Difference between revisions of "GC Enterprise Architecture/Standards"

From wiki
Jump to navigation Jump to search
m (I changed "Business Process Management Notation" to latest version name from OMG... "Business Process Model and Notation" in v2.0. The name changed from "Business Process Modeling Notation" in v1.0.)
 
(44 intermediate revisions by 5 users not shown)
Line 1: Line 1:
<!-- NAV -->
+
{{OCIO_GCEA_Header}}
 +
<h3><I>Please note that we are currently updating our Architecture Standards. To view the updates, please <b><u>[https://wiki.gccollab.ca/index.php?title=GC_Enterprise_Architecture_Framework click here]</b></I>
 +
 +
</h3>
  
{| class="FCK__ShowTableBorders" style="border-right: 0px; border-top: 0px; border-left: 0px; border-bottom: 0px; background-color: #3C6D9E" width="100%" align="center"
+
The GC Enterprise Architecture standard is part of the [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=15249 Directive on Management of Information Technology]. It is listed as [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=15249 Appendix C - Mandatory Procedures for Enterprise Architecture Assessment] in the Directive.
|-
+
<br><br>
|-
+
To view more detailed info on each point listed below, you can <b><I><u>click</b> on the top title for each of the Architecture layer, OR any of the <b><I><u>blue</b> link below.
| style="border-right: white 1px ridge; padding-right: 0px; padding-left: 0px; padding-bottom: 2px; padding-top: 2px; text-align: center; font-family: (Cooper black); font-size: 13pt" width="6%" | '''[[Governance_for_Digital_Solutions|<span style="color: snow">'''Home'''</span>]]'''
 
 
 
| style="border-right: white 1px ridge; padding-right: 0px; padding-left: 0px; padding-bottom: 2px; padding-top: 2px; text-align: center; font-family: (Cooper black); font-size: 13pt" width="11%" | '''[[Government_of_Canada_Architectural_Standards|<span style="color: Snow">'''EA standards'''</span>]]'''
 
  
| style="border-right: white 1px ridge; padding-right: 0px; padding-left: 0px; padding-bottom: 2px; padding-top: 2px; text-align: center; font-family: (Cooper black); font-size: 13pt" width="13%" | '''[[Past_EA_Decisions|<span style="color: Snow">'''Past EA Decisions'''</span>]] '''
+
{| width="100%" cellspacing="15" cellpadding="10"
  
| style="border-right: white 1px ridge; padding-right: 0px; padding-left: 0px; padding-bottom: 2px; padding-top: 2px; text-align: center; font-family: (Cooper black); font-size: 13pt" width="11%" | '''[[EA_Artefacts|<span style="color: Snow">'''EA Artefacts'''</span>]] '''
+
|- valign="top"
 +
| style="border-left: 10px solid #c5d5af; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |  
 +
<span style="font-size: 1.5em;">[[GC_Business_Enterprise_Architecture | 1. Business Architecture]]</span> <br><br>
 +
<b>Align to the [https://gcconnex.gc.ca/file/view/50303099/gcbcm-gcmca-v2-visualmodel-20190617-en-pdf?language=en GC Business Capability model]</b>
 +
* Define program services as business capabilities to establish a common vocabulary between business, development, and operation
 +
* Identify capabilities that are common to the GC enterprise and can be shared and reused
 +
* Model business processes using Business Process Model and Notation (BPMN) to identify common enterprise processes
  
| style="border-right: white 1px ridge; padding-right: 0px; padding-left: 0px; padding-bottom: 2px; padding-top: 2px; text-align: center; font-family: (Cooper black); font-size: 13pt" width="12%" | '''[[EA_Discussions|<span style="color: Snow">'''EA Discussions'''</span>]] '''
+
<b>Design for Users First and Deliver with Multidisciplinary Teams</b>
 
