This article discusses 2 new expectations on Enterprise Architects and 6 takeaways to combat this disruption.
The Open Group Architecture Framework (TOGAF) is a framework for enterprisearchitecture that provides an approach for designing, planning, implementing, and governing an enterprise information technology architecture. TOGAF is a high level approach to design. It is typically modelled at four levels: Business, Application, Data, and Technology. (Ref 1)
Its benefit is its reliance on modularization, standardization, and already existing, proven technologies and products. However this benefit is also its weakness, as more and more unproven technologies and products enter the market.
Over the last decade the discipline of architecture has been under constant threat to balance governance whilst providing value through clear direction.
The inability to practically apply the architect artefact library (Architecture/Enterprise continuum) to a business problem, results in the dilution of value that architecture practice brings.
The risk is an architect relying upon their established governance principles, policies and frameworks to justify their value to the business.
Instead of taking advantage of the opportunity to immerse themselves in the latest technology trends and understanding of broader solution spaces, to offer a solution approach contextualised with the guardrails of enterprise architecture.
Enter the Solution “Architect”
In this 4th industrial revolution we have a business community, that is crying out for application/technology/data/information systems leadership in a technology landscape which is getting more complex each day. A recent survey shows typical mid size companies changed 39% of their SaaS apps between 2017-2018. (Ref 2).
Unless the EA proactively engages and becomes a qualified/trusted business partner, we will have solution experts, picking up SaaS apps, selling themselves as solution architects, even though they have little formal architecture experience. The result is either tension between the Enterprise Architects (EA) and the business as the EA practice constantly struggles to defend its value.
As little as 6 Years ago this was not the case. The tension was still there, but the barriers to technology and digital understanding by the business was sufficient for there to be a heavy reliance upon the EA community, for all the good reasons, of governance, principles, policies, frameworks, reduction of technology debt and the definition of an expected strategic technology roadmap.
Shadow IT is the new IT
A few years ago, “Shadow IT”, the IT solutions created by the business, was frowned upon. Today, the rate of change and adoption of digital and technology patterns and understanding by the business, has caused “Shadow IT” to be an opportunity for business, now the entire enterprise can source solutions to problems.
Shadow IT is the new IT. The enterprise can innovate and adapt, look for automation opportunities and mine data, the opportunities are endless.
With this comes challenges in a recent 2019 trend report, companies with between 501-1000 employees, had on average 43 unique SaaS app billing owners, with an average of 7 app subscriptions being duplicated and an average of 3 SaaS apps with no actual owner. (Ref 3)
This has resulted in enterprises desperately seeking assistance in 2 new enterprise architecture focus areas, being security and solution.
These adapted security and solution focus are step changes in EA practice and both pivot on collaboration.
Security Architecture as a step change
A few years ago, one could argue that security was merely part of the overall architecture, resulting in attributes being added to assets or catalogues and that the security architecture function was part of the domain of an EA. However, the risks (and the possible consequences) associated with security today, lend it to having a foundational role in all aspects of an enterprise.
Security architecture has matured as a major discipline of its own, complete with CISO (Chief Information Security Officer) and its own governance, standards and architecture discipline.
The EA of today is required to understand the fundamentals of the security discipline and consult the security team, on a constant basis, whilst relying upon them for counsel.
Security teams should be engaged as early as possible. The EA of 2019 needs to have soft skills to engage with the security team and be inclusive and consultative.
However it doesn’t end there, with the democratization of IT and the proliferation of SaaS apps, there is an increasing need for the entire enterprise to uplift their security skills.
In addition to a number of CIO’s now focusing on a “Cloud First” strategy, multiplying a landscapes security complexities, ‘Cloud Security’ is a growing area for EA’s to consider.
The level of security knowledge required by the EA is inversely proportional to the maturity of the security discipline in the business.
If possible businesses should create a security function within the enterprise and educate as many employees as possible on foundational security patterns in order to make security the responsibility of the entire enterprise.
Solution Architecture needs attention
With a relentless advancement in technology and digital solutions within enterprises, solution architecture may be the most challenging area of an enterprise architecture. Solution architecture is defined as “A practice of defining and describing an architecture of a system delivered in context of a specific solution and as such it may encompass description of an entire system or only its specific parts.” (Ref 4).
With few barriers to adoption of new technology in enterprises and significant understanding of technology solution options within business areas by employees. There is an ever-increasing need within the business for pragmatic architecture guidance and reliable advice.
Architecture as a discipline has been disrupted to the point where one now needs a symbiotic constant relationship with a dynamic business.
Yes solution spaces SHOULD adhere to the architecture principles and policies, yes they SHOULD follow standards and use the catalogues and frameworks. However, if one is reliant upon an architecture council, governance council, architecture forum, design review board, architecture review board…. Etc. as the principle channel of engaging within the solution space one will have limited success.
Even federated forums and councils that are closer to the business, still require the business or solution seeker to initiate the engagement and attend the meeting. The meetings themselves if not managed effectively become a roadblock, with EA gatekeepers seemingly slowing down the business advancement.
EA’s need to manage fewer forums that act as gates and instead need to understand the already changed landscape, with an almost democratised technology penetrating the business.
The EA is required to be consultative, requiring the rare blend of solution technology knowledge in addition to the people skills to engage and lead the business.
This is where guardrails and governance come into play.
Guardrails permit speed and innovation. An example of a guardrail could be that enterprises should be free to adapt organization specific business solutions if they in no way adjust the underlying solution layers or introduce cost, complexity, licences or adjust business capability.
The governance is only called on when one of the underlying layers is proposed to be changed or costs incurred above a threshold.
In a smaller enterprises, the EA is required to wear many solution advisor hats and is required to have a diverse, unquenchable thirst for knowledge and innovation. Whilst always balancing the solution options with the EA foundational frameworks.
Trusted advisor and business partner
We are in a new era of unprecedented change and disruption, not only are business models being disrupted, so too are foundational protocols and architecture patterns. I am an advocate of continuous education and believe it is critical for the EAs of today to be unceasing in their pursuit and application of knowledge.
The enterprise architect of today is needed more than ever before, to tame application expenditure, reduce risk, balance security and be a trusted advisor and partner to the business.
Permitting freedom within business areas to innovate and adapt, whilst ensuring the reliance on modularization and standardization, of already existing, proven technologies and products.
To summarise here are 6 key areas of opportunity for the modern Enterprise Architect:
- Be a trusted business partner
- Be less a manager of gates and more a promoter of guardrails
- Be proactive in engagement with security teams
- Increase security knowledge
- Stay current on diverse innovative opportunities and threats
- Practice continuous education
References:
1 – https://en.wikipedia.org/wiki/The_Open_Group_Architecture_Framework (Sourced 2019-10-04)
2 – “The typical mid-sized company changed 39% of their SaaS apps between 2017-18. “ from https://www.blissfully.com/saas-trends/2019-annual/ (Sourced 2019-10-04)
3 – https://www.blissfully.com/saas-trends/2019-annual/ (sourced 2019-10-04)
4 – https://en.wikipedia.org/wiki/Solution_architecture (Sourced 2019-10-04)