What is your approach to enterprise architecture (EA) governance?
Sort by:
We now adopt cloud-first and specifically AWS. We use AWS products as much as possible and follow the Well Architected Framework and its tools.
We have one principal architect who is in charge of all architecture reviews. We also follow an Applications Architecture as supported in TOGAF - https://pubs.opengroup.org/architecture/togaf8-doc/arch/toc.html. It allows us to deploy individual application systems interacting with each other and integrate their relationships to our core business processes.
Firstly, coming up with Principles and guidelines. Secondly having the process well defined and lastly having the Program governed by PMO.
While providing the guidance, it is important to have alignment ( non-negotiables) and autonomy ( negotiables) to be well defined. For example, how would the team be experimenting to standardize the POC into a product?
Having well-defined processes and boundaries well defined will help the team make some autonomous decisions that can expedite the outcomes while at the same time not reinventing the wheel.
having a strong program overlook and governance can help make sure we are not deviating and make sure we are not taking indefinite time and resources.
Setup certain guidelines and practices with periodic review of cost and relevance
It is a very complex subject, especially when we are talking about OT and IIoT systems in the mix. Many of these systems have their own authentication and athorization systems that sometimes cannot be integrated with something such as Single Sign-On and IAM, but ideally it should. I don't think there is one solution, but in a perfect world, there should be an IAM system as a central structure but users could share access to part of their data to groups and users as they wish, as long as allowed too.