Difference between revisions of "Application Modernization"

From wiki
Jump to navigation Jump to search
m
 
(195 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
<multilang>  
 
<multilang>  
 +
@en|
  
 +
'''''Note:''''' We are continuously improving this site and information is published as we receive it. Templates and discussions related to Application Modernization can be found in the [[gccollab:file/group/1432343/all#1727776|GCCollab Core Technologies group]]. It is recommended you join that group to watch for updates. '''''Check out [https://wiki.gccollab.ca/Application_Modernization#References_.26_What.27s_New What's New] and the Discussion tab above for the latest updates !'''''
  
=Departmental Journey=
+
{| class="wikitable"
 
+
|-
 
+
! Year 1 – 2018-19
==Prioritization==
+
! Year 2 – 2019-20
 
+
! Year 3 – 2020-21
<!-- COLUMN 1 STARTS: -->
+
! Year 4 – 2021-22
{| width="100%" cellpadding="5"
+
! Year 5 – 2022-23
 
+
|-
|-valign="top"
+
| $4,000,000
|width="20%" style="border: 1px solid lightgray; background-color:#e0f5f4; color:#000;"|
+
(disbursed)
[[Image: legacy_data_centres.png  |100px | center]]
+
| $20,000,000  
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Assess Legacy Data Centres</div>
+
(disbursed)
<!-- COLUMN 1 ENDS: -->
+
| $40,000,000
 
+
(disbursed)
<!-- COLUMN 2 STARTS: -->
+
| $35,000,000
|width="20%" style="border: 1px solid lightgray; background-color:#e0f5f4; color:#000;"|
+
(disbursed)
[[Image: data_centre_closures.png  |100px | center]]
+
| $11,000,000
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Recommend Priority Data Centre Closures</div>
+
($ 9,124,586 in process)
<!-- COLUMN 2 ENDS: -->
+
|-
 
 
<!-- COLUMN 3 STARTS: -->
 
|width="20%" style="border: 1px solid lightgray; background-color:#a6d8e7; color:#000;"|
 
[[Image: gate.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;"><b>Gate 1:</b> GC EARB Endorsement of DC Closures</div>
 
<!-- COLUMN 3 ENDS: -->
 
 
 
<!-- COLUMN ENDS: -->
 
 
 
<!-- COLUMN 4 STARTS: -->
 
|width="20%" style="border: 1px solid lightgray; background-color:#e0f5f4; color:#000;"|
 
[[Image: notify.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Notify Impacted Departments</div>
 
<!-- COLUMN 4 ENDS: -->
 
 
 
<!-- COLUMN 5 STARTS: -->
 
|width="20%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: MoU.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">MoU for funds to support departmental discovery</div>
 
<!-- COLUMN 5 ENDS: -->
 
 
 
<!-- COLUMN ENDS: --> 
 
 
 
<!-- TABLE ENDS --> |}
 
 
 
<!-- end -->
 
 
 
 
 
 
 
==Discovery==
 
 
 
<!-- COLUMN 1 STARTS: -->
 
{| width="100%" cellpadding="5"
 
 
 
|-valign="top"
 
|width="30%" style="border: 1px solid lightgray; background-color:#a6a6a6; color:#000;"|
 
 
 
<div style="font-size:1.2em; text-align:center;">Application Portfolio Analysis</div>
 
 
 
{| width="100% cellpadding="10" cellspacing=10px
 
|-valign="top"
 
 
 
|width="33.3%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;" |
 
<!-- COLUMN 1 STARTS: -->
 
[[Image: modernization_vision.png  |60px | center]]
 
<div style="font-size:.8em; text-align:center; margin-top: 10px;">Determine modernization vision for organization</div>
 
<!-- COLUMN 1 ENDS: -->
 
 
 
|width="33.3%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;" |
 
<!-- COLUMN 2 STARTS: -->
 
[[Image: rationalization.png  |60px | center]]
 
<div style="font-size:.8em; text-align:center; margin-top: 10px;">Determine rationalization opportunities</div>
 
<!-- COLUMN 2 ENDS: -->
 
 
 
|width="33.3%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;" | 
 
<!-- COLUMN 3 STARTS: -->
 
[[Image: doc_migration.png  |60px | center]]
 
<div style="font-size:.8em; text-align:center; margin-top: 10px;">Document migration strategy and target (cloud or DC) in APM</div>
 
<!-- COLUMN 3 ENDS: -->
 
 
|}
 
|}
  
<!-- COLUMN 1 ENDS: -->
+
<!-- BACKGROUND -->
 +
== Background ==
 +
From [https://www.budget.gc.ca/2018/docs/plan/chap-04-en.html#Enabling-Digital-Services-to-Canadians Budget 2018:]
  
<!-- COLUMN 2 STARTS: -->
+
''"$110 million over six years, starting in 2018–19, to be accessed by Shared Services Canada’s partner departments and agencies to help them migrate their applications from older data centres into more secure modern data centres or cloud solutions."''
|width="14%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: engage.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Engage SSC PM and WLM Factory suppliers</div>
 
<!-- COLUMN 2 ENDS: -->
 
 
 
<!-- COLUMN 3 STARTS: -->
 
|width="14%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: doc_milestones.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Document Project Milestones</div>
 
<!-- COLUMN 3 ENDS: -->
 
 
 
<!-- COLUMN ENDS: -->
 
 
 
<!-- COLUMN 4 STARTS: -->
 
|width="14%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: doc_cost_estimates.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Document Cost Estimates</div>
 
<!-- COLUMN 4 ENDS: -->
 
 
 
<!-- COLUMN 5 STARTS: -->
 
|width="14%" style="border: 1px solid lightgray; background-color:#e0f5f4; color:#000;"|
 
[[Image: oversight.png  |70px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">TBS Oversight Team review of costs, plan, and portfolio analysis</div>
 
<!-- COLUMN 5 ENDS: -->
 
 
 
<!-- COLUMN 6 STARTS: -->
 
|width="14%" style="border: 1px solid lightgray; background-color:#a6d8e7; color:#000;"|
 
[[Image: gate.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;"><b>Gate 2:</b> GC EARB Endorsement. MoU to Release Execution Funds</div>
 
<!-- COLUMN 6 ENDS: --> 
 
 
 
<!-- COLUMN ENDS: --> 
 
 
 
<!-- TABLE ENDS --> |}
 
 
 
<!-- end -->
 
 
 
 
 
==Execution==
 
 
 
<!-- COLUMN 1 STARTS: -->
 
{| width="100%" cellpadding="5"
 
 
 
|-valign="top"
 
|width="14.2%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: staff_team.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Staff project team</div>
 
<!-- COLUMN 1 ENDS: -->
 
 
 
<!-- COLUMN 2 STARTS: -->
 
|width="14.2%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: cloud_platform.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Configure Cloud Platform<br>(e.g. Landing Zone)</div>
 
<!-- COLUMN 2 ENDS: -->
 
 
 
<!-- COLUMN 3 STARTS: -->
 
|width="14.2%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: launch_security.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Launch Security Assessment & Authorization process</div>
 
<!-- COLUMN 3 ENDS: -->
 
 
 
<!-- COLUMN ENDS: -->
 
 
 
<!-- COLUMN 4 STARTS: -->
 
|width="14.2%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: test_plans.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Develop test plans</div>
 
<!-- COLUMN 4 ENDS: -->
 
 
 
<!-- COLUMN 5 STARTS: -->
 
|width="14.2%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: execute.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Execute migrations, security assessments, & testing</div>
 
<!-- COLUMN 5 ENDS: -->
 
 
 
<!-- COLUMN ENDS: --> 
 
 
 
<!-- COLUMN 6 STARTS: -->
 
|width="14.2%" style="border: 1px solid lightgray; background-color:#d9d9d9; color:#000;"|
 
[[Image: report_status.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Report status to TBS Oversight Team</div>
 
<!-- COLUMN 6 ENDS: -->
 
 
 
<!-- COLUMN ENDS: --> 
 
 
 
<!-- COLUMN 7 STARTS: -->
 
|width="14.2%" style="border: 1px solid lightgray; background-color:#a6d8e7; color:#000;"|
 
[[Image: legacy_data_centres.png  |100px | center]]
 
<div style="font-size:1.2em; text-align:center; margin-top: 10px;">Decommission legacy data centre</div>
 
<!-- COLUMN 7 ENDS: -->
 
 
 
<!-- COLUMN ENDS: --> 
 
 
 
<!-- TABLE ENDS --> |}
 
 
 
<!-- end -->
 
 
 
</multilang>
 
 
 
__TOC__
 
  
'''''Note: We are continuously improving this site. As the initiative attracts more attention, we are trying to publish the information we have as we have it. A French version will follow shortly.'''''
+
Application Modernization is one of four pillars of the Workload Migration & Cloud Enablement (WLM&CE) initiative.  
 
+
<!-- END OF BACKGROUND -->
'''''Templates and discussions related to Application Modernization can be found in the [[gccollab:file/group/1432343/all#1727776|GCCollab Core Technologies group]]. It is strongly recommended you join that group to watch for updates.'''''
 
  
 +
<!-- OVERVIEW -->
 
== '''Overview''' ==
 
== '''Overview''' ==
This handbook is meant to help departments navigate the Application Modernization Investment Framework; the process for:
+
This handbook is meant to help departments navigate the Application Modernization Investment Framework; and other topic of interest:
 
* Prioritizing at-risk technologies
 
* Prioritizing at-risk technologies
* Engaging with partner departments
+
* Engaging with [https://www.canada.ca/en/shared-services/corporate/partner-organizations.html partner departments]
 
* Performing an analysis of departmental application portfolios
 
* Performing an analysis of departmental application portfolios
 
* Planning for addressing the at-risk technologies through modernization
 
* Planning for addressing the at-risk technologies through modernization
 
* Governance gating for endorsing modernization/migration plan and making the associated funds available
 
* Governance gating for endorsing modernization/migration plan and making the associated funds available
 
* Ongoing monitoring of status
 
* Ongoing monitoring of status
This handbook focuses on the decisions departments must make and how they are captured. It is not meant to provide a deep analysis of different technical decisions or architectural strategies a department can use to modernize, save for those captured in policy instruments.
+
 
  
 
The Investment Frame work consists of two gates:
 
The Investment Frame work consists of two gates:
Line 204: Line 49:
 
'''Gate 1''': a scope of at-risk technologies has been identified and approved by governance for modernization or decommissioning  
 
'''Gate 1''': a scope of at-risk technologies has been identified and approved by governance for modernization or decommissioning  
  
'''Gate 2''': a department's plan for modernization is ready to be endorsed by GC EARB thus authorizing the release of Application Modernization funds.
+
'''Gate 2''': a department's plan for modernization is ready to be endorsed by governance thus authorizing the release of Application Modernization funds.
 +
 
  
 
The Investment Framework also consists of four phases:
 
The Investment Framework also consists of four phases:
Line 210: Line 56:
 
'''Prioritization''': priorities for modernizing at-risk technologies are selected and endorsed by governance.
 
'''Prioritization''': priorities for modernizing at-risk technologies are selected and endorsed by governance.
  
<strong>Engagement</strong>: notify impacted departments, distribute templates to capture technical details, modernization/migration strategies, costing details and reporting dashboard.
+
<strong>Engagement</strong>: notify impacted departments, distribute templates to capture technical details, modernization/migration strategies, and costing details.
  
 
'''Discovery''': departments analyze their application portfolios to determine their strategies for modernizing at-risk technologies including a plan and cost estimates.
 
'''Discovery''': departments analyze their application portfolios to determine their strategies for modernizing at-risk technologies including a plan and cost estimates.
Line 216: Line 62:
 
'''Execution''': departments work with their partners to execute the modernization strategies identified during the discovery phase.
 
'''Execution''': departments work with their partners to execute the modernization strategies identified during the discovery phase.
  
The image below provides a pictorial view of a department's journey through the Investment Framework, or can also be found [[gccollab:file/view/1957351/enoverview-of-the-customer-journeyfr|here]] in downloadable document form.
+
A department's journey through the Investment Framework, or can also be found [[gccollab:file/view/1957351/enoverview-of-the-customer-journeyfr|here]] in downloadable document form.
 +
<!-- APPLICATION MODERNIZATION IMAGE -->
 
[[File:DepartmentalJourney.png|alt=Application Modernization Investment Framework|center|frame|Application Modernization Investment Framework - Departmental Journey]]
 
[[File:DepartmentalJourney.png|alt=Application Modernization Investment Framework|center|frame|Application Modernization Investment Framework - Departmental Journey]]
 +
Please review the brief Frequently Asked Questions [https://gccollab.ca/file/view/1760164/enfaq-wlm-app-mod-enfrfaq-wlm-app-mod-en| FAQ].
 +
<!-- END OF OVERVIEW -->
  
=== Background ===
+
<!-- PRIORITIZATION -->
Application Modernization is one of four pillars of the Workload Migration & Cloud Enablement (WLM&CE) initiative. A brief Frequently Asked Questions document can be found here.
+
== '''Prioritization''' ==
  
From [https://www.budget.gc.ca/2018/docs/plan/chap-04-en.html#Enabling-Digital-Services-to-Canadians Budget 2018:]
+
Priorities for investment from the Application Modernization and Workload Migration funds are based upon identifying high business value applications that are impacted by at-risk technologies. These at risk technologies can include, end of life software, end of life infrastructure, outdated architectures, to be decommissioned facilities such as data centres, etc…
 +
 
 +
1) TBS and SSC are working in collaboration with GC departments that demonstrate a readiness to modernize applications and migrate them to end state hosting platforms ([https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] or enterprise data centres).
  
''"$110 million over six years, starting in 2018–19, to be accessed by Shared Services Canada’s partner departments and agencies to help them migrate their applications from older data centres into more secure modern data centres or cloud solutions."''
+
2) Departments may identify applications of high business value that are impacted by technology risks as a priority investment.  
  
== '''Prioritization''' ==
+
If endorsed by [https://wiki.gccollab.ca/Application_Modernization#Governance governance], those priorities will be eligible for access to Application Modernization funds and support from the Workload Migration program. Departments are required to complete the '''[https://gccollab.ca/file/view/2650400/engeneric-wlm-app-mod-gcearb-gate1-prioritizationfr a GCEARB Gate1 (Prioritization) template]''' and engage your Departmental Architecture Review Board before being brought forward to request endorsement by governance:
To enable/expand Digital Services to Canadians: perform a deep dive of mission critical applications data and IT Continuity preparedness to ensure that the GC’s most sensitive workloads are well planned for.
+
* [https://gccollab.ca/groups/profile/2006418/enworkload-migration-working-groupfrgroupe-de-travail-sur-la-migration-des-charges-de-travail WLM Working group]
 +
* [[GC EARB]]
 +
* ADM SEP
 +
* DM CEPP
  
To stabilize the IT landscape, TBS and SSC are working in collaboration with GC departments that demonstrate a readiness to modernize applications and migrate them to end state hosting platforms (cloud or enterprise data centres).
+
The endorsement of priority at-risk technologies must be supported by the departments’ Application Portfolio Management (APM) data, readiness to proceed with the application modernization framework, and the modernization strategy that will be used (rehost, replatform, refactor, replace and to which hosting platform; data centre or [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] services)
  
The first wave of workload migration projects began in 2018:
+
In 2018, the following data centre facilities were identified as at-risk technologies to be decommissioned and the applications to be migrated or modernized to a new enterprise data centre or [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] services. The first wave of workload migration projects began in 2018 and the second wave began in 2019:
* Tunney’ Pasture DC (Statistics Canada)
+
{| class="wikitable"
* Dorval DC (Environment and Climate Change Canada)
+
|-
* Aviation Parkway DC (22 partner department tenants)
+
! Wave
* St. Laurent DC (Canada Revenue Agency and Canada Border Services Agency)
+
! Department
* Booth Street DC (Natural Resources Canada)
+
! Discovery
* Goldenrod DC (Department of National Defence)
+
! Execution
Future waves of projects will be prioritized by governance and will consider Business Value/Mission Criticality, Technological Risks and Readiness.
+
|-
 +
| 1
 +
| Statistics Canada <sup>1</sup>
 +
|
 +
| X
 +
|-
 +
| 1
 +
| Treasury Board of Canada Secretariat <sup>1</sup>
 +
|
 +
| X
 +
|-
 +
| 1
 +
| Canada Border Services Agency
 +
| X
 +
| X
 +
|-
 +
| 1
 +
| Canada Revenue Agency
 +
| X
 +
| X
 +
|-
 +
| 1
 +
| Department of National Defense
 +
| X
 +
|
 +
|-
 +
| 1
 +
| Environment and Climate Change Canada
 +
| X
 +
|
 +
|-
 +
| 1
 +
| Natural Resources Canada
 +
| X
 +
| X
 +
|-
 +
| 1
 +
| Royal Canadian Mounted Police
 +
| X
 +
|
 +
|-
 +
| 2
 +
| Canadian Food Inspection Agency
 +
|
 +
| X
 +
|-
 +
| 2
 +
| Correctional Services Canada
 +
| X
 +
| X
 +
|-
 +
| 2
 +
| Employment and Social Development Canada
 +
| X
 +
|
 +
|-
 +
| 2
 +
| Global Affairs Canada
 +
| X
 +
| X
 +
|-
 +
| 2
 +
| Health Canada
 +
| X
 +
|
 +
|-
 +
| 2
 +
| Innovation, Science and Economic Development
 +
| X
 +
| X
 +
|-
 +
| 2
 +
| Privy Council Office
 +
| X
 +
| X
 +
|-
 +
| 2
 +
| Public Health Agency Canada
 +
| X
 +
|
 +
|-
 +
| 2
 +
| Public Services and Procurement Canada
 +
| X
 +
|
 +
|-
 +
| 2
 +
| Transport Canada
 +
|
 +
| X
 +
|}
 +
<sub>1</sub>Pathfinder
 +
<!-- END OF PRIORITIZATION -->
  
 +
<!-- ENGAGEMENT -->
 
== '''Engagement''' ==
 
== '''Engagement''' ==
Once priorities are selected and endorsed by governance, funding is available to partner departments to initiate the discovery phase. A [[https://gccollab.ca/file/view/2092934/enapplication-modernization-cost-estimates-templatefr|simple worksheet]] has been devised to identify funding requirements. A Memorandum of Understanding between the GC CIO and the Deputy Head of a department will be agreed upon by both parties to secure the funding.
 
  
 +
Once priorities are reached and departments are notified, the TBS-OCIO project manager will provide guidance and tools to start the department's journey.
 +
 +
* [https://gccollab.ca/file/view/1760164/enfaq-wlm-app-mod-enfrfaq-wlm-app-mod-en| FAQ]
 +
* [https://gccollab.ca/file/view/2649702/engeneric-wlm-app-mod-gcearb-gate1-discoveryfr| GC EARB Gate 1 (Discovery) template]
 +
* [https://wiki.gccollab.ca/images/0/0e/SamplePortfolioAnalysis.png Departmental & Data Centre View dashboard]
 +
* [https://gccollab.ca/file/view/3088763/engeneric-wlm-app-mod-business-casefr| Business case template]. 
 +
 +
[https://www.canada.ca/en/shared-services/corporate/partner-organizations.html partner departments] are provided guidance/assistance to provide an accurate list of applications by updating the APM and to prepare for the [https://wiki.gccollab.ca/Application_Modernization#Governance governance] endorsement. 
 +
* [https://gccollab.ca/groups/profile/2006418/enworkload-migration-working-groupfrgroupe-de-travail-sur-la-migration-des-charges-de-travail WLM Working group]
 +
* [[GC EARB]]
 +
* ADM SEP
 +
* DM CEPP)
 +
 +
Once endorsed, the Chief Information Officer of Canada (GC CIO) and the Deputy Head of a department signs the  '''[https://gccollab.ca/file/view/9003565/engeneric-wlm-app-mod-mou-fund-disbursement-enfr| Memorandum of Understanding]'''.
 +
<!-- END OF ENGAGEMENT -->
 +
 +
[[Image:Discovery Swimlanes.png]]
 +
 +
<!-- DISCOVERY -->
 
== '''Discovery''' ==
 
== '''Discovery''' ==
  
Line 249: Line 214:
  
 
==== <big>Determine Modernization Vision for the Organization</big> ====
 
==== <big>Determine Modernization Vision for the Organization</big> ====
By the end of this step, you should have discussed with leadership how far you want to take your modernization journey. This will be the vision for your organization. Those who will be performing the subsequent portfolio analysis steps should understand that vision.
+
This is an opportunity to determine the direction for the organization and ensure those performing the subsequent portfolio analysis steps understand the vision to modernize and be more transformative! Perhaps your organization has already begun a modernization journey. In today's IT environment [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] technologies combined with DevOps methods are having a large impact on how IT is delivered. Amongst the goals of these technologies and methods is to decrease lead time and time to market; in summary:      
 
+
* Deliver IT faster
This is an opportunity to determine the direction for the organization; is it to largely sustain current operations and culture, or does the organization desire to modernize and be more transformative. Perhaps your organization has already begun a modernization journey. In today's IT environment cloud technologies combined with DevOps methods are having a large impact on how IT is delivered. Amongst the goals of these technologies and methods is to decrease lead time and time to market; in summary     
 
* deliver IT faster
 
 
 
 
* Increase reliability
 
* Increase reliability
 
* Increase security
 
* Increase security
 
* Increase quality  
 
* Increase quality  
This guide does not instruct an organization how to undertake its modernization journey, but instead is meant to be a catalyst for establishing the vision. These changes can be wide sweeping impacting roles, responsibilities, and culture. They are not undertaken in a year, but instead must be seen as a journey of maturity and continuous improvement.  
+
These changes can be wide sweeping impacting roles, responsibilities, and culture. They are not undertaken in a year, but instead must be seen as a journey of maturity and continuous improvement. While some organizations have started this journey years ago and are ready to go "all in" on [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] and the workforce are DevOps practitioners, others have not begun the journey.  
 
 
While some organizations have started this journey years ago and are ready to go "all in" on cloud and the workforce are DevOps practitioners, others have not begun the journey.
 
 
 
For those who have not yet begun a modernization journey the choice may be take this opportunity to start that journey. For others, they may decide to simply sustain operations as-is.
 
  
''cloud maturity map'' will be inserted here
+
Here is a simple visual for plotting your [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] adoption .
  
A simple visual for plotting you cloud adoption maturity can be found here. Most organizations start small with a few low risk applications. A team of willing and keen developers from within your existing workforce would lead an initative to migrate those low risk workloads to the cloud. From these experiences they would use their learnings to train others to do the same. As the number of workloads grow, the need for more sophisticated methods such as automation and DevOps will need to be applied. This will facilitate scaling without impacting agility. Existing governance and roles will also need to evolve. An organization should review the [insert roles and reap document here] to ensure your organization is ready to undertake the required roles to support cloud services.
+
[[Image:Cloud maturity map .png]]
  
A [[gccollab:file/view/1994079/encloud-fitness-scorecardfr|simple scorecard]] has been devised to assess low risk workloads for cloud migration. This scorecard is meant to provide you a short list from which to further decide where to start. Any application can be migrated to the cloud with enough time and effort. The scorecard is meant to identify low risk and low effort migrations.
+
Start small with a few low risk applications. A team of developers from within your existing workforce would lead an initiative to migrate those low risk workloads to the [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud]. The build from these experiences and transfer these skills to train others. As the number of workloads grow, the need for more sophisticated methods such as automation and DevOps will need to be applied. This will facilitate scaling without impacting agility. Existing governance and roles will also need to evolve. Review the [https://gccollab.ca/file/view/3691530/engc-cloud-rr-matrixfr GC Cloud R&R Matrix] to ensure your organization is ready to undertake the required roles to support [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] services.
  
For organizations that desire to forego modernization opportunities, the decision to rehost the entire application portfolio to a new data centre provides that opportunity.
+
See the [[gccollab:file/view/1994079/encloud-fitness-scorecardfr|simple cloud fitness scorecard]] to assess low risk workloads for cloud migration. It provides a short list to help with the decision as to where to start and to identify low risk and low effort migrations. Any application can be migrated to the [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud] with enough time and effort.  
  
 
==== <big>Determine Rationalization and Retirement Opportunities</big> ====
 
==== <big>Determine Rationalization and Retirement Opportunities</big> ====
By the end of this step you will have assessed your portfolio and infrastructure for rationalization and retirment oportunities.  
+
By the end of this step you will have assessed your portfolio and infrastructure for rationalization and retirement opportunities.  
  
 
===== <u>Obsolete Repositories</u> =====
 
===== <u>Obsolete Repositories</u> =====
 
There are GC applications – content management systems / web-database systems -  that are no longer actively used but maintained because they ''may'' contain information that ''might'' be required in the future e.g. to respond to an ATIP request.  
 
There are GC applications – content management systems / web-database systems -  that are no longer actively used but maintained because they ''may'' contain information that ''might'' be required in the future e.g. to respond to an ATIP request.  
 
* Departments should have an active Information Management (IM) function that can verify the actual data retention requirements applicable to a specific application.
 
* Departments should have an active Information Management (IM) function that can verify the actual data retention requirements applicable to a specific application.
* Departments should recognize the cost of un-necessary data retention and actively dispose of data that has been deemed un-necessary. Un-necessary data is both a cost and a liability.  
+
* Departments should recognize the cost of unnecessary data retention and actively dispose of data that has been deemed unnecessary. Unnecessary data is both a cost and a liability.  
  
 
===== <u>Obsolete Applications</u> =====
 
===== <u>Obsolete Applications</u> =====
Your application portfolio rates the business value of applications. Review low business value applications. Assess whether these applications remain needed:
+
Your application portfolio rates the business value of applications. Review low business value applications. Assess whether these applications are still needed:
 
* Use access/update logs to identify applications that have received few updates in the past two years.
 
* Use access/update logs to identify applications that have received few updates in the past two years.
 
* Identify the most recent users and inquire as to the business value of the application. 
 
* Identify the most recent users and inquire as to the business value of the application. 
  
 
==== <big>Document Migration Strategy and Targets</big> ====
 
==== <big>Document Migration Strategy and Targets</big> ====
By the end of this step you will have analyzed your portfolio of applications, updated key data in APM, chose the migrations strategy for each application ( one of the 5 Rs ), and the target for each application ( cloud or EDC ).
+
By the end of this step you will have analyzed your portfolio of applications, updated key data in APM, chose the [https://gccollab.ca/file/group/1432343/all#5335607 migration strategy] for each application (one of the 5 Rs), and the target for each application (cloud or EDC).
 
 
During the Determine Modernization Vision for the Organization step you would have determine how far your organization wants to take its modernization journey. Part of that step was the Cloud Fit Scorecard. You should have already narrowed the target options for each application.  
 
  
 
===== '''<u>Choose the Appropriate Migration Strategy</u>''' =====
 
===== '''<u>Choose the Appropriate Migration Strategy</u>''' =====
Line 294: Line 250:
 
|-
 
|-
 
! Strategy
 
! Strategy
! Altnerative Name
+
! Alternative Name
 
! Full Description
 
! Full Description
 
! Data Centre
 
! Data Centre
Line 300: Line 256:
 
|-
 
|-
 
| Retire
 
| Retire
| Decomission
+
| Decommission
 
| Retire, decommission, sunset application. Eliminate it from the portfolio.
 
| Retire, decommission, sunset application. Eliminate it from the portfolio.
 
|  
 
|  
Line 325: Line 281:
 
| Replace
 
| Replace
 
| Repurchase
 
| Repurchase
| Replace application's functionality by a new solution acquired or developed by department (medium to large investment of resources). The application will be decommissioned once replaced.
+
| Replace application's functionality with a new solution acquired or developed by department (medium to large investment of resources). The application will be decommissioned once replaced.
 
|  
 
|  
 
|X
 
|X
Line 334: Line 290:
 
With a rehost migration strategy, the application undergoes no changes and is migrated as-is to a new data centre or cloud. This is the simplest and least effort migration strategy.  
 
With a rehost migration strategy, the application undergoes no changes and is migrated as-is to a new data centre or cloud. This is the simplest and least effort migration strategy.  
  
For workloads migrating to cloud, it is strongly advised that, at the very least, the resources (network, compute, storage) be optimized and reduced to the smallest size possible. Additionally using reserved instances for production workloads and turning off unused servers during off-hours will help ensure a lower monthly bill from your cloud provider.  
+
For workloads migrating to [https://wiki.gccollab.ca/GC_Cloud_Infocentre cloud], it is strongly advised that the resources (network, compute, storage) be optimized and reduced to the smallest size possible. Additionally using reserved instances for production workloads and turning off unused servers during off-hours will help ensure a lower monthly bill from your cloud provider.  
  
 
====== '''Replatform (lift, shift, and tinker)''' ======
 
====== '''Replatform (lift, shift, and tinker)''' ======
 
With a replatform strategy, the application undergoes minor changes as it is migrated to a new data centre or cloud. Replatforming strategies may include, but as not limited to:
 
With a replatform strategy, the application undergoes minor changes as it is migrated to a new data centre or cloud. Replatforming strategies may include, but as not limited to:
  
Addressing end of life (EOL) software such as those deprecated by IT Policy Implementation Notice [https://www.canada.ca/en/treasury-board-secretariat/services/information-technology/policy-implementation-notices.html ITPINs]
+
* Addressing end of life (EOL) software such as those deprecated by IT Policy Implementation Notice [https://www.canada.ca/en/treasury-board-secretariat/services/information-technology/policy-implementation-notices.html ITPINs]
 
+
* Moving to Platform-as-a-Service (PaaS) for commoditized services such as databases, web servers, file servers, container orchestration, moving to a PaaS allows for a serverless architecture.  
Move to Platform-as-a-Service (PaaS). For commoditized services such as databases, web servers, file servers, container orchestration, moving to a PaaS allows for a serverless architecture. A serverless architecture negates the need to manage and patch operating systems, middleware and manage server instances. This also reduces an organization's IT LifeCycle Management burden. Users sometimes worry that using PaaS will cause vendor lock-in. By using PaaS that have alternatives elsewhere in the market will avoid lock-in. Being able to extract your business data and business rules from a PaaS is key to avoiding lock-in. Most cloud providers offer database, web server, and file server platforms. While migrating from one to another may not be completely painless, migration tools and APIs exist to allow for this possibility.
+
A serverless architecture negates the need to manage and patch operating systems, middleware and manage server instances. This also reduces an organization's IT Lifecycle Management burden. Users sometimes worry that using PaaS will cause vendor lock-in. By using PaaS that have alternatives elsewhere in the market will avoid lock-in. Being able to extract your business data and business rules from a PaaS is key to avoiding lock-in. Most cloud providers offer database, web server, and file server platforms. While migrating from one to another may not be completely painless, migration tools and APIs exist to allow for this possibility.
  
Containers is an increasingly populate method to deploy applications. If your application is stateless, moving it to a container will not only help portability, but also help with your organization's adoption of DevOps practices.
+
Containers is an increasingly popular method to deploy applications. If your application is stateless, moving it to a container will not only help portability, but also help with your organization's adoption of DevOps practices.
  
 
====== '''Refactor (Re-Architect)''' ======
 
====== '''Refactor (Re-Architect)''' ======
Line 352: Line 308:
 
Migrating away from less common OSes such AIX, UNIX, or Solaris may require extensive changes to the application.  
 
Migrating away from less common OSes such AIX, UNIX, or Solaris may require extensive changes to the application.  
  
Due to the high cost of refactoring, this strategy should be applied to high business value applications.  
+
Due to the high cost of refactoring, this strategy should only be applied to high business value applications.  
  
 
====== '''Replace (Repurchase)''' ======
 
====== '''Replace (Repurchase)''' ======
This is an opportunity to determine if Software-as-a-Service solutions for some of the COTS or custom built application you may have running today. Migrating to SaaS is an opportunity to access the latest version of that service and to lower lifecycle management burden. For example, if you operate a legacy email application, you may want to take the opportunity to replace it with Office 365.
+
This is an opportunity to determine if Software-as-a-Service (SaaS) solutions for some of the COTS or custom built application you may have running today. Migrating to SaaS is an opportunity to access the latest version of that service and to lower lifecycle management burden. For example, if you operate a legacy email application, you may want to take the opportunity to replace it with Office 365.
  
 
===== '''<u>Choose Your Migration Target</u>''' =====
 
===== '''<u>Choose Your Migration Target</u>''' =====
Line 362: Line 318:
 
''Enterprise Data Centre (EDC):'' a new data centre with low technical risks
 
''Enterprise Data Centre (EDC):'' a new data centre with low technical risks
  
''Cloud:'' a public cloud service provider available from the SSC Cloud Broker
+
''Cloud:'' a public cloud service provider available from the [https://cloud-broker.canada.ca/s/?language=en_CA SSC GC Cloud Brokering Service]
  
 
===== '''<u>Identify Data Centre</u>''' =====
 
===== '''<u>Identify Data Centre</u>''' =====
Ensure  applications are correctly allocated to its current legacy data centre. The data centre is an essential reporting dimension when TBS tracks your portfolioès progress.
+
Ensure  applications are correctly allocated to its current legacy data centre. The data centre is an essential reporting dimension when TBS tracks your portfolio's progress.
  
 
===== '''<u>Identify Mission Critical Applications</u>''' =====
 
===== '''<u>Identify Mission Critical Applications</u>''' =====
Line 374: Line 330:
  
 
===== '''<u>Generate Portfolio Analysis Dashboard</u>''' =====
 
===== '''<u>Generate Portfolio Analysis Dashboard</u>''' =====
Request that TBS generate a dashabord of your application portoflio. This will ensure your decisions have been correctly reflected. A sample of the dashabord that is generated is found here:
+
Request that TBS generate a dashboard of your application portfolio. This will ensure your decisions have been correctly reflected. A sample of the dashboard that is generated is found here:  
  
[[File:SamplePortfolioAnalysis.png||center|alt=Sample Application Portfolio Analysis]]
+
[[File:SamplePortfolioAnalysis.png|1000x1000px|center|alt=Sample Application Portfolio Analysis]]
  
 
=== ''Engage SSC Project Manager and WLM Factory'' ===
 
=== ''Engage SSC Project Manager and WLM Factory'' ===
 
It is likely you have already been working with your SSC Project Manager. If not, talk to your Service Delivery Manager. At this point it would be prudent to work with a supplier qualified on the WLM Factory to help with planning and cost estimates.
 
It is likely you have already been working with your SSC Project Manager. If not, talk to your Service Delivery Manager. At this point it would be prudent to work with a supplier qualified on the WLM Factory to help with planning and cost estimates.
  
=== ''Document Project Milestones'' ===
+
=== ''Document Project Milestones (Roadmap)'' ===
  
 
[[File:SampleRoadmapAnalysis.png||alt=Sample Roadmap for Modernization]]
 
[[File:SampleRoadmapAnalysis.png||alt=Sample Roadmap for Modernization]]
  
=== ''Document Cost Estimates'' ===
 
(insert cost estimates summary here )
 
  
 
=== ''Gate2: GC EARB Endorsement and MoU to Release Funds'' ===
 
=== ''Gate2: GC EARB Endorsement and MoU to Release Funds'' ===
At this point the discovery phase is completed. The analysis and planning undertaken as part of discovery will be presented to GC EARB as part of requesting endorsement for releasing funds for the execution phase.
 
  
The generic template for the presenting your discovery analysis and funding approval to move to execution can be found [[gccollab:file/view/1995846/engc-earb-generic-presentation-for-gate-2-endorsement-requestfr|here]].
+
=== '''NEW! Application Modernization Technical Assessment report=== '''
  
As part of the GC EARB a CIO will explain their migration strategy and target choices. This includes how those choices align to the Cloud First policy requirement (requirement 6.4.2) and meeting requirement 6.1.1 of the Directive..
+
The Application Modernization Technical Assessment provides the rationale used in identifying application complexities and associated strategies for each application, both of which are key components in determining funding allocations. The Technical Assessment is an excel spreadsheet with a list of applications sent to departments to respond to the Application Complexity and Proposed Strategy for each application as well as a short list of [https://gccollab.ca/file/view/9592990/entechnical-assessment-questionsfr questions].  Once reviewed by the TBS project manager, the department is requested to present to the  [https://gccollab.ca/file/group/1896301/all#9322590 Enterprise Architecture Community of Practice] to solicit their input.
 +
The goal is to provide guidance and support to partner departments in:
 +
* Prioritizing the GC’s Cloud First approach
 +
* Aligning with IT horizontal solutions
 +
* Supporting the decommissioning of at-risk technologies
 +
* Supporting modernization strategies that are technically sound and innovative
 +
The analysis and planning undertaken as part of discovery will be presented to the [https://wiki.gccollab.ca/Application_Modernization#Governance governance] structure as part of requesting endorsement for releasing funds for the execution phase. The '''[https://gccollab.ca/file/view/2650673/engeneric-wlm-app-mod-gcearb-gate2-executionfr generic template]''' is to be completed to present the discovery analysis and funding approval to move to the execution phase.
  
If and when endorsement is provided by GC EARB, approval will be requested from the GC CIO. A Memorandum of Understanding between the GC CIO and the deputy head of the requesting department will be agreed to by both parties.
+
The department's CIO will explain their migration strategy and target choices. This includes how those choices align to the Cloud First policy (Cloud First 4.4.1.9 / Data Residency 4.4.1.10 / Non-Public Cloud GC EARB Assessments 4.1.1.2.4) of the [https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32601  Directive on Service and Digital]. If and when endorsement is provided, approval will be requested from the GC CIO. A '''[https://gccollab.ca/file/view/9003565/engeneric-wlm-app-mod-mou-fund-disbursement-enfr Memorandum of Understanding]''' between the GC CIO and the deputy head of the requesting department will be agreed to by both parties.
  
 +
=== ''Reporting Requirements'' ===
 +
As per section 3: Reporting Requirements of the signed MOU between your department and TBS, the executive project dashboard is due at the end of  each quarter. Please find the '''[https://gccollab.ca/file/view/6712988/enwlm-appmod-quarterly-reporting-dashboardfr Quarterly Reporting Dashboard tool]''' to be used to report the status of your modernization strategies to the TBS Oversight Team. This is a standard template that is used to monitor projects with [https://intranet.canada.ca/wg-tg/go-sg/dwnld-eng.asp instructions].
 +
<!-- END OF DISCOVERY -->
 +
 +
<!-- EXECUTION -->
 
== '''Execution''' ==
 
== '''Execution''' ==
Content not yet completed
+
 
 +
With the execution funds now received, the analysis and planning undertaken as part of discovery will be now be executed in order to close the legacy data centre. Departments are still required to submit quarterly reporting dashboards based on the funding received and to provide input into the status of their application modernization/migration journey by breaking down how the funds are spent, documenting milestones, risks and issues.  Feedback and guidance will be received from the TBS project manager as required. The information is also collected to form part of the status report on the WLM program to the WLM governance structure.
 +
 
 +
[[Image:Execution Swimlanes v1.png]]
 +
 
 +
<!-- END OF EXECUTION -->
 +
 
 +
<!-- CLOSE OUT -->
 +
== '''Close Out''' ==
 +
 
 +
=== '''Lessons Learned''' ===
 +
 
 +
<b>Change is hard.</b> Cloud requires a major culture shift in the organization, especially in IT as it means radical transformation to some roles. Do not underestimate the fear that people will have. Organizational change management must be at the forefront.
 +
 
 +
<b>Strong support</b> required by deputy head and all levels of senior leadership. Due to the magnitude of change required and the underlying complexity, the senior management table MUST demonstrate consistent, strong leadership to ensure success.
 +
 
 +
<b>Cloud is a journey,</b> not a destination. It is very complex, and will take longer than you think. Start now, before you have all of the information. BUT – start smaller and simple, avoid serious injury when you fall. Because you will fall. Learn to crawl before trying to run. Fully embracing cloud will take years.
 +
 
 +
<b>Partner with others</b>. Having an integrated project team with SSC has been key success factor. Leverage the expertise of industry and of others that have gone before you.
 +
Strong support  required by deputy head and all levels of senior leadership.
 +
 
 +
<b>Shallow pool of resources</b> with the required expertise. Resources are routinely targeted by other departments and private sector. Ability to attract and retain talent is key, and is very challenging in public sector environment.
 +
 
 +
<b>Products may not be as advertised</b>.  While the products may be released as GA, and have been tested on the open market, they do not necessarily function as intended.  There may be a lot of back and forth with the vendor (in our case MS) in order to get the functionality you were expecting - add some contingency time to your project for this.
 +
 
 +
<b>Voice your concerns immediately.</b> You have to watch your costs like a hawk and have a strong understanding of what the costs should be - more importantly, you have to voice your concerns immediately to the vendor so that they can investigate and adjust.  eg Log analytics
 +
 
 +
<b>Be like water</b> You have to work with a singular vision and purpose, but you have to be like water otherwise.  The landscape in the cloud is ever changing - gone are the days of set it and forget it.  Also, politically, there are always changes too - so you must be prepared to pivot when needed.  eg. Pathfinder, APDC Closure, desktop, etc...
 +
 
 +
=== '''Benefits realization''' ===
 +
 
 +
Technology transformation projects with benefits realization management aligns strategic goals with project lifecycles. This helps contribute to a more efficient core business processes. Listed below are some of the benefits have been realized after TBS’s migration from a legacy data centre to cloud.
 +
 
 +
* Completely eliminated technical debt
 +
* Modernized our whole environment (PaaS, SaaS)
 +
* Adopted DevOps and automation
 +
* Gained end to end visibility and monitoring capabilities
 +
* Stronger Security posture
 +
* Resilience and fault tolerance
 +
 
 +
What benefits do you foresee to be realized?  See [https://www.canada.ca/en/treasury-board-secretariat/services/information-technology-project-management/project-management/outcome-management-guide-tools.html Outcome Management Guide and Tools].
 +
 
 +
<!-- END OF CLOSE OUT -->
 +
 
 +
<!-- REFERENCES & WHAT'S NEW -->
 +
== '''References & What's New''' ==
 +
====== '''WHAT'S NEW''' ======
 +
[https://gccollab.ca/file/view/9635053/enrenewed-cloud-adoption-strategy-vision-measures-principlesfr?utm_source=notification&utm_medium=email Renewed Cloud Adoption Strategy Vision, Measures, Principles]
 +
 
 +
[https://gccollab.ca/file/group/1432343/all#5335607 DEPARTMENTAL CLOUD STRATEGIES]
 +
 
 +
[https://wiki.gccollab.ca/GC_Cloud_Infocentre Cloud Infocentre]
 +
 
 +
[https://www.gcpedia.gc.ca/wiki/OCIO_Application_Portfolio_Management/Aging_IT_Application_Assessment OCIO Application Portfolio Management/Aging IT Application Assessment]
 +
 
 +
[https://gccollab.ca/file/group/2731824/all#5536103 Enterprise IT Service Standards] - Standard on; IT Profile, IT Entitlements, IT Service Common Configurations, Enterprise IT Service Usage Restrictions and more!
 +
 
 +
TBS [https://wiki.gccollab.ca/GC_Enterprise_Architecture/Enterprise_Solutions#Security_Architecture_and_Privacy GC Enterprise Architecture/Enterprise Solutions]
 +
 
 +
[https://gccollab.ca/file/view/6331829/en complianceweek-accelerating-protected-workloads-sept-2020fr Accelerating Protected Workloads (Sept 2020)]
 +
 
 +
[https://api.canada.ca/en/homepage API Store] [https://gccollab.ca/groups/profile/1466411/enapi-storefrmagasin-api API GC Collab]
 +
 
 +
[https://www.gcpedia.gc.ca/gcwiki/images/c/c5/GC_Zero_Trust_Security_Concept.pdf Zero Trust Security Concept PDF (Aug-2020)]
 +
 
 +
[https://www.gcpedia.gc.ca/wiki/Zero_Trust_Security Zero Trust Security (Jul-2020)]
 +
 
 +
 
 +
[https://wiki.gccollab.ca/Workload_Migration_(WLM)_Program Workload Migration SSC WLM Program]
 +
 
 +
[https://ssc-clouddocs.canada.ca/ SSC Cloud document portal]
 +
 
 +
SSC [https://gccollab.ca/groups/profile/4209321/enssc-cpmsd-cloud-adoption-playbooksfrgroupe-de-ru00e9vision-des-documents-dadoption-de-linformatique-en-nuage-pru00e9paru00e9-par-la-dsgpi Cloud Adoption Playbooks]
 +
 
 +
(Jan-2021) Visit the [https://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.gcpedia.gc.ca%2Fwiki%2FM365-playbook%2Fhome&data=04%7C01%7Cnicole.koch%40tbs-sct.gc.ca%7C2e5e1b863a354b3bf49708d8bc8d7a3b%7C6397df10459540479c4f03311282152b%7C0%7C0%7C637466663110726935%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=aVRNmcoUkdFO7xIuqyT7qKXuWbMlluBrCKssZNQcDJA%3D&reserved=0 M365 Playbook on GCpedia]
 +
 
 +
PSPC [https://www.gcpedia.gc.ca/wiki/En/GCPS EA and GC Programs and Solutions]
 +
 
 +
The Canada School of Public Service (CSPS) Digital Academy is offering a virtual  learning program: [https://learn-apprendre.csps-efpc.gc.ca/application/en/content/getting-started-cloud-computing-i621-0 Getting Started with Cloud Computing]
 +
 
 +
[https://gccollab.ca/discussion/view/5344264/enstratosphere-2020fr Stratosphere Cloud Event]
 +
 
 +
[https://youtu.be/GzyNlkiCbeE FWDThinking Episode 5.2: Showing What’s Possible—an extended interview with Minister Murray]
 +
 
 +
[https://gccollab.ca/file/view/3671533/enworkload-placement-in-hybrid-it-gartnerfr Gartner: Workload Placement in Hybrid IT]
 +
 
 +
[https://youtu.be/OJeoNYvsoT4 DPI - Charting a path to success for Workload Migration: Approaches and Best Practices]
 +
 
 +
====== '''TB Policies & Standards''' ======
 +
[https://www.canada.ca/en/government/system/digital-government/government-canada-digital-operations-strategic-plans/digital-operations-strategic-plan-2021-2024.html Digital Operations Strategic Plan: 2021-2024]
 +
 
 +
[https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=32601  Directive on Service and Digital]
 +
 
 +
[https://www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16578 Policy on Government Security]
 +
 
 +
[https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/direction-secure-use-commercial-cloud-services-spin.html Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN)]
 +
 
 +
====== '''Guidance''' ======
 +
 
 +
[https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/government-canada-cloud-adoption-strategy.html Government of Canada Cloud Adoption Strategy]
 +
 
 +
[https://canada-ca.github.io/digital-playbook-guide-numerique/en/overview.html Government of Canada Digital Playbook]
 +
 
 +
[https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/security-playbook-information-system-solutions-cloud.html Security Playbook for Information System Solutions]
 +
 
 +
[https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/government-canada-security-control-profile-cloud-based-it-services.html Government of Canada Security Control Profile for Cloud-Based GC IT Services]
 +
 
 +
[https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/cloud-services/cloud-security-risk-management-approach-procedures.html Government of Canada Cloud Security Risk Management Approach and Procedures]
 +
 
 +
[https://cyber.gc.ca/en/guidance/baseline-security-requirements-network-security-zones-government-canada-itsg-22 CSE ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada]
 +
 
 +
[https://cyber.gc.ca/en/guidance/network-security-zoning-design-considerations-placement-services-within-zones-itsg-38 CSE ITSG-38 Network Security Zoning – Design Consideration for Placement of Services within Zones]
 +
 
 +
[https://www.cse-cst.gc.ca/en/system/files/pdf_documents/itsp.30.031v2-eng.pdf CSE ITSG.30.031 V2 User Authentication Guidance for Information Technology Systems]
 +
 
 +
[https://cyber.gc.ca/en/guidance/guidance-securely-configuring-network-protocols-itsp40062 CSE ITSG.40.062 Guidance on Securely Configuring Network Protocols]
 +
 
 +
====== '''Blog''' ======
 +
[https://medium.com/core-technologies/gc-accelerators-6d3787269ebd The GC Accelerators - Accelerating the Secure Adoption of Cloud Services]
 +
 
 +
[https://medium.com/core-technologies/part-1-application-modernisation-making-it-delivery-less-work-ee288079fc32 Part 1: Application Modernisation — Making IT Delivery Less Effort]
 +
 
 +
[https://medium.com/core-technologies/part-2-application-modernisation-understanding-modernisation-strategies-3bc529bef22a Part 2: Application Modernisation — Understanding Modernisation Strategies]
 +
 
 +
[https://medium.com/core-technologies/part-3-application-modernisation-assessing-your-portfolio-29531bae22ef Part 3: Application Modernisation — Assessing Your Portfolio]
 +
 
 +
[https://medium.com/core-technologies/part-4-application-modernisation-choosing-your-target-70cf3e3e2f0f Part 4: Application Modernisation — Choosing Your Target]
 +
 
 +
[https://medium.com/core-technologies/part-4-¾-application-modernisation-continuous-modernisation-39e7aafb1260| Part 4 ¾: Application Modernisation – Continuous Modernisation]
 +
 
 +
[https://medium.com/core-technologies/5-4-3-2-1-cloud-a904f99d56cd 5–4–3–2–1 — Cloud!]
 +
<!-- END OF REFERENCES & WHAT'S NEW -->
 +
 
 +
<!-- GOVERNANCE -->
 +
== '''Governance''' ==
 +
 
 +
'''[https://gccollab.ca/file/view/7293070/enprioritization-endorsement-timelinefr Prioritization/Endorsement critical path]'''
 +
 
 +
[[Image:WLM Governance.png]]
 +
<!-- END OF GOVERNANCE -->
 +
 
 +
@fr|
 +
 
 +
'''''Remarque : Nous améliorons continuellement ce site. Étant donné que l’initiative suscite de plus en plus d’attention, nous nous efforçons de publier les renseignements dont nous disposons dans leur forme actuelle.'''''
 +
 
 +
''''' Les modèles et les discussions liées à la modernisation des applications sont accessibles dans le [[gccollab:file/group/1432343/all#1727776|groupe des technologies de base de GCcollab]]. Nous vous recommandons fortement de vous joindre à ce groupe pour rester à l’affût des mises à jour.'''''
 +
 
 +
<!-- Aperçu -->
 +
== '''Aperçu ''' ==
 +
 
 +
Le présent Guide vise à aider les ministères à parcourir le Cadre d’investissement pour la modernisation des applications, lequel permet :
 +
* d’établir l’ordre de priorité des technologies à risque;
 +
* de mobiliser les ministères partenaires;
 +
* de réaliser une analyse des portefeuilles d’applications des ministères;
 +
* de préparer le traitement des technologies à risque grâce à la modernisation;
 +
* de contrôler la gouvernance en soutien au plan de modernisation ou de migration et rendre disponibles les fonds connexes;
 +
* d’effectuer la surveillance continue de l’état.
 +
 
 +
Le présent Guide porte principalement sur les décisions que doivent prendre les ministères et sur la façon de saisir ces décisions. Il ne vise pas à fournir une analyse approfondie des décisions techniques et des stratégies architecturales qu’un ministre peut adopter pour appuyer la modernisation, exception faite des décisions et stratégies saisies dans les instruments de politique.
 +
 
 +
Le cadre d’investissement prévoit deux points de contrôle :
 +
 
 +
'''Point de contrôle 1''': La portée des technologies à risque a été relevée et approuvée par la gouvernance en vue de la modernisation ou de la mise hors service.
 +
 
 +
'''Point de contrôle 2''': Le plan de modernisation du ministère est prêt à être approuvé par le Comité d’examen de l’architecture intégrée du gouvernement du Canada (CEAI GC), lequel autorisera le déblocage des fonds de modernisation des applications.
 +
 
 +
Le cadre d’investissement consiste également en quatre étapes : 
 +
 
 +
'''Établissement de l’ordre des priorités''': Les priorités pour la modernisation des technologies à risque sont choisies et approuvées par la gouvernance.
 +
 
 +
'''Mobilisation ''': Aviser les ministères touchés, distribuer les modèles permettant de saisir les détails techniques, communiquer les stratégies de modernisation ou de migration, fournir les détails sur l’établissement des coûts et le tableau de bord des rapports.
 +
 
 +
'''Découverte ''': Les ministères analysent leurs portefeuilles de demandes afin d’établir des stratégies de modernisation des technologies à risque qui comprennent un plan et une estimation des coûts.
 +
 
 +
'''Mise en œuvre ''':Les ministères travaillent avec leurs partenaires à la mise en œuvre des stratégies de modernisation ayant été établies à l’étape précédente. 
 +
L’image ci-dessous présente une vue d’ensemble du parcours du ministère à travers les étapes du cadre d’investissement. Elle est également accessible [[gccollab:file/view/1957351/enoverview-of-the-customer-journeyfr|ici]] en version pouvant être téléchargée.
 +
 
 +
<!-- APPLICATION MODERNIZATION IMAGE -->
 +
[[File:Structure_de_gouvernance_-_un_catalyseur_essential_Page1_Image1.png]]
 +
<!-- END OF OVERVIEW -->
 +
 
 +
<!-- BACKGROUND -->
 +
=== Contexte ===
 +
 
 +
La modernisation des applications constitue l’un des quatre piliers de l’initiative Migration de la charge de travail et habilitation en nuage (MCT et HN). Un court document de foire aux questions est accessible ici: [https://gccollab.ca/file/view/1760164/enfaq-wlm-app-mod-enfrfaq-wlm-app-mod-en| FAQ].
 +
 
 +
Extrait [https://www.budget.gc.ca/2018/docs/plan/chap-04-fr.html#Enabling-Digital-Services-to-Canadians Budget de 2018:]
 +
 
 +
'''« 110 millions de dollars sur six ans, à compter de 2018-2019, auquel les ministères et organismes partenaires de Services partagés Canada accéderont pour les aider à faire la migration de leurs applications de vieux centres de données vers des centres de données plus sécurisés ou vers des solutions infonuagiques ».'''
 +
<!-- END OF BACKGROUND -->
 +
 
 +
<!-- PRIORITIZATION -->
 +
== '''Établissement de l’ordre des priorités''' ==
 +
 
 +
Les priorités d’investissement tirées du fonds sur la modernisation des applications et de la migration de la charge de travail sont fondées sur la détermination des différentes applications à valeur organisationnelle élevée qui sont touchées par les technologies à risque. Ces technologies à risque peuvent comprendre les logiciels en fin de vie utile, l’infrastructure en fin de vie utile, les architectures désuètes, les installations devant être mises hors services (p. ex., les centres de données), etc.
 +
 
 +
1) Afin de stabiliser le paysage de la technologie de l’information (TI) et d’assurer la continuité des services offerts aux Canadiens, le Secrétariat du Conseil du Trésor du Canada (SCT) et Services partagés Canada (SPC) travaillent en collaboration avec les ministères du gouvernement du Canada (GC) qui se montrent prêts à moderniser leurs applications et à les transférer vers des plateformes d’hébergement d’état final (centres de données en nuage ou organisationnels).
 +
 
 +
2) Les ministères peuvent relever comme investissements prioritaires les applications à valeur organisationnelle élevée qui sont touchées par différentes technologies à risque. Une fois approuvées par la gouvernance, ces priorités pourront bénéficier du fonds de modernisation des applications et des mesures de soutien prévues par le programme de migration de la charge de travail.
 +
 
 +
Pour faciliter le processus d’établissement de l’ordre des priorités, [https://gccollab.ca/file/view/3399063/enfrgu00e9nu00e9rique-mod-app-et-mct-point-de-contru00f4le-priorisationpptx un modèle pour le point de contrôle 1 du CEAI GC (établissement de l’ordre des priorités)] a été fourni aux ministères afin d’être rempli. Après l’avoir rempli, les ministères pourront présenter ce modèle à leur conseil d’examen de l’architecture avant de le présenter à la gouvernance [https://gccollab.ca/groups/profile/2006418/enworkload-migration-working-groupfrgroupe-de-travail-sur-la-migration-des-charges-de-travail groupe de travail sur la MCT] [https://wiki.gccollab.ca/GC_EARB CEAI GC], Comité des sous-ministres adjoints sur les priorités et la planification intégrées (SMA CPPI) et Comité des sous-ministres sur les priorités et la planification intégrées (SM CPPI)) aux fins d’approbation. La demande d’approbation permet au ministère de présenter une rigoureuse analyse de rentabilisation pour les investissements afin d’aborder les technologies à risque.
 +
 +
L’approbation des technologies à risque doit être appuyée par les données de la gestion du portefeuille des applications (GPA), par l’état de préparation pour aller de l’avant avec le cadre de modernisation des applications (décrit dans la présente) et par la stratégie de modernisation (réhéberger, remonter, réusiner, remplacer en indiquant par quelle la plateforme d’hébergement, quel centre de données ou quel service d’informatique en nuage).
 +
 
 +
En 2018, les installations de centres de données qui suivent ont été assimilées à des technologies à risque devant être mises hors service, alors que les applications ont été désignées comme devant être modernisées ou transférées vers un nouveau centre de données ou de nouveaux services d’informatique en nuage. 
 +
La première vague de projets de migration de la charge de travail a été lancée en 2018 :
 +
* Statistique Canada
 +
* Environnement et Changement climatique Canada
 +
* Agence du revenu du Canada, Agence des services frontaliers du Canada.
 +
* Ressources naturelles Canada
 +
* ministère de la Défense nationale
 +
 
 +
La 2ièm vague de projets de migration de la charge de travail a été lancée en 2019:
 +
* Transports Canada                               
 +
* Agence canadienne d'inspection des aliments
 +
* Innovation, Sciences et Développement économique Canada
 +
* Emploi et Développement social Canada (Montréal et Moncton)
 +
* Bureau du Conseil privé                           
 +
* Affaires mondiales Canada                       
 +
* Services publics et Approvisionnement Canada (PdP III)     
 +
 
 +
<!-- Gouvernance -->
 +
== '''Gouvernance''' ==
 +
[[File:Structure_de_gouvernance_-_Un_catalyseur_essentiel_FR.png]]
 +
<!-- END OF Gouvernance -->
 +
 
 +
<!-- Mobilisation -->
 +
== '''Mobilisation''' ==
 +
Une fois que l’on a atteint les priorités et avisé les ministères partenaires touchés, on fournit la trousse de départ sur la modernisation des applications, de même que le guide de modernisation des applications et les documents de [https://gccollab.ca/file/view/1760164/enfaq-wlm-app-mod-enfrfaq-wlm-app-mod-en| FAQ]. Cette trousse comporte le [https://gccollab.ca/file/view/3399890/enfrgu00e9nu00e9rique-mod-app-et-mct-point-de-contru00f4le-1-du00e9couvertepptx| Générique Mod app et MCT- Point de contrôle 1 (découverte)], le tableau de bord Vue du ministère et centre de données, et le [https://gccollab.ca/file/view/3423530/enfrmodu00e8le-du2019analyse-de-rentabilisationdoc| modèle d’analyse de rentabilisation]. Les ministères partenaires reçoivent de l’aide et du soutien tout au long de la mobilisation. Un nouveau modèle de calcul du financement est en cours d'élaboration et sera prêt à être utilisé d'ici fin juin 2020.
 +
 
 +
Les ministères partenaires reçoivent l’approbation de la gouvernance ([https://gccollab.ca/groups/profile/2006418/enworkload-migration-working-groupfrgroupe-de-travail-sur-la-migration-des-charges-de-travail groupe de travail sur la MCT],  [https://wiki.gccollab.ca/GC_EARB CEAI GC], SMA CPPI et le SM CPPI), qui rend accessible le financement pour lancer l’étape de la découverte. Un protocole d’entente est conclu entre le dirigeant principal de l’information du gouvernement du Canada et l’administrateur général d’un ministère en vue de l’obtention du financement.
 +
 
 +
<!-- END OF Mobilisation -->
 +
 
 +
<!-- Découverte -->
 +
== '''Découverte''' ==
 +
=== ''Analyse des portefeuilles d’applications'' ===
 +
Les trois étapes suivantes permettent aux ministères d’évaluer leur portefeuille d’applications et de consigner les décisions relativement aux façons de réduire, de rendre viable et de moderniser les portefeuilles.
 +
 
 +
=== <big>Déterminer la vision de la modernisation de l’organisation''</big> ===
 +
 
 +
À l’issue de cette étape, vous devriez avoir abordé avec les cadres jusqu’où vous voulez aller dans le cadre de cette modernisation. Cela constituera la vision de votre organisation. Les personnes chargées des étapes subséquentes d’analyse des portefeuilles devront comprendre cette vision. 
 +
Cette étape vous donne l’occasion de déterminer l’orientation de l’organisation : devrait-elle largement sous-tendre nos activités et notre culture actuelles ou devrait-elle plutôt tenter de se moderniser et de devenir plus transformatrice? Votre organisation a peut-être déjà lancé un processus de modernisation. Dans l’environnement de la TI d’aujourd’hui, les technologies de l’informatique en nuage et les méthodes de développement et d’opérations (DevOps) ont d’importances incidences sur prestation de la TI. Cette technologie et méthodes visent, entre autres, à réduire les délais d’exécution et les délais de mise en marché. En résumé,
 +
* Accélérer la prestation de la TI
 +
* Accroître la fiabilité
 +
* Améliorer la sécurité
 +
* Rehausser la qualité
 +
 
 +
Plutôt qu’indiquer à l’organisation comment lancer son processus de modernisation, le présent Guide fait office de catalyseur pour permettre la mise en œuvre de la vision. Ces changements peuvent avoir de larges répercussions et des incidences sur les rôles, les responsabilités et la culture. Leur mise en œuvre prend plus d’une année et doit être perçue comme faisant partie du processus visant la maturité et l’amélioration continue.
 +
Alors que certaines organisations ont lancé ce processus il y a plusieurs années, sont prêtes à s’investir à 100 % dans les technologies d’informatique en nuage et ont formé leur effectif au développement et aux opérations (DevOps), d’autres organisations n’ont pas encore entamé le processus de modernisation.
 +
Les organisations qui n’ont pas encore lancé leur processus de modernisation pourraient profiter de cette occasion pour le faire. Les autres organisations pourraient simplement décider de maintenir leurs opérations telles quelles.
 +
 
 +
Un schéma vous aidant à préparer la maturation des efforts d’adoption de services d’informatique en nuage est accessible ici. La plupart des organisations commencent par de petits projets réalisés sur quelques applications à faibles risques. L’équipe de développeurs motivés et enthousiastes de votre effectif actuel devrait alors diriger l’initiative visant à transférer ces charges de travail à faibles risques vers l’informatique en nuage. Forts de leur expérience, ces développeurs devraient ensuite mettre à profit leurs connaissances pour former d’autres personnes à faire la même chose. Alors qu’augmente le nombre de charges de travail, il deviendra nécessaire d’avoir recours à des méthodes plus sophistiquées, comme l’automatisation et les DevOps. Cela facilitera la mise à l’échelle sans avoir d’incidences sur la flexibilité. Il faudra aussi faire évoluer la gouvernance et les rôles actuels. L’organisation devra passer en revue les [insérez ici le document décrivant les rôles et les données recueillies] pour s’assurer d’être prête à mettre en œuvre les différents rôles qui sont nécessaires au soutien des services informatiques en nuage.
 +
 
 +
On a élaboré une [[gccollab:file/view/1994079/encloud-fitness-scorecardfr|fiche de pointage simple] pour évaluer les charges de travail à faible risque en vue de la migration vers l’informatique en nuage. Cette fiche de pointage vous fournira une courte liste pour vous aider à décider par où commencer. Il est possible de transférer les applications vers l’informatique en nuage si l’on consacre le temps et les efforts nécessaires à la réalisation de cette tâche. La fiche de pointage vise à relever les migrations à faibles risques et les migrations nécessitant peu d’efforts.
 +
 
 +
Les organisations qui ne souhaitent pas profiter des possibilités de modernisation peuvent tout simplement décider de réhéberger le portefeuille d’applications en entier dans un nouveau centre de données.
 +
 
 +
==== <big>Déterminer les possibilités concernant la rationalisation et le retrait</big> ====
 +
 
 +
À l’issue de cette étape, vous aurez analysé votre portefeuille et votre infrastructure afin de relever les possibilités de rationalisation et de retrait.
 +
 
 +
===== <u>Dépôts désuets</u> =====
 +
Certaines applications du GC qui ne sont plus activement utilisées, comme les systèmes de gestion du contenu et les systèmes de base de données Web, sont tout de même conservées étant donné qu’elles comportent des renseignements qui pourraient être nécessaires à l’avenir, p. ex., répondre à une demande d’accès à l’information et de protection des renseignements personnels (AIPRP).
 +
* Les ministères devraient disposer d’une fonction active de gestion de l’information (GI) permettant de vérifier les exigences réelles en matière de conservation des données qui s’appliquent à une application précise.
 +
* Les ministères devraient reconnaître les coûts associés à la rétention inutile des données et travailler de façon active à l’élimination des données jugées inutiles. Les données inutiles engendrent des coûts et représentent un passif.
 +
 
 +
===== <u>Applications désuètes</u> =====
 +
Votre portefeuille d’applications évalue la valeur opérationnelle des différentes applications. Passez en revue les applications qui ont une faible valeur opérationnelle. Déterminez si elles demeurent nécessaires : 
 +
* Utilisez les fonctions d’accès ou de mise à jour des journaux pour relever les applications ayant fait l’objet d’un petit nombre de mises à jour au cours des deux dernières années.
 +
* Relevez les utilisateurs les plus récents et renseignez-vous sur la valeur opérationnelle de l’application visée.
 +
 
 +
==== <big>Stratégie et cibles concernant la migration de documents</big> ====
 +
À l’issue de cette étape, vous aurez analysé votre portefeuille d’applications, mis à jour les données principales de la GPA, déterminé une stratégie de migration pour chacune des applications (l’un des « 5 R ») et fixé un objectif pour chacune des applications (informatique en nuage ou centre de données organisationnelles (CDO).
 +
 
 +
Dans le cadre de l’étape de détermination de la vision de la modernisation au sein de l’organisation, vous devrez déterminer jusqu’où votre organisation souhaite aller dans le cadre du processus de modernisation. Cette étape prévoit le remplissage de la feuille de pointage sur l’adaptation à l’informatique en nuage. Vous devrez avoir déjà précisé les options ayant été ciblées pour chacune des applications.
 +
 
 +
===== '''<u>Choisissez la stratégie d’atténuation qui convient</u>''' =====
 +
Pour chacune des applications, déterminez votre stratégie de migration (les « 5 R »).
 +
 
 +
{| class="wikitable"
 +
|-
 +
! Stratégie
 +
! Autre dénomination
 +
! Description complète
 +
! Centre de données
 +
! Informatique en nuage
 +
|-
 +
| Retirer
 +
| Mettre hors service
 +
| Retirer, mettre hors service ou temporiser l’application. Élimination de cette dernière du portefeuille.
 +
|
 +
|
 +
|-
 +
| Reloger
 +
| Déplacer
 +
| Redéployer les applications dans un environnement matériel différent et changer la configuration de l’infrastructure de l’application. Cette stratégie est aussi appelée déplacement. Déplacer la solution telle quelle, ou après lui avoir apporté des changements mineurs, vers un nouvel environnement d’hébergement (petit investissement de ressources).
 +
| X
 +
| X
 +
|-
 +
| Remonter
 +
| Soulever-remanier-déplacer
 +
| Changer le système d’exploitation (SE) ou l’intergiciel. Cette stratégie exige certains changements aux applications (investissement modéré de ressources pour permettre les changements).
 +
|X<sup>1</sup>
 +
| X
 +
|-
 +
| Réusiner
 +
| Refaire l’architecture
 +
| Reconcevoir l’application. Différents aspects de l’application seront réécrits pour être améliorés et optimisés (investissement de modéré à important de ressources pour permettre les changements).
 +
|
 +
| X
 +
|-
 +
| Remplacer
 +
| Racheter
 +
| Remplacer la fonctionnalité de l’application par une nouvelle solution ayant été acquise ou élaborée par le ministère (investissement modéré à important de ressources pour permettre les changements). L’application sera mise en service une fois qu’elle aura été remplacée.
 +
|
 +
|X
 +
|}
 +
<sub>1</sub>Convient au traitement de la fin de vie des SE
 +
 
 +
====== '''Reloger (soulever-déplacer)''' ======
 +
Lorsque l’on utilise la stratégie de migration « reloger », aucun changement n’est apporté à l’application qui est transférée, telle quelle, vers le nouveau centre de données ou service d’informatique en nuage. Il s’agit de la stratégie de migration la plus simple et de celle qui nécessite le moins d’efforts. 
 +
Pour les charges de travail en migration vers un service d’informatique en nuage, il est fortement recommandé, d’au minimum, optimiser et réduire à leur plus petite expression les différentes ressources (réseau, technologie informatique, entreposage). L’utilisation d’instances réservées pour les charges de travail de production et la mise hors tension des serveurs inutilisés en dehors des heures de services aideront à réduire les factures mensuelles de votre fournisseur de service d’informatique en nuage.
 +
 
 +
====== '''Remonter (soulever-remanier-déplacer)''' ======
 +
Lorsque l’on utilise la stratégie « remonter », l’application subit des changements mineurs au moment de sa migration vers le nouveau centre de données ou service d’informatique en nuage. Les stratégies de remontage peuvent comprendre, sans s’y limiter : 
 +
Traiter les logiciels en fin de vie utile (FVU), comme ceux qui rendus désuets par des avis de mise en œuvre de la Politique sur la technologie de l’information [https://www.canada.ca/fr/gouvernement/systeme/gouvernement-numerique/technologiques-modernes-nouveaux/avis-mise-oeuvre-politique.html AMPTI].
 +
 
 +
Passer à la Plateforme sous forme de service (PaaS). Dans le cas des services de base, comme les bases de données, les serveurs Web, les serveurs de fichiers et l’harmonisation des conteneurs, l’adoption de la PaaS rend possible l’architecture sans serveur. Une architecture de ce genre élimine la nécessité de gérer et de corriger les systèmes d’exploitation, les intergiciels et les instances de serveurs. Elle réduit également le fardeau associé à la gestion du cycle de vie de la TI au sein de l’organisation. Les utilisateurs craignent parfois que la PaaS entraîne un blocage des fournisseurs. L’utilisation d’une PaaS pour laquelle il existe des solutions de rechange sur le marché permettra d’éviter la formation de tels blocages. Il est essentiel de pouvoir extraire de la PaaS vos données et vos règles opérationnelles pour éviter les blocages. La plupart des fournisseurs de services d’informatique en nuage offrent des bases de données, des serveurs Web et des plateformes de serveurs de fichiers. Bien que la migration d’un service à l’autre ne se fasse jamais sans douleur, les outils de migration et les API permettent de la faciliter.
 +
 
 +
Les conteneurs sont de plus en plus souvent utilisés pour le déploiement des applications. Si votre application est sans état, l’utilisation d’un conteneur permettra, non seulement, d’appuyer la portabilité, mais également d’appuyer l’adoption des pratiques de DevOps au sein de votre organisation.
 +
 
 +
====== '''Réusiner (nouvelle architecture)''' ======
 +
De toutes les stratégies, « réusiner » est la stratégie qui demande le plus de temps et d’argent. Elle offre l’occasion de profiter à fond des architectures natives d’informatique en nuage en permettant une certaine souplesse dans la mise à l’échelle des ressources. 
 +
 
 +
L’ajout des capacités de reprise après sinistre est l’autre option si l’on souhaite « réusiner ». 
 +
 
 +
La migration de systèmes d’exploitation moins communs comme AIX, UNIX et Solaris peut nécessiter l’apport de changements importants à l’application.
 +
En raison des coûts importants qui y sont associés, cette stratégie ne devrait être utilisée que pour les applications ayant une importante valeur opérationnelle.
 +
 
 +
====== '''Remplacer (racheter)''' ======
 +
Cette stratégie permet de relever les solutions de logiciels en tant que services (SaaS) pour certains logiciels commerciaux prêts à l’emploi (LCPE) ou certaines applications personnalisées que vous utilisez peut-être actuellement. La migration vers les solutions SaaS donne accès à la dernière version de ce service et permet de réduire le fardeau associé à la gestion du cycle de vie. À titre d’exemple, si vous exploitez une ancienne application de courriels, vous pourriez décider de la remplacer par Office 365.
 +
 
 +
===== '''<u>Choisissez votre cible de migration</u>''' =====
 +
Pour chacune des applications, choisissez la cible vers laquelle sera transférée l’application. 
 +
 
 +
''Centre de données organisationnelles (CDO)'': Nouveau centre de données présentant de faibles risques techniques.
 +
''Informatique en nuage'': Fournisseur public de services d’informatique en nuage provenant du service de courtage en informatique en nuage de SPC.
 +
 
 +
===== '''<u>Relever le centre de données</u>''' =====
 +
Veiller à ce que les applications soient correctement affectées à leur ancien centre de données. Le centre de données joue un rôle essentiel dans le cadre de l’établissement de rapports lorsque le SCT fait le suivi des progrès réalisés relativement à votre portefeuille.
 +
 
 +
===== '''<u>Déterminer les applications essentielles à la mission</u>''' =====
 +
Veiller à ce que les applications essentielles à la mission soient correctement indiquées.
 +
 
 +
===== '''<u>Relever les systèmes d’exploitation</u>''' =====
 +
Veiller à ce que les systèmes d’exploitation associés à chacune des applications soient adéquatement indiqués. Cela permettra de veiller à ce que tous les systèmes d’exploitation en fin de vie utile soient remplacés par une nouvelle plateforme.
 +
 
 +
===== '''<u>Générer le tableau de bord d’analyse du portefeuille </u>''' =====
 +
Demander au SCT de générer un tableau de bord de votre portefeuille d’applications. Cela vous permettra de veiller à ce que vos décisions soient adéquatement prises en considération. Un exemple de tableau de bord généré est présenté ci-dessous.
 +
 
 +
[[File:SamplePortfolioAnalysis.png|1000x1000px|center|alt=Sample Application Portfolio Analysis]]
 +
 
 +
=== ''Mobiliser le gestionnaire de projet de SPC et l’usine de MCT'' ===
 +
Il se pourrait que vous travailliez déjà avec votre gestionnaire de projet de SPC. Si ce n’est pas le cas, discutez avec votre gestionnaire de la prestation de services. À ce stade-ci, il serait prudent de travailler avec un fournisseur qualifié de l’usine de MCT qui vous aidera à réaliser la planification et les estimations de coûts.
 +
 
 +
=== ''Consigner les jalons du projet (feuille de route)'' ===
 +
 
 +
[[File:SampleRoadmapAnalysis.png||alt=
 +
 
 +
=== ''Point de contrôle 2 : Approbation du CEAI GC et PE visant à libérer les fonds'' ===
 +
 
 +
L’étape de la découverte est terminée à ce stade-ci. L’analyse et la planification réalisées à cette étape seront présentées au CEAI GC dans le cadre de la demande d’approbation de la libération de fonds pour la mise en œuvre.
 +
 
 +
Le modèle générique permettant la présentation de votre analyse des découvertes et de votre approbation de financement pour la mise en œuvre est accessible [[https://gccollab.ca/file/view/4672976/enfrgu00e9nu00e9rique-mod-app-et-mct-point-de-contru00f4le-2-exu00e9cution]].
 +
 
 +
Dans le cadre du CEAI GC, un dirigeant principal de l’information (DPI) expliquera la stratégie de migration et les choix ciblés. Il expliquera, entre autres, dans quelle mesure ces choix respectent l’exigence de la politique de l’informatique en nuage d’abord (exigence 6.4.2) et l’exigence 6.1.1 de la Directive.
 +
 
 +
Si le CEAI GC donne son approbation, on demandera également, le cas échéant, l’approbation du DPI du GC. Un protocole d’entente sera conclu entre le dirigeant principal de l’information (DPI) du GC et l’administrateur général du ministère ayant présenté la demande. Le modèle générique du PE est accessible ici (insérez le modèle).
 +
<!-- END OF DISCOVERY -->
 +
<!-- EXECUTION -->
 +
=== '''Mise en œuvre''' ===
 +
Une fois que l’on a atteint les priorités, on en avise les ministères partenaires et on fournit la trousse de départ sur la modernisation des applications, le guide sur la modernisation des applications et le document de FAQ. Cette trousse comporte le modèle du CEAI GC, le tableau de bord Vue du ministère et centre de données, le tableau de bord sur l’examen des risques liés aux applications et le modèle d’analyse de rentabilisation.
 +
 
 +
Les ministères partenaires reçoivent de l’aide et du soutien tout au long de la mobilisation. Les ministères partenaires sont appuyés par la gouvernance (groupe de travail sur la MCT, CEAI GC, SMA CPPI et SM CPPI), qui rend accessible le financement pour lancer l’étape des découvertes. Un protocole d’entente sera conclu entre le dirigeant principal de l’information (DPI) du gouvernement du Canada (GC) et l’administrateur général du ministère afin d’assurer le financement.
 +
<!-- END OF EXECUTION -->
 +
<!-- Leçons apprises -->
 +
== '''Leçons apprises''' ==
 +
<b>Il est difficile d’apporter des changements.</b> L’informatique en nuage nécessite un profond changement de culture au sein de l’organisation, tout particulièrement dans la TI, étant donné qu’il exige la transformation radicale de certains rôles. Ne sous-estimez pas la peur du changement que peuvent avoir certaines personnes. La gestion des changements organisationnels doit être placée à l’avant-plan.
 +
 
 +
<b>Important soutien exigé de l’administrateur général et tous les niveaux des cadres supérieurs.</b> En raison de l’ampleur des changements exigés et de la complexité sous-jacente, la table de la haute direction DOIT démontrer un leadership fort et cohérent afin d’assurer la réussite. 
 +
 
 +
<b>L’informatique en nuage est une aventure plutôt qu’une destination.</b> Il s’agit d’un processus très complexe qui prendra plus de temps que vous ne le croyez. Commencez dès maintenant, avant même d’avoir tous les renseignements nécessaires. CELA ÉTANT DIT, assurez-vous de commencer en vous fixant des objectifs simples et modestes ne pouvant causer que de faibles préjudices lorsque vous échouerez. Soyez-en assuré, vous devrez effectivement composer avec certains échecs. Apprenez à marcher avant d’essayer de courir. L’adoption complète de l’informatique en nuage vous prendra des années. 
 +
 
 +
<b>Établissez des partenariats avec les autres.</b> Le fait d’avoir une équipe de projets intégrée avec SPC constitue un important facteur de succès. Mettez à profit l’expertise de l’industrie et des personnes qui sont passées par là avant vous. Important soutien exigé de l’administrateur général et tous les niveaux des cadres supérieurs.
 +
 
 +
<b>Petit bassin de personnes-ressources qui possèdent l’expertise nécessaire.</b> Les personnes-ressources sont régulièrement ciblées par les autres ministères et les acteurs du secteur privé. La capacité d’attirer, et de maintenir en poste, les meilleurs talents est essentielle et pose énormément de défis dans le contexte de la fonction publique.
 +
 
 +
<b>Les produits pourraient ne pas fonctionner tel qu’annoncé.</b> Même si les produits sont offerts en disponibilité générale et ont été testés sur le marché libre, il est possible qu’ils ne fonctionnent pas nécessairement de la façon prévue. Il pourrait être nécessaire d’effectuer un grand nombre d’échanges avec le fournisseur (dans le cas présent MS) afin d’obtenir les fonctionnalités prévues, nous vous recommandons par conséquent de prévoir du temps pour les imprévus dans le cadre de ce type de projets. 
 +
 
 +
<b>Exprimez vos préoccupations sans tarder.</b> Vous devez surveiller très attentivement vos coûts et savoir quels niveaux ils devraient atteindre. Plus important encore, vous devez aviser sans tarder le fournisseur de vos préoccupations pour lui permettre de les examiner et d’apporter les ajustements nécessaires, par exemple au moyen des analyses de journaux.
 +
 
 +
<b>Soyez informe comme l’eau.</b> Bien que vous deviez suivre une vision et un objectif uniques, il vous est essentiel d’être aussi informe que l’eau. Le paysage du service informatique en nuage est en constante évolution. Il est bien fini le temps du « vous le configurez soyez donc prêt à vous adapter le cas échéant, par exemple, Exploration, fermeture du centre de données de la promenade de l’Aéroport (CDPA), bureau, etc.
 +
<!-- END OF Leçons apprises -->
 +
 
 +
<!-- Références -->
 +
== '''Références''' ==
 +
Consultez le Guide sur [://can01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.gcpedia.gc.ca%2Fwiki%2FM365-playbook%2Fhome&data=04%7C01%7Cnicole.koch%40tbs-sct.gc.ca%7C2e5e1b863a354b3bf49708d8bc8d7a3b%7C6397df10459540479c4f03311282152b%7C0%7C0%7C637466663110726935%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=aVRNmcoUkdFO7xIuqyT7qKXuWbMlluBrCKssZNQcDJA%3D&reserved=0 M365 sur GCpédia]
 +
 
 +
====== '''Politiques et normes du Conseil du Trésor''' ======
 +
[https://www.tbs-sct.gc.ca/pol/doc-fra.aspx?id=12755&section=html Politique sur la gestion de la technologie de l’information]
 +
 
 +
[https://www.tbs-sct.gc.ca/pol/doc-fra.aspx?id=16578 Politique sur la sécurité du gouvernement]
 +
 
 +
====== '''Orientation''' ======
 +
 
 +
[https://canada-ca.github.io/digital-playbook-guide-numerique/fr/apercu.html Guide numérique du gouvernement du Canada (ébauche)]
 +
 
 +
[https://cyber.gc.ca/fr/orientation/exigences-de-base-en-matiere-de-securite-pour-les-zones-de-securite-de-reseau-au-sein Exigences de base en matière de sécurité pour les zones de sécurité de réseau au sein du gouvernement du Canada (ITSG-22)]
 +
 
 +
[https://cyber.gc.ca/fr/orientation/considerations-de-conception-relatives-au-positionnement-des-services-dans-les-zones Considérations de conception relatives au positionnement des services dans les zones (ITSG-38)]
 +
 
 +
[https://cyber.gc.ca/sites/default/files/publications/ITSP.30.031_V3_User_Authentication_Guidance_For_Information_Technology_Systems-f%20%28secured%29.pdf Guide sur l’authentification des utilisateurs dans les systèmes de technologie de l’information (ITSP.30.031 v3)]
 +
 
 +
[https://cyber.gc.ca/fr/orientation/conseils-sur-la-configuration-securisee-des-protocoles-reseau-itsp40062 Conseils sur la configuration sécurisée des protocoles réseau (ITSP.40.062)]
 +
 
 +
====== '''Blogue''' ======
 +
 
 +
</multilang>

Latest revision as of 11:16, 26 May 2022


Note: We are continuously improving this site and information is published as we receive it. Templates and discussions related to Application Modernization can be found in the GCCollab Core Technologies group. It is recommended you join that group to watch for updates. Check out What's New and the Discussion tab above for the latest updates !

Year 1 – 2018-19 Year 2 – 2019-20 Year 3 – 2020-21 Year 4 – 2021-22 Year 5 – 2022-23
$4,000,000

(disbursed)

$20,000,000

(disbursed)

$40,000,000

(disbursed)

$35,000,000

(disbursed)

$11,000,000

($ 9,124,586 in process)

Background[edit | edit source]

From Budget 2018:

"$110 million over six years, starting in 2018–19, to be accessed by Shared Services Canada’s partner departments and agencies to help them migrate their applications from older data centres into more secure modern data centres or cloud solutions."

Application Modernization is one of four pillars of the Workload Migration & Cloud Enablement (WLM&CE) initiative.

Overview[edit | edit source]

This handbook is meant to help departments navigate the Application Modernization Investment Framework; and other topic of interest:

  • Prioritizing at-risk technologies
  • Engaging with partner departments
  • Performing an analysis of departmental application portfolios
  • Planning for addressing the at-risk technologies through modernization
  • Governance gating for endorsing modernization/migration plan and making the associated funds available
  • Ongoing monitoring of status


The Investment Frame work consists of two gates:

Gate 1: a scope of at-risk technologies has been identified and approved by governance for modernization or decommissioning

Gate 2: a department's plan for modernization is ready to be endorsed by governance thus authorizing the release of Application Modernization funds.


The Investment Framework also consists of four phases:

Prioritization: priorities for modernizing at-risk technologies are selected and endorsed by governance.

Engagement: notify impacted departments, distribute templates to capture technical details, modernization/migration strategies, and costing details.

Discovery: departments analyze their application portfolios to determine their strategies for modernizing at-risk technologies including a plan and cost estimates.

Execution: departments work with their partners to execute the modernization strategies identified during the discovery phase.

A department's journey through the Investment Framework, or can also be found here in downloadable document form.

Application Modernization Investment Framework
Application Modernization Investment Framework - Departmental Journey

Please review the brief Frequently Asked Questions FAQ.

Prioritization[edit | edit source]

Priorities for investment from the Application Modernization and Workload Migration funds are based upon identifying high business value applications that are impacted by at-risk technologies. These at risk technologies can include, end of life software, end of life infrastructure, outdated architectures, to be decommissioned facilities such as data centres, etc…

1) TBS and SSC are working in collaboration with GC departments that demonstrate a readiness to modernize applications and migrate them to end state hosting platforms (cloud or enterprise data centres).

2) Departments may identify applications of high business value that are impacted by technology risks as a priority investment.

If endorsed by governance, those priorities will be eligible for access to Application Modernization funds and support from the Workload Migration program. Departments are required to complete the a GCEARB Gate1 (Prioritization) template and engage your Departmental Architecture Review Board before being brought forward to request endorsement by governance:

The endorsement of priority at-risk technologies must be supported by the departments’ Application Portfolio Management (APM) data, readiness to proceed with the application modernization framework, and the modernization strategy that will be used (rehost, replatform, refactor, replace and to which hosting platform; data centre or cloud services)

In 2018, the following data centre facilities were identified as at-risk technologies to be decommissioned and the applications to be migrated or modernized to a new enterprise data centre or cloud services. The first wave of workload migration projects began in 2018 and the second wave began in 2019:

Wave Department Discovery Execution
1 Statistics Canada 1 X
1 Treasury Board of Canada Secretariat 1 X
1 Canada Border Services Agency X X
1 Canada Revenue Agency X X
1 Department of National Defense X
1 Environment and Climate Change Canada X
1 Natural Resources Canada X X
1 Royal Canadian Mounted Police X
2 Canadian Food Inspection Agency X
2 Correctional Services Canada X X
2 Employment and Social Development Canada X
2 Global Affairs Canada X X
2 Health Canada X
2 Innovation, Science and Economic Development X X
2 Privy Council Office X X
2 Public Health Agency Canada X
2 Public Services and Procurement Canada X
2 Transport Canada X
1Pathfinder

Engagement[edit | edit source]

Once priorities are reached and departments are notified, the TBS-OCIO project manager will provide guidance and tools to start the department's journey.

partner departments are provided guidance/assistance to provide an accurate list of applications by updating the APM and to prepare for the governance endorsement.

Once endorsed, the Chief Information Officer of Canada (GC CIO) and the Deputy Head of a department signs the Memorandum of Understanding.

Discovery Swimlanes.png

Discovery[edit | edit source]

Application Portfolio Analysis[edit | edit source]

The next three steps are an opportunity for your departments to assess its portfolio of applications and document your decisions as to how you will reduce, sustain, and modernize that portfolio.

Determine Modernization Vision for the Organization[edit | edit source]

This is an opportunity to determine the direction for the organization and ensure those performing the subsequent portfolio analysis steps understand the vision to modernize and be more transformative! Perhaps your organization has already begun a modernization journey. In today's IT environment cloud technologies combined with DevOps methods are having a large impact on how IT is delivered. Amongst the goals of these technologies and methods is to decrease lead time and time to market; in summary:

  • Deliver IT faster
  • Increase reliability
  • Increase security
  • Increase quality

These changes can be wide sweeping impacting roles, responsibilities, and culture. They are not undertaken in a year, but instead must be seen as a journey of maturity and continuous improvement. While some organizations have started this journey years ago and are ready to go "all in" on cloud and the workforce are DevOps practitioners, others have not begun the journey.

Here is a simple visual for plotting your cloud adoption .

Cloud maturity map .png

Start small with a few low risk applications. A team of developers from within your existing workforce would lead an initiative to migrate those low risk workloads to the cloud. The build from these experiences and transfer these skills to train others. As the number of workloads grow, the need for more sophisticated methods such as automation and DevOps will need to be applied. This will facilitate scaling without impacting agility. Existing governance and roles will also need to evolve. Review the GC Cloud R&R Matrix to ensure your organization is ready to undertake the required roles to support cloud services.

See the simple cloud fitness scorecard to assess low risk workloads for cloud migration. It provides a short list to help with the decision as to where to start and to identify low risk and low effort migrations. Any application can be migrated to the cloud with enough time and effort.

Determine Rationalization and Retirement Opportunities[edit | edit source]

By the end of this step you will have assessed your portfolio and infrastructure for rationalization and retirement opportunities.

Obsolete Repositories[edit | edit source]

There are GC applications – content management systems / web-database systems -  that are no longer actively used but maintained because they may contain information that might be required in the future e.g. to respond to an ATIP request.

  • Departments should have an active Information Management (IM) function that can verify the actual data retention requirements applicable to a specific application.
  • Departments should recognize the cost of unnecessary data retention and actively dispose of data that has been deemed unnecessary. Unnecessary data is both a cost and a liability.
Obsolete Applications[edit | edit source]

Your application portfolio rates the business value of applications. Review low business value applications. Assess whether these applications are still needed:

  • Use access/update logs to identify applications that have received few updates in the past two years.
  • Identify the most recent users and inquire as to the business value of the application. 

Document Migration Strategy and Targets[edit | edit source]

By the end of this step you will have analyzed your portfolio of applications, updated key data in APM, chose the migration strategy for each application (one of the 5 Rs), and the target for each application (cloud or EDC).

Choose the Appropriate Migration Strategy[edit | edit source]

For each application you need to determine you migration strategy (aka the 5Rs).

Strategy Alternative Name Full Description Data Centre Cloud
Retire Decommission Retire, decommission, sunset application. Eliminate it from the portfolio.
Rehost Lift and shift Redeploy applications to a different hardware environment and change the application’s infrastructure configuration. Also called Lift-and-shift. Move the solution as is, or with minor changes, to a new hosting environment (small investment of resources). X X
Replatform Lift, shift, and tinker Change OS / Middleware. Requiring some level of application change (medium investment of resources to change). X1 X
Refactor Re-architect Application will be redesigned. Sections of the application will be re-written for improvement/optimization purposes (medium to large investment of resources to change). X
Replace Repurchase Replace application's functionality with a new solution acquired or developed by department (medium to large investment of resources). The application will be decommissioned once replaced. X
1Appropriate when addressing end of life OSes
Rehost (lift and shift)[edit | edit source]

With a rehost migration strategy, the application undergoes no changes and is migrated as-is to a new data centre or cloud. This is the simplest and least effort migration strategy.

For workloads migrating to cloud, it is strongly advised that the resources (network, compute, storage) be optimized and reduced to the smallest size possible. Additionally using reserved instances for production workloads and turning off unused servers during off-hours will help ensure a lower monthly bill from your cloud provider.

Replatform (lift, shift, and tinker)[edit | edit source]

With a replatform strategy, the application undergoes minor changes as it is migrated to a new data centre or cloud. Replatforming strategies may include, but as not limited to:

  • Addressing end of life (EOL) software such as those deprecated by IT Policy Implementation Notice ITPINs
  • Moving to Platform-as-a-Service (PaaS) for commoditized services such as databases, web servers, file servers, container orchestration, moving to a PaaS allows for a serverless architecture.

A serverless architecture negates the need to manage and patch operating systems, middleware and manage server instances. This also reduces an organization's IT Lifecycle Management burden. Users sometimes worry that using PaaS will cause vendor lock-in. By using PaaS that have alternatives elsewhere in the market will avoid lock-in. Being able to extract your business data and business rules from a PaaS is key to avoiding lock-in. Most cloud providers offer database, web server, and file server platforms. While migrating from one to another may not be completely painless, migration tools and APIs exist to allow for this possibility.

Containers is an increasingly popular method to deploy applications. If your application is stateless, moving it to a container will not only help portability, but also help with your organization's adoption of DevOps practices.

Refactor (Re-Architect)[edit | edit source]

Refactoring is the most costly and time consuming of all strategies. This is an opportunity to take full advantage of cloud-native architectures by introducing elastic scaling of resources.

Adding disaster recover capabilities is other option for refactoring.

Migrating away from less common OSes such AIX, UNIX, or Solaris may require extensive changes to the application.

Due to the high cost of refactoring, this strategy should only be applied to high business value applications.

Replace (Repurchase)[edit | edit source]

This is an opportunity to determine if Software-as-a-Service (SaaS) solutions for some of the COTS or custom built application you may have running today. Migrating to SaaS is an opportunity to access the latest version of that service and to lower lifecycle management burden. For example, if you operate a legacy email application, you may want to take the opportunity to replace it with Office 365.

Choose Your Migration Target[edit | edit source]

Choose the target, or where the application will be migrated to, for each application.

Enterprise Data Centre (EDC): a new data centre with low technical risks

Cloud: a public cloud service provider available from the SSC GC Cloud Brokering Service

Identify Data Centre[edit | edit source]

Ensure applications are correctly allocated to its current legacy data centre. The data centre is an essential reporting dimension when TBS tracks your portfolio's progress.

Identify Mission Critical Applications[edit | edit source]

Ensure mission critical applications are correctly identified.

Identify Operating Systems[edit | edit source]

Ensure the operating systems for each application are correctly identified. This will be used to ensure all operating systems beyond end-of-life are addressed through a replatform.

Generate Portfolio Analysis Dashboard[edit | edit source]

Request that TBS generate a dashboard of your application portfolio. This will ensure your decisions have been correctly reflected. A sample of the dashboard that is generated is found here:

Sample Application Portfolio Analysis

Engage SSC Project Manager and WLM Factory[edit | edit source]

It is likely you have already been working with your SSC Project Manager. If not, talk to your Service Delivery Manager. At this point it would be prudent to work with a supplier qualified on the WLM Factory to help with planning and cost estimates.

Document Project Milestones (Roadmap)[edit | edit source]

Sample Roadmap for Modernization


Gate2: GC EARB Endorsement and MoU to Release Funds[edit | edit source]

=== NEW! Application Modernization Technical Assessment report===

The Application Modernization Technical Assessment provides the rationale used in identifying application complexities and associated strategies for each application, both of which are key components in determining funding allocations. The Technical Assessment is an excel spreadsheet with a list of applications sent to departments to respond to the Application Complexity and Proposed Strategy for each application as well as a short list of questions. Once reviewed by the TBS project manager, the department is requested to present to the Enterprise Architecture Community of Practice to solicit their input.

The goal is to provide guidance and support to partner departments in:

  • Prioritizing the GC’s Cloud First approach
  • Aligning with IT horizontal solutions
  • Supporting the decommissioning of at-risk technologies
  • Supporting modernization strategies that are technically sound and innovative

The analysis and planning undertaken as part of discovery will be presented to the governance structure as part of requesting endorsement for releasing funds for the execution phase. The generic template is to be completed to present the discovery analysis and funding approval to move to the execution phase.

The department's CIO will explain their migration strategy and target choices. This includes how those choices align to the Cloud First policy (Cloud First 4.4.1.9 / Data Residency 4.4.1.10 / Non-Public Cloud GC EARB Assessments 4.1.1.2.4) of the Directive on Service and Digital. If and when endorsement is provided, approval will be requested from the GC CIO. A Memorandum of Understanding between the GC CIO and the deputy head of the requesting department will be agreed to by both parties.

Reporting Requirements[edit | edit source]

As per section 3: Reporting Requirements of the signed MOU between your department and TBS, the executive project dashboard is due at the end of each quarter. Please find the Quarterly Reporting Dashboard tool to be used to report the status of your modernization strategies to the TBS Oversight Team. This is a standard template that is used to monitor projects with instructions.

Execution[edit | edit source]

With the execution funds now received, the analysis and planning undertaken as part of discovery will be now be executed in order to close the legacy data centre. Departments are still required to submit quarterly reporting dashboards based on the funding received and to provide input into the status of their application modernization/migration journey by breaking down how the funds are spent, documenting milestones, risks and issues. Feedback and guidance will be received from the TBS project manager as required. The information is also collected to form part of the status report on the WLM program to the WLM governance structure.

Execution Swimlanes v1.png


Close Out[edit | edit source]

Lessons Learned[edit | edit source]

Change is hard. Cloud requires a major culture shift in the organization, especially in IT as it means radical transformation to some roles. Do not underestimate the fear that people will have. Organizational change management must be at the forefront.

Strong support required by deputy head and all levels of senior leadership. Due to the magnitude of change required and the underlying complexity, the senior management table MUST demonstrate consistent, strong leadership to ensure success.

Cloud is a journey, not a destination. It is very complex, and will take longer than you think. Start now, before you have all of the information. BUT – start smaller and simple, avoid serious injury when you fall. Because you will fall. Learn to crawl before trying to run. Fully embracing cloud will take years.

Partner with others. Having an integrated project team with SSC has been key success factor. Leverage the expertise of industry and of others that have gone before you.

Strong support required by deputy head and all levels of senior leadership.

Shallow pool of resources with the required expertise. Resources are routinely targeted by other departments and private sector. Ability to attract and retain talent is key, and is very challenging in public sector environment.

Products may not be as advertised. While the products may be released as GA, and have been tested on the open market, they do not necessarily function as intended. There may be a lot of back and forth with the vendor (in our case MS) in order to get the functionality you were expecting - add some contingency time to your project for this.

Voice your concerns immediately. You have to watch your costs like a hawk and have a strong understanding of what the costs should be - more importantly, you have to voice your concerns immediately to the vendor so that they can investigate and adjust. eg Log analytics

Be like water You have to work with a singular vision and purpose, but you have to be like water otherwise. The landscape in the cloud is ever changing - gone are the days of set it and forget it. Also, politically, there are always changes too - so you must be prepared to pivot when needed. eg. Pathfinder, APDC Closure, desktop, etc...

Benefits realization[edit | edit source]

Technology transformation projects with benefits realization management aligns strategic goals with project lifecycles. This helps contribute to a more efficient core business processes. Listed below are some of the benefits have been realized after TBS’s migration from a legacy data centre to cloud.

  • Completely eliminated technical debt
  • Modernized our whole environment (PaaS, SaaS)
  • Adopted DevOps and automation
  • Gained end to end visibility and monitoring capabilities
  • Stronger Security posture
  • Resilience and fault tolerance

What benefits do you foresee to be realized? See Outcome Management Guide and Tools.


References & What's New[edit | edit source]

WHAT'S NEW[edit | edit source]

Renewed Cloud Adoption Strategy Vision, Measures, Principles

DEPARTMENTAL CLOUD STRATEGIES

Cloud Infocentre

OCIO Application Portfolio Management/Aging IT Application Assessment

Enterprise IT Service Standards - Standard on; IT Profile, IT Entitlements, IT Service Common Configurations, Enterprise IT Service Usage Restrictions and more!

TBS GC Enterprise Architecture/Enterprise Solutions

complianceweek-accelerating-protected-workloads-sept-2020fr Accelerating Protected Workloads (Sept 2020)

API Store API GC Collab

Zero Trust Security Concept PDF (Aug-2020)

Zero Trust Security (Jul-2020)


Workload Migration SSC WLM Program

SSC Cloud document portal

SSC Cloud Adoption Playbooks

(Jan-2021) Visit the M365 Playbook on GCpedia

PSPC EA and GC Programs and Solutions

The Canada School of Public Service (CSPS) Digital Academy is offering a virtual learning program: Getting Started with Cloud Computing

Stratosphere Cloud Event

FWDThinking Episode 5.2: Showing What’s Possible—an extended interview with Minister Murray

Gartner: Workload Placement in Hybrid IT

DPI - Charting a path to success for Workload Migration: Approaches and Best Practices

TB Policies & Standards[edit | edit source]

Digital Operations Strategic Plan: 2021-2024

Directive on Service and Digital

Policy on Government Security

Direction on the Secure Use of Commercial Cloud Services: Security Policy Implementation Notice (SPIN)

Guidance[edit | edit source]

Government of Canada Cloud Adoption Strategy

Government of Canada Digital Playbook

Security Playbook for Information System Solutions

Government of Canada Security Control Profile for Cloud-Based GC IT Services

Government of Canada Cloud Security Risk Management Approach and Procedures

CSE ITSG-22 Baseline Security Requirements for Network Security Zones in the Government of Canada

CSE ITSG-38 Network Security Zoning – Design Consideration for Placement of Services within Zones

CSE ITSG.30.031 V2 User Authentication Guidance for Information Technology Systems

CSE ITSG.40.062 Guidance on Securely Configuring Network Protocols

Blog[edit | edit source]

The GC Accelerators - Accelerating the Secure Adoption of Cloud Services

Part 1: Application Modernisation — Making IT Delivery Less Effort

Part 2: Application Modernisation — Understanding Modernisation Strategies

Part 3: Application Modernisation — Assessing Your Portfolio

Part 4: Application Modernisation — Choosing Your Target

Part 4 ¾: Application Modernisation – Continuous Modernisation

5–4–3–2–1 — Cloud!

Governance[edit | edit source]

Prioritization/Endorsement critical path

WLM Governance.png