5.4: Finalize Products
Approve, Publish, and Disseminate the EA Products Other Information:
Upon verification and validation of the architectural products, the Agency's management should approve the overall architecture.
This step includes approval by the EAESC, the CIO, Chief Architect, and Agency executives up to and including the Agency Head
(e.g., Secretary, Commissioner, or Directors). Each Agency incorporates its own approval processes for this cycle. The Agency
executives, managers, and architects should have ready access to the information in the EA. By distributing the information
in electronic Read-Only format, executives and managers can use the information directly while the controlled baseline is
maintained. Executives and managers should use the information for more than just reference purposes√ incorporating it into
communications, briefings, and directives. Application architects use the information to analyze artifacts against their own
reality and identifying opportunities for improvements. Enterprise architects use the information to apply "what-if" analysis
against the baseline. In addition, Read-Only format versions of the EA limit the number of staff able to make changes and
modifications to the products, easing the burden of change management on the enterprise as a whole. The EA documents extensive
information about the Agency. Careful consideration must be made to the distribution of that information. Although it is possible
that an EA may not have any confidential information, the aggregation of the information may comprise a security risk. In
the wrong hands, the compilation of enterprise information in the EA could create a vulnerability to the Agency by providing
sufficient information for infiltration and disruption. Some of the information (or combinations thereof) may need to be controlled
and accessed on a "need-to-know" basis (e.g., network models, critical performance factors, system interfaces, etc.). The
architecture core team considers what classes of EA users will need what information: contractors, management, and Agency
staff typically focus on particular areas of the enterprise, and thus may only need particular subsets of the EA. An EA that
includes a comprehensive view of the details of the Agency systems and infrastructure could be organized in levels of detail
and distributed in a tiered format corresponding to security clearances and the need to know. Architecting is an ongoing,
iterative process requiring regular modification and maintenance. Whenever the EA changes, it is imperative to update the
architecture models.
Indicator(s):
|
