Difference between revisions of "GC Enterprise Architecture/Framework"
Jump to navigation
Jump to search
m (Gita.nurlaila moved page GC Mandatory Procedures for Enterprise Architecture Assessment Update to GC Enterprise Architecture Framework: Renaming GC EA Standards to GC EA Framework) |
|||
| Line 13: | Line 13: | ||
<br><br> | <br><br> | ||
| − | To view more detailed info on each point listed below, you can <b><I><u>click</b> on the top title for each of the Architecture layer, OR any of the <b>< | + | To view more detailed info on each point listed below, you can <b><I><u>click</b> on the top title for each of the Architecture layer, OR any of the <b>blue link</b></i></u> below. |
<br> </big> | <br> </big> | ||
| Line 22: | Line 22: | ||
<span style="font-size: 1.5em;">[[GC_EA_Playbook#1._Business_Architecture | 1. Business Architecture]]</span> <br><br> | <span style="font-size: 1.5em;">[[GC_EA_Playbook#1._Business_Architecture | 1. Business Architecture]]</span> <br><br> | ||
| − | <b><u>Fulfill the Government of Canada stakeholder's needs</b> | + | <b><u>Fulfill the Government of Canada users and other stakeholder's needs</b> |
| − | * <I>Clearly identify internal and external stakeholders and their needs for each policy, program and business service | + | * <I>Clearly identify internal and external users and other stakeholders and their needs for each policy, program and business service |
| − | * Include policy requirement applying to specific stakeholder groups, such as accessibilities, gender based+ analysis, and official languages in the creation of the service | + | * Include policy requirement applying to specific users and other stakeholder groups, such as accessibilities, gender based+ analysis, and official languages in the creation of the service |
* Model end-to-end business service delivery to provide quality, maximize effectiveness and optimize efficiencies across all channels (e.g lean process) | * Model end-to-end business service delivery to provide quality, maximize effectiveness and optimize efficiencies across all channels (e.g lean process) | ||
| Line 35: | Line 35: | ||
<b> Promote Horizontal Enablement of the Enterprise</b> | <b> Promote Horizontal Enablement of the Enterprise</b> | ||
| − | * Identify opportunities to horizontally enabled business services and provide cohesive experience to stakeholders | + | * Identify opportunities to horizontally enabled business services and provide cohesive experience to users and other stakeholders |
* Reuse common business capabilities and processes from across government and private sector | * Reuse common business capabilities and processes from across government and private sector | ||
* Publish in the open reusable common business capabilities and processes (in the Open Government portal) for others to develop cohesive horizontal enterprise services</I></u> | * Publish in the open reusable common business capabilities and processes (in the Open Government portal) for others to develop cohesive horizontal enterprise services</I></u> | ||
| Line 46: | Line 46: | ||
<span style="font-size: 1.5em;">[[GC_EA_Playbook#2._Information_Architecture | 2. Information Architecture]]</span> <br><br> | <span style="font-size: 1.5em;">[[GC_EA_Playbook#2._Information_Architecture | 2. Information Architecture]]</span> <br><br> | ||
| − | <I><u><b>Collect data to address the needs of the stakeholders</b> | + | <I><u><b>Collect data to address the needs of the users and other stakeholders</b> |
| − | * Assess data requirements based on stakeholder needs | + | * Assess data requirements based on users and other stakeholder needs |
* Collect only the minimum set of data needed to support a policy, program and service | * Collect only the minimum set of data needed to support a policy, program and service | ||
* Reuse existing data assets and only acquire new data if required | * Reuse existing data assets and only acquire new data if required | ||
| Line 65: | Line 65: | ||
* Ensure data formatting aligns to existing enterprise and international standards. Where none exist, develop standards in the open with key subject matter experts, in consultation with the Enterprise Data Community of Practice | * Ensure data formatting aligns to existing enterprise and international standards. Where none exist, develop standards in the open with key subject matter experts, in consultation with the Enterprise Data Community of Practice | ||
* Ensure that combined data does not risk identification or re-identification of sensitive or personal information | * Ensure that combined data does not risk identification or re-identification of sensitive or personal information | ||
| − | </I> | + | </I></U> |
|} | |} | ||
| Line 120: | Line 120: | ||
* Use continuous integration and continuous deployments (CI/CD) | * Use continuous integration and continuous deployments (CI/CD) | ||
* Ensure automated testing occurs for security and functionality | * Ensure automated testing occurs for security and functionality | ||
| − | * Include your stakeholders as part of DevSecOps process | + | * Include your users and other stakeholders as part of DevSecOps process |
</u></i> | </u></i> | ||
|} | |} | ||
| Line 145: | Line 145: | ||
<b>Maintain Secure Operations</b> | <b>Maintain Secure Operations</b> | ||
| − | * Integrate aggregate outputs from security assessment and authorization activities into security architecture lifecycle processes, to ensure reference | + | * Integrate aggregate outputs from security assessment and authorization activities into security architecture lifecycle processes, to ensure reference artifacts remain relevant and valid |
* Design processes to operate and manage services securely, and continuously monitor system events and performance in order to detect, prevent, and respond to attacks | * Design processes to operate and manage services securely, and continuously monitor system events and performance in order to detect, prevent, and respond to attacks | ||
* Establish processes to monitor security advisories, and apply security-related patches and updates to reduce exposure to vulnerabilities. Apply appropriate risk-based mitigations when patches can’t be applied | * Establish processes to monitor security advisories, and apply security-related patches and updates to reduce exposure to vulnerabilities. Apply appropriate risk-based mitigations when patches can’t be applied | ||
Revision as of 10:48, 29 April 2020
This is a DRAFT STREAMLINED COPY of the proposed updates to the GC Enterprise Architecture Framework(formerly GC EA Standards) for assessment
In the past few weeks, the GC EA team has re-reviewed and streamlined all the inputs received from the various SMEs and departments and came up with the below proposed streamlined copy of the Architecture Assessment framework. The remaining input will be placed into an upcoming GC EA Playbook/Guidelines. This proposed streamlined updates will be going another iteration of reviews with the SMEs.
Changes from the previous version are marked as underlined and new additions are marked as italic and underlined
The draft list of questions associated with the new standards can be found here
The GC Enterprise Architecture standard is part of the Directive on Service and Digital. It is listed as Appendix A - Mandatory Procedures for Enterprise Architecture Assessment in the Directive.
To view more detailed info on each point listed below, you can click on the top title for each of the Architecture layer, OR any of the blue link below.
|
Fulfill the Government of Canada users and other stakeholder's needs
|
|
Collect data to address the needs of the users and other stakeholders
|
|
Use Open Source Solutions hosted in Public Cloud
Use Software as a Service (SaaS) hosted in Public Cloud
Design for Interoperability
|
|
Use Cloud first
Design for Performance, Availability, and Scalability
|
|
5. Security Architecture and Privacy Build Security into the Full System Life Cycle, Across All Architectural Layers
Ensure Secure Access to Systems and Services
Maintain Secure Operations
Privacy by Design
|
|
Need help? Contact us.
|
