Enable Cloud Strategy and Planning with Predictable Methods, Models, and Tools

Mike The Architect Blog - Cloud Strategy and Planning

We previously
looked at why cloud is so important (Challenge
the Status Quo and Advance Business through Cloud Computing
, ),
approaches to cloud strategy (Understanding
Which Investments Should go to the Cloud
, Cloud
Strategy Begins with Value and Balances Risk
) and who the best
people (Why
Enterprise Architects Must Drive Cloud Strategy and Planning
) are to
execute. Today we’ll examine the methods, models, and tools that the enterprise
architect should use for effective cloud strategy and planning.

Methodologies
As far as methodologies go, it’s usually
better not to reinvent the wheel. There are already proven general frameworks EAs can use, so try to leverage
what is already out there whenever possible. When using an existing
general-purpose framework like TOGAF, apply cloud specifics to it.

Using a framework like TOGAF can ensure that you
are not missing the critical steps, questions and outcomes that every good
architecture should have. This will also ensure that all the other architecture
work and this work is consistent and predictable with the outcomes it produces.
Below are a list of a few benefits for leveraging TOGAF as your methodology for
Cloud Strategy and Planning:

  • Broad Community – If a custom framework is built, very few people
    have expertise and experience. TOGAF has an extremely broad EA acceptance,
    adoption and certification.
  • Deliverables and ArtifactsTOGAF comes
    with a wealth of “out of the box” templates
    that can be leveraged to
    architect.
  • Linkages to SOA and Cloud IP The Open Group which manages TOGAF, has
    other forums  and working groups that
    builds content for specific architecture areas and domains such as SOA,
    Cloud, Business Architecture and Security Architecture to name a few.
  • Associated Cloud Standards Bodies – The Open Group has done a great job of
    uniting multiple specialized and deep cloud standards bodies with the TOGAF
    standard to bring together the best of both worlds. The general purpose
    framework applied. These partners include NIST, Cloud Security Alliance and more.
    All this work has come together in The
    Open Group Cloud Computing Work Group
    .

Below is a visual on how Cloud Strategy and Planning
extends TOGAF within this framework:


Mike The Architect Blog - Cloud Strategy and Planning TOGAF Method.jpg

Another great visual is from Serge Thorn where he shows this from
a native TOGAF view:

Mike The Architect Blog - Cloud Strategy and Planning TOGAF Detail

Check out his blog post, “Cloud
Computing Requires Enterprise Architecture and TOGAF

Is TOGAF the only methodology you use? No. Just
like any other architecture work there are many different facets other than
just architecture such as: Risk Management, Information Security, Project /
Program Management, Software Development and Operations. There are methodologies
and frameworks for each specialized area that complement your architecture
work.

Some things to remember when adopting methodologies:

  • Strategy Methods are Universal – The same macro/basic steps are the same
    and can be applied to most anything. Just like with anything you will have to tailor
    slightly to your needs. DO NOT REINVENT
    PROVEN MODELS
    .
  • Make General Purpose Methods Specific – These were meant to be applied to a
    specific problem set. Cloud is
    no different.
  • Use Extensions – Cloud tools and techniques such as CSA, NIST,
    and Open Group-specific resources can be very useful in giving general-purpose
    frameworks meaning.

 

When we apply these
aspects to a cloud methodology you get The Cloud Strategy and Planning (CSP)
Framework. It is comprised of three simplified phases and seven activities.

 
Mike The Architect Blog - Cloud Strategy and Planning Method and Act

CSP
embraces and extends proven practices in the industry and the industry
resources from the following distinguished bodies:

  • The Open Group (TOGAF)
  • Cloud Security Alliance (CSA)
  • NIST Cloud Computing Working Groups
  • Sherwood Applied Business Security
    Architecture (SABSA)
  • Cloud Security Alliance (CSA)

 

Activity Descriptions

Below is a high-level overview of the activities with the description of
what occurs in each. The detailed steps are not shown below.

Strategy
Rationalization

1

Establish Scope, and Approach

  • Conduct the Cloud Envisioning Workshop
  • Provide overview of cloud computing
  • Define the enterprise business model for
    cloud computing
  • Establish project charter

 

2

Understand Strategic Vision

  • Gather the IT and business strategic
    objectives
  • Identify strategic cloud computing patterns
    and technologies
  • Analyze customer feasibility and readiness
  • State strategic vision for cloud computing

 

3

Identify and Prioritize Capabilities

  • Define evaluation criteria for key IT &
    business value drivers
  • Evaluate the capabilities based on these
    metrics
  • Identify ~5 high-priority capabilities for
    deeper analysis

 

 

Cloud Valuation

4

Profile
Capabilities

 

  • Determine current state of capability
    maturity leveraging IO Maturity Tools
  • Execute Risk Analysis Method with
    corresponding assessments and remediation steps.
  • Profile the capability asset portfolios of
    information, technology, and processes and analyze by architectural fit, risk
    and readiness

 

5

Recommend
Deployment Patterns

 

  • Research capability proven practices and
    market direction
  • Define target cloud capability requirements
  • Determine optimal cloud service and
    deployment patterns for the capabilities based on fit, value, and risk

 

 

 

Business
Transformation Planning

6

Define
and Prioritize Opportunities

 

  • Completely define opportunities to
    include  an overview, benefits, risks,
    assessment results, technology impacts, and project plan
  • Prioritize opportunities for detailed
    architecture and execution

 

7

Understand Strategic Vision

  • Assess implementation risks and dependencies
  • Develop and deliver a business
    transformation roadmap
  • Validate with the customer and edit
    accordingly

 

 

Models

With respect to models, there are many out there readily available. Since
we are starting with  business value we
want to make sure we continue to do so and ensure there is a bridge from
strategy to implementation.

Mike The Architect Blog - Top Down Strategy

Given the top down
nature you will want to pull from models  that lend to our approach. When selecting
models, take a step back and ensure you fully understand the scope of what you
want to accomplish then select the most appropriate models from the many
sources at your disposal such as: analysts, standards bodies, industry bodies
or internal reference models.

For example, CSP
integrates SABSA to ensure that CSP has a classification scheme to capture business
requirements along with the identification, classification and management of risk.
The SABSA method focuses on the area of security while CSP extends this for cloud
computing. CSP incorporates a similar structure to SABSA and utilized the SABSA
matrix as a stellar example of using question-based analysis in IT
decision-making. By using the business requirements as the “red thread” through
the analysis, SABSA and CSP are both able to ensure that the business
objectives are being met. In the case of CSP, the business should be the
driving force behind the cloud transformation.

Mike The Architect Blog - SABSA Matrix

A common issue I
see when selecting models are that a model is selected either based on
preference or it is good enough. Don’t do that. Make sure you have a fit for
purpose model. If you don’t you may not get an accurate output.

 

Below are a good
set of models that can be used when rationalizing strategy:

  • Strategy maps
  • Business canvas
  • Hosen strategy
  • Net Present Value (NPV)
  • Business Scenarios
  • SWOT
  • Porters Five Forces Analysis
  • Motivation Model

Mike The Architect Blog - Strategy Map Example

Tools

 Now let’s talk about
the tools. These will allow us to automate the method along with helping align,
measure, quantify and qualify our work.

The tools below
will help

  • Charter – Template to authorize the
    project and define scope, stakeholders and timeline
  • Enterprise Capability Assessment
    Enterprise level 1 capability analysis to segment a customer’s portfolio for
    the discovery of cloud opportunities.
  • Business Heat Map – Graphical view of an
    organization based on business capabilities and cloud attributes like risk,
    value, fit and readiness
  • Capability Prioritization – Further
    refinement of each business capability with respect to cloud risk, fit and
    readiness
  • Capability Profiling – Rollup dashboard
    of a given capability to determine the level of value and risk it provides in
    the context of cloud.
  • Cloud Pattern Valuation – Robust metric
    driven analysis tool used to determine which cloud service and deployment
    models should be used for a solution.
  • Cloud Pattern Matching – Graphical tool
    to connect service and deployment models with business or technical capabilities.
  • Portfolio Analysis – A tool to plot cloud
    opportunities to a grid based on Business Priority, Value, Risk and Effort to
    aid in the roadmapping.
  • Cloud Opportunity Dashboard  – A dashboard that provides a complete
    rollup of the Cloud Valuation assessments into one sheet to support decision
    making.
  • Cloud Taxonomy –This taxonomy provides a
    way of rationalizing cloud specific cloud implementation decisions.
  • Cloud Risk Framework – A risk reference
    model that identifies the key aspects of cloud risk to be assessed.
  • Cloud Risk Method – Process for applying
    a risk classification to a potential cloud solution.
  • CSP Project Planning – Examples of a
    defined project engagement, with timelines, milestones, activities and
    deliverables.

A good example of a tool leveraged in CSP is The Capability Planning
Tool. It analyses Business and IT capabilities under seven areas that fall
under four assessment drivers: architectural fit, value, risk, and readiness:

  • Architectural
    Fit
    : Adoption and Complexity
  • Value:
    Cost and Strategic Alignment
  • Risk:
    Significance and Regulations, Standards, and Policies
  • Readiness:
    Organizational Readiness and Technical Readiness

For all capabilities, the EA will ask the customer for the enterprise’s
score in each topic area. For example, for the business capability, Claims
Management, the EA will ask for the capability’s level of adoption based on the
following criteria: 5-Enterprise-Proven, 4-Tested, 3-Industry-Proven,
2-Emerging, and 1-Not Available.

This assessment is intended to capture a range from 1 to 5 for each
topic area under these assessment drivers. The end result is a rolled-up
dashboard with the scores of architectural fit, value, risk, readiness, and an
overall score for each capability. The final results presented in the dashboard
will allow the EA to determine the high-priority capabilities with the
customer.

Mike The Architect Blog - Capability Planning Tool Worksheet
Mike The Architect Blog - Capability Planning Tool Dashboard

Conclusion

The Cloud Strategy & Planning (CSP)
guidance helps establish a common context for cloud computing among all
business and IT stakeholders. Furthermore, it allows companies to define an
actionable cloud opportunity plan for qualified & validated cloud
opportunities to be architected for a specific service and deployment model.

The CSP guidance has 3 phases and 7
activities which give an overall structure to the approach. These allow the
client to assess and identify the current maturity level of their competences,
to find out which of these are best suited for cloud migration, and to evaluate
and better understand the opportunities for cloud solutions in the
organization. This assessment will ultimately lead to a business transformation
roadmap that is aligned with the enterprise’s technology and business
objectives. 

A few key points:

  • Focus on Maximizing Business Value – Leverage a business top down
    process of analysis and refinement, describing business capabilities to matched cloud technologies is essential
  • Capability
    Driven
    – Respect both the business and IT dimensions of an organization
  • Balance
    Value and Risk
     – Identify cloud
    opportunities while also rationalizing the potential challenges
  • Leverage Industry Best Practices – Amplify value of proven methods, models
    and tools to reduce risk of a poorly planned and executed strategy.

Related articles

Technology Architecture Questions for Vendors
Challenge the Status Quo and Advance Business through Cloud Computing
TOGAF Templates
Advertisements

Gartner 2010 Hype Cycle for Enterprise Architecture

Recently Gartner released the 2010 Hype Cycle for Enterprise Architecture (EA).  It's an interesting report. I'm not sure if there are really any surprises here but it worth looking at the macro themes of the report. 

You can find additional resources here:

Gartner Enterpise Architecture Hype Cycle 2010 

Source: Gartner July 2010 

What the report reveals is a set of macro themes for Enterprise Architecture.

  • Traditional Enterprise Architecture that is technology focused and driven has become mainstream.
  • A fundamental shift in the architecture community from IT Architecture to true Enterprise Architecture where Business Architecture is a first class citizen. EA is past the hype of the standard lip service of "We align IT with Business" and we are actually doing it. 
  • Business focused EA that is executed through Enterprise Business Architecture (EBA), Business Process Management (BPM), Capability analysis and modeling, and EA Performance Management
  • Frameworks are not as mature as they could be. This capability for EA is estimated by Gartner to be 10+ years out until productivity is realized. As you have heard from me in past posts and articles, I believe there is a level of pragmatism that is lost on the EA Tool providers. If they nail that, they will shorten that time to productivity significantly. 
  • While there is mainstream adoption of Enterprise Architecture, the maturity level is still low. This is shown in the Hype Cycle survey it stated that 73% of EA organizations aspire to be "mature". Does this mean that those 73% are not mature? 

Gartner has published the following abstract to the EA Hype Cycle

"The artificial walls between business and IT are crashing down, and EA is the bridge to integrate business and IT," said Philip Allega, Research Vice President, Gartner. "EA's original promise was its ability to provide future safe guidance given the desires and vision of an organisation's senior leadership team. As IT roles shift away from technology management to enterprise management, EA is suited to bring clarity to these blurred boundaries, and, by 2015, increased adoption of EA processes and uses by business will further IT's alignment with the organisation's culture, future-state vision and delivery of business value outcomes."

Early-generation EA, situated on the right side of the Hype Cycle, is marked by long-standing and well-practiced approaches such as enterprise technology architecture (ETA) and architecture assurance that have been supported by traditional and federated approaches to EA. While these practices help to direct tactical IT operations, they are often supported without a business future-state vision and, as such, limit the ability for organisations to achieve and demonstrate significant business value.

"Overall, EA slipped into the Trough of Disillusionment, along with EA tools, because EA practitioners couldn't or wouldn't push EA efforts to become integrated with the business, drawing an invisible wall between the business and IT," said Allega.

As EA practitioners have become more business-focused and organisations have become more hyperconnected, new approaches of managed diversity and middle-out have emerged on the Trigger slope, forming the latest generation of EA. These disciplines are employed by end-users to try to integrate and engage with the business as a partner. One of the emerging disciplines includes a middle-out EA approach, which according to Gartner will have a transformational impact on business in the next two to five years.

"The middle-out approach enables the creation of an adaptable architecture that can help manage rapid change and enable innovation by focusing on coordination through interfaces, rather than on control through top-down standards," said Allega.

Gartner found that 73 percent of clients aspired to support "mature enterprise architecture" during the next three to five years, demonstrating that business strategy will be pervasively understood and supported within EA and across business and IT. "We predict that by 2015, the marketplace of EA practitioners will find a landscape very different from today's environment," said Betsy Burton, Research Vice President and Distinguished Analyst, Gartner.

"To prepare for 2015, EA practitioners need to ensure that EA practices are driven by a clear business vision and defined business context, and that their EA program has stabilised the practices and disciplines that are less than two years to mainstream adoption."