By now most companies should have heard about the new EU General Data Protection Regulations (GDPR).  https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

The deadline is looming ever closer, and there are some hefty fines for companies that fail to implement it. The penalties for not complying with the legislation are potentially going to put a huge dent in your profits and viability. These include fines of up to €20 million or 4% of annual global revenue. This is then a huge reason for your company to be using Enterprise Architecture to deal with the GDPR changes.

And GDPR does not just have to be affecting European based companies, it applies to any company dealing with European citizens. And what’s more, even BREXIT won’t help. The UK government is already committed to GDPR after BREXIT. Sorry!

Companies that already have a healthy and strategic Enterprise Architecture Capability will be in a much stronger position. I don’t just mean EITA here of course, but real Enterprise Architecture.
GDPR is not just about IT change, but also about business change. Your existing Enterprise Architecture models will make it very much easier to identify the impact of the EU GDPR regulations, using new attributes and heat maps on existing catalogues, matrices and diagrams.

Purpose of GDPR

The purpose of GDPR is to improve on the previous data protection rules. In this digital eCommerce world, this is absolutely essential. This is no longer a so called box ticking exercise but a cultural change in mindset and levels of trust and integrity.
Companies, such as UBER, can no longer be blase and hide being hacked for months and losing huge amounts of customers personal data, without coming clean about it, and consequentially stopping it happen again.

See http://ec.europa.eu/justice/data-protection/reform/index_en.htm

The aim of the General Data Protection Regulations is to ensure that personal data is stored with customers informed consent, where the customer knows for what purpose data about them will be used and for how long it will be kept. Customers will want to know how their personal data is being used afterwards, especially after a merger or acquisition. What, for example does Facebook plan to do with WhatsApp data now that it has acquired Facebook?
It is certainly not transparent, is it? A customer might have trusted WhatsApp, but do they still trust the new owners Facebook? Facebook seems to be increasingly pushing fake news and becoming more political, which is troubling. Don’t just worry about SkyNet but also about Big Brother.

GDPR has been introduced to help companies be honest and increase their data security and their overall integrity. Luckily Enterprise Architects are already skilled at providing details about party data, data models, data flows and data security to support information security audits and personal impact assessments, and other regulatory requirements.

Something like GDPR is exactly the kind of strategic change scenario that Enterprise Architecture is designed to support.
What are the requirements? How do they affect the various EA domains? Strategy, Business Architecture, Information and Data Architecture of course, Services and Application Architecture and also the technology and infrastructure Architecture, where the personal data will be stored.
The same considerations apply whether the data is stored on premises or in the cloud. Enterprise Architects now need to build privacy by design.

Organisations will need to know why the data is needed? Is it always really needed, or is it just for future cross selling and data analytics?
Is that personal data compliant with GDPR? Probably its not longer compliant. Who uses the personal data? What business processes are involve? Too many process models that I’ve seen fail to show access to read and update data objects in their process models, let alone the business events that re related to customers data. What data services are involved? What applications need to be upgraded or replaced? I expect many package applications are being updated to ensure their compliance with GDPR. How do we ensure visibility of data to the customers, in the background of continual changes?
How do companies prove that they are being honest with customers data and especially how do they keep customers informed? If customer data increasingly has a value, then how will customers gain value from how companies use their data without their informed consent?

The Enterprise Architecture repository should already be able to answer all of these questions.
If not then why not? If not now, then when?

Companies without any credible Enterprise Architecture will be in a huge disadvantage and have to rapidly catch up. It’s never too late.
And once again, this is not simply about IT Architecture or just Data Architecture, it’s about the whole enterprise. The enterprise will include partners and suppliers as well. You will need to know what your contractors are doing with customers personal data.

In many organisations, the application architecture is only about so called Business Applications, that are approved and managed by the IT department. You also have to model the End User Computing (EUC) applications like those Excel spreadsheets, Access Databases, Sharepoint tables and Cloud databases (like Box, DropBox, Google Drive etc) that business users have created (unbeknown to IT) in order to do their job outside the main business applications. These EUC applications and databases must also be considered.

EA Governance and Compliance

Enterprise Architects, Business Architects, Risk Managers and Compliance Managers are in a strong position to assist the business to review their existing data flows and applications against the GDPR requirements.

See http://ec.europa.eu/justice/data-protection/reform/index_en.htm

Companies with an Enterprise Architecture capability will also normally have set up an EA Governance and Compliance capability. For GDPR, the Strategies, Goals, Objectives, Measures, Policies, Business Rules and Governance organisation structure need to all be reviewed and enhanced.
The Enterprise Architecture team should already be playing a key role in these EA governance bodies, the Architecture Governance Board of strategic changes and in ensuring compliance with policies, rules, patterns and standards in a Technical Design Authority.

Risk management and Audit processes also need to be reviewed and updated. Enterprise Architects are usually involved as key stakeholders for these. Are there adequate controls and monitoring of events? Is the data secure against hacking and accidental loss?

Enterprise Architecture Modelling

As per any enterprise architecture work, you need to identify the current and target architectures, identify gaps and change initiatives and then plan a roadmap of those changes. Heatmaps for GDPR related changes are an essential way to identify and prioritise GDPR changes needed.

After Enterprise Architecture changes for GDPR, then it is important to maintain continual operation, monitoring and reporting, so that the target Enterprise Architecture will need to include new end to end processes, roles and responsibilities for the business, to ensure continual compliance. Is data being captured with consent and a clear purpose, fully communicated to customers? ‘Security by Design’ is the new normal. This requires enterprise architects, compliance managers and C level executives to build compliance into the design of all current and future Enterprise Architecture models.

Enterprise Architecture models need at minimum, to review the following deliverables:

  • Data Catalogue
  • Data Model diagram
  • Process model
  • Process flow diagrams (Event-driven Value streams)
  • Application Service models (Catalogues and Diagrams)
  • Application model (Catalogues and Diagrams)
  • Application Integration/Flow diagrams
  • Data storage models (Databases, Data stores, Messages)
  • Data flow Diagrams
  • Infrastructure Service Catalogues
  • Infrastructure Component Catalogues
  • Infrastructure Diagrams

What are the key Changes for GDPR?

Compared to the current data protection framework under the Data Protection Act 1998, the GDPR will bring a number of important changes and enhancements including:

  • Increased accountability and greater level of responsibility within organisations to ensure that personal data is fully protected and processed according to the regulations
  • More data will be classified as customers personal data, not just in normal databases but also in EUC component and in Cloud data storage
  • New internal role of a Data Protection Officer
  • External Roles outside the company will also be regulated, such as contractors, partners and service providers
  • Eye-wateringly high cost of non-compliance
  • New requirements for notification of data losses through hacking and lack of compliance
  • Greater rights for customers to understand how their data is to be used, to give their informed consent, and to make future requests to change their consent
  • Risk Assessments
  • Privacy Impact Assessments

See also https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

Benefits of GDPR

What are people expecting your company to do with their data? It’s about re-establishing your customers’ trust, and that you won’t change your mind and do something different or evil with their data. This trust will provide an increased business advantage for companies that get it right.

If a company cannot demonstrate that they are using Enterprise Architecture to achieve compliance with GDPR, then they are risking their reputation, which ultimate means less business and less profits.

With Digital Architecture, companies are designing their business with an Outside -In approach, designing their value proposition around what customers really want in their customer journeys.

GDPR is essentially designing the Outside-In approach for the protection of customers private data.

Enterprise Architecture perspectives

From an Enterprise Architecture perspective you need to ensure that:

  • Decision makers and C level executives are aware that the law is changing to the GDPR and time is running out to plan the changes
  • They use Enterprise Architecture to drive this as a strategic change, with new initiatives to be designed in the target Enterprise Architecture model and managed in the EA Roadmap
  • There is full knowledge of how information and data is managed, flows around the company and is changed by processes, services and applications
  • New business processes are created to handle customers new rights
  • Enterprise Architecture is used to managed and rapidly create an EA roadmap for strategic changes needed
  • A new meta model is designed to include customers consents, breach events and other change events
  • New business processes are created to handle data breaches and GDPR reporting requirements
  • Risks, issues and mitigations are well modelled
  • New Application Services are created
  • New package Applications are procured, which have updated support for GDPR data and processes

Conclusion

Yes, it’s a big strategic piece of work to do, with a May 2018 deadline that is getting ever closer, but luckily Enterprise Architecture is designed for managing just this kind of strategic change scenario.

