Process Step 4: Define the Conceptual Solution Architecture    (3ZOV)

Activity 4.1: Assess systems and technology environment for alignment with performance, business, and information requirements    (3ZOW)

Activity Description:    (3ZOX)

This activity builds upon the analysis of the segment’s business and information environment performed in process step 3 and is within the scope identified in process step 2. The focus of this activity is to collect and analyze information pertaining to the as-is use of systems and services and how well those systems and services support the performance, business, and data architectures. This activity includes assessing the segment’s systems and services across several dimensions, including business, data and technology alignment; service management; and maturity. This activity also includes a high-level assessment of existing system interfaces within the segment and the data that is exchanged between those systems. By performing an analysis of existing systems and services against the performance, business, and data requirements for the target state, the architect should be able to answer key questions related to the target conceptual solution architecture including:    (3ZOY)    (3ZP2)

Activity Inputs:    (3ZP3)

Tasks:    (3ZP7)

4.1.1 Collect information on existing segment system and service capabilities    (3ZP8)

This task leverages the performance, business, and information architecture analysis conducted in process step 3 to identify the key systems and services capabilities that should be assessed in process step 4. The analysis in process step 3 has been conducted within the scope set in process step 2. Therefore, the analysis in process step 4 is focused within the established scope of the segment architecture as defined and accepted by the core team. Key process step 3 artifacts to consider include the business and information to strategic improvement opportunities alignment matrix, the business and information architecture adjustment profiles, and the as-is key information sources qualitative assessment.    (3ZP9)

During this task, the architect gathers information that will be useful to conducting an analysis on how well the current systems and services support target mission delivery. Information being gathered may include the systems currently in use, services currently in use, any known security issues or risks, and stakeholder feedback with regard to overall system performance and alignment to business needs. Performance information may also be derived from existing program performance assessments (e.g., Program Assessment Rating Tool).    (3ZPA)

Information-gathering can be performed using a variety of methods, including querying an existing repository of EA information and conducting interviews with key stakeholders (e.g., business owners) to understand the systems and services within a segment and to identify existing data sources. The information collected should be at a sufficient level of detail to assess the data fit, business fit, technology fit, service management, and maturity level of the system or service and should include the total cost to provide, deliver, support, and manage data, systems, and services in the portfolio. Cost data on the current operational environment is useful in determining projected cost efficiencies that may result from implementing the target segment architecture. These cost data should be extracted from existing exhibit 300s and the exhibit 53. A useful approach for capturing cost data for information technology systems is using the baseline cost reporting template provided in OMB Memorandum M-06-22 to facilitate the capture and reporting of cost savings and cost avoidance that the target conceptual solution architecture will achieve.    (3ZPB)

The cost information gathered during this task should be leveraged in the capital planning and investment control (CPIC) phase to support the cost-benefit analysis and return-on-investment analysis that will be utilized in the development of subsequent business case(s). For example, if redundant services and systems are identified for decommissioning in subsequent activities, it will be helpful to have determined a rough cost for the current environment.    (3ZPC)

4.1.2 Define the as-is conceptual solution architecture    (3ZPD)

The as-is conceptual solution architecture serves as a baseline for determining the required adjustments to the segment architecture in order to align the strategic, business, and information improvement opportunities in subsequent tasks. Although this guidance is for segment architecture, the architect must develop an understanding of the current conceptual systems and services environment so subsequent analysis of the target systems and services architecture can be performed. The as-is systems and services interface diagram should be constructed to illustrate how the business functionality identified in the business model (process step 3) is associated with existing system and service components. This model shows the existing systems and services in the as-is state and identifies the relationships (e.g., data exchange packages) between them, but it may also include an overlay to show the boundaries of key business functions and external interfaces (e.g., organizational). The data depicted in the as-is systems and services interface diagram should align with portions of the conceptual data model from process step 3, and the systems and services depicted should be enablers of the business processes and activities analyzed in process step 3.    (3ZPE)

Unlike the description of the target conceptual solution architecture as developed in activity 4.2, the description of the as-is conceptual model should include only the as-is systems and services interface diagram in order to limit the analysis of the as-is conceptual solution architecture to what is necessary to provide an adequate baseline. The subsequent development of the target conceptual solution architecture will include other artifacts, such as the service component model and technology model.    (3ZPF)

4.1.3 Assess business value and performance of systems and services    (3ZPG)

An assessment of business value and performance of as-is systems and services within the defined scope of the segment is performed to determine where adjustments to the segment architecture should be investigated. This assessment is a critical task in ensuring alignment to the strategic, business, and information requirements depicted in process steps 2 and 3. An overall assessment is performed for each as-is system or service to determine how well they support the segment strategic intent, as developed in process step 2. This assessment should also include an identification of the degree of functional overlap with other systems or services and the extent to which the systems or services are associated with re-engineered or streamlined business processes (e.g., automated workflow).    (3ZPH)

The business value assessment should also take into consideration the overall efficiency of applicable investments (e.g., return on investment) relative to available alternatives to these investments in similar systems and services or to other enterprise services.    (3ZPI)

4.1.4 Determine adjustments necessary to the as-is conceptual solution architecture    (3ZPJ)

Results of the as-is systems and services analysis are compiled and evaluated using the as-is system and services scorecard, which produces a comprehensive scoring of the cost, fit, and value of as-is systems. The analysis results should be evaluated to answer key questions relative to the needs of the target conceptual service component and technology architecture, including:    (3ZPK)

NIST 800-39 Touch Point: NIST 800-39, Sec. 3.3: Security controls should be reflected in the FEA solution architectures and should be traceable to security requirements allocated to mission/business processes defined in the FEA segment architectures. Certain security controls (e.g., common security controls) may be provided by cross-federal information security initiatives, supporting infrastructure, other shared security services or solutions, or cross agency, segment, or bureau initiatives. Note: The selection of security controls is based on NIST800-53 in accordance with FIPS 199 impact levels determined during the security categorization process and the minimum security requirements defined in FIPS 200.    (3ZPQ)

Communications Considerations:    (3ZPR)

Activity resource requirements should be reviewed and verified with the core team to help ensure participation and access to key subject matter experts. Architects should work with systems and services owners to ensure they have current and accurate information about the segment services and systems.    (3ZPS)

Results of the analysis of systems and services should be verified with the core team and other key stakeholders. Where a segment has a large collection of interdependent systems and services, it may be preferable to establish a dedicated work group to verify the results of activity 4.1.    (3ZPT)

Activity Outputs:    (3ZPU)

Suggested Analytical Techniques:    (3ZPX)    (3ZQ0)

Next Activity: 4.2 /Define_the_target_conceptual_solution_architecture    (3ZQ1)