This paper highlights and consolidates interesting risk management topics for enterprise information systems from enterprise architect and system integration perspectives.
We first highlight concepts of
. Advanced risk modelling
. Enterprise architecture
and how these two disciplines are related. Afterwards, we will consolidate all the common risk factors people have identified for enterprise architecture and system integration.
Finally, we get a case study of how people use one of the models, HHM, National Institute of Standards and Technology, and Project Management Body of Knowledge (PMBOK) to manage their enterprise architecture in modern times.
Implementing and deriving a quantitative model for information systems is out of scope, but hopefully we will provide bits and pieces to people who want to develop something handy from this paper.
Risk Management on Enterprise Architecture and
System Integration Eric Tse
Abstract This paper highlights and consolidates interesting risk management topics for enterprise information systems from enterprise architect and system integration perspectives. We first highlight concepts of . Advanced risk modelling . Enterprise architecture and how these two disciplines are related. Afterwards, we will consolidate all the common risk factors people have identified for enterprise architecture and system integration. Finally, we get a case study of how people use one of the models, HHM, National Institute of Standards and Technology, and Project Management Body of Knowledge (PMBOK) to manage their enterprise architecture in modern times. Implementing and deriving a quantitative model for information systems is out of scope, but hopefully we will provide bits and pieces to people who want to develop something handy from this paper.
Introduction During the last two decades, enterprises utilize information technology for their business. There are many system integration projects involved and after the projects there are lots of operation and ongoing support work. As the whole enterprise involves a lot of different technologies, different people, different infrastructure and many other factors, managing it becoming very complex. Risk management on our enterprise architecture is one of the big topics enterprise architectures and executive should care about. There have been pragmatic guidelines for helping IT professional manage risks to their systems, but there are not many formal quantitative methodologies of how people should manage their risk. Also this is the highest bird eye view of risk management of technology. It consists of a lot of human and social factors from the whole enterprise and IT professional may not see them in a black and white way. This paper will try to collect bits and pieces of different components, such as:
? Complex models for risk management
? Enterprise architecture principles and highlights
? Identify common risks for enterprise and system integration projects
? Existing frameworks on what people are doing in the industry
28/01/10 www.projectperfect.com.au Page 1 of 17 The Project Perfect White Paper Collection
We hope people can utilize the paper as a starting point to develop further sophisticated quantitative models, or even software for enterprise architecture risk management.
Advanced Methodology of Risk Modelling We will first layout the principles and models for risk management. The purpose here is that enterprise architecture risk management is complex and we need some building blocks to give us foundations. Second, instead of just giving some pragmatic guidelines, we want to provide some theoretical depth to the discussion, for the sake of people who want to develop models from our bit and pieces of information.
Why risk modelling is complex? Three fundamental reasons for the complexity of risk modeling [4].
? One is that decision making under uncertainty literally encompasses every facet, dimension and aspect of our lives. It affects us at the personal, corporate and government levels. It also affects us during the planning, development, design, operation, and management phases.
? The second reason risk based decision making is complex is that it is cross disciplinary. The subject has been further complicated by the development of diverse approaches of varying reliability. Some methods, which on occasion produce fallacious results and conclusions, have become entrenched and will be hard to eradicate.
? The third reason is grounded on the need to make trade-offs among all relevant and important cost, benefits, and risks in a multi-object framework, without assignment weights with which to commensurate risks costs and benefits. We will discuss why enterprise architecture modelling needs this complex concepts later - after we discuss what enterprise architecture is.
Different modelling tools and concepts We are going to introduce some advanced concepts of risk modelling. We are not going to derive our enterprise architecture risk management models from them in this paper but hopefully it would provide some useful information for people who are interested. We would introduce some example... [download for more]
