View
233
Download
2
Category
Preview:
Citation preview
Risk modeling by custom extensions to Archimate Experimental extensions towards a complete EA framework
Erik Hagen
June 2014
Contact: erik.hagen@entercard.com
EnterCard delivers smart payment and financing solutions to
customers. We have over 50 card products and 2 million
customers across Scandinavia
• There are requirements and use cases for EA modeling in many
areas – solution design, work instructions, IT planning,
knowledge management, training, master data, project
management, business transformation, incident management,
risk management and more.
• There is currently no single modeling standard that covers all of
this.
• So, we have combined severel EA standards into a larger
framework, with modeling conventions independent of any
particular tool. (We use ARIS.)
• Our main effort so far has been as-is documentation in relation
to Business Continuity Management and impact analysis, but
we are also proceeding in other areas.
This presentation is about how the EA framework we have
developed so far could cover risk modeling going forward. Note
that this presentation does not cover how EnterCard is actually
working with risk management today.
First, some considerations regarding risk mangement vs. EA...
3
Introduction
• “For too long, information security has been considered a
separate discipline, isolated from the enterprise architecture”
• “Operational risk and its relevance to enterprise architecture
– why incorporating the concept of operational risk is
essential to modern enterprise architecture design. “
• “This White Paper is intended to guide enterprise and
security architects in fully integrating security and risk
management into enterprise-level architectures “
EA 4
SABSA and TOGAF - “Integrating security and risk
management into enterprise-level architectures”
EA 5
The SABSA Operational Risk Model
“The IT security and information security industry has evolved over its lifetime a
view of operational risk that is concerned only with threats, vulnerabilities, and
loss events (negative impacts)--- This negative approach to risk management
has also found its way into the ISO/IEC 27005:2011 standard…“
“Arguably, the sole role of the enterprise architect is to create an operational
environment in which operational risk can be optimized for maximum business
benefit and minimum business loss.”
• “In SABSA thinking these operational capabilities are the
primary assets at risk… examples… Production capability,
Service delivery capability... Capability to build and sustain
brands and reputation…”
• «In traditional information and IT risk management
frameworks … the assets at risk are usually classified as
information assets (databases, files, documents, etc.) and IT
assets (computer hardware, software, communications
networks, etc.). These are regarded in SABSA as secondary
assets, supporting the primary assets of business capability
• “SABSA risk assessment, risk measurement, and risk
monitoring focuses on the primary assets…”
• “In this respect SABSA is leading-edge thinking, challenging
the traditional IT view of operational risk management, but
aligning operational risk with true business risk.”
EA 6
Assets at risk – primary and secondary
EA 7
SABSA Artifacts in the TOGAF ADM
EA 8
TOGAF ADM primer Architecture Development Method
EA 9
Archimate metamodel mapped to the TOGAF ADM
EnterCard’s modeling conventions – based on open standards
10
EA 11
Relevant modeling standards and their relation
Main Archimate concepts
12 subject-verb-object (in «Chinese»)
13
Archimate symbols – «the alphabet»
14
Additional symbols
Business rules (DMN)
User stories and use cases
Test cases
Risk modeling
Various other symbols
EA 15
Archimate viewpoints – «the sentences»
Archimate is currently missing viewpoints for risk, capability
(and some more)
EA 16
Additional/custom viewpoints
Custom «Relationship Roles»
associated with
associated with (master stored by)
associated with (copy stored by)
associated with (groups)
associated with (provides)
associated with (supports)
associated with (delivers)
associated with (changes)
associated with (defines)
associated with (signs)
associated with (may exploit)
associated with (defined by)
accesses
accesses (reads)
accesses (creates)
accesses (updates)
accesses (deletes)
accesses (consumes)
accesses (produces)
17
used by
uses
realizes
realizes (copy of)
realized by
assigned to
assigned to (resides on)
assigned to (fulfills)
assigned to (performs)
assigned to (responsible)
assigned to (accountable)
assigned to (consulted)
assigned to (informed)
aggregates
composed of
generalization of
influences
influences (triggers)
influences (mitigