Protecting your Business and Operations, by Improving the Security and Dependability of your IT- including the Global Supply Chains on which they rely. The current cybersecurity environment presents enormous challenges.

Large-scale security breaches in the retail, financial, utilities and health care sectors are far too commonplace. Challenges in cybersecurity point to fundamental issues in risk management, information security, supply chain security, protection of critical infrastructure, product dependability and assuredness in our IT systems.

Boundaryless information flows cut across national borders, but cyber policies and security are largely national responsibilities. Cooperation is essential to preserve the open nature of the Internet and make it a safer and more predictable place to work and live. Yet security risks are increasing, partly because the rule of law is unclear and hard to enforce across borders. What is the state of current international cooperation? What is the role of multinational companies? How does rapidly changing technology fit in? Will the Internet be more or less secure in 5 years?

As cyber incidents occur with greater frequency across all sectors each day adding unpredictable costs and distracting organization, business leaders are looking for more predictable methods of managing risks and costs. By moving to an insurance based model, organizations can formalize their acceptance of risk and "plan" for significant incidents by buying insurance.

Key takeaways:

• Articulate the economic basis for purchasing cyber insurance to offset residual risk
• List 5 marketplace models that could be leveraged for cyber insurance
• Describe how three popular security control catalogs measure up as the basis for assurance to either qualify for cyber insurance or to lower premiums.

(CNCI-SCRM) efforts in numerous federal organizations have gained positive traction. These efforts continue to reap benefits in their attempts to ensure product integrity of hardware, software and services being incorporated into government enterprise capabilities and critical infrastructure.

Much airtime is given to various standards for information security and risk management, but how much value can really be derived from them? At what point do they cross the line from "useful" to "too much effort and cost"? How can you best leverage standards to improve quality and performance? These questions, and more, will be addressed in this session as we explore the most common standards and how to best leverage them in managing the operational risk portfolio.

Vulnerability management used to be easy, but in the face of ever-more complex environments and ever-more aggressive attackers, vulnerability management has evolved dramatically over the years. Join Jack Daniel for this tool-neutral look at the evolution of vulnerability management, from early scanning, to modern management and continuous network monitoring.

Early vulnerability management happened at a leisurely pace, if at all. Advances in vulnerability management came slowly for many years, but the pace of improvement has increased dramatically, leaving many organizations behind the current state of best practices. Challenges to improvement and methods for solving the challenges will be included in this conversation.

In this presentation the latest techniques and technologies for scanning, continuously monitoring, assessing and securing your computer systems and networks will be presented. The latest enhancements in scanning and monitoring provide more information than ever before; this requires more robust, intelligent and scalable data aggregation, analysis and management systems.

Simply gathering vast amounts of information is not enough; actionable information needs to be readily accessible and easily discovered, and actions need to be automated.

Key takeaways:

1. The practice of vulnerability management has improved quickly and many organizations have fallen behind.
2. Gathering information is not enough; actionable information needs to be readily accessible and easily discovered.
3. Actions need to be automated for effective vulnerability management.

COBIT® 5 and King III make enterprise architecture the CEO’s accountability. The importance of enterprise architecture as a strategic business capability and even as a source of competitive advantage is becoming increasingly well understood. This presentation examines how a synergistic approach between Corporate and IT Governance, and Enterprise Architecture can increase an organization’s value while reducing cost.

Today's data management and analytic principles, practices and capabilities strip away the fidelity of the data that provides the meaning and context that makes data valuable and useable. Without a composable data layer your ability to get value from digital ecosystems and the Internet of Things is unattainable. Big data lakes and analytics only get you so far. Smart data and semantics, cognitive agents, and intelligent orchestration is key.

This session will help data professionals:

• Understand how Composable Data Layers set digital and the Internet of Things up for success
• Recognize the capabilities needed to extract and determine the meaning of data
• How the Composable Data Layer will converge and replace existing data governance and management functions.
• Set a course to harness Composable Data Layers into their ecosystems

This panel session will address the impact of digital technology on business structure, and how enterprise architects should deal with this. Each of four panelists will give their views on a particular aspect of this topic in a 10-minute talk, and will then participate in a panel discussion moderated by the Director of The Open Group's Open Platform 3.0 Forum, Dr. Chris Harding.

With the increased global market growth for technological goods and components and everything from hardware, software, and firmware relying on these products, the need for cyber supply chain security is much more important in order to minimize the exploitation of vulnerabilities. The modern supply chain is a complex, global third-party network of suppliers, distributors, business partners, service providers, and customers that share business processes, develop technology, and distribute products used in creating, sharing, and distributing information.

Given this complexity, there is no such thing as impenetrable security. Vulnerabilities are introduced, intentionally or unintentionally, at any node in the global network, and can produce exploits used to gain unauthorized access to data, alter data, or interrupt enterprise communications. 76% of all data breaches result from a third-party which introduced the security deficiencies that were ultimately exploited. (Trustwave 2012, Global Security Report)

Companies are extremely concerned about vendors’ reputations with whom they partner. Reputational risk must be placed above cost when assessing a potential third-party supplier or service provider. The cost of new security controls must be justified by careful analysis of the risk profile (e.g., vulnerabilities, threats, and consequences) of a given component, the criticality of the target system, and the cost of the controls vs. the potential cost of omitting the controls. It is incumbent upon both the supply and demand sides of the supply chain to share the risk mitigation responsibilities.

Attendees will learn the following:

• The ever-changing risk landscape of the global supply chain due to exploitation and evolving security policies;
• Effective risk mitigation strategies to help enterprises protect their most prized assets in the cyber global supply chain; and
• How enterprises can effectively protect their assets through investment justifications for new security controls and required Supply Chain Risk Management practices.

The explosion in IT is only possible because of global supply chains enabling global access to talent, innovative software and IT components from around the world. In attempting to assure security, multiple governments seek to impose complex, costly and duplicative, or worse, conflicting requirements on global suppliers. How do we get to "more secure" while not regulating the golden supply chain goose to an early grave?

This panel of subject matter experts will:

• Provide an overview of The Open Group’s Open Trusted Technology Provider™ Standard (O-TTPS) – Mitigating Maliciously Tainted and Counterfeit Products, which is specifically relevant to product integrity and supply chain security and has recently been submitted to ISO with a request to have it approved as a PAS standard.
• Provide a look at how the O-TTPS harmonizes with Common Criteria, and the NIST Cybersecurity Framework.
• Discuss, along with attendee participation, the importance of vendor and country neutral international standards that all providers can adopt – and why multiple, conflicting initiatives and requirements are painful to IT buyers and IT suppliers.

Cloud Service capabilities have introduced a need to look at Governance Processes differently.  Companies want the flexibility and speed associated with Cloud Computing services, but their need for data security has only increased in this new model.  Cloud Computing now allows for shared resources in ways not previously available.  Social, mobile, analytics and cloud tools have changed how organizations interact with customers - which require them to react more quickly to changing customer needs and demands. 

All of the above will drive a new approach to how governance processes arenbeing applied:  balancing the need for more security standards as well as support for faster, more responsive updates - across multiple points of the shared resources in the business.

Business process transformation is and will be a constant change in the digital journey of organizations. One of the most important aspects of a winning enterprise strategy for digital workplaces will be the “Social” Strategy.

As organizations are moving forward in their initiatives to integrate systems of records and systems of engagement, they are realizing that along with IT expertise, they also need to include the voice of stakeholders, end users and employees in their digital transformation journey. This will help the real stakeholders become true partners in the overall organizational transformation to achieve business goals.

The inclusion of “Social” will not be equally easy in all the areas, as the processes have long been aloof from people who use them. There are some areas, which will see the advent of “Social” before others given their existing people-centricity.

This presentation will be aimed at answering the following questions:

1. Why “Social” is inseparable from the Digital Transformation of workplaces?
2. What are the key drivers for Social Business Processes Transformation?
3. How can “Social Strategy” affect and complement Enterprise Strategy?
4. What are the primary roadblocks in implementation and adoption of Enterprise Social Programs?
5. Social Strategists bag of tricks: Some solutions to the primary roadblocks
6. Case study: An example of Social business transformation for IT Helpdesk of a large enterprise

Enterprises still have the need for controlling, but it will be increasingly necessary to further evolve the usual way of controlling, in order to adapt to the complexity and speed of change in current markets. Considering this, the majority of executives go to work every day and do not know what is going to happen, because interconnections and inter-dependencies are making the environment of the enterprises increasingly complex to manage.

The complexity needs to be solved. However, what elements should executives evaluate? How to know exactly where and what to change? We believe it is all about transforming the way of managing and running the enterprise operational model, by connecting the entire enterprise in a vision that goes beyond Strategic Planning, identifying points for innovation and competitive advantage.

Therefore, demonstrating and managing what we do, using capabilities, connected to what we decide, using TDM, based on why we do what we do and decide what we decide, using BMM, creates a solid path to organize the mind of the Business and respond faster to disruptive forces.

Key takeaways:

• How to become adaptable using motivation, capabilities and decisions
• How to connect the entire enterprise (processes, functions, departments, KPIs, investment) using business capabilities
• How to apply the motivation and decisions to transform the enterprise

Architecting a Government Organization is different than a for-profit organization. It involves making the people/citizens benefit from these initiatives rather than making profit. In this 21st century, all the governments should look into making their organizations more digital, how they can use the latest and greatest technologies to server citizens’ better. While creating these digital services, governments should look into improving the efficiencies of the system and provide platforms that can incubate innovation which takes countries, states, cities to the future.

This presentation investigates and instigates different approaches of architecting a government organization for e-Governance, e-Content Management, e-Procurement etc given the parameters of environment, culture and appetite to transform their organization.

A dynamic tutorial and panel discussion where you will learn:

• FACE 101
  • What is the technical reference architecture defined in the FACE Technical Standard (a standard of The Open Group)?
  • How do Architecture Segments, APIs, and the FACE Data Model Architecture eliminate barriers to portability?
• FACE 201
  • What is the FACE Business Strategy?
  • How does this strategy enable adoption of the FACE standard with benefits for both government and industry?
• The Open Group FACE Consortium
  • Why is a government-Industry collaborative consortium made up of suppliers, buyers and end- users succeeding?
  • What work products has the consortium produced to Inform and educate others about the FACE approach?
• FACE Advisory Board
  • How does the Advisory Board promote FACE goals and advocate FACE adoption?
  • What is the value for bridging the Consortium’s strategic vision with customer needs and supplier capabilities?
• The FACE Approach and other OA Efforts
  •  How does the US Army plan to use the FACE approach as an enabler when implementing its Common Operating Environment (COE)?
  • Where are the FACE Consortium and UCS Working Group aligning their business strategies?
• And much more…

Intended audience: Personnel in the defense industry or armed services, affiliated with US-based FACE member organizations.

Key takeaways:

1. Government and Industry are successfully collaborating to develop and evolve an open technical standard and business strategy that promotes adoption and facilitates procurement of FACE conformant software
2. Business objectives within the avionics software community can be achieved through the use of open standards

This is a networking event where various Open Group Forums and partners will host short presentations and demonstrations while you enjoy a drink and some food. You will also be able to network with senior IT professionals, industry experts and government officials in an informal way at this event.

Boundaryless Information Flow is achieved through global interoperability in a secure, reliable and timely manner. Boundaryless does not mean there are no boundaries – it means that boundaries are permeable to enable business.

ICT developments are leading to many disruptive changes. Better connected cities, industries and systems are coming, but to ensure business success we must not lose sight of the experience delivered. How can we understand and assure the experience required? Implementation within a standardized framework is key to speeding up the necessary transformation across partner ecosystems.

Today’s enterprises are composed of dynamic, complex systems, much like a living organism, and traditional approaches to Enterprise Architecture have not kept up. Declining budgets mean insufficient resources are available to support an EA organization. How then do Government organizations keep EA going while making it more effective? Technology has accelerated the pace of change, bringing new opportunities and challenges that were unimagined a few years before. This causes enterprises to focus more on solving business problems rapidly through data-driven approaches to business transformation. Driven by this focus on outcomes, and impacted by budget reductions and a high volume of change, Government agencies are searching for ways to make enterprise architecture more agile. The Outcome Driven Government initiative has for the last year been examining these topics and how to transform EA to effectively support mission outcomes.

The Open FAIR risk analysis methodology is being used by numerous large organizations in financial services, retail, healthcare, and other sectors to analyze and quantify cybersecurity risks and other operational risks.

In this one day training course, participants will learn:

• How to apply the Open FAIR risk taxonomy including the various components of risk
• The differences between qualitative and quantative risk analysis and where each is appropriate
• About measurement and calibration and how to develop confidence in risk measurements
• How to work with the available data and to pick the right abstraction levels to perform risk analysis
• About the Open FAIR certification program for Risk Analysts

Prerequisites: A general understanding of security and risk concepts.

Heathcare Industry Vertical

Join us for this day long event as we examine how IT can improve the efficiency and quality of the healthcare enterprise.

The vision of Boundaryless Information Flow™ in healthcare is largely consistent with the industry's decades long effort to achieve interoperability.

The goal of our work in the healthcare sector is to enhance access to integrated information to improve health outcomes and to support business process improvements.

• Where are we today and where are we going?
• What efforts hold the greatest promise?
• What should we do that we are not?
• What are our most difficult barriers and how might we surmount them?

These topics will be addressed by renowned speakers and panel of experts who bring clinical, policy and enterprise architecture experience from both the public and private sectors.

Our keynote speakers, Dr. Jon White, Deputy National Coordinator for Health IT, and Dr. Doug Fridsma, President and CEO of American Medical Informatics Association (AMIA), will discuss the current state of interoperability and standards consensus with a special focus on the distinct roles played by the public and private sectors. The Open Group Healthcare Forum will share its vision for the safe and effective flow of information across boundaries in healthcare -- a vision supported by many private sector actors in a highly complex healthcare ecosystem.

Industry experts in healthcare will address a sequence of interrelated topics:

• an information model to drive interoperability
• existing information models in the public and private sector
• a gateway to wrap and unwrap messages
• a transport layer to drive interoperability

"As Acting Deputy National Coordinator to Health Information Technology (HIT), Dr. White provides the unique perspective of one whose finger is on the pulse of public and private health information exchange efforts throughout the U.S. and globally. Dr. White will discuss barriers, risks and opportunities in healthcare information computerization, and provide an overview of the current state of interoperability and the safe and effective flow of healthcare information throughout the public and private healthcare enterprise. Dr. White will provide insights on how the public and private sector can work together with an emphasis on public sector orientation toward HIT as a public good that has experienced challenges with market uptake. Intended Audience: Healthcare executives, consultants and industry professionals, enterprise architects, government officials and policymakers"

The science of informatics drives innovation that is defining future approaches to information and knowledge management in biomedical research, clinical care, and public health. As CEO of the American Medical Informatics Association (AMIA), Dr. Fridsma will address core issues in the area of making information flow securely and freely across boundaries and what some of the barriers are. What can informaticists learn from Enterprise Architects and vice versa? Should they work together and, if so, how can barriers be overcome? Why have medical enterprises been late to the computerization of information exchange? Where is the low hanging fruit for making progress? Dr. Fridsma will discuss differences in perspectives on standards adoption between disciplines and public/private sectors. AMIA, the leading professional association for informatics professionals, is the center of action for 5,000 informatics professionals from more than 65 countries. As the voice of the nation’s top biomedical and health informatics professionals, AMIA and its members play a leading role in assessing the effect of health innovations on health policy, and advancing the field of informatics. AMIA actively supports five domains in informatics: translational bioinformatics, clinical research informatics, clinical informatics, consumer health informatics, and public health informatics. Intended Audience: Healthcare executives, consultants and industry professionals, enterprise architects, government officials and policymakers, researchers and educators, biomedical and health informatics practitioners

A safe and high quality healthcare delivery system is what the Systems Engineering or Enterprise Architecture disciplines would call a “wicked problem”. “A wicked problem is a problem that is difficult or impossible to solve because of incomplete, contradictory, and changing requirements that are often difficult to recognize. Due to complex interdependencies, the effort to solve one aspect of a wicked problem may reveal or create other problems” (Wikipedia). These problems can’t be solved explicitly, but they can be tamed. Wicked problems require a nonlinear, adaptive solutions – rather than standard linear problem solving – and are implemented by stakeholders and champions in their organizations. The iCareQuality team of Systems Engineers and Clinical Practitioners leveraged a Strategic Architecture approach from TOGAF® Architecture Development Methods to decompose the healthcare delivery problem into manageable chunks. The goal of this presentation is to share with you our experience and challenges ahead in the healthcare delivery industry. Intended Audience: Enterprise architects, systems engineers, clinical care providers, healthcare executives, healthcare stakeholders

Providing high quality healthcare for current Service members, their families, and Veterans is among our nation’s highest priorities. Health information exchange between Electronic Health Record (EHR) systems in the DoD, VA, and other public and private care providers serves as the foundation of improved healthcare delivery, a patient-centric healthcare experience, and seamless care transition. The Department of Defense/Department of Veterans Affairs Interagency Program Office (DoD/VA IPO) leads and coordinates the Departments’ adoption of and contribution to national health data standards, ensuring the seamless integration of health data among DoD, VA, and private health care providers. Both Departments have developed and are executing EHR modernization plans. In addition to these plans, DoD and VA have already demonstrated a high level of data interoperability, enabling clinicians to use existing software applications to view the records of over 6.3 million shared patients. Dr. Thompson’s presentation will discuss the Departments’ progress towards modernization and interoperability, the important role of the DoD/VA IPO to this mission, as well as current challenges and way forward for both Departments.

This presentation will cover the overall landscape of the Federal Healthcare Information Model (FHIM) interoperability work conducted by the federal government and with the private sector, and how it ties to the Health Information Exchange (HIE) generally. The FHIMS program is intended to coordinate the efforts of the partner agencies with the development of Electronic Medical Records, information and terminology standards, including the coordination of agency efforts at relevant Standards Development Organizations (SDOs). The FHIMS is an information model rather than a data model. Data models are meant to be implemented, whereas information models are higher level specifications. This presentation will address FHIM work in particular and the impact of The Open Group Healthcare Forum on interoperability now and in the future. Intended Audience: Stakeholders in the healthcare industry

A common information model is key to enabling interoperability. The Federal Health Information Model (FHIM) is an information model of healthcare data. An information model is needed to create Electronic Healthcare Records (EHR). This presentation will synthesize knowledge and insights gained about information modeling from many key players in the private and public sectors. This type of synthesis is lacking in the existing interoperability debate and represents a significant contribution to understanding the landscape of actors, the overlap of efforts, and the gaps that need to be filled. What does the FHIM offer and what does it lack? Intended Audience: Healthcare interoperability decision makers, enterprise architects, data architects, information modelers, nursing informatics, healthcare educators, government officials and policymakers, hospital information systems administrators

CONNECT is an open source software and community that supports Health Information Exchange and IT interoperability in the U.S. healthcare system. CONNECT uses Nationwide Health Information Network (NwHIN) Exchange standards and specifications to ensure that health information exchanges are compatible with other exchanges being set up throughout the country. The Department of Veterans Affairs (VA), the Department of Defense (DoD), the Social Security Administration (SSA) as well as the Centers for Medicare and Medicaid (CMS) are currently using CONNECT to interact and exchange health information with thousands of healthcare providers through the NwHIN Exchange which supports approximately one million patients and beneficiaries. CONNECT was initially developed by federal agencies to support their health-related missions. The gateway is now available to all organizations and can be used to help set up health information exchanges and share data using nationally recognized interoperability standards. This presentation will show how CONNECT provides a gateway from an information model to a transport engine, thus advancing the adoption of interoperable health IT systems and health information exchanges. As the gateway for unpacking and re-packing data messages and healthcare information, CONNECT can help enable true interoperability, thus making it possible for health data to follow a person across the street or across the country. Intended Audience: Healthcare interoperability decision makers, enterprise architects with a healthcare orientation, Standards Developing Organizations (SDO), government officials and policymakers

Healtheway is a non-profit organization that provides program support for Health IT interoperability initiatives. The eHealth Exchange and the Carequality initiatives are two essential elements needed to move data and information electronically, and between and among trusted partners. The eHealth Exchange supports a common governance process and legal framework and is now the largest Health Information Exchange (HIE) in the nation. HIE partners share information under a common trust framework and a common set of rules. A high quality, well maintained and governed common information model and gateway to the HIE is critical for a number of reasons not commonly understood by key decision makers. Carequality is a multi-stakeholder initiative to build a connected web of data sharing networks. It is a key public-private collaborative effort to develop consensus among existing health IT data exchange programs regarding technical specifications and best practices (similar to when the banking industry created a nationwide ATM network). A transport engine is one of the key dynamic parts of the engine that will drive true interoperability with the public and private sectors working together. Intended Audience: Healthcare interoperability decision makers, enterprise architects with a healthcare orientation, government officials and policymakers, stakeholders in the healthcare industry

Putting the patient at the center of healthcare is a "no-brainer." Everyone agrees that a patient-centric approach to healthcare is the way to go. But what does that really mean - what does it look like to suppliers, providers, payers and most importantly patients? Connecting people is a good start, but it doesn't end there. It even goes beyond connecting people to data. What it's really about is connecting data in such a way that information, knowledge, insights and understanding emerge… and ultimately empower all of us in winning and securing the patient's health. Through a series of use cases, this session will explore an architecture that exploits the technology trends driving Open Platform 3.0™ with the goal of empowering us to live longer and healthier lives. Intended Audience: Enterprise Architects, CIO, CTO, CMO

Cloud Service capabilities have introduced a need to look at Governance Processes differently. Companies want the flexibility and speed associated with Cloud Computing Services, but their need for data Security has only increased in this new model. Cloud Computing now allows for shared resources in ways not previously available. Social, mobile, analytics and cloud tools have changed how organizations interact with customers - which require them to react more quickly to changing customer needs and demands.

All of the above will drive a new approach to governance processes: balancing the need for more security standards as well as support for faster, more responsive updates - across multiple points of the shared resources in the business.

The main goal of this presentation is to propose a new Governance model and share customer examples of how to achieve an optimal balance between speed & security in a Cloud Computing environment.

Key takeaways:

• Security and Governance process overview in a Cloud Computing environment
• Impact on application of Governance of these new trends and new processes
• Real-world examples of companies leveraging cloud based shared services to meet changing customer needs securely across all points of the business.

The key topics to be covered in this presentation:

• The challenges towards transitioning to cloud
• The discipline of Enterprise Architecture as a tool for making the transition to cloud
• Discuss Use Case on how to create Hybrid Cloud strategy for Public Sector Case Management solution
• Discuss key business capabilities and define business architecture
• Map Technology Architecture to Business Architecture
• Define various patterns to define future state architecture
• Discuss governance and change management towards successful implementation

Key takeaways:

• Understand a practical and realistic way to change the business of IT inside a large and complex government entity.
• Understand the value of "enterprise architecture" as a practical tool for aligning and implementing the mission of IT.
• Understand sustainable governance models for the long-term.

The Boeing TOGAF Method is a customization of the TOGAF Architecture Development Method for use by Boeing in the development of enterprise or segment level architectures.

Prior to TOGAF method, Boeing had processes and methods that its practitioners were required to use in the development of strategy, value-chain, enterprise architectures, and application systems. When Boeing made the decision to go with the TOGAF standard, we needed to figure out how we can be specific enough to consistently execute TOGAF activities while ensuring our other frameworks, methods, and references are intact. We needed to integrate our other processes for defining our strategies, value-chain analysis, our various reference architectures, and our method for developing computing systems with TOGAF activities. We also looked at each TOGAF activity and defined additional details such as how we would execute them, the models that are to be created, the tools that will be used, reference(s) that are relevant, the resulting deliverable content, and how quality will be assessed for each activity.

The resulting customization of the TOGAF standard is the Boeing TOGAF Method (BTM).

Key takeaways:

• An organization needs to look at itself and the TOGAF framework and customize it for its use
• An organization needs to look at its other initiatives or frameworks for improving its solution development maturity and resolve inconsistencies and ensure they work together before releasing it to their general community.

Over the past few years, employers have increasingly reported that employee skill sets are not keeping up with market demand. According to Manpower, 35% of 35,000 employers worldwide have reported difficulty filling jobs due to available talent. Known as the “Skills Gap,” this growing divide between employee skills and job requirements is becoming an increasing concern for businesses, with U.S. News reporting that 98 percent of CEOs believe the skills gap threatens their business. This skills gap is of particular concern within technical disciplines where digitalization and rapidly evolving industry and technical trends are forcing constant changes that are extremely difficult for employers and employees to keep up with. Not only are recent IT graduates often unprepared for the job world but even those IT workers who are already employed are also having difficulty keeping up with workplace demand. To bridge the Skills Gap, today’s employees must take control of their career development in order to maintain their skills and stay relevant in the workforce. This presentation will address the IT and Enterprise Architecture skills gap with special emphasis on how both employers and employees can bridge the IT Skills Gap and how certification programs can help fill the gaps for Enterprise Architects.

Over the past 12 months, experimenting with devices - micro controllers, real time systems that connect to sensory inputs and motor outputs, MQTT plays a big role in connecting machines to machines over the new connectivity protocol. MQTT is a Client Server publish/subscribe messaging transport protocol. It is light weight, open, simple, and designed so as to be easy to implement. These characteristics make it ideal for use in many situations, including constrained environments such as for communication in Machine to Machine (M2M) and Internet of Things (IoT) contexts where a small code footprint is required and/or network bandwidth is at a premium. In running low powered devices over flimsy, unreliable networks - sending reliable notifications to devices running in mission critical medical industry or capital-intensive financial industry, the speaker shares his observations with the Ultra-Low Power devices (ULP), running as brokers to servers - their low level architecture, model and design; accommodating existing legacy enterprise information within MQTT framework, different patterns and anti-patterns.

This presentation shows a complete solution for architecting, designing and building an application using devices, sensors and servers in a connected world. It promises a seamless switch from legacy to newer systems as and when they become ready. The narrative comes in many parts with real world examples, scenarios and practices.

Key takeaways:

• Deep understanding of IoT devices and architecture
• Architectural Framework Design Considerations - patterns and anti-patterns

You need a framework to in order to develop a mobile strategy. There are many questions that are to be answered prior to rolling out your 1st app. "Who is going to use the app? Where are they going to use it? What are they using it for?" are only a few. Answering these questions (and more) along with aligning your strategy to your organizations mission will make your mobile strategy a success.

Learn what a mobility framework is, and why it is critical to your success.

Key takeaways:

• What questions do you need to ask BEFORE developing a mobile application?
• What steps must you take for a successful mobile implementation?

A continuation from the morning plenary session, the afternoon workshop will share and discuss in detail the "EA Beyond Models" research paper. The workshop is designed to "deep dive" into each service and consider feedback from other EA practitioners.

The goal of this workshop is to capture sufficient insight to extend the current Disruptive Change with Minimum Disruptions toolkit and deliver it to the Open Group Architecture Forum for formal review and adaptation into the TOGAF eco-system as a Guide.

Specific activities: Review broadly defined three EA Services – Optimize, Transform, and Build/Sustain the EA practice. The facilitator will review each service in detail, demonstrate alignment to the TOGAF standard and The Open Group Open CA program, and showcase specific artifacts and deliverables as well as governance and decision rights.

• Attendees will provide insight and suggest improvements
• These improvements will be formally captured
• Upon completion of workshop, all attendees will receive updated Disruptive Change with no Disruptions toolkits, and will be acknowledged as contributors in the final submission to the Architecture Forum.

Key takeaways:

• Ability to assess your current EA practice
• Ability to develop top down and bottom up business case to transform your EA practice
• Ability to develop pragmatic roadmap and oversee the roadmap execution

The Agency for Public Management and eGovernment (DIFI) is responsible for ID-Porten. ID-porten is a common log-in solution to public services. See http://eid.difi.no/en/id-porten for more.

DIFI has a Project to integrate with an EU based solution: The European Interoperability Reference Architecture (EIRA) is an application of Enterprise Architecture with a focus on interoperability in the public sector. See architecture here: https://joinup.ec.europa.eu/site/eia/EIRA/EIRA_beta_dev/HTML/model.html.

This presentation explains how DIFI used the TOGAF, ArchiMate and Open FAIR standards to ensure privacy and security concerns in a business context.

Key takeaways:

• How to use the TOGAF and Archimate standards in real cases
• How to model and visualize risk and security concerns using the Open FAIR and ArchiMate standards

While many organizations follow the TOGAF framework to successfully document their current architecture, some struggle with effectively developing target architectures and transition plans that become a driver for change.

This presentation will look at different roadmapping techniques that have been successfully used to help organizations implementing the TOGAF framework to proactively understand the future landscape, what options might be available to them and how to go about moving towards the desired state.

These techniques will be supported by practical case studies of real-world organizations that have used them effectively to ensure the health of their EA practices and maximize the benefit of EA to their stakeholders.

Key takeaways:

1. Practical roadmapping techniques
2. Lessons learnt from effective EA programs
3. Communication of EA to various stakeholders
   
   

This workshop will show you how the validation and implementation of your business strategy can be supported by a combination of strategy modeling, capability-based planning, and enterprise architecture and portfolio management.

Strategy modeling enables the formalization and focus of the business strategy towards goals. Furthermore, it enables traceable steps in entire trajectory of strategy execution.

Capability-based planning is centered on realizing strategic goals by focusing on what an organization can do, rather than how it can do this. With this, business leaders can plan organizational change based on business outcomes, rather than projects, processes and applications.

Creating and improving capabilities is supported by enterprise architecture as the backbone of organizational design. It provides a clear line-of-sight between strategic goals, operational services, processes, and systems, and the project and programs that realize these. This enables you to manage the various dependencies and risks involved in realizing your strategy, ensuring coherence across the enterprise.

Enterprise portfolio management supports prioritization and decision making on the requisite assets and change initiatives that realize the envisaged architecture and capabilities. Relating data from financial and other systems to your architecture and portfolios, provides a solid basis for analysis and decision making.

We will show how this entire trajectory of strategy execution is facilitated by an integrated solution for describing your strategy, capabilities, enterprise architecture, and portfolios.

We will illustrate this approach to strategy execution with two real-life case studies:

• A major financial organization that resulted from a series of mergers, and is now going through a transformation from a bank-insurance model to separate banking and insurance businesses;
• A government agency that is changing its strategy, divesting several of its tasks to other agencies, and at the same time budget cuts require it to look critically at the cost and value of the services it provides to others.

The Open Group IT4IT™ Forum, launched in October 2014, is developing a new standard based on a reference model for "Managing the Business of IT" and consequently has many touchpoints with other standards including key Open Group standards. This session will position and seek a dialog on IT4IT’s evolution in relation to: TOGAF®, ArchiMate®, ITIL, COBIT, SAFe, CMMI, TOSCA, OSLC, vertical standards, agile movement

The discussion will include:

• Comparative analysis of the motivation and overall positioning for each standard
• Discussion of terminology such as framework, standard, methodology
• High level mapping between IT4IT and the other standards including gap analysis

The session will be collaborative and open, promoting the exchange of ideas about comparative IT standards.




Key takeaways:

• Insight into the overall IT standards landscape and how it is changing
• Knowledge of relationship of IT4IT to other Open Group standards
• Knowledge of relationship of IT4IT to related industry standards

All organizations in today’s world need IT to support the mission of the business and keep it operational. For the most part, the things an organization needs to run the business of IT are ubiquitous. The Open Group has established a new forum where an industry standard is being developed for a common operating model for the business of IT – IT4IT. The IT4IT operating model allows the IT function to achieve the same level of business discipline, predictability and efficiency as other functions in the business. The IT Value Chain of Plan-Build-Deliver-Run is described further by the corresponding value streams of Strategy-to-Portfolio, Requirement-to-Deploy, Request-to-Fulfill, and Detect-to-Correct. These in turn are supported by the IT4IT Reference Architecture – a service model, an information model, functional model, and an integration model.

The speaker will provide an overview of IT4IT and describe how it is being used to drive organization change in real-world implementations.

Key takeaways:

• What is IT4IT?
• What are the common elements for running the business of IT?
• What is the IT Value Chain and supporting value streams?
• How to apply IT4IT for improving IT value proposition?

The power of modern virtualization makes it possible to directly investigate architectural solutions inexpensively. With technologies such as Vagrant and Docker, and the easy availability of high-quality open source solutions, multi-node proofs of concept can be constructed as miniaturized virtual systems.

See a walkthrough of a complete, end to end DevOps environment, built through “infrastructure as code” techniques, running on a single laptop. The Calavera project (available on GitHub) is based on Virtualbox with Vagrant and Chef scripts which build a local 6-node VM cluster, including:

• A simple “Hello World” test-driven development environment including application (using Java, junit, ant, and Tomcat)
• Local and central git instances
• Commit-driven automated build via Jenkins
• Artifactory package repository storage of final build package
• "Production" environment deployment via Artifactory & Chef

Building such a solution in years past would have required significant investments for computing capacity, configuration effort, and commercial software. Now, complex distributed systems can be realized in miniature directly, reducing the friction for architectural investigations.

Hear also the motivations behind the project, intended as a microkernel for a larger enterprise IT simulation and currently in use for instructional purposes at the University of St. Thomas. Can such simulations better ground architectural debates? Can we understand capability roadmaps more effectively if they are grounded in concrete yet inexpensive proofs of concept? How far can we scale up these approaches? Come and participate in an interesting, innovative discussion. Intended audience: Practicing architects, consultants, trainers

Key takeaways:

• Using lightweight virtualization to simulate distributed environments
• The potential of miniaturization and simulation to inform architectural thought processes

The Open Group IT4IT™Forum provides a vendor-neutral 'place' to meet, gain knowledge and lead the development of the IT4IT Reference Architecture for IT management portfolio. The mission of the IT4IT Forum is to create and drive the adoption of the IT4IT standard that will provide a vendor-neutral Reference Architecture for managing the business of IT, enabling insight for agile improvement with increased focus on business outcomes. The panel session will highlight the wide range of development opportunities that the IT4IT Forum offers IT staff.

Key takeaways:

• Professional development opportunities Bring in value from outside
• Gain industry insight and to learn from the experience of others through networking opportunities
• Access key influencers, market leaders and competitors
• Develop professionally
• Build relationships and contacts that will sustain into the future

In a knowledge-based economy, enterprise survival depends on the ability to make sense of the flood of available knowledge, information and data coming from both within and without the organization. A coherent Enterprise Information Architecture is key to leverage, transform and manage the increasingly disparate holdings so that all stakeholders can make their decisions based on quality information.

The challenge is that in most enterprises massively redundant and incoherent data sets are siloed in hundreds of services / applications; sorting it out seems overwhelming to most CIOs. This is further exacerbated by the fact there is little commonality and mutual awareness of the terminology and techniques used by the various professions dealing with knowledge, information or data.

The presentation provides some common lexicon and highlights a unified model that enables CIOs / CDOs to incrementally create an enterprise information architecture.

Key takeaways:

1. Common understanding of knowledge/information/data
2. A holistic view of the information architecture problem space
3. A way of incrementally getting control of the information holdings

A key requirement in today’s enterprises is the organization of knowledge in a manner that benefits all employees, irrespective of their geographic location and the business unit they serve. In this case study, I will cover how knowledge generated by various groups with an enterprise, flows across various logical boundaries, without compromising the confidentiality of information belonging to a specific business unit.

The solution framework was built to address the following principles:

1) Logical knowledge hives for various business units – Business units in an organization generate knowledge that is specific and confidential to the respective units. Access to the information should be controlled by authorized administrators of the hive.

2) Libraries to hold policy documents – Organization has its policy documents which should be accessible by all employees of the organization. Libraries should be built as containers for such documents, and workflow built to notify employees of any policy change.

3) Crowdsourcing Ideas – Provision for employees to give ideas for improvement initiatives. Most impactful ideas should be picked for implementation. Employee, who gives the idea, should be able to track the progress made on implementation.

4) Library of reusable assets – Provision for employees to publish assets that can be reused across groups in the organization. Publication of the asset goes through a SME review workflow. Provision to rate and provide feedback on asset should be provided.

5) Governance – All the logical groups created within the solution framework, should have administrators who control access, amount of storage space allocated, archiving policy for the group.

From this case study, the audience should be able to take away the key attributes and the governance principles to be kept in mind when designing Knowledge Management System for seamless integration across different groups in an organization.

Key takeaways:

1. Key attributes to be kept in mind when designing Knowledge Management System for seamless integration across different groups in an organization.
2. Governance mechanism for controlling contribution and access to knowledge repository.

This session moves on to the theme of evolving the TOGAF standard. It gives the results of a recent survey of members of the Association of Enterprise Architects (AEA), and explains how this is feeding into plans to evolve the TOGAF standard.

This panel discussion addresses how the TOGAF standard will evolve in the future. Each panelist will be given the opportunity to make a short statement about their views on how the TOGAF standard will evolve. The remainder of the session will address questions from attendees.

Potential topics for discussion could include:

• Key trends and challenges faced by organizations and their Enterprise Architects
• Capability Models for Enterprise Architects
• Agile Enterprise Architects
• The position of the TOGAF standard in the TOGAF ecosystem
• Roadmap for evolution

This presentation will provide an overview of the preliminary findings and observations from members of the TOGAF® Framework and ArchiMate® Modeling Language Harmonization project, also known as "Project Harmony”. This project is a collaborative effort by members of the Open Group Architecture Forum and ArchiMate forum. Project Harmony is working to identify how the TOGAF standard and the ArchiMate standard can be used together. The first phase of the project has produced several whitepapers that describe how the Glossaries, Viewpoints, and Metamodels of the two standards can be harmonized to enable practitioners to enhance their ability to use the two standards together.

Consumers expect mobile applications, wearables and smart devices to work all the time. Enterprise and solution architects must therefore build always-on services from legacy applications with varied availability, performance and scalability characteristics. To bridge this gap, architects are using Backends-as-a-Service (BaaS) and Enterprise Service Buses (ESBs) with cloud-based and on-premises components.

Architects can use the ArchiMate visual modeling language to express this emerging approach and guide development of always-on services and the applications that use them. This presentation introduces Cambia's always-on services architecture, and its use of the ArchiMate language to develop and communicate it.

Key takeaways:

1. An approach to providing always-on services with legacy applications.
2. The use of the ArchiMate language for modeling solutions that span the cloud and the on-premises data center.
3. The use of an enterprise architecture repository to facilitate collaboration between platform and solution architects.

In a world where customers demand capabilities faster. In a world where you have to plan and execute simultaneously or be left in the dust. In a world where communications matter more and miscommunication can destroy. You need to understand how what you do impacts and is impacted by changes to both technology and business.

With agile and lean concepts, some architecture organizations find it difficult to stay relevant, often viewed as a hindrance to rapid development with myriad processes and standards. Development teams took it upon themselves to find creative ways to circumnavigate controls created to minimize risk to the organization. But today’s world of increasing demand for rapid delivery, expanding costs, and higher stakes requires key elements makes architecture even more important.

In this session, participants will learn how we’ve adapted architecture to not only support Agile & DevOps, but how we’re at the table with teams to deliver business value collaboratively from small projects to enterprise-scale programs.

Participants will learn:

• lean and agile architecture with DevOps and Agile teams
• instilling architectural concepts across the enterprise
• key tenets of what we call #guerrilla_ea