+
* Focus on the needs of users, using agile, iterative, and user-centred methods
| style="border-right: white 1px ridge; padding-right: 0px; padding-left: 0px; padding-bottom: 2px; padding-top: 2px; text-align: center; font-family: (Cooper black); font-size: 13pt" width="9%" | '''[[EA_Governance|<span style="color: Snow">'''Governance'''</span>]] '''
+
* Conform to both accessibility and official languages requirements
 +
* Include all skillsets required for delivery, including for requirements, design, development, and operations
 +
* Work across the entire application lifecycle, from development and testing to deployment and operations
 +
* Ensure quality is considered throughout the Software Development Lifecycle
 +
* Ensure accountability for privacy is clear
 +
* Encourage and adopt Test Driven Development (TDD) to improve the trust between Business and IT
  
 +
<b>Design Systems to be Measurable and Accountable</b>
 +
* Publish performance expectations for each IT service
 +
* Make an audit trail available for all transactions to ensure accountability and non-repudiation
 +
* Establish business and IT metrics to enable business outcomes
 +
* Apply oversight and lifecycle management to digital investments through governance
 
|}
 
|}
  
<!-- NAV end -->
+
{| width="100%" cellspacing="15" cellpadding="10"
  
{{Translation to follow}}
+
|- valign="top"
 +
| style="border-left: 10px solid #f4d177; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |
 +
<span style="font-size: 1.5em;">[[GC_Information_Enterprise_Architecture| 2. Information Architecture]]</span> <br><br>
  
 +
<b>Data Collection</b>
 +
* Ensure data is collected in a manner that maximizes use and availability of data
 +
* Ensure data collected aligns to existing enterprise and international standards
 +
* Where enterprise or international standards don't exist, develop Standards in the open with key subject matter experts
 +
* Ensure collection of data yields high quality data as per data quality guidelines
 +
* Ensure data is collected through ethical practices supporting appropriate citizen and business-centric use
 +
* Data should only be purchased once and should align with international standards
 +
* Where necessary, ensure collaboration with department/agency data stewards/custodians, other levels of government and indigenous people
  
{| width="100%" cellpadding="10" cellspacing=15px
+
<b>Data Management</b>
 +
* Demonstrate alignment with enterprise and departmental data governance and strategies
 +
* Ensure accountability for data roles and responsibilities
 +
* Design to maximize data use and availability
 +
* Design data resiliency in accordance with GC policies and standards
 +
* Use Master Data Management to provide a single point of reference for appropriate stakeholders
  
|-valign="top"
+
<b>Data Storage</b>
|style="border-left: 10px solid #c5d5af; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |
+
* Ensure data is stored in a secure manner in accordance with the National Cyber Security Strategy and the Privacy Act
 +
* Follow existing retention and disposition schedules
 +
* Ensure data is stored in a way to facilitate easy data discoverability, accessibility and interoperability
  
<span style="font-size: 1.5em;">1. Business Architecture</span>
+
<b>Data Sharing</b>
* [[ITIL (Information Technology Infrastructure Library)]]
+
* Data should be shared openly by default as per the Directive on Open Government
* [[GC IM/IT Strategic Action Plan]]
+
* Ensure government-held data can be combined with data from other sources enabling interoperability and interpretability through for internal and external use
* [[GC BCM v1.5 (GC Business Capability Model)]]
+
* Reduce the collection of redundant data
* [[Digital Workspace Reference Architecture]]
+
* Reduce existing data where possible
 +
* Encourage data sharing and collaboration
 
|}
 
|}
  
 +
{| width="100%" cellspacing="15" cellpadding="10"
  
{| width="100%" cellpadding="10" cellspacing=15px
+
|- valign="top"
 +
| style="border-left: 10px solid #f5844e; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |
 +
<span style="font-size: 1.5em;">[[GC_Application_Enterprise_Architecture | 3. Application Architecture]]</span> <br><br>
  
|-valign="top"
+
<b>Use Open Standards and Solutions by Default</b>
|style="border-left: 10px solid #f4d177; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |
+
* Where possible, use open source standards, and open source software first
 +
** For Guidance, please consult the [[GoC Open Source Playbook|Open Source Playbook]]
 +
* If an open source option is not available or does not meet user needs, favour platform-agnostic COTS over proprietary COTS, avoiding technology dependency, allowing for substitutability and interoperability
 +
* If a custom-built application is the appropriate option, by default any source code written by the government must be released in an open format via Government of Canada website and services designated by the Treasury Board of Canada Secretariat
 +
* All open source code must be released under an appropriate open source software license
 +
* Expose public data to implement Open Data and Open Information initiatives
  