So to avoid GDPR fines in 2018, start using Enterprise Architecture now, to plan and execute the strategic changes needed.

It makes sense!

How can you not already be using Enterprise Architecture?

Advertisements

Enterprise Architecture is much more than a list of components. Too often one sees diagrams in slide decks that are either simple lists, a layered view of domains, or a graphical hierarchy. And these are supposed to represent the ‘Architecture’?

These visualisations are good to use to inform on the scope and context, but they really only tell us half the story.

The various components (building blocks in TOGAF) will all have a large variety of connections between them to other components. It is these connections that in fact provide the value of an enterprise architecture model, and cement everything together.
An Enterprise Architecture model is a graph of connections. The information and knowledge created in the enterprise architecture model can be viewed from many perspectives and needs to satisfy many stakeholders. Everything is dependent on everything else, and everything is connected in multiple ways. Components never exist in isolation.

An enterprise architecture model is holistic and models the whole enterprise as a sum of the parts, from a variety of different perspectives and stakeholder viewpoints. All enterprises are essentially multi-dimensional, and the connections are the way we can understand all the dimensions.

The connection types can include connections such as:

  • Traceability
  • Impact
  • Association
  • Responsible
  • Affinity
  • Correlation
  • Dependency
  • Interaction
  • Cost
  • Accesses
  • Motivation
  • Evolution
  • Need
  • Enables
  • Assignment
  • Realisation
  • Uses
  • Requires

The name, definitions and set of all possible connection types will be specified in your favourite EA Framework/Meta Model (I.e. TOGAF, ArchiMate, FEAF, MODAF etc.). It’s more common to customise a meta model by adding new connections between existing components that it is to add new component types themselves

Using a well developed EA model, CxOs will be able to look at all the connections help to understand the way the enterprise works as a whole, as a holistic enterprise. The connection provide the cohesion in the model. CxOs can understand all the connections internally between business units, their business model, their business motivation model and externally with their customers and suppliers. And to gain an understanding of how the company fits within the market environment and compares with its competitors. The connections provide knowledge and dynamics.

To get the right answers you need to ask the right questions. The connections between components will provide the answers and support decision making.

Here are some questions that might be asked:

  • How are the Business Capabilities realised?
  • How do the Business Processes access Data and Information?
  • What Knowledge is available to my staff?
  • What Business Services are associated with my Value Proposition in my Business Model?
  • How does the Product Lifecycle change over time?
  • What are the dependencies between Business Capabilities?
  • How are my User Needs and Customer Journeys satisfied?
  • What components are expected to evolve in the future?
  • How do my Business Capabilities compare to those of my Competitors?
  • How does my enterprise compare to the Market Offerings?
  • When are the Capability Increments realised with Initiatives in the Roadmap?
  • Which Initiatives are planned as Programmes and Projects?
  • What Resources are assigned to each Initiative or Project?
  • What are the Risks associated with my potential Investments?
  • What are the dependencies in the Project?

More connections in an EA model will make that model richer and more useful. Connections provide the behaviour in a model.
Connections are not just static but are dynamic and may be changed far more often that the components they link. Modelling dynamic behaviour in an EA model is something that is often overlooked.

An Enterprise Architect is thus someone who makes vital use of “the fundamental interconnectedness of all things”, in order to understand complexity and to find the right answers for the whole enterprise; and who thereby becomes the master of changes, transformations and evolution of the enterprise over time.

Increased interconnectedness in an enterprise architecture model can stimulate innovation and the emergence of new ideas and possibilities.

Modelling Behaviour

19 October 2010

I frequently find that there is much confusion about the modelling of Behaviour in an Enterprise Architecture model, specifically between the concepts of Business Capability, Business Function and Business Process. The various enterprise architecture glossaries all differ in their definition of these.

For example the TOGAF ADM or ISEB definitions don’t help as much as they could.

TOGAF quite reasonably defines Capability as ‘A business-focused outcome that is delivered by the completion of one or more work packages. Using a capability-based planning approach, change activities can be sequenced and grouped in order to provide continuous and incremental business value’.

However elsewhere TOGAF says that ‘The term “function” is used to describe a unit of Business Capability at all levels of granularity, encapsulating terms such as value chain, process area, capability, business function, etc.’. This confuses Business Capability with a Business Function.

ISEB says that a Business Function is ‘An idealised or logical subdivision an enterprise’s capability.’ and also that a Business Capability is ‘A business function whose performance is the subject of management attention … It is usually a high level and cross-organisational business function.’ Other methods I have encountered confuse Business Functions with Activities and have Business Processes decomposing into Business Functions.

ArchiMate has the most clarity about Business Functions and Business Processes but doesn’t as yet define a Business Capability.

One of the first artifacts to be produced as part of a Business Architecture model is a Target Operating Model. This is where definition issues are often first seen.

A Target Operating Model is usually a view of the organisation structure showing the Business Functions that each organisation unit is responsible for, but often these are also rather casually referred to as Capabilities.

Even more casually, it’s not uncommon to find the Target Operating Model actually contains a mixture of Business Processes, Business Functions and Business Capabilities with some Business Services thrown in for good measure.

It’s time for a bit more preciseness, less fuzziness and better standard definitions. ArchiMate has helped enormously by providing a standard enterprise architecture language but it still allows some fuzziness.  See http://www.opengroup.org/archimate/doc/ts_archimate/

Below I’ve described the definitions I encourage the use of.

Behaviour concepts

Business Capability

A Business Capability is defined as the ability to execute a specified course of action, to achieve specific strategic goals and objectives. A Capability is defined in terms of the outcome of the course of action, one that has a business value. The concept of Capability is used in the military context and the MODAF framework where it is described in the abstract. See http://en.wikipedia.org/wiki/Capability_management and http://tinyurl.com/2vge39e

A Business Capability is not a Business Function, but is a concept that encapsulates other objects, in particular Actors (organisation units), Roles, Policies, Standards, Skills, Business Functions, Business Processes, Products, Business Services, Application Services, Application Components and Infrastructure. A Business Capability is therefore used for managing units of strategic business change.

A military example of a capability might be ‘2000 air freight sorties’, ‘1 Tonne heavy lifting’ or ‘Personnel Recovery under fire’ (but not ‘Helicopter’ or ‘Flight Management’). A business example might be ‘eBusiness’ (or the ability to sell new or existing products and business services to customers via the internet).

Business Capabilities can be decomposed into component business capabilities creating a capability hierarchy. A Business Capability is named after the desired outcome.

Business Function

Business Function is an organisational perspective on behaviour. It is not the same as a Business Capability. A Business Function defines the ‘what’ behaviour that is associated with an organisational unit and modelled in a target operating model. In many ways the Business Function is equivalent to all the behaviour that is modelled in an organisational specific swim lane in a Business Process Flow view (i.e. a BPMN diagram). A Business Function is typically named with a suffix of ‘management’ (i.e. ‘Customer Relationship Management’), but could also be a single noun (i.e. ‘Billing’).  Business Functions can be decomposed into component business functions, resulting in a business function hierarchy. A Business Function does not decompose into a Business Process or an Activity.

A useful example of a Business Function model is IBM’s Component Business Model, where the ‘components’ are (usually) Business Functions. See http://www-935.ibm.com/services/us/imc/pdf/g510-6163-component-business-models.pdf

Business Process

A Business Process is another perspective on behaviour and defines the behaviour from the ‘How’ (how work is done) perspective. It represents both a complete Business Process Flow and the elements in a Business Process Flow. A Business Process Flow view (i.e. a BPMN diagram) is a view that shows a sequence of sub-Business Processes or Activities that are triggered by  a Business Event. See http://en.wikipedia.org/wiki/BPMN

The sequence of Business Processes can represent a Value Chain at a macro level or the detail elements in a Value Stream that is triggered by a Business Event and results in an outcome of value to the source of the Business Event, usually a customer. See http://en.wikipedia.org/wiki/Value_chain and  http://en.wikipedia.org/wiki/Value_stream_mapping

A Value Stream is a more detailed version of a Business Scenario (TOGAF).  Business Processes are named with a Verb + Noun phrase.

