Transcript ENTERPRISE ARCHITECTURE + SECURITY
EA's Role in Evaluating New Technologies and Approaches
Rick Lauderdale U.S. Department of Energy
EA Outcomes and Benefits
•
Improve Interoperability and Compliance by:
Enabling Enterprise Architecture • Establishing Technology and Data Standards • Support IT Policy and Planning • Enhancing processes • Enhancing cybersecurity
DOE’s EA Repository
• • • •
E nterprise A rchitecture R oadmap S olution ( EARS ):
Integration of industry leading COTS products Delivers automated, data driven dashboards and reports IT asset data import is automated Automatically standardizes IT asset names and categories
Strategic Reports
Application Reports
Alignment to Strategy
•
Why is EARS important?
Improves interoperability and compliance by enhancing Departmental enterprise architecture, policy, and standards.
IRM Objective 2.1
EARS Aligns to DOE IRM Strategic Plan
Goal #2– “Safeguard resources through the cost-effective management of information and IT solutions”
EARS Outcomes and Benefits
• Assists in understanding business impact from security breach • Increased accountability due to high accuracy of asset data • Reducing obsolete technologies in favor or newer alternatives • Empowering users to obtain current and future IT responses • Delivering daily and weekly reports based on current asset data • Financial planning for fact-based software and hardware planning • Reduces unnecessary duplications and redundancies • Implements long term IT financial, logistics planning
Technology Life-Cycle Phases
• Approved – technology is approved to be on the network • Approved - Phase Out – (18 months before EOS) technology is approved but owners should plan to phase out • Approved – Remove – (6 months before EOS) execute the plan to remove, upgrade or replace • Denied – (EOS/Obsolete) technology should be decommissioned, unless a waiver is in place
Notional Reports from EARS
Develop a Technology Roadmap to Eliminate Risks
Identify Similar Technology to Migrate or Consolidate
Upgrade To The Latest Approved Technology
Lessons Learned
• Small implementation team • Backing of senior leadership • Acceptability and visibility of solution • Emphasize accuracy of clean data • Understand “data is hard” • Train users to help themselves • No magic potion