<span style="font-size: 1.5em;">2. Information Architecture</span>
+
<b>Maximize Reuse</b>
* [[GC Interoperability Reference Platform]]
+
* Leverage and reuse existing solutions, components, and processes
* [[GC API for Interoperability]]
+
* Select enterprise and cluster solutions over department-specific solutions
* [[GC Interoperability Reference Architecture]]
+
* Achieve simplification by minimizing duplication of components and adhering to relevant standards
* [[GC Data Architecture]]
+
* Inform the GC EARB about departmental investments and innovations
|}
+
* Share code publicly when appropriate, and when not, share within the Government of Canada
  
 
+
<b>Enable [https://www.gcpedia.gc.ca/wiki/En/GCinterop Interoperability]</b>
{| width="100%" cellpadding="10" cellspacing=15px
+
* Expose all functionality as services
 
+
* Use microservices built around business capabilities. Scope each service to a single purpose
|-valign="top"
+
* Run each IT service in its own process and have it communicate with other services through a well-defined interface, such as a HTTPS-based [https://www.canada.ca/en/government/publicservice/modernizing/government-canada-standards-apis.html application programming interface (API)]
|style="border-left: 10px solid #f5844e; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |
+
* Run applications in containers
 
+
* Leverage the [[gccollab:groups/profile/1238235/engovernment-of-canada-digital-exchangefru00c9change-numu00e9rique-du-gouvernement-du-canada|GC Digital Exchange Platform]] for components such as [https://api.canada.ca/en/homepage#all-apis the API Store], Messaging, and the GC Service Bus
<span style="font-size: 1.5em;">3. Application Architecture</span>
+
|-
* [[Qualiware - Enterprise Architecture software / tool (CIOB Publishing Strategy)]]
+
|
* [[Financial Management Transformation (Endorsement of SAP software for OCG)]]
 
* [[OneGC]]
 
* [[SAP Hana licenses (initially for AAFC)]]
 
* [[CBSA SAP HANA]]
 
* [[GCcase (formerly known as SCMS)]]
 
* [[GC PPM (Project Portfolio Management)]]
 
* [[GCshare]]
 
* [[GCdocs and GCdocs Managed Service]]
 
* [[GCcase]]
 
* [[GCcase (formerly known as SCMS) as Case Management Standard]]
 
 
|}
 
|}
  
 +
{| width="100%" cellspacing="15" cellpadding="10"
  
{| width="100%" cellpadding="10" cellspacing=15px
+
|- valign="top"
 +
| style="border-left: 10px solid #cb6d49; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |
 +
<span style="font-size: 1.5em;">[[GC_Technology_Enterprise_Architecture | 4. Technology Architecture]]</span> <br><br>
  
|-valign="top"
+
<b>Use Cloud first</b>
|style="border-left: 10px solid #cb6d49; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |
+
* Enforce this order of preference: Software as a Service (SaaS) first, then Platform as a Service (PaaS), and lastly Infrastructure as a Service (IaaS)
 +
* Enforce this order of preference: Public cloud first, then Hybrid cloud, then Private cloud, and lastly non-cloud (on-premises) solutions
 +
* Design for cloud mobility and develop an exit strategy to avoid vendor lock-in
  
<span style="font-size: 1.5em;">4. Technology Architecture</span>
+
<b>Design for Performance, Availability, and Scalability</b>
* [[GC Cloud Taxonomy]]
+
* Design for resiliency
* [[SSC On-premise Managed Infrastructure as a Service]]
+
* Ensure response times meet user needs, and critical services are highly available
* [[Windows 10 Basic Configuration]]
+
* Support zero-downtime deployments for planned and unplanned maintenance
* [[ITPIN - Disposition of Windows Server 2008]]
+
* Use distributed architectures, assume failure will happen, handle errors gracefully, and monitor actively
 +
|-
 +
|
 
|}
 
|}
  
 +
{| width="100%" cellspacing="15" cellpadding="10"
  
{| width="100%" cellpadding="10" cellspacing=15px
+
|- valign="top"
 
+
| style="border-left: 10px solid #996782; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |  
|-valign="top"
+
<span style="font-size: 1.5em;">[[GC_Security_and_Privacy_Enterprise_Architecture | 5. Security Architecture and Privacy]]</span> <br><br>
|style="border-left: 10px solid #996782; box-shadow: 0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19); color: black; background-color: white; font-size:1.2em;" |  
 
  
<span style="font-size: 1.5em;">5. Security Architecture and Privacy</span>
+
<b>Design for Security and Privacy</b>
* [[GCPass – Identity Management]]
+
* Implement security across all architectural layers
* [[GC Digital Identity Strategy (Transition Digital Identity Architecture)]]
+
* Categorize data properly to determine appropriate safeguards
* [[HTTPS Everywhere]]
+
* Perform a privacy impact assessment (PIA) when personal information is involved
* [[Cyber Security Review (Transition Digital Identity Architecture)]]
+
* Balance user and business needs with proportionate security measures
 
|}
 
|}
 
+
{{OCIO_GCEA_Footer}}
 
 
<!-- FOOTER -->
 
 
 
 
 
{| width="100%" cellpadding="10"
 
 
 
|-valign="top"
 
|style="color:#3C6D9E;"|
 
<!-- COLUMN STARTS: -->
 
<div style="font-size: 1.8em; text-align:center;">Need help? Contact us.</div>
 
 
 
 
 
 
 
<!-- COLUMN 1 STARTS: -->
 
{| width="100%" cellpadding="5"
 
 
 
|-valign="top"
 
|width="33.3%" style="border: 1px solid lightgray; background-color:#fff; color:#409DE2;"|
 
[[Image: Envelope_icon_blue.png  |100px | center]]
 
<div style="font-size:1.5em; text-align:center; color:white;">{{em|ZZCIOBDP@tbs-sct.gc.ca}}</div>
 
<!-- COLUMN 1 ENDS: -->
 
 
 
<!-- COLUMN 2 STARTS: -->
 
|width="33.3%" style="border: 1px solid lightgray; background-color:#fff; color:#409DE2;"|
 
[[Image: gccollab_icon_blue.png |100px | center]]
 
<div style="font-size:1.5em; text-align:center;">[https://gccollab.ca/groups/profile/8797/encanadian-enterprise-architecture GC Collab]</div>
 
<!-- COLUMN 2 ENDS: -->
 
 
 
<!-- COLUMN 3 STARTS: -->
 
|width="33.3%" style="border: 1px solid lightgray; background-color:#fff; color:#409DE2;"|
 
[[Image: gcconnex_icon_blue.png  |100px | center]]
 
<div style="font-size:1.5em; text-align:center;">[https://gcconnex.gc.ca/groups/profile/7322003/gc-ea-working-group?language=en GCconnex]</div>
 
<!-- COLUMN 3 ENDS: -->
 
<!-- TABLE ENDS --> |}
 
 
 
<!-- COLUMN ENDS: -->
 
 
 
<!-- TABLE ENDS --> |}
 
 
 
<!-- end -->
 

Latest revision as of 13:47, 15 February 2021

Please note that we are currently updating our Architecture Standards. To view the updates, please click here

The GC Enterprise Architecture standard is part of the Directive on Management of Information Technology. It is listed as Appendix C - Mandatory Procedures for Enterprise Architecture Assessment in the Directive.

To view more detailed info on each point listed below, you can click on the top title for each of the Architecture layer, OR any of the blue link below.

1. Business Architecture

Align to the GC Business Capability model

  • Define program services as business capabilities to establish a common vocabulary between business, development, and operation
  • Identify capabilities that are common to the GC enterprise and can be shared and reused
  • Model business processes using Business Process Model and Notation (BPMN) to identify common enterprise processes

Design for Users First and Deliver with Multidisciplinary Teams

  • Focus on the needs of users, using agile, iterative, and user-centred methods
  • Conform to both accessibility and official languages requirements
  • Include all skillsets required for delivery, including for requirements, design, development, and operations
  • Work across the entire application lifecycle, from development and testing to deployment and operations
  • Ensure quality is considered throughout the Software Development Lifecycle
  • Ensure accountability for privacy is clear
  • Encourage and adopt Test Driven Development (TDD) to improve the trust between Business and IT

Design Systems to be Measurable and Accountable

  • Publish performance expectations for each IT service
  • Make an audit trail available for all transactions to ensure accountability and non-repudiation
  • Establish business and IT metrics to enable business outcomes
  • Apply oversight and lifecycle management to digital investments through governance

2. Information Architecture

Data Collection

  • Ensure data is collected in a manner that maximizes use and availability of data
  • Ensure data collected aligns to existing enterprise and international standards
  • Where enterprise or international standards don't exist, develop Standards in the open with key subject matter experts
  • Ensure collection of data yields high quality data as per data quality guidelines
  • Ensure data is collected through ethical practices supporting appropriate citizen and business-centric use
  • Data should only be purchased once and should align with international standards
  • Where necessary, ensure collaboration with department/agency data stewards/custodians, other levels of government and indigenous people

Data Management

  • Demonstrate alignment with enterprise and departmental data governance and strategies
  • Ensure accountability for data roles and responsibilities
  • Design to maximize data use and availability
  • Design data resiliency in accordance with GC policies and standards
  • Use Master Data Management to provide a single point of reference for appropriate stakeholders

Data Storage

  • Ensure data is stored in a secure manner in accordance with the National Cyber Security Strategy and the Privacy Act
  • Follow existing retention and disposition schedules
  • Ensure data is stored in a way to facilitate easy data discoverability, accessibility and interoperability

Data Sharing

  • Data should be shared openly by default as per the Directive on Open Government
  • Ensure government-held data can be combined with data from other sources enabling interoperability and interpretability through for internal and external use
  • Reduce the collection of redundant data
  • Reduce existing data where possible
  • Encourage data sharing and collaboration

3. Application Architecture

Use Open Standards and Solutions by Default

  • Where possible, use open source standards, and open source software first
  • If an open source option is not available or does not meet user needs, favour platform-agnostic COTS over proprietary COTS, avoiding technology dependency, allowing for substitutability and interoperability
  • If a custom-built application is the appropriate option, by default any source code written by the government must be released in an open format via Government of Canada website and services designated by the Treasury Board of Canada Secretariat
  • All open source code must be released under an appropriate open source software license
  • Expose public data to implement Open Data and Open Information initiatives

Maximize Reuse

  • Leverage and reuse existing solutions, components, and processes
  • Select enterprise and cluster solutions over department-specific solutions
  • Achieve simplification by minimizing duplication of components and adhering to relevant standards
  • Inform the GC EARB about departmental investments and innovations
  • Share code publicly when appropriate, and when not, share within the Government of Canada

Enable Interoperability

  • Expose all functionality as services
  • Use microservices built around business capabilities. Scope each service to a single purpose
  • Run each IT service in its own process and have it communicate with other services through a well-defined interface, such as a HTTPS-based application programming interface (API)
  • Run applications in containers
  • Leverage the GC Digital Exchange Platform for components such as the API Store, Messaging, and the GC Service Bus

4. Technology Architecture

Use Cloud first

  • Enforce this order of preference: Software as a Service (SaaS) first, then Platform as a Service (PaaS), and lastly Infrastructure as a Service (IaaS)
  • Enforce this order of preference: Public cloud first, then Hybrid cloud, then Private cloud, and lastly non-cloud (on-premises) solutions
  • Design for cloud mobility and develop an exit strategy to avoid vendor lock-in

Design for Performance, Availability, and Scalability

  • Design for resiliency
  • Ensure response times meet user needs, and critical services are highly available
  • Support zero-downtime deployments for planned and unplanned maintenance
  • Use distributed architectures, assume failure will happen, handle errors gracefully, and monitor actively

5. Security Architecture and Privacy

Design for Security and Privacy

  • Implement security across all architectural layers
  • Categorize data properly to determine appropriate safeguards
  • Perform a privacy impact assessment (PIA) when personal information is involved
  • Balance user and business needs with proportionate security measures