A Business Processes representing a Value Stream is named after the Trigger + Outcome i.e. ‘Order to Cash’ or ‘Prospect to Customer’

The Enterprise Business Architecture book is highly recommended as a source of examples of a Business Process Model with Business Processes representing Value Streams.  See http://www.enterprisebusinessarchitecture.com/

High level Business processes are typically aggregations of more specific Business Processes (sub-processes) or Activities.

Business Processes can be decomposed into component business processes, i.e. into a business process hierarchy. At the lowest level of sensible decomposition (i.e. at one place, at one time, by one person or system) the elementary business process is usually called an Activity. Activities are what are modelled in a BPMN diagram and are realised by a person (providing an organisation service) or by an application service or application. An Activity doesn’t decompose into a Business Process or into a Business Function.

A macro level Business Process (i.e. representing a Value Chain, or a column in a Component Business Model) may be used to group a number of Business Functions. Note that there is a many to many relationship between Business Functions and Business Processes. One Business Function may group many Business Processes and one Business Process may be used by many Business Functions.

An example of this can be seen in the eTOM (Enhanced Telecom Operations Map) where Business Functions and Business Processes are orthogonal to each other.  See http://en.wikipedia.org/wiki/ETOM

Business Service

A Business Service represents an external view of the services an organisation provides or sells to its customers alongside the sale of a Product. A Business Service may be realised by a Business Function or directly by an Application Service, but is more usually modelled as being realised by a Business Process.

Business Services can be decomposed into component business services i.e. into a business service hierarchy. I’ve also found it useful occasionally to create a Business Service Flow view, which is similar to a Business Process Flow view but seen from an external customer’s perspective instead of the internal ‘How’ perspective of a Business Process Flow view.

Clarification of all these Behaviour concepts is an important step towards improving and evolving a common understanding of the business architecture layer within all enterprise architecture models.

I have recently finished reading the book ‘Lost on Translation’ by Nigel Green and Carl Bate and found it a very useful and insightful. I recommend it for the shelf of any Enterprise Architect. See http://www.lithandbook.com/

The book describes the VPEC-T ‘thinking framework’ and a focus on understanding the Values, Policies, Events, Content and Trust perspectives and provides a useful language to use when speaking with the business about any strategic change.

Being keen advocate of using Archimate (http://tinyurl.com/cf3z25) for developing Enterprise Architecture models, it struck me the next step after a VPEC-T based conversation would be to write up the outcomes in an Archimate model.

So what is there in Archimate that would be useful?

The first thing I noticed is that more or less all of the Business Layer meta model concepts in ArchiMate are in scope for VPEC-T and the Application Layer and Technology Layer are not.

ArchiMate Business Layer Meta Model

That’s not to say that VPEC-T wouldn’t be useful for the application and technology layers, but it seems to be naturally focused on the Business Architecture side of things to me at the moment.

So how does VPEC-T map to ArchiMate concepts?

V = Values

The obvious first Archimate concept to use here is ‘Value‘.

ArchiMate users don’t use Value as much as they should in their models in my opinion. Using VPEC-T will correct that.

ArchiMate defines Value as that which makes some party (represented by Business Actor, Business Role) appreciate a Business Product and/or associated Business Services that they are buying, using or acquiring.

Value in this sense is also associated with a value chain (which is modelled in terms of a sequence of Business Processes and Business Activities that provide a Value).

I would also use the ArchiMate concept of Meaning.

Archimate defines Meaning as knowledge or expertise present in the representation of a Business Object, given a particular context. I would use Meaning to represent the inherent shared knowledge or value system that users have as their mental model.

P = Policies

There is no ArchiMate concept for Policy as such in the 1.0 specification but a number of EA tools that support ArchiMate do support it.

I would generally use the ArchiMate concepts of Business Function, Business Process to represent aspects of Policy. These should be used with care though, such as more in the sense of Business Rules, Guidelines, Policies, than with the normal meanings of Business Function and Business Process.

I would also use the ArchiMate concept Business Object, to represent Strategies, Goals, Objectives, Business Decisions,

In the conversation about Policies would be a focus on the Target Business [Operating] Model, in terms of what Business Product and Business Services would be sold or provided to what customer segments, i.e. Business Roles. This overlaps a bit with how one would represent a Business Model in ArchiMate which will be the subject of a future blog entry.

E = Events

The obvious Archimate concept to use here is a Business Event.

This is a key concept, and it seems especially obvious to use it in a message and service driven architectures, but it’s curious how infrequently it is actually used in most of the BPMN style models I have seen people develop.

I first started modelling with Events using IDS Scheer’s ARIS tool in 1998 and the power of an event driven approach has stayed with me ever since.

Business Events are used to trigger a value chain that results in an outcome that has Value.

Value chains are modelled using s sequence of Business Process and Business Activity and outcome of a value chain is represented with a Business Object, Business Product, Business Service associated with a Value.

Since Business Events occur via various channels, it might also be useful use the ArchiMate concept of Business Interface (representing a Channel) in your VPEC-T model, but that is a bit like solution design so is optional.

C = Content

Archimate can be used to model Content at several different levels of knowledge, information and data.

The Meaning object is used to represent knowledge, the Business Object for business information, the Data Object for data, the Representation object for the physical representation of information and the Artifact object for the physical storage of data.

In a VPEC-T model created with ArchiMate, I would mainly use the Meaning, Representation and Business Object concepts.

T= Trust

To me Trust is all about relationships, interactions and collaborations between people.

I would use the ArchiMate concept of Business Actor, representing an organisation, organisation unit or a person, and the concept of Business Role, representing the roles played by those organisations, organisation units or persons in relation to others.

For the trust relationships I would use the ArchiMate concept of Business Collaboration and Business Interaction. These don’t get used in many Archimate models but I think they are useful for representing aspects of Trust relationships.

A Business Collaboration is defined in ArchiMate as a (temporary) configuration of two or more business roles resulting in specific collective behaviour in a particular context.

A Business Interaction is defined as a unit of behaviour performed as a collaboration of two or more business roles.

I would also use the Archimate concept Contract to represent a Trust agreement (such as a Service Level Agreement) between parties.

ArchiMate concepts for VPEC-T models

Overall for doing Enterprise Architecture, I recommend using a ‘thinking framework’ such as VPEC-T first and then an Enterprise Architecture framework and modelling language such as ArchiMate second.

Recently I was asked about the concepts of a Business Function and a Capability, and how it is unfortunate that these concepts tend to be blended together. 

a) How do you differentiate between these concepts?

b) Is there a value to modeling both, or do you find that organizations that use one tend not to use the other?


My answer is copied below.

I have also often found that people confuse Function and Capability. They are certainly different in my opinion. 

Many enterprise architecture efforts don’t really focus much on either of these concepts and instead just focus on modelling business processes, applications and infrastructure. 

 

This is because the Organisation Architecture and Strategic Planning domains are not included with the scope of Enterprise Architecture within their organisations.

However since ArchiMate includes the concept of a Business Function and now TOGAF9 (Capability-Based Planning  –  http://www.opengroup.org/architecture/togaf9-doc/arch/chap32.html) includes the concept of a Capability so I’d expect more Enterprise Architects to start using both these concepts more than they have previously.

 

A Business Function is a concept used in the Organisation Architecture domain and represents what work is done by that organisation, organisation unit or business role.  An organisation can be designed as a set of Business Functions and usually the structure of the organisation units within an organisation is closely based on the business functions.

Those Business Functions are more stable than the organisation structure itself and often an Organisation Unit or Business Role may be responsible for multiple business functions.  A Business Function is only ever carried out by a single Business Role/Organisation Unit within an organisation.

Examples of Business Functions include: Sales, Mаrketing, Supply Chаin Management, Finаnciаl Mаnаgement, Operations, Customer Relationship Management, Product Management, Supplier/Pаrtner Relаtionship Mаnаgement.

A Capability is a description of an ability to do something in terms of expertise and capacity. 

It is associated with strategic planning and not the Organisation Architecture or Business Architecture domains. A Capability is delivered through the establishment of a number of different changes usually at together as a group of changes delivered in an iteration. 

These changes are likely to include new or changed organisation units, business functions, business processes, business services, application services, application components, infrastructure services, infrastructure components (Nodes etc), business objects, data objects etc.

A Capability is used as the unit of change in strategic portfolios and Capability Increments (TOGAF9) are used in programme and project portfolios. 

Examples of Capabilities include: Capability to sell a new Product, Capability for eCommerce, Capability for rapid merger and acquisition activities, Capability to survive the credit crunch, Capability to conduct research, Capability to achieve delivery objectives and be ready for future unknown challenges.

 

References:

ArchiMate (http://www.archimate.org/ART/) defines a Business Function as:

A business function is a unit of internal behaviour that groups behaviour according to for instance required skills, knowledge, resources, etc., and is performed by a single role within the organisation.

A business function describes internal behaviour performed by a business role that is required to produce a set of  products and services.  For a consumer the products and services are relevant and the required behaviour is merely a black box, hence the designation: internal.

There is a potential many-to-many relation between business processes and business functions. 

Informally speaking, processes describe some kind of ”flow” of activities whereas functions group activities according to required skills, knowledge, resources etc. 

Complex processes in general involve activities that offer various functions. In this sense a business process forms a string of business functions.

In general, a business function delivers added value from a business point of view. Organisational units or applications may coincide with business functions due to their specific grouping of business activities.

TOGAF9 defines a Function as:

Function describes units of business capability at all levels of granularity.

The term “function” is used to describe a unit of business capability at all levels of granularity, encapsulating terms such as value chain, process area, capability, business function, etc. 

Any bounded unit of business function should be described as a function.

[a Function] Delivers business capabilities closely aligned to an organization, but not necessarily explicitly governed by the organization. Also referred to as “business function”.

TOGAF9 defines a Capability as: 

A business-focused outcome that is delivered by the completion of one or more work packages. 

Using a capability-based planning approach, change activities can be sequenced and grouped in order to provide continuous and incremental business value.

(Unfortunately in the TOGAF9 meta model at http://tinyurl.com/czrmpj, Capability is shown on its own as an unrelated concept, so I think that there is more work to be done on the TOGAF9 meta model.)

Civil Service Capability Reviews at http://tinyurl.com/cuyta9 has an interesting model of Capability.

CBDI_SAE defines a Business Capability as: The power or ability to perform something of value to your business.

MODAF defines a Capability at: http://tinyurl.com/c5lhaq

MODAF defines a Function at: http://tinyurl.com/cvkkua

Business Motivation Model:  In the Business Motivation Model the concept of a Desired_Result is closest to that of a Capability and illustrates that we should measure Capabilities in terms of Goals and Objectives and their measures.

Today I came across the Essential project –  http://protege.cim3.net/cgi-bin/wiki.pl?EssentialProject

This is a very interesting open source Enterprise Architecture project that builds on the excellent Protege Ontology Editor.

If you haven’t looked at Protege yet then go to http://protege.stanford.edu/  to find out more about this free open source ontology and knowledge tool and download a copy to try out. It has lots of uses

I also recommend going to the Essential project web site http://www.enterprise-architecture.org/ and downloading a copy of Essential to try.

Architecture of Essential

Architecture of Essential

The Essential Modeller uses Protege as it’s editor to enter the Enterprise Architecture model content, based on a Meta model pre-built in Protege.

Essential Architecture Manager

Essential Architecture Manager

 and the Essential Viewer uses a Java web application running in Apache to view the resulting Model.

Essential Viewer

Essential Viewer

The Essential Meta model is a fairly minimal EA Meta model, hence the name ‘Essential’ but it is certainly sufficient for most EA work. Using Protege it would be possible to modify the Meta Model to extend it to support other EA Meta models such as TOGAF 9  or Archimate.

On the Protege web site you’ll also find a number of interesting existing projects, including a model of the Federal Enterprise Architecture (FEA)  in OWL.

I also remember reading about a Zachman Framework being modelled in Protege a few years ago that I think used a similar approach to the Essential project to publish its contents. http://apps.adcom.uci.edu/EnterpriseArch/Protege/index.html

Also http://apps.adcom.uci.edu/EnterpriseArch/Protege/TRCEAPractice/Website/main.htm

Enjoy.

I have been evangelising about Archimate for a few years now in the UK and elsewhere.

Following a recent discussion, I wondered whether anyone else in the UK has also been using Archimate within their organisations and would like to get together to share their experiences, models, use of EA tools (such as BiZZdesign Architect or Avolution Abacus)?

%d bloggers like this: