GC Enterprise Architecture/Enterprise Solutions

From wiki
Jump to navigation Jump to search

Please send us your feedback on the Enterprise Solutions/Shared Services content to the [TBS Enterprise Architecture team]

Branding

Enterprise Solutions

Enterprise Services

Enterprise Capabilities

Enterprise Shared Services

Enterprise-wide initiatives

Centralized solutions/services

Enterprise or shared IT solutions, assets, and services.    

Enterprise Solutions/Services definition(s)

The TB Policy on Service and Digital defines “Internal Enterprise Services” as “A service provided by a Government of Canada department to other Government of Canada departments intended on a government-wide basis.” It states that departmental heads are to use enterprise or shared IT solutions, assets, and services. The Service Inventory is catalogue of external and internal enterprise services that provides detailed information based on a specific set of elements (e.g., channel, client, volume, etc.).

The TB Policy on Service and Digital states that PSPC is responsible for providing common enterprise solutions and services related to the following: electronic document records management systems, case and workflow tracking solutions, and collaboration platforms. Whenever possible, PSPC is responsible for delivering these services in a consolidated and standardized manner. PSPC’s services are provided on a cost-recovery basis.

Enterprise-wide initiatives aim to maximize the effective functioning of the Government of Canada as a single, modern enterprise by: seeking feasible solutions that provide Canadians with the greatest overall value for money; leveraging the full potential of new technology; and improving the alignment and coherence of federal investments in business operations and services. 

Enterprise solutions/shared services are whole-of-government architectural, governance, vendor management and procurement approaches where IT is aligned to common business services defined by business capabilities, (Business Capability Model 2.0). Enterprise solutions/shared services can be meet the meet the common requirements of all Government of Canada departments or a given subset. Enterprise solutions/shared services can be supplied internally from other GC departments, (SSC EDC), from the private sector (public cloud) and from other jurisdictions or governments, (EX provincial credentials). Enterprise Solutions/Shared Services can occur across all, several or individual architecture layers of the EA framework, Business, Information, Application, Technology, Security and Privacy, BIATSP.

Enterprise Solutions/Shared Services Guiding principles

Any solution that is worthy of of use across the entire GC should allow the consumers to successfully achieve their objectives by providing an accessible, enabling, extendable, fast, monitored, reliable, scalable, secure, and self-service common base service in an open, cost-competitive, collaborative, iterative, proactive, timely and transparent manner.

Key Words Definition (all are where appropriate) Examples of how to enable Ways to measures success
enabling empowering  the consumer to achieve their objectives multiple methods to engage any one service, simplicity, compatability, accessibility Client feedback surveys
extendable allowing the consumer to extend the service to meet their objectives beyond the common base APIs, Delegated Access to configuration adoption rates, client feedback surveys
fast each engagement with the service is responded to quickly measure, decompose and improve; compare all changes to baseline MTRs on ITSM, service response times
monitored both the service provider and the consumer have visibility into the state and quality of the service End point visibility, network monitoring,  pagerduty.com, SIEMs, cloud platform native tools, new relic, dynatrace transparency, continual improvement of coverage
reliable the service has been architected to have be able to have a high service level objective Redundancy, Resiliency, Geographic distribution, high availability models, workload pattern scaling planned availability % vs total availability %
scalable the service is able to be expanded to new consumers quickly and efficiently Well-documented onboarding plans, pre-planned expansion posture, automation delivery or enablement time
secure allowing the consumer to trust the service Encryption Everywhere!

Solution categories: advanced persistent threat protection, anti malware, AI,  breach and attack simulation, communication fraud protection, cyber threat intelligence, data classification, data governance, data leakage prevention, data rentention, endpoint detection and response, identity and access management, incident response, insider threat, IoT, intrusion detection & prevention, mobile application / mobile device management, multi-factor authentication, network detect and response, network traffic analysis, secure data erasure, secure file transfer, SIEM, orchestration, automation and response, user and entity behavior analytics, vulnerability management

vulnerability rates, compliance rates, incident rates, impact of implementation to service
self-service allows the consumer to not have to engage with any thing other than the service itself to consume it APIs, Delegated Access to configuration adoption rates, client feedback surveys
common base satisfies a common base set of requirements that all consumers need standards: base configuration, security, performance adoption rates, client feedback surveys, # change requests
open allows the consumer to participate in the road map for service evolution published road maps, open communication channels, real time community engagement participant rates, # of comments received, # change requests, client feedback surveys, consumer tone analytics (https://www.ibm.com/watson/services/tone-analyzer/)
cost-competitive allows the consumer to see exactly how their money is being spent to provide the service, and is in line with competing service providers entreprise agreements, open source, minimal waste or excess components, automation, scaled to utilization per consumer rate, total cost versus other services offered, per service provider rate, capex versus opex rate to offer the service
collaborative allows the consumer to partner with the service provider to throughout the life cycle of the service GCCollab, Social Media, working groups for road map, active listening adoption rates and client feedback surveys
iterative allows the service to continually change to add, adapt or remove componets over time start small and add value and be stable each release number of stable changes & releases
proactive allows the service provider to act before being asked to do so partner with consumers, articulate business value, be transparent, be the experts in the domain and recommend service improvements, every year each service should improve without a budget increase. reduction in ITSM calls, client feedback surveys
timely allows the consumer to consume the service without lengthy or costly upfront engagements Clear instructions, automation, "smart" decisions and assumptions, avoid dead ends, partner your consumers before being asked to to "increase the runway" Instrument, interconnect, & improve
transparent allows the consumer to be fully aware of the state of the service being provided Dashboard (per user category), status pages (https://status.status.io/), published road maps, published runbooks, automation libraries, user guides, embedded client execs, planned vs. unplanned outages feeds Client feedback surveys, technical usage statistics

Digital Core Architecture Guiding Principles

Build Once, Use Everywhere

Build solutions, components and processes for the GC, and reuse across departments; select common over department-specific.

Business before Technology

Derive the solution definition from business requirements and user needs. Design and run the solutions based on overall end to end process.

Standard over Custom

Use standard to maximize integrity, sustainability and interoperability. Design for flexible adoption of enhancements and upgrades.

User-Centricity

Design with, build for, and deliver the best experience to internal and external users. Focus on the needs of users, using user-centred methods.

Treat Data as an Asset

Design to maximize data use and availability. Use the data you collect and implement analytical tools. Reuse existing data where possible.

Design for Security and Privacy

Balance user and business needs with proportionate security measures and adequate privacy protections.

Cloud First

Explore “… as a service” (XaaS) cloud services first.  Cloud first but not cloud only… for On Premise, try to adhere to Cloud qualities (e.g. zero modification).

Maximize Benefits

Strive to maximize the benefits for the enterprise; optimize total cost of ownership and minimize risk. Design to be measurable and accountable.

Integration

Enable interoperability based on standard components and solutions. Minimize the number and complexity of the interfaces.

Benefits of Enterprise Solutions/Shared Services

  • Horizontally enable external and internal business services and provide cohesive experience to users and other stakeholders.
  • Reduces the total cost of ownership, that includes procurement, development, operation maintenance and decommission for services by streamlining the number of GC digital solutions.
  • Enhances integration and collaboration, creates transferable skill sets, and leverage innovative work across the GC and the private sector.
  • Maximize enterprise investment by consolidating solutions into Enterprise Solutions, based on Business Capability Model (BCM)

Critical Success Factors

Copied from Supporting Enterprise Government: A Government of Canada Vision and Strategy (Draft – November 2014)

In order to effectively realize this Vision, there are a number of principles that should be considered:

  • Alignment: Ensure that the initiative aligns to the near and long-term business objectives of the organizations being affected
  • Needs Assessment: Identify users' needs at the beginning; this also includes cost considerations (projects delivered on time and on budget).
  • Governance: Create clear lines for approval and decision making; and ensure that there is accountability at all levels
  • Flexibility: Determine the capability of organization(s) to implement the project effectively and quickly to maximize the gains of engaging in an enterprise wide initiative
  • Optimization and Sequencing: Ensure  that the right people are doing the right work at the right time
  • Evaluating: Assess and adjust project deliverables and milestones continually  throughout the process:

