The Enterprise Architecture (EA) Policy establishes an information technology framework to develop, maintain and use the EA as a tool for making decisions around information technology changes and investments. The EA Policy implements the requirements specified for agencies within EA standards, incorporating related laws, regulations and other mandatory guidance as well as best practice related to EA. The primary intent of the information technology framework is to meet the following objectives:
The EA is a management best practice that provides a consistent view across all program and service areas to support planning, business transformation and IT investment decision making. Used appropriately, EA promotes mission success by serving as an authoritative reference, promoting functional integration and resource optimization with both internal and external service partners.
Achieving the enterprise architecture objectives requires collaboration, cooperation and coordination among agency business stakeholders, systems developers, partners, and technology infrastructure providers. The Commonwealth’s Enterprise Architecture is strategic and operational direction used to manage and align the Commonwealth’s business processes and Information Technology (IT) infrastructure/solutions with overall strategy.
The Enterprise Architecture requirements implements a information technology framework and repository which defines:
The Enterprise Architecture contains four components as shown in Figure 1.
Note: The EIA Maturity Model was derived from the EW Solutions model in the NASCIO report cited below. The original version of the EW Solutions model has been redrafted to more fully describe the stages on the maturity curve for the Commonwealth. The EW Solutions model also has been modified from five levels to three levels. This modification was due to the fact that Commonwealth Agencies lack the statutory authority to achieve the higher levels of system maturity and integration described in the original EW Solutions model. Source: NASCIO. 2009. Data Governance Part II: Maturity Models – A Path to Progress.
The Business Architecture drives the Information Architecture which prescribes the Solutions Architecture that is supported by the Technical (technology) Architecture.
The Enterprise Information Architecture (EIA) promotes the governance, management and sharing of the Commonwealth’s data assets. The information architecture is primarily focused on consistency and extensibility of data within the enterprise.
An Enterprise Solutions Architecture (ESA) is the collection of information systems
(applications and components, purchased or custom-developed) supporting or related to the business functions defined in the Enterprise Business Architecture (EBA) and the Enterprise Business Model.
The Enterprise Technical Architecture (ETA) consists of technical domains that provide direction, recommendations and requirements for supporting the Solutions Architecture and for implementing the ETA. The ETA establishes requires for the development and support of an organization’s information systems and technology software services, and infrastructure.
Each of the domains is a critical piece of the overall ETA. The Network and Telecommunications, and the Platform Domains address the infrastructure base and provide the foundation for the distributed computing. The Enterprise Systems Management, Database, Applications and Information Domains address the business functionality and management of the technical architecture. The Integration Domain addresses the interfacing of disparate platforms, systems, databases and applications in a distributed environment. The Security Domain addresses approaches for establishing, maintaining and enhancing information security across the ETA.
Achieving the “to be” enterprise architecture requires collaboration, cooperation and coordination among agency business stakeholders, systems developers, partners and technology infrastructure providers.
The Enterprise Architecture component reports and the corresponding EA Standard provide guidance and technical direction for the Commonwealth for achieving the envisioned “to be” enterprise architecture. Executive branch agencies shall comply with the direction provided by the EA in developing and implementing technology solutions and the corresponding information technology infrastructure required to support the business needs of the Commonwealth.
To ensure that the EA remains relevant and current, and that the state progresses towards implementing the “to be” EA, state agencies, local governments, institutions of higher education and other interested parties or stakeholders will collaborate, and work with the VITA Policy, Practice and Architecture Division to identify:
It is the intent of the Enterprise Architecture to standardize and simplify the many technologies and products used in the Commonwealth today. This will require a reduction in the number of technologies and products used to develop and support production systems in the Commonwealth to those identified in the EA. The Commonwealth will accomplish this through the ongoing development and implementation of its EA and related standards.
The Commonwealth will use the process defined in the Appendices to govern changes and exceptions to the EA and to ensure that all recommendations and requests for changes or exceptions are logged, reviewed, evaluated, considered and responded to in a timely manner.
Information continues to be a critical resource for the Commonwealth. Agencies gather and process data to create information needed to support their missions, whether those missions relate to disaster recovery, environmental protection, citizen security or other direct services. The EIA provides a governance framework, information model, shared vocabulary and methodology supporting each agency’s ability to efficiently discover, access, share and utilize the Commonwealth’s data assets.
The EIA has been designed to provide a common framework for the cost-effective exchange of information across organizational lines while ensuring security, privacy and appropriate use of that information. The EIA enables agency leaders to manage the Commonwealth’s data assets as a means of better serving the citizens of Virginia. EIA supports a great agency capacity and efficiency for using data assets to accomplish the Commonwealth’s core strategies.
The EIA provides technical direction and benchmarks for the Commonwealth to achieve the future state described at the Enterprise Level of the EIA Maturity Model. Commonwealth agencies shall comply with the direction established in the EIA in the design, development, implementation and integration of data-management solutions.
This policy recognizes that the ultimate responsibility for the management, control, development, maintenance, enhancement and use of information systems rests with the individual state agency. Accordingly, it is the policy of the Commonwealth that all state agencies must adopt written standards for the development, maintenance and enhancement of all information systems. The purpose of written standards is to ensure that quality, effective and maintainable information systems are developed by state agencies.
Within the Commonwealth, “open source software” is treated the same as any other type of software. All software including “open source” that is used for development and support of Commonwealth and/or agency “mission critical applications” must be at a version/release level that has vendor or equivalent quality level support available. This support should include security hot fixes and updates.
Open source doesn't just mean access to the source code. The distribution terms of open source software must comply with the following criteria: (as recommended by the Open Source Initiative (OSI)).
The Enterprise Architecture (EA) Change/Exception Request Process defines the roles and processes to be used to review, debate, discuss, and make decisions concerning requests for additions, changes and exceptions to the Commonwealth’s Enterprise Architecture.
Roles of the key players in the EA Change/Exception Request Review Process are: Chief Information Officer (CIO) – final authority for approving changes to Enterprise Architecture policy and standards.
Agencies and other stakeholders can initiate potential changes to the Enterprise Architecture by:
All requests for EA exceptions or proposed changes must be submitted electronically using Archer. Requestors should attach any additional project or research materials or documentation that supports their request.
When an agency or other stakeholder initiates an EA Change/Exception Request that can cause a potential change to the EA, the Chief Enterprise Architect uses the following processes to ensure all such received requests are logged, evaluated and responded to in a timely manner:
The Chief Enterprise Architect will ensure all change/exception requests received are logged and assigned to an Enterprise Architect within 3 business days after receipt. The assigned Enterprise Architect will notify the submitting organization that their request has been received and is being worked on within 2 business days of receiving the assignment.
Exception requests come in two forms; those that ask for a temporary exception for some period of time or until an event occurs; or those that seek a permanent exception to one or more EA requirements or technology standards.
The assigned Enterprise Architect is responsible for conducting appropriate research, consulting with subject matter experts, developing recommendations and forwarding those recommendations to SMEs for review within 7 business days after the request was assigned.
SMEs will review the request and Enterprise Architect’s recommendations and provide comments and/or recommendations on the request to the Chief Enterprise Architecture within 5 workdays of receiving the request from the assigned Enterprise Architect.
If the assigned Enterprise Architect and SMEs recommendations are different or they identify one or more issues with the request and the Chief Enterprise Architect cannot facilitate a consensus, the Chief Enterprise Architect can escalate the request to the CIO for resolution.
The Chief Enterprise Architect, after reviewing the recommendations of the assigned Enterprise Architect and SMEs, and, as needed, consulting with additional subject matter experts, will recommend a course of action on the request to the CIO within three business days of receiving all appropriate recommendations.
It is VITA’s intent that all research, reviews and recommendations required for the CIO to make an informed decision be completed and provided to the CIO within four weeks of receipt of the request for exception.
The Chief Information Officer of the Commonwealth will take one of the following actions related to an exception request:
If the exception request is approved by the CIO and the analysis or recommendations cause a change to an ITRM Policy, Standard or Guideline, then the corresponding policy, standard or guideline shall be revised using the normal approved revision process defined in the current version of the COV ITRM Standard GOV 101. The CIO’s approval decision shall also be provided immediately to the requesting agency so that they may proceed with the exception in a timely manner.
This includes all other types of requests other than exceptions. The assigned Enterprise Architect will work with the appropriate EA team(s) and/or business owners for research and subject matter experts to develop a solution/recommendation that addresses the request.
Depending on the type of request, the assigned Enterprise Architect/EA team/business owner recommendation is due to the Chief Enterprise Architect as follows:
Requests to change language/definitions in an EA report or requests for research/review of a topic or technology will be handled by the Chief Enterprise Architect based on recommendations received from the assigned Enterprise Architect. These types of requests do not require CIO approval, but require the requested language change, topic or technology be added to the potential workload of the EA Division.
For alternative technology proposal requests and approve emerging technology for pilot requests, the request will be forwarded to appropriate SMEs for review and recommendation development at the same time the request is assigned to the Enterprise Architect. The SME recommendation should be provided to the assigned Enterprise Architect and to the Chief Enterprise Architect.
For alternative data standard related proposal requests, the request will be forwarded to the designated VITA manager responsible for coordinating data owner/SME reviews and recommendations development at the same time the request is assigned to the Enterprise Architect. The designated VITA manager shall provide SME recommendations to the assigned Enterprise Architect and to the Chief Enterprise Architect.
As appropriate and after reviewing input recommendation(s) and, as needed, consulting with subject matter experts, the Chief Enterprise Architect will recommend a course of action to the CIO within three business days of receiving the recommendation(s).
For those requests referred to the CIO for action, the Chief Information Officer of the Commonwealth will take one of the following actions related to the request:
If the change request is approved by the CIO and the analysis or recommendations cause a change to an ITRM Policy, Standard or Guideline, the corresponding policy, standard or guideline shall be revised using the normal approved revision process defined in the current version of the COV ITRM GOV 102 Standard.
Final decision results of all received EA change/exception requests will be documented and posted on the VITA Website under the Enterprise Architecture Library. This provides a record of the evolution of the decision process and history for the Commonwealth’s Enterprise Architecture.
EA change/exception requests are logged as part of the receiving process and their corresponding outcomes shall be documented and published regardless of whether a request was accepted or rejected.
The assigned Enterprise Architect will:
A complete, up-to-date log of all EA change/exception requests can be viewed in Archer.