Essential Launchpad V2

The Essential Launchpad has been very well received by our community and so we have taken the opportunity to extend it into the technology layer and populate a couple of new views that we think are key.

The IT Asset Dashboard gives a high-level view across an organisation from the business, through the application layer and right down to technologies used, highlighting use, duplication and legacy risk.

The Application Footprint Comparison view allows you to compare the footprint of two application across your business, so you can see which services are provided by which applications in support of business capabilities.

The standard technology catalogues and summaries are also populated across the technology layer.

There are some additional worksheets in the spreadsheet and an EUP (Essential Update Pack) to apply.  Just contact us here if you are interested and we will send you a zip file that contains everything you need.


Essential Launchpad

To help organisations quick start their data capture in Essential we’ve created the Essential Launchpad – a free and easy method to capture the data required to populate some of the key foundational views in Essential.

The focus is on allowing you to gain an understanding of the business landscape, how your applications support the business, and the application deployments.   We’ve provided the spreadsheets and import specs to build a base architecture with a number of the key views working.  You can use this as the basis for populating the other views in Essential.  Keep an eye on our videos page as we are constantly adding more ‘how to’s’ and will be providing some more meta model diagrams to help you get views working, most of which are anchored off the data captured in the Essential Launchpad

To see screenshots of the views that are populated and to register to receive the Essential Launchpad FREE, see here.

 

Repository Data Management

We’ve released a new set of views to labs that help you manage the quality and completeness of data in your repository.  This is a key requirement in understanding where there are gaps and issues with the data you’ve entered that will affect the accuracy of the views provided by Essential.  You can see and play around with the views in the demo viewer under the Repository Data Management Portal, and if you want to apply them to your own repository you can download them from labs.  The views are accurate, but the usability may need some tweaking – comments welcome and do let us know if you find any bugs.

The views are:

Data Completeness

Shows the completeness of slots in a given class.  This is really useful if, for instance, you wanted to understand which processes support given business capabilities, you need to have completed the realises business capability slot in your processes – this view will quickly show the % completed for the class and for which processes it is not completed.

(Note – you need to switch off the tabs before you move to the next tab – blame the developer, I’m sure that’ll change when it leaves labs!)

Data Duplication Dashboard

Shows the level of duplication for the key classes across your repository.  You can change the sensitivity to highlight similarities that may be duplicates.  You can dive into the detail by clicking on the number of one of the key classes or by selecting a class from the Class Data Duplication view.

We have also released a Design Authority support view to labs.  This allows project and change teams to record the applications and/or technology products they are using and the principles they are complying with, and issues a pass or waiver required result.  This is designed to allow projects to self-govern where allowed to speed decisions and reduce unnecessary meeting time, you can see this in the Enterprise Architect Portal in the demo viewer.

Again, any suggestions or comments very welcome! These are in labs, so if you find bugs, please do let us know.

View Documentation

In response to popular demand we’ve started to create videos to demonstrate how to populate the views.  We’re working through the most popular views, ignoring those where there is an existing view manual as, although not quite as elegant as the videos, documentation does exist.  We’ve created a video and a meta model diagram for each – most will be demonstrated in Essential Cloud, with some on Essential Open Source, but please note that as the meta model and views are shared they can be used interchangeably.  The videos can be found here.

It may take a little while to do them all as there are over 120 now, however, if you would like us to prioritise a particular view, just let us know and we will push it up the list.

Enterprise Architecture Firm of the Year 2018

We are delighted to announce that, for the second year running, EAS has won top place in Corporate Live Wires’ Innovation & Excellence Awards.  Following on from receiving the award for Innovation in Enterprise Architecture 2017, this year we have been named as Enterprise Architecture Firm of the Year 2018 based on Essential and our consulting work around it.

The Innovation & Excellence Awards are judged by a panel of industry experts following nominations from the wider community.  The Essential Project, the world’s most popular open-source EA Tool, is now available as SaaS through Essential Cloud.  EAS, Essential’s founders, are all practising architects and we continue to extend and improve Essential by listening to our clients and our community and reacting to their needs.  We were first to exploit the connection between the information required for EA and GDPR and launch a GDPR support pack, bringing massive benefits to both the Compliance and EA Teams within an organisation.

