Download

Interior Enterprise Architecture IEA

Department of the Interior, Enterprise Architecture Program

OIG Mtg. 02/07/2006Presented By: Colleen Coggins

Enterprise Architecture | 04/10/23 | Page 2


SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

Agenda

Inventory Management• As-Is and Target High-Level Overview• Process Flows

- Add System- Historical/Ongoing, Target

- Remove System- As-Is, Long-Term

- Update C&A Status (Attributes)- As-Is, Target (Implemented as of March 2006)



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

Data Collection Policy and Guidance were created to assist in establishing uniformity and reusability

Sources of Guidance Population and Maintenance Policy Phase Guidance FAQs DEAR Data Entry Tutorial Periodic Training Session Materials Regular Interior Architecture Working Group (IAWG) Meetings Concept of Operations Document

Inventory Change Management Processes are maturing from manual requests to integrated workflow processes over 2006



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

The following as-is process flows are part of the larger controls and processes in place governing Inventory change management as part of this high-level value chain

CIOApproval

Inventory RemoveRequest

C&AImport

InventoryArchitecture

DetailPhases

InventoryAdd

Controls and Oversight

Training / Communications

Management Operations

MBT Discovery

Manual Email Workflow

Wizard Tool(Architects)

IAWG Oversight

Import from C&A

(Admin)OtherDiscovery

*Color Code used to link to related process flow



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

The following target process flows are part of the larger controls and processes in place governing Inventory change management as part of this high-level value chain

CIOApproval

RemoveRequest

C&AImport

InventoryDetail

InventoryAdd

Controls and Oversight

Training / Communications

Management Operations

MBT Discovery

Notifications

Semi-AutoWorkflow

Web Service Form(Architects)

IAWG Oversight

Real-Time Wizard/Form

(BITSM)Semi-AutoWorkflow

*Color Code used to link to related process flow



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

Agenda Inventory Management

• As-Is and Target High-Level Overview• Process Flows

- Add System- Historical/Ongoing


- Update C&A Status (Attributes)- As-Is, Long-Term

Release Management• As-Is and Target High-Level Overview

- Release Process Flow- As-Is, Near-Term Target



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

Data Collection Time Frame Summary8/1/

200311/1/2003

2/1/2004

5/1/2004

8/1/2004

11/1/2004

2/1/2005

5/1/2005

8/1/2005

11/1/2005

2/1/2006

Phase 0 – Collecting Initial Inventory

Phase 1 – Bureaus Validating Inventories

Phase 2 – Mapping inventories to DOI TRM and FEA SRM

Initial 4 DOI Blueprints

Phase 3a – … DOI PRM

Phase 3b – … DOI BRM

Phase 4a – … DOI DRM Information Classes

Phase 4b Pilot – DOI DRM Entities for Law Enforcement and Recreation

Bureau Blueprints



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

FOLLOWING SLIDE NARRATIVE:Historical and As-Is System Inventory Data Collection

Depicts Data Collection from 2003 and 2004 A1 – 8/2003 thru 11/2003

Shows Initial Data Collection drafted by the DOI EA Program utilizing various sources available across the department

Reconciling the list into one system Inventory in DEAR based on the OMB Circular A-130 Policy

A2 – 1/2004 thru 3/2004 Using draft baseline, bureaus validated the inventory Data Collection Guidance and Templates were used to standardize

data collection and updates B1 – 4/2004 on

Maintenance of DEAR and the system inventory has been based on the OCIO Directive on Population and Maintenance of DEAR to the IAWG, Modernization Blueprint Teams and Bureau CIOs

IAWG uses the DEAR Wizard to add systems or make updates to system detail



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

RDIAGRAM: Historical Process Flow - Add System (Phased)

System Discovery

IEA

Pro

gram

IA

WG

CIO

Fun

ctio

n (ie

. C

PIC

, C&

A, P

rivac

y,

etc.

)

A1

Reconcile DOIIT System Inventories

Various DOI & BureauIT System Inventory Sources (e.g., POB Ex 53, ITIPS,ITMR Y2k, Blueprint Areas, Security C&A List )

As-

Is P

roce

ss F

low

-

Add

Sys

tem

A-130 Definitions of IT Systems

Description: Historically, The systems in DEAR were loaded from many sources. Domain-specific inventories and other past efforts were combined to get the inventory in DEAR. Source lists included Security (two versions of the C&A system lists) , Investment (ITIPS, Exhibit 300s, Exhibit 53, and a database from the Office of the Budget (POB)) , Lists from specific lines of business (LOBs), including Recreation, Fire, Financial Management, and Law Enforcement, as well as the Trust architecture , Other efforts, such as the ITMR list from 2000. The lists were combined and reviewed with the A-130 PMO at the OCIO. The entire list of over eight hundred systems was tagged with a unique identifier for each system (the format is: department_bureau/office_#). The philosophy has been, when in doubt, add the system, because it is better to subtract systems when the bureaus validate the lists, than to overlook a system that should be in DEAR.

IEA Program Team (Multiple Forms)Draft Baseline DOI IT Systems Inventory

A2

Establish Baseline DOI IT System

Inventory

IAWG

Version 1.0Baseline DOIIT System Inventory

B1

Add New SystemsTo IT

Systems InventoryIn DEAR/BEAR


OCIO DIRECTIVE 2004-010MBT Guidance Step 13,


DOI Bureaus and Offices

Modernization Blueprint Team

Updated DOI IT Systems Inventory inDEAR/BEAR

Phase 0 – Collecting Initial Inventory

(8/2003 – 11/2003)

Phase 1 – Bureaus Validating Inventories

(1/2004 – 3/2004)

DEAR Data Collection Templates

DEAR Data Collection Guidance

System Discovery



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

FOLLOWING SLIDE NARRATIVE:Add system from Inventory – Target Long-Term

Depicts Add Target Process after integrating with OCIO Portal Capabilities

A1 Discovery of a System Addition and notification queued

A2 Notification is sent to IAWG which can accept/reject addition

A3 Notification on decision is sent to queue

A4 Upon Approval, Notification engine automatically processes Record

acceptance (Tag with inventory ID, update status, notify involved parties)

A5 Maintain



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

RDIAGRAM: Target Long-Term Process Flow - Add System

MB

T T

eam

IAW

GC

IO F

unct

ion

(ie.

CP

IC, C

&A

, Priv

acy,

et

c.)

A1

Submit System to IAWG Rep

A2

Enter Pending System into BEAR/DEAR

A3

Detail System Architecture Information

A5

Maintain ArchitectureInformation

OCIO Directive 2004-010

Agreed System Definition

Initial Architecture Information

SystemDiscovery

DO

I OC

IO

A4

Accept/Reject System Inventory

A1


Acceptance/Denial of System Sent

System Inventory ID Tagged

DEAR Wizard and Semi-AutoNotification for Accept/Deny

DEAR Wizard


DEAR MBT Guidance (Step 4)

OMB A-130OCIO Directive 2004-010





System Discovery Notification

System Discovery Notification



Description: Target State assumes use of Workflow capabilites invested by the OCIO Portal to automate Notifications of requests through the proper channels for approval and informing on results. Target State better handles the reality that System Discovery happens in many groups, and can quickly inform IAWG of discovery and automatic decisions, and automatic updates of DEAR. Target also assumed the Target Release Management State has been implemented

A3

Detail System Architecture Information


SystemDiscovery

DEAR Automated Engine



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R










SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

Inventory Management Controls Policy dictates that Bureau CIOs must maintain accurate and complete

inventories Inventory additions can be made via DEAR System Wizard tool guiding

Mandatory Fields and assuring business rules are met Inventory removals are currently a manual request process approved by

CIOs

• This is to assure that records of inventory removals are kept for each inventory record within DEAR

• Sample Remove Request Reasons Captured:

- System has been retired and is no longer funded

- System was mis-entered, and should be a sub-system of System ID X

- System was mis-entered, and is a duplicate of System ID X

- Project was cancelled, and System never/no longer funded



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

FOLLOWING SLIDE NARRATIVE:Remove system from Inventory – As-Is

A1 Discovery of a System removal is informed to the IAWG

A2 IAWG requests removal of system DEAR Admin tags and queues up request until approved

A3 IAWG seeks approval/denial of removal from Bureau CIO If Denied, DEAR Admin resets to Current Inventory Status

A4 Upon DEAR Admin receiving written Approval (via email/other), and

at release time, the system architecture detail is removed with the Inventory record kept for records keeping.



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

RDIAGRAM: As-Is Process Flow - Delete System

MB

T T

ea

mIA

WG

CIO

Fu

nct

ion

(ie

. C

PIC

, C

&A

, P

riva

cy,

etc

.)

A1


A2

Review/Make Remove Request


Remove Request Status

System RemovalDiscovery

System Removal Discovery

DO

I O

CIO

A4

Remove Architecture Detail

A1



Approval Email Sent;Release Synch Process Begins

Email




Individual BureaOMB A-130OCIO Directive 2004-010


Email

Email

A3

CIO Approve/Deny Request

A2.1

Tag as Remove Request

A4

Save Historical Inventory Record

A2.2

Queue for Remove on Next

Release

DEAR Admin Script

DEAR Admin Screen/Permissions

DEAR System Security Plan

A4

Blueprint Team Updated

MBT Blueprint Maintenance (Step 13)

Remove Request

Email

SystemRemoval Discovery

Description: Current State is a manaul approach that involved implementing the approval controls prior to removal , and administrator only edit access to assure controls are implemented as authorized.

DEAR Admin Screen/Permissions



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

FOLLOWING SLIDE NARRATIVE:Remove system from Inventory – Target Long-Term

Depicts Removal Target Process after integrating with OCIO Portal Capabilities

A1 Discovery of a System removal request and notification queued

A2 Notification is sent to IAWG and thus sent onto to CIO via notification

A3 CIO approves/denies request via workflow email and is sent to

parties involved (requestor (i.e. Blueprint Team), IAWG, self, admin) A4

Upon Approval, Notification engine automatically processes Record cleanup (Tagging, Records keeping, and detail removal)



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

RDIAGRAM: Target Process Flow - Delete System

MB

T T

eam

IAW

G R

epre

sent

ativ

eC

IO F

unct

ion

(ie.

CP

IC, C

&A

, Priv

acy,

et

c.)

A1

Submit System to IAWG

Representative Rep

A2

Review/Make Remove Request


Remove Request Status

SystemRemovalDiscovery


DO

I OC

IO

A5

DEAR Notification Engine Cleanup

A1

Submit System to IAWG

Representative Rep

Removal Notification Queue

Approval/Deny Notification






Remove Request DEAR Form

Email

A3

CIO Approve/Deny Request

DEAR System Security Plan

A4

Blueprint Team Updated

MBT Blueprint Maintenance (Step 13)

Remove Request Notification

SystemRemoval Discovery

DEAR Notification EngineDEAR Notification EngineDEAR Notification Engine

Record Tagged

Historical Record Saved

Arch. Detail Cleaned Up

Description: Target State assumes use of Workflow capabilites invested by the OCIO Portal to automate Notifications of requests through the proper channels for approval and informing on results. This also assumed Target Release Management State is in place. All this will allow automatic updates to DEAR based on policy controls requiring approval and proper authority to update.



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R










SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

The DOI EA program is responsible for maintaining the Enterprise Inventory

C&A and EA Inventory have been synchronized twice since mid-2005 ongoing quarterly Attributes tracked in Command Center

C&A Module are now captured in DEAR including• C&A System Name, Status and

Categorization• C&A Package Date and Contact

Details

Complete



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

FOLLOWING SLIDE NARRATIVE:Update C&A Status/Inventory – As-Is

Depicts Data Exchange Integration between C&A Command Center and DEAR on quarterly synchronization/update

A1 C&A Attributes and C&A Systems (aka Accreditation Boundaries) are updated in Command

Center A2

C&A generates a report from Command Center and submits to DOI EA Program in standard Excel Template

A3 At Release, Attributes are updated in DEAR and new C&A systems are added A7 step is the actual release

A4 After release, IAWG reviews the DOI Reporting Site for unmatched DEAR system inventory

A5 IAWG and BITSMs discuss and report to DOI EA Program updates to C&A System attributes or

mapping to DEAR system inventory A6

DEAR Admin performs updates as requested by IAWG in BEAR A7

Release process migrated BEAR updates to DEAR and re-release information to all BEARs



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

RDIAGRAM: As-Is Process Flow - C&A Update

BIT

SM

IAW

GC

yber

Offi

ce

A1

Update C&A System Attributes

A4

Review C&A System to

Inventory Report

A5

Inform on Review C&A System to

Inventory ReportGaps

A6

Request Updates to C&A System to

Inventory

DEAR/C&A System Policy(DRAFT) Gap List

C&A/Inv Decision

Updated Attributes/New C&A System

DO

I OC

IO

A3

Quarterly Load at Release

A2

Release C&A System List Quarterly

System Discovery

Updated BEAR Release

DEAR Reporting Site Email

Security Guidance (FISMA/NIST/FIPS)


Excel

Command Center

A7

Update C&A System List to

Inventory in BEAR

Policy: DEAR ID required (if New MA)

DEAR Import Utility (Merge Scripts)

Attribute QA Update

Request to Admin to Update

DEAR Admin Util/Permissions

BEAR Updates

Description: Current State Requires 2 Applications to synchronize Quarterly involving 2 sets of groups to manage the data as well as administrator only access to assure is updated accurately.



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

FOLLOWING SLIDE NARRATIVE:Update C&A Status/Inventory – Target

Assumes retirement of C&A Module in Command Center, and C&A Module is live in DEAR as authoritative source of C&A systems at DOI

A1 C&A is performed by the Bureau IT Security Managers (BITSM) members that may

produce changes to C&A System status (attribute updates, new C&A System, etc.) A2

Architecture work is performed by IAWG that may discover new system or changes to system resulting in unmatched DEAR System to C&A System relationship

A3 Changes mentioned are queued and reviewed on Reporting Site definitively showing

gap A4

BITSM (involving IAWG coordination where applicable) update C&A System changes in DEAR via C&A “Wizard”

A5 C&A Package Documents are updated to reflect changes in DEAR



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

RDIAGRAM: Target Process Flow - C&A UpdateB

ITS

MIA

WG

Cyb

erO

ffic

e

A3

Review C&A System to

Inventory Report

A4

Gap Updates on Attributes or

MappingGap List

DEAR C&A WizardDEAR Reporting Site (DashBoards and Nightly Reports)


Newly Matched System

A2

New System entered into

DEAR

Newly Matched System

A5

Update C&A Package

DEAR Reporting Site(Nightly Audit Reports)

Description: Target State assumed that the Target State Release Management is in place. Assuming such, BITSMs will have Wizard to update C&A data formerly managed in Command Center in DEAR as Source of Record for their Bureau

A1

Ongoing C&A Assessment Work

New C&A Packages

Update C&A Status or Attributes

FISMA and DOI Security Policies

DEAR



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

EA and C&A inventory maintenance will progress to integrated transactional support by mid-2006

Quality

Jan-06

Feb-06

Mar-06

Apr-06

May-06

Jun-06

Jul-06

Aug-06

Sep-06

BEAR SynchronizationReal-time after March

CPIC Synchronization

C&A Quarterly Synchronization/Update Real-time after April

- Method - Command Center Import

- Method - SneakerNet

Training

Parallel DEAR & Command Center

- Method - DEAR C&A Wizard Real-time after April

Retire Comm Center C&A ModuleReal-Time BEAR Synchronization based on new Capabilities within Telelogic Toolset (SA v10.3) – Product currently in testing

Simple Workflow is also in the development queue to enhance inventory management controls



SD

EPA

RTM E

U

M AR CH 3 , 1 8 4 9

TN T HE

INT E

RIO

R

Conclusion

DEAR Inventory Management controls, policy, processes, and mechanisms are established and in action Policy on Inventory Management Controls is being updated to

require C&A and DEAR inventory alignment DEAR and C&A Command Center tool performs quarterly

synchronization DEAR is targeted to replace the C&A CC Module in Spring 2006.

Download

Technology

target process

inventory target longterm

system historicalongoing

system addition

system phased system

data collection policy

initial data collection

doi blueprints phase