Next, agencies must sell non-IT managers on the benefits of EA
Agency IT officials say they are beginning to find value in using enterprise architecture to reduce the number of processes, which they expect will ultimately save them money.
But even though it has become a part of the federal IT landscape, encouraging participation in EA at all levels of government is a never-ending exercise, agency architects said.
Agencies have followed the Office of Management and Budget’s top-down approaches, which include the Federal Enterprise Architecture reference models, to develop initial versions of their enterprise architectures. Agencies also put their own mark on their architectures.
The Health and Human Services Department has added enterprise lifecycle processes to its EA to gain better performance from its investments.
“It’s not new, it’s just aligning processes. It’s easy, practicable things to make your EA grow more robust” said John Teeter, HHS chief enterprise architect and one of many architects and CIOs who spoke at a conference on enterprise architecture sponsored by the E-Gov Institute in Washington last week.
The key to a successful architecture is getting more employees to participate in the EA process and collaborate, he said. “Now people are beginning to talk about ‘I have this data need’.”
They are beginning to think across the enterprise instead of thinking how one agency could fulfill one requirement with its own tools, Teeter added.
HHS is starting a department- wide data program, in which it is focusing on interoperability and data sharing across departments and with outside partners, such as states. EA has helped to map that.
“If you start to get a handle on the data, then you can start to facilitate that process,” Teeter said.
For example, the Centers for Medicare and Medicaid Services and the Food and Drug Administration are considering working together to identify and eliminate medical errors or adverse reactions to drugs and medical devices.
“There’s an exchange of information that could provide perspective for other agencies,” he said.
The Centers for Disease Control and Prevention also would be interested in that information from the public health perspective within a particular location where there might have been a drug reaction.
Active support from executive management on down requires constant communication, said Carol Macha, chief of EA strategy and implementation for the Defense Department’s business management program. EA needs to evolve and be described more in terms of the business processes, such as finance or procurement, which is the language of management, than in EA-speak, such as activities modules and diagrams.
“It’s imperative to have as much buy-in as possible. One of the best ways is to trade resources,” she said.
Macha recently returned to DOD from being detailed to the Homeland Security Department to help develop its EA.
Subject matter experts were detailed for a year and a half to the DHS CIO’s office for EA duties from other offices at DHS and from DOD. Once back at their permanent positions, the employees talked up EA among their colleagues, providing word-of-mouth support, she said.
Managers, however, need to see value faster.
“Enterprise architecture is the right thing to do, the smartest thing to do, the most efficient thing to do. But unless we can turn the corner and create value out of our EA and get value out there, we might not see as much support in the future as we have now,” she said.
One way to gain managers’ support is to provide best practices for a process, such as security, for which the government has plenty of requirements but not a lot of guidance. Each agency will implement security based on its own need to manage risk, said HUD CIO Lisa Schlosser.
“It’s hard to put security in place, but it’s harder to put it in place everywhere,” she said.
Schlosser used the Federal Enterprise Architecture as a guide and mapped out what security HUD needed at every level and incorporated that in the HUD enterprise architecture.
Best practices can guide agency architects to have the right amount of security in the right place, she said, including:
- Developing a good security policy, keeping it updated, having it available on the agency Web site
- Alerting users that a security policy is available and where it is
- Thinking enterprise on all security solutions
- Baking in security early in an application or hardware, as in building in security specifications in hardware at the manufacturer.
Connect with the GCN staff on Twitter @GCNtech.