We are continuing to develop Essential to support our customers and our community; look out for our innovative data capture and maintenance solution which will ease the burden of data management and revolutionise EA!

5 Steps to Effective GDPR Monitoring

Wherever you are on your GDPR journey, the 5 steps detailed below must be completed and can provide a useful checklist for progress.  This is based on several years’ experience we’ve had supporting the PII data requirements of global organisations.

  1. Assemble a Cross Business Team
    A successful GDPR initiative needs a number of different roles from across the Business and IT including, but not limited to, the following:
Role Purpose
Compliance The compliance team are responsible for defining the scope of the GDPR data for an organisation and also the allowed usages for GDPR data, i.e. defining the legal basis for use across the organisation. Compliance are also responsible for analysing the information returned and ensuring that remediation is put in place.
GDPR Coordinator The GDPR coordinator is responsible for ensuring that each business unit provides the detail of the data they process, the purpose and the applications used.  They should brief Business Units, coordinate and QA the information returned and manage queries.
Business Units The Business Units are responsible for providing the detail of the data they process, the purpose and the applications used for their business area, accurately and completely.
IT The IT teams are responsible for providing the detail of the applications and systems they are responsible for, accurately and completely.
Project Manager Create plan, coordinate resources, manage dates and deliverables and provide senior management reporting.
Analyst The analyst is responsible for analysing and modelling the data received from IT and the Business Units, for example, ensuring there are no duplicates, and providing this to compliance in a format that they can utilise to manage GDPR.
  1. Define the Data in Scope for GDPR and Define the Allowed Data Uses
    The data that is in scope for GDPR will vary from industry to industry, and organisation to organisation and each organisation must, therefore, define the data in scope for them. They must also define the data that is allowed to be used for each business purpose and whether or not consent is required.  We would recommend doing this before the fact-finding exercise as it provides a structure and minimises the possibility of duplication and data gaps.
  2. Get the Business Teams to Provide detailed GDPR Data
    The Business Teams will need to provide the data on their processes, purpose, data and applications used. Additionally, IT will need to provide information on the data held in databases, where the databases are stored and located and the security surrounding both the applications and the underlying technology.  There will need to be a standard means of capturing this detail to ensure consistency, so make sure the business have clarity on what they are doing – utilise your Data in Scope for this.  Once this data is provided, a central team should QA and analyse the data to ensure it provides an overall view of the business situation regarding GDPR.
  3. Gap Analysis and Action Plan
    A gap analysis and action plan should be created to work towards GDPR compliance. An ongoing process should be created to ensure this is an on-going exercise that continually demonstrates compliance.  Engage both the business and the IT teams in defining this process.
  4. Report to the Regulator
    The regulator will need to see evidence that you are on top of the new regulations; you will need to demonstrate that you have assessed your organisation against the new regulations, that you understand where you are compliant and that you have a plan in place to rectify any issues. They will also want you to demonstrate that you have a plan in place to manage GDPR as on-going commitment within your organisation, i.e. people, processes, technology, changes.

EAS have formed a partnership with UST Global and released the Essential GDPR pack, which enables organisations to understand their GDPR compliance adherence and risk from both a business and an IT perspective.  The objective of the tool is to demonstrate to both your CEO and the Regulator that the GDPR position is understood and under control; this is achieved through a series of interactive dashboards and detailed views that can be viewed online or printed out to suit the needs of both key stakeholders.

Our feedback indicates that whilst organisations have assembled teams and started data capture, many are proposing to manage GDPR compliance in a series of spreadsheets.  It is our experience that this is not sustainable; with such a large and constantly changing data set it is almost impossible to collect and structure the data in such a way as to answer all the regulators questions whilst keeping pace with change.  A GDPR tool with a comprehensive meta model, repository and adaptable viewer, allied to a very structured data capture process, makes this task achievable and, in fact, allows the data captured to be used to support other initiatives such as data management, application portfolio management and so on, enabling organisations to make use of the data that must be captured for GDPR.

EAS, in partnership with UST Global, can accelerate your GDPR initiative by bringing our combined experience and the Essential GDPR pack to:

  • Work with you to create a detailed plan to help you gear your organisation’s GDPR initiative for success, including the roles and responsibilities required across the business.
  • Work with your Compliance Team, or external organisations such as solicitors, to accelerate your initiative by providing quick starts based on our experience of the scope of GDPR data applicable to your organisation, and a business model that will aid understanding of allowed data usage.
  • Provide a set of pre-defined Questionnaires and Online Forms that direct the capture and analysis of the business and IT data required from your organisation.  Work with you to create a process to keep this data up to date.
  • UST Global, our partner, provides an automated data discovery tool that finds GDPR data in your databases and document stores, covering both structured and unstructured data such as PDFs. The results can be automatically loaded into Essential GDPR to supplement the manual data discovery carried out by business and IT teams to enable greater accuracy and accelerate the process.  The UST tool can also support the “Right to be Forgotten’ requirement, highlighting all the instances where a person exists across your organisation.
  • Essential GDPR provides powerful dashboards and visualisations to your GDPR data, allowing you to proactively manage your GDPR compliance and demonstrate to both your CEO and the Regulator that you are in control of your GDPR exposure, highlighting where you are compliant, where you have issues and where your risks lie.
  • Allow you to utilise the data that you have collected for GDPR to provide additional benefits across your organisation, such as identification of rationalisation opportunities, etc.

Find out more about the Essential GDPR pack or contact us.

 

EA Tools vs Modelling Tools

We’ve had a few questions recently about why Essential doesn’t provide a greater ability to draw pictures, which is part of the broader question regarding the difference between EA tools and Modelling tools.  Essential is primarily an EA tool and so is focused on supporting the objectives of CxOs and EAs/Chief Architects, with some support for Solution Architects; Diagram-driven, solution modelling tools, however, are focused on supporting Solution Architects in their design work, but do not provide visualisations that can support the key requirements of the EAs/Chief Architects or the CxO’s objectives.  Beyond an overall all systems wiring diagram to show complexity (and used for effect), it’s difficult to think of many more Visio-type diagrams you’d put in front of an CxO.

We’ve drawn up a slide that explains the objectives of the different roles and how Essential can support each, and we’ve also taken the opportunity to update the demo viewer to show the support for the different roles, so there is now a CxO portal, an EA portal and a Solution Architects portal*.

EA Tools vs Modelling Tools

We are aware that many organisations want a tool that supports all three roles and so we are working on the ability to import and export from Visio, which will extend Essential’s reach.  Added to this is Essential’s ability to support an organisation beyond the scope of just IT, for example with our GDPR or Strategic Resource Optimisation pack, and Essential provides an organisational support tool that is unique in its field.

Just one final point, we noted Mega’s press release on 3/10/2017, ‘MEGA is First EA Vendor with Unique GDPR Solution’.  That’s not strictly true, as the Essential GDPR Solution was launched on 28/7/2017!  And to be honest we’ve had clients using our PII solution, the foundation for GDPR, since 2013, something none of the other EA tools did.  If you want to see a proven GDPR tool, give us a call or drop us an e-mail.

*The Essential Viewer can be configured directly in Essential, so organisations can easily create and configure multiple portals to suit their needs.  Essential Cloud also gives the ability to control access to views, and even redact specific data in views, by role or individual.

 

Essential Cloud in General Availability

We are delighted to announce that Essential Cloud is now in General Availability

We’d like to thank all the clients that gave their feedback, allowing us to enhance Essential Cloud over the last six months.  We’ve updated the user interface, adding a journey history and improving collaboration capabilities through updated notifications, and we’ve extended the integration capabilities.  Importantly, we’ve had lots of positive feedback and no major issues, so we’re confident that Essential Cloud will prove to be as stable as Essential Open Source has been for the last eight years.

Find out more here

GDPR – The One Year Countdown Starts Now – How to use Essential to support GDPR

I’m sure that most organisations will be very aware that the new GDPR regulations will apply from 25/5/2018 –one year to go.  I’m not sure, however, that most organisations are confident that they will have the processes and tools in place to ensure that they will be compliant from this date.

A recent survey by IASME Consortium found that, of the business that responded:

  • 6% felt that implementation of GDPR would take a year or more
  • 2% said they hadn’t considered allocating resource yet
  • 21% of businesses acknowledged that they understood what GDPR is

So, what solutions are out there to help you solve your GDPR problems?  From what we see, there are a number of tools in the marketplace that take a very IT security driven approach to GDPR, e.g. which applications/databases hold GDPR data, lock them down, control user access, etc., which is obviously important and a good place to start to avoid any initial ‘fires’.  But, this is a very bottom up approach to the problem.  The new regulations put an emphasis on the business understanding – why is the data being collected in the first place, are you getting consent, and so on – check out the excellent 12 steps document from the ICO at https://ico.org.uk/media/1624219/preparing-for-the-gdpr-12-steps.pdf for more information.    As a starting point then, organisations need to define the data they use that falls under GDPR, understand which processes collect and use this data, capture what the legal basis for use is, how consent was gained from the client and where this consent is stored.  So, whilst the tools focusing on the IT side of GDPR are absolutely crucial, they do not address these business requirements.

So how do I use Essential to support GDPR? 

Essential has the means to support these business requirements using the existing process definitions within the meta model, which are already linked to information, applications and legal obligations – which we use to capture the legal basis for use and consent.

The out of the box views cover a number of the questions you need to answer, and we are finalising a complete pack with a GDPR partner that will support organisations in understanding the situation from top to bottom in one tool:

From the business questions:

  • What personal data do you hold? ​
  • Where did it come from? ​
  • What is the legal basis for the data being held?​
  • How was consent received?​
  • Who do we share it with? ​
  • How long do we retain the data for?​

To the technical questions:

  • Where do you hold it?  ​
  • Where is my technology risk greatest?
  • How do we dispose of the data?​

For those not already embarked on the GDPR journey we would recommend starting to capture your processes now – whilst not rocket science this will take some time and produce a level of detail that will not be easily managed in a spreadsheet.  This initial step is crucial in meeting the 25/5/2018 deadline.

The Essential Project: An explanation for those new to Essential

Know Your Organisation, Make Informed Decisions

The strategic decisions any executive makes for their organisation defines how successful they are.  Get the decisions right and you are a hero, get them wrong and your credibility takes a hit, and in the worst case it costs you your job.  In the ideal world, we’d have perfect information and be able to make perfect decisions, however, in reality we don’t have that situation.  The challenge is how we can reduce the chances of making bad decisions by having access to better information, and this is where the Essential Project comes into play.

Essential is an ontology based tool with a structured meta-model that collates information about your organisation through facts and relationships between those facts, and then renders the output in visualisations.  For example, you can collate disparate information about your business capabilities, business processes, applications, and let Essential make sense of it and show you where you have inefficiencies.  As you begin to overlay more information you can get increased oversight of of your business, for example if we overlay databases, location and data classifications on top of the information in the first example, we can now understand our data privacy position.  Importantly, it’s all data driven, so you can push the data capture out to the people who know their portion of the organisation and let Essential join it all up – the support people know the servers, their locations and what applications run on them, the application teams know what databases their applications use, the business teams know their processes and which application they use, and so on.  We don’t rely on one person knowing the end to end, or having to join it all up.

For the architects, they can move away from data collation and now focus the majority of their time on the much more interesting job of identifying opportunities, inefficiencies, etc. and knowing that the basis for their recommendations is valid.  

For the executive, they now have access to the information that allows them to make those informed decisions, removing the element of guesswork that executives typically have to use when determining strategy.  Questions such as ‘What is the impact if I outsource this part of the business?’, ‘Where can I make savings if I acquire Company X?’, ‘Where do operational inefficiencies exist?’, ‘Am I compliant with regulatory needs?’, become answerable based on fact rather than assumption.  For the teams working on behalf of the executives, they have the tool and structures to allow them to deliver real value and gain the insight that their senior management are looking for from them.