Determining what Constitutes an Enterprise-wide Initiative

Copied from Supporting Enterprise Government: A Government of Canada Vision and Strategy (Draft – November 2014)

To be considered an enterprise-wide initiative, a project must meet five criteria which distinguish it from department-specific initiatives:

Enterprise-wide Initiative Department-specific Initiative
Objective Standardize and consolidate internal or external operations to address a common business need. Separate internal or external operations to addresses a mandate-specific business need.
Scope Impacts whole of government. Impacts individual departments.
Investment Requires significant investment and formal approvals (i.e. Cabinet and/or TB), and affects existing accountabilities. May or may not require significant investment and formal approvals; does not affect existing accountabilities.
Duration Involves long-term solutions. Involves short, medium or long-term solutions.
Discretion Participation is mandatory. (Not applicable.)

When to Pursue an Enterprise-wide Solution

Copied from Supporting Enterprise Government: A Government of Canada Vision and Strategy (Draft – November 2014)

If a potential initiative meets the five criteria for enterprise-wide initiatives, as outlined above, the decision whether to pursue such an approach will be based on the assessment of seven additional criteria which address value for money and feasibility. Overall, decisions will be based on net value (overall) as individual criteria might be in conflict. 

Value for Money

  • Value: Does it represent a net improvement in value for money—i.e. economy, efficiency and effectiveness—as compared to the status quo/other options? (See Annex 1 for specific checklist.)
  • Interdependencies: Is an enterprise-wide approach required to support other interconnected initiatives?
  • Risk: Does it reduce operational risk through enhanced operational security and integrity? Are the respective risks of pursuing an enterprise-wide approach less than those of adopting department-specific approaches?

Feasibility

  • Timing: Is the timing favourable for such an initiative given the current context and competing priorities?
  • Equity: Will it result in equitable and consistent treatment across departments?
  • Funding: Is funding available, aligned with current priorities, and recommendable in light of opportunity costs? Are the long-term total costs of not proceeding (e.g. continuing to pay for the maintenance of silo’d legacy infrastructure) greater than those of adopting an enterprise-wide approach? Are the individual and collective financial impacts on departments a net benefit?
  • Capacities: Is there an existing organization (e.g. a common service organization) that could provide the service? Is there a lead organization or cluster with the necessary resources, expertise and commitment to successfully execute?

Decision Making Framework for Enterprise Solutions/Shared Services

Presented at GC EARB on June 4th, 2020

Under the Policy on Service and Digital, departmental CIO’s are responsible for “submitting to GC EARB, proposals concerned with the design, development, installation and implementation of digital initiatives”. They are also responsible for “adopting, as applicable, enterprise solutions within their respective department.”

Decision Making Framework
Decision Making Framework

Increasingly, a number of departmental digital initiatives propose solutions that address matters with common business capabilities, resulting in a diverse range of applications in operations across the GC IT landscape. TBS has recognized a need to provide assistance to departmental CIO’s to inform decision-making with respect to the adoption of enterprise solutions.

The following presentation is the first iteration of a working draft of a decision making framework that will be used as a guide for the adoption of enterprise solutions. The framework will be added to the revised GC EARB presenter template. Please send us your feedback on the decision making framework for enterprise solutions to the TBS Enterprise Architecture team

Input from Gartner

In a shared services model, the customers of the shared services are part of the formal board of directors, governing the strategic intent of the shared services organization and determining what service levels will be provided.

Centralization is most commonly successful in forms of government with a single, strong leader such as a governor, a strong mayor or county executive, or a president, where the role has significant power over the machinery of government.

There are occasional exceptions to both of these situations, but creating a centralization model in the parliamentary form of government is extremely challenging because the parliamentary model usually doesn’t envision enterprise authority vested in any one person.

DRAFT: Patterns and Practices regarding Enterprise Solutions/Shared Services: Spectrum of Options

Enterprise Solutions may be governed using three general models that provide relative advantages in terms of addressing technical debt, minimizing total cost of ownership, maximizing use of talent, maximizing consistency of technology and business processes, and optimizing infrastructure.

