C C C R A/R

Create Standard Database

and Application Server

Monitoring and Management Technology

I I C C C R A/R

Create Standard

Application Monitoring

and Management

Technology

I I C C C R A/R


Define Security Technology


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Create Standard Security Technology

I I C C C R A/R

Create Standard Network/

Operating System Security Technology

I I C C C R A/R

Create Standard Database

and Application Server Security Technology

I I C C C R A/R

Create Standard

Application Security

Technology

I I C C C R A/R


Define Integration Technology


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Create Standard Integration Technology

I I C C C R A/R

Create Standard Business

Transaction Integration

Technology

I I C C C R A/R

Create Standard Batch Integration Technology

I I C C C R A/R

Create Standard External

Integration Technology

I I C C C R A/R


Create EA Roadmap


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Business and ITDependencies

I I C A/R C R R

Relationship to

capability increments transitioning

C I C A/R C C C

Relationship to opportunity

C I C A/R C C C


Define Projects and Create Business Cases


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Identify IT Projects I C A C R R R

Provide Business Casesand Business Value

I C A C R R R

Provide Business Value Measurements

C A/R C C C I I

Identify Risks and Issue

C A/R C R R I I

Provide Migration

Strategy

C A/R C C C C R


Create IT Solution Architecture (ABB, SBB)


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Architecture Building Block (ABB)

I I C A/R I I I

Solution Building Block (SBB)

I I C C R A/R R

Monitoring and Management Architecture

I I C C C C A/R

Security ArchitectureI C C C A/R R R


IT Solution Deployment and Operational Change Control


Business Executives

Business

Process/De

velopment Owner



Head of IT

Development


Develop Solution Change

Deployment Description and Instruction

I I I I C A/R R

Review and Approve The

Changed Solution for Data Center

I I A R R C C

Perform Solution

Deployment to Data Center

I I I I C R A/R

Rollback Solution

Deployment from Data Center

I I I I C R A/R


Thank you very much.
