Line 13: |
Line 13: |
| <br><br> | | <br><br> |
| | | |
− | To view more detailed info on each point listed below, you can <b><I><u>click</b> on the top title for each of the Architecture layer, OR any of the <b><I><u>blue</b> link below. | + | To view more detailed info on each point listed below, you can <b><I><u>click</b> on the top title for each of the Architecture layer, OR any of the <b>blue link</b></i></u> below. |
| <br> </big> | | <br> </big> |
| | | |
Line 22: |
Line 22: |
| <span style="font-size: 1.5em;">[[GC_EA_Playbook#1._Business_Architecture | 1. Business Architecture]]</span> <br><br> | | <span style="font-size: 1.5em;">[[GC_EA_Playbook#1._Business_Architecture | 1. Business Architecture]]</span> <br><br> |
| | | |
− | <b><u>Fulfill the Government of Canada stakeholder's needs</b> | + | <b><u>Fulfill the Government of Canada users and other stakeholder's needs</b> |
− | * <I>Clearly identify internal and external stakeholders and their needs for each policy, program and business service | + | * <I>Clearly identify internal and external users and other stakeholders and their needs for each policy, program and business service |
− | * Include policy requirement applying to specific stakeholder groups, such as accessibilities, gender based+ analysis, and official languages in the creation of the service | + | * Include policy requirement applying to specific users and other stakeholder groups, such as accessibilities, gender based+ analysis, and official languages in the creation of the service |
| * Model end-to-end business service delivery to provide quality, maximize effectiveness and optimize efficiencies across all channels (e.g lean process) | | * Model end-to-end business service delivery to provide quality, maximize effectiveness and optimize efficiencies across all channels (e.g lean process) |
| | | |
Line 35: |
Line 35: |
| | | |
| <b> Promote Horizontal Enablement of the Enterprise</b> | | <b> Promote Horizontal Enablement of the Enterprise</b> |
− | * Identify opportunities to horizontally enabled business services and provide cohesive experience to stakeholders | + | * Identify opportunities to horizontally enabled business services and provide cohesive experience to users and other stakeholders |
| * Reuse common business capabilities and processes from across government and private sector | | * Reuse common business capabilities and processes from across government and private sector |
| * Publish in the open reusable common business capabilities and processes (in the Open Government portal) for others to develop cohesive horizontal enterprise services</I></u> | | * Publish in the open reusable common business capabilities and processes (in the Open Government portal) for others to develop cohesive horizontal enterprise services</I></u> |
Line 46: |
Line 46: |
| <span style="font-size: 1.5em;">[[GC_EA_Playbook#2._Information_Architecture | 2. Information Architecture]]</span> <br><br> | | <span style="font-size: 1.5em;">[[GC_EA_Playbook#2._Information_Architecture | 2. Information Architecture]]</span> <br><br> |
| | | |
− | <I><u><b>Collect data to address the needs of the stakeholders</b> | + | <I><u><b>Collect data to address the needs of the users and other stakeholders</b> |
− | * Assess data requirements based on stakeholder needs | + | * Assess data requirements based on users and other stakeholder needs |
| * Collect only the minimum set of data needed to support a policy, program and service | | * Collect only the minimum set of data needed to support a policy, program and service |
| * Reuse existing data assets and only acquire new data if required | | * Reuse existing data assets and only acquire new data if required |
Line 65: |
Line 65: |
| * Ensure data formatting aligns to existing enterprise and international standards. Where none exist, develop standards in the open with key subject matter experts, in consultation with the Enterprise Data Community of Practice | | * Ensure data formatting aligns to existing enterprise and international standards. Where none exist, develop standards in the open with key subject matter experts, in consultation with the Enterprise Data Community of Practice |
| * Ensure that combined data does not risk identification or re-identification of sensitive or personal information | | * Ensure that combined data does not risk identification or re-identification of sensitive or personal information |
− | </I> | + | </I></U> |
| |} | | |} |
| | | |
Line 120: |
Line 120: |
| * Use continuous integration and continuous deployments (CI/CD) | | * Use continuous integration and continuous deployments (CI/CD) |
| * Ensure automated testing occurs for security and functionality | | * Ensure automated testing occurs for security and functionality |
− | * Include your stakeholders as part of DevSecOps process | + | * Include your users and other stakeholders as part of DevSecOps process |
| </u></i> | | </u></i> |
| |} | | |} |
Line 145: |
Line 145: |
| | | |
| <b>Maintain Secure Operations</b> | | <b>Maintain Secure Operations</b> |
− | * Integrate aggregate outputs from security assessment and authorization activities into security architecture lifecycle processes, to ensure reference artefacts remain relevant and valid | + | * Integrate aggregate outputs from security assessment and authorization activities into security architecture lifecycle processes, to ensure reference artifacts remain relevant and valid |
| * Design processes to operate and manage services securely, and continuously monitor system events and performance in order to detect, prevent, and respond to attacks | | * Design processes to operate and manage services securely, and continuously monitor system events and performance in order to detect, prevent, and respond to attacks |
| * Establish processes to monitor security advisories, and apply security-related patches and updates to reduce exposure to vulnerabilities. Apply appropriate risk-based mitigations when patches can’t be applied | | * Establish processes to monitor security advisories, and apply security-related patches and updates to reduce exposure to vulnerabilities. Apply appropriate risk-based mitigations when patches can’t be applied |