Model Illustration
Enterprise Service Provider Model. This model provides all services to the entire Enterprise in a consolidated manner, governed by a centralized authority, and is fully integrated across all instances. It maximizes utility of major investments which address common business needs, have Enterprise-wide scope, long durations, and require participation from all departments and agencies.

Pros: Enables cohesive, horizontal integration across Enterprise to enables consistent frictionless utilization by stakeholders and administration. Maximizes consistency of technology.

Cons: Increases risk of vendor lock in. Does not allow for department specific customizations to address non-standardized business processes.

Centralized Model Icon
Centralized Model Icon
Product Owner Model. This model uses departmental clusters or business owners to govern distributed instances of enterprise solutions. This model leverages enterprise standards, product owners, departmental clusters, governance and oversight. This model may also leverage distributed technical infrastructure to support solution clusters.

Pros: Recognizes layered approach of Enterprise Architecture Framework and enables governance of one or many aspects of Business, Information/Data, Application, Technology, Security, and Privacy for reuse by departments with similar business processes or non-functional requirements.

Cons: Although the risk of vendor lock in is mitigated comparted to the Enterprise Service Model, it may be challenging to replace technology components that span multiple departments.

Decentralized Model Icon
Decentralized Model Icon
Federated Model. This stand alone, or decentralized model allows departments to implement their own stack components, influenced by standards, using APIs via interoperability standards. Governance manages exemptions from the Standard; however, a decentralized enterprise with multiple service delivery methods and business units may be successful in finding justifications for significant deviations for standards.

Pros: Enables reactive solutions to address business processes not shared across departments. Limited risk of vendor lock in.

Cons: Limits reuse across departments. Talent supporting technology components in the federated model have fewer opportunities to build skill sets useful across the Enterprise.

Federated Model Icon
Federated Model Icon

Health Canada classification model

  1. Business Capability
  2. Solution, specific tool
  3. Component

Service & Digital Target Enterprise Architecture

The Service & Digital Target Enterprise Architecture and Whitepaper were presented at GC EARB on July 16, 2020 for pre-endorsement.

The Service & Digital Target Enterprise Architecture defines a model for the digital enablement of Government of Canada services that addresses many of the key challenges with the current GC enterprise ecosystem.

  • It seeks to reduce the silos within the current GC ecosystem by having departments adopt a user and service

delivery centric perspective when considering new IT solutions or modernizing older solutions.

  • It advocates a whole-of-government approach where IT is aligned to business services and solutions are based on re-useable components implementing business capabilities optimized to reduce unnecessary redundancy.
  • This re-use is enabled through the use of published APIs shared across government. This approach allows GC to focus on improving its service delivery to Canadians while addressing the challenges with legacy systems.

Enterprise Solutions/Shared Services and the EA Framework

The Business Architecture layer of the the EA Framework has the following assessment criteria for GC EARB reviews:

  • Promote Horizontal Enablement of the Enterprise
  • Identify opportunities to enable business services horizontally across the GC enterprise and to provide cohesive experience to users and other stakeholders
  • Reuse common business capabilities, processes and enterprise solutions from across government and private sector
  • Publish in the open all reusable common business capabilities, processes and enterprise solutions for others to develop and leverage cohesive horizontal enterprise services.

The following initiatives endorsed by GC EARB have characteristics of Enterprise Solutions/Shared Services.

Enterprise Solutions/Shared Services can be identified across all the layers of the EA framework, BIATSP.

Business Architecture

GC BCM v2.0 (GC Business Capability Model)

Investing in Enterprise Capabilities at CBSA, 2020-01-31

Digital Workspace Standards & Profiles. 2019-10-31

Accessible Information and Communication Technology (ICT), 2019-06-19

Standard for ITSM Integration, 2018-06-28

Information Architecture

A Framework for Government-Wide Data Governance & Stewardship, 2020-03-02

Enterprise Data: Update to the Enterprise Architecture Review Board, 2019-07-04

API Store, 2019-04-04

Data Analytics as a Service, 2019-03-21

GC Data Strategy, 2018-05-31

Enterprise Data Management and Architecture, 2018-05-31

GCdocs and GCdocs Managed Service, 2018-05-31

Data Sovereignty & Public Cloud, 2018-03-22

Enabling interoperability

CDXP

Grants and Contributions, 2017-11-09

Application Architecture

Canada School of Public Service – Next Generation Digital Learning Environment, 2020-07-02

Public Services and Procurement Canada (PSPC) Industrial Security Systems Transformation (ISST) Project GC EARB – 2020-06-18

Communications Security Establishment – NextGen HR and Pay for High Security Organizations - 2020--06-04

Digital Comptrollership Program (formerly Financial Management Transformation)

NRCan – Canadian Geospatial Platform (Federal Geospatial Platform), 2020-03-26

SSC IT Service Management Tool Project (Service Management Transformation Program), 2020-03-02

Statistics Canada cloud architecture for Drupal, GC reference architecture for the GC, 2020-01-17

NSERC/SSHRC/CIHR – Tri-Agency Grants Management Solution, 2019-11-14

Open Source Standards and Whitepaper, 2019-10-03

GCcase

Canada.ca Search Engine, 2019-06-19

GC Mainframe Strategy, 2019-06-19

eProcurement Solution, 2019-05-02

Gartner Assessment of CRA/CBSA SAP Strategy, 2019-03-21

ATIP Online Request Service (AORS), 2019-02-07

VidCruiter SaaS, 2018-11-18

Open First Whitepaper, 2018-09-13

Asset Discovery & Inventory Management. 2019-08-30

Talent Cloud, 201-07-12

Enterprise Managed SharePoint service, 2018-05-31

Project and Portfolio Management (GC PPM), 2018-05-31

Technology Architecture

TBS – Process and status of Split Tunneling requests, 2020-06-18

Digital Communications and Collaboration (DCC): Network and Security Design Principles, 2020-03-26

Cloud eXchange Point (CXP) readiness process, 2020-01-31

GC Cloud Enablement: Cloud Connection Patterns, 2020-12-19

SCED and A unified, consolidated, and regionalized hub strategy for interconnectivity to and from the GC infrastructure, 2019-12-05

Digital Communications and Collaboration (DCC), 2019-11-14

Enterprise Mobile Device Management, 2019-06-13

Cloud

SSC Cloud Access Security Broker (CASB) service, 2020-07-30

Security Architecture and Privacy

Enhancing email security with Domain-based Message Authentication, Reporting & Conformance (DMARC)., 2020-01-31

Digital Credential and Access Management, 2019-09-19

Enabling Secure Access to Protected B Cloud Services, 2019-09-19

Cyber Security Digital Identity Reference Architecture, 2019-07-04

Pan-Canadian Trust Framework, 2019-05-02

Sign IN Canada Way Forward, 2019-05-02

Verified.Me POC, 2019-05-02

MyAlberta Digital Identity, MADI-2019-05-02

Update of the GC Digital Identity Strategy, 2019-01-10

HTTPS Everywhere” Standard, 2018-03-08

Last update on 2020-08-04

Updates completed from the following GC EARB meetings
2020 2019 2018
2020-01-17 2019-01-10 2018-03-08
2020-01-31 2019-01-24 2018-03-22
2020-03-02 2019-02-07 2018-04-05
2020-03-26 2019-03-07 2018-04-26
2020-04-09 2019-03-21 2018-05-10
2020-04-23 2019-04-04 2018-05-18
2020-05-07 2019-05-02 2018-05-31
2020-06-04 2019-06-13 2018-06-14
2020-06-18 2019-06-19 2018-06-28
2020-07-02 2019-07-04 2018-07-12
2020-07-16 2019-07-25 2018-08-30
2020-07-30 2019-08-22 2018-09-13
2019-09-19 2018-09-27
2019-10-03 2018-09-27
2019-10-31 2018-10-19
2019-11-14 2018-11-01
2019-12-05 2018-11-15
2019-12-19 2018-11-29
2018-12-13