O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Principle Based Enterprise Architecture: A Systematic Approach to Enterprise Architecture and Governance

Book Description

The Principle Based Enterprise Architecture (PBEA) Method is a proven approach for implementing an enterprise-wide architecture practice in large- and medium-sized technology organizations.

The method begins with a set of architecture objectives linked to concepts that matter to the business. It then lays out how to build technology platforms from components we call assets and how to manage those assets over time, through the calculation and management of technical debt.

The PBEA method is a pragmatic approach to enterprise technology architecture which is based on the fundamental tenet that technology is never perfect, compromises must be made, and one of the most valuable functions an enterprise architecture group can provide for a company is a method for managing those compromises. We call the cost of these compromises "technical debt". It is essentially the difference between what we should have spent on technology and what we did spend.

The PBEA method grew from the experience of watching how large technology organizations function (or do not function as the case may be).

You will learn about such essential topics as:
  • Best practices for building, managing, and ultimately evolving an enterprise architecture.
  • Defining principles and golden rules to guide the high-quality creation of the building blocks of products and platforms (assets).
  • Calculating technical debt and assessing the business risk associated with carrying that debt.
  • Identifying and managing the actions required to pay off technical debt and mitigate any associated business risk.
If you have witnessed products and platforms 'collapsing under the burden of technical debt', then this book is for you. If you have seen technology organizations fail to learn from their mistakes, then this book is also for you. If you have been involved in the development of products where Version 2 required almost a rewrite of Version 1 or worked in technology organizations that spend an excessive portion of their budget on maintenance, then the PBEA method may provide both insight and benefit. Or if you are an enterprise architect and have witnessed one or more Enterprise Architecture functions get eliminated because they were seen as 'too ivory tower' and too distant from the customer, then this book will provide you with a concrete, fact-based approach for building an enterprise architecture function that is fully aligned with business objectives and that delivers real measurable benefit to the corporation.

Table of Contents

  1. Acknowledgments
  2. Introduction
    1. Book outline
    2. Book audience
    3. About the author
    4. Why I authored this book
    5. PBEA is a proven methodology
    6. Additional information on PBEA
    7. Typographic Conventions used in this book
  3. Part I The Principle Based Enterprise Architecture (PBEA) Method
  4. Chapter 1 Context
    1. Objectives
    2. Solutions
    3. Placement of Function (PoF)
    4. Environments
  5. Chapter 2 Assets
    1. System assets
    2. Data Assets
    3. Software assets
    4. Infrastructure assets
    5. The art of versioning
  6. Chapter 3 Program Increments
  7. Chapter 4 Roles
    1. Product owner
    2. Business capability owner
    3. Technology owner
    4. Asset owner
    5. Technical architect
    6. Enterprise architect
    7. Solution architect
  8. Chapter 5 An Example - νNews (Pronounced: Nu News)
  9. Chapter 6 Architecture Governance
    1. Asset governance
    2. API governance
    3. Software asset governance
  10. Chapter 7 Architecture Metrics
    1. The Asset Checklist
    2. Technical debt and architecture debt
    3. Outcomes and the ‘body of evidence’
  11. Chapter 8 Best Practices and Processes
    1. Inventories and registries
    2. Patterns
    3. Architecture diagramming
    4. Architecting testable solutions
    5. Architecting secure and compliant solutions
    6. Architecting responsive solutions
    7. Operational practice
    8. Monitoring practice
    9. Graceful degradation of service
  12. Chapter 9 Change Management
    1. Golden rule evolution
    2. Root cause analysis (Why? Why? Why?)
    3. Technology standard evolution
  13. Chapter 10 Getting Started with PBEA
    1. Step 1
    2. Step 2
    3. Step 3
    4. Step 4
    5. Step 5
    6. Step 6
    7. Step 7
    8. Step 8
    9. Step 9
    10. Step 10
    11. Step 11
    12. Step 12
  14. Part II PBEA Architecture Objectives, Principles, and Golden Rules
  15. Chapter 11 Architecture Principles
  16. Chapter 12 Architecture Golden Rules
  17. Chapter 13 Architecture Objectives for Systems
    1. Safe solutions
    2. Responsive solutions
    3. Effective solutions
  18. Chapter 14 Architecture Objectives for Data
    1. Safe solutions
    2. Responsive solutions
    3. Effective solutions
  19. Chapter 15 Asset Principles and Golden Rules
    1. Secure systems (safe solutions)
    2. Compliant systems and data (safe solutions)
    3. Scalable systems (responsive solutions)
    4. Manageable systems (responsive solutions)
    5. Reliable systems and data (responsive solutions)
    6. Simple systems (effective solutions)
    7. Modular systems and data (effective solutions)
    8. Maintainable systems (effective solutions)
    9. Mastered systems and data (effective solutions)
    10. Global systems and data (effective solutions)
  20. Part III System Asset Golden Rules and Measures
  21. Chapter 16 Secure Systems – Golden Rules and Measures
    1. Protect end-user authentication secrets
    2. Control access to important systems and data
    3. Keep web traffic private
    4. Body of evidence
    5. Sanitize inputs from untrusted sources before use
    6. Do not let data become code.
    7. Minimize access to regulated data and protect it when used
    8. Do not place sensitive data in a URL
    9. Use third-party software safely
    10. Catch internet-facing security exposures before they are exploited
    11. Record and report important security related events
    12. Use standard authentication implementations
    13. Use standard encryption implementations
    14. Architect system assets to degrade gracefully when attacked
    15. Deploy system assets only into known safe environments
  22. Chapter 17 Compliant Systems – Golden Rules and Measures
    1. Protect the organization’s intellectual property
    2. Use third-party Intellectual Property (IP) in accordance with its license
    3. Store Source code in a secure and managed repository
    4. Golden rule measures
    5. Ensure end-user interfaces are accessible
  23. Chapter 18 Scalable Systems – Golden Rules and Measures
    1. Deliver acceptable performance under anticipated load
    2. Optimize the cost of capacity
    3. Set appropriate limits on auto-scaling
  24. Chapter 19 Manageable Systems – Golden Rules and Measures
    1. Respond to standard control commands
    2. Publish appropriate operational events and error messages
    3. Publish performance and capacity data
    4. Maintain a complete inventory of all operational resources
  25. Chapter 20 Reliable Systems – Golden Rules and Measures
    1. Record all requests and measure adherence to your SLA
    2. Record all calls made to other assets and measure the dependent assets’ adherence to their SLA
    3. Continue to meet SLA obligations in the event of a single failure
    4. Continue to meet SLA obligations in the event of a site failure
    5. Ensure that functional testing includes at least one test case covering each of the capabilities and features supported
    6. Handle unrecoverable failures and recoverable failures appropriately
    7. Ensure all production changes are repeatable and auditable
  26. Chapter 21 Simple Systems – Golden Rules and Measures
    1. Do not use unmaintained assets or deprecated APIs
    2. Do not couple an asset to an environment
    3. One asset, one team
    4. Follow Placement of Function (PoF)
    5. Package code to facilitate independent releases
    6. Minimize code duplication and complexity
  27. Chapter 22 Modular Systems – Golden Rules and Measures
    1. Expose and consume only well-defined external interfaces
    2. Manage and version control External Interfaces
    3. Do not couple External Interfaces to their implementation
    4. Handle retries appropriately
  28. Chapter 23 Maintainable Systems – Golden Rules and Measures
    1. Make interfaces directly callable without a proprietary library
    2. Trace requests and failures to their source
    3. Appropriately comment source code and interfaces
  29. Chapter 24 Mastered Systems – Golden Rules and Measures
    1. Register the master system asset for every data asset
    2. Keep data quality high
    3. Encapsulate data
    4. Trace data to its source
    5. Do not connect end-user applications directly to data masters
    6. Do not lose data
  30. Chapter 25 Global Systems - Golden Rules and Measures
    1. Distinguish third-party translations from company translations
    2. Adapt to the user’s preferred locale
  31. Part IV Data Asset Golden Rules and Measures
  32. Chapter 26 Compliant Data - Golden Rules and Measures
    1. Classify and manage data according to the data classification
    2. Retain data as required by the business and by legal and regulatory requirements, and destroy thereafter
  33. Chapter 27 Reliable Data - Golden Rules and Measures
    1. Data curation processes are designed and followed
    2. Data schemas are designed and adhered to
    3. Data is accurate
    4. Data is complete
    5. Data is timely
    6. Data quality control processes are defined and followed
  34. Chapter 29 Modular Data – Golden Rules and Measures
    1. Databases and models are defined flexibly to support changing requirements
    2. Meaning is defined separately from presentation and not inferred from presentation
    3. Master data and product data evolve separately
  35. Chapter 30 Mastered Data - Golden Rules and Measures
    1. Each data asset is mastered by one and only one system asset
    2. Master data assets are modeled
    3. Data Enrichments are mastered
  36. Chapter 31 Global Data – Golden Rules and Measures
    1. Number-centric data is stored in a globalized way
    2. Textual data is stored in a globalized way
  37. Part V Technology Ownership and Operational Readiness
  38. Chapter 32 Asset Ownership
  39. Chapter 33 Architecture Responsibilities
  40. Chapter 34 Software Development Responsibilities
  41. Chapter 35 Testing Responsibilities
  42. Chapter 36 Build-to-Deploy Responsibilities
  43. Chapter 37 Hosting & Operations Responsibilities
  44. Chapter 38 Hosting Security Responsibilities
    1. Security processes
    2. Cloud account management
  45. Chapter 39 End-User Computing Environment Responsibilities
  46. Appendices
  47. APPENDIX 1 Technology Owner Checklist
  48. APPENDIX 2 Additional Checklist for the Cloud
  49. APPENDIX 3 Golden Rules for Systems Quick Reference
  50. APPENDIX 4 Golden Rules for Data Quick Reference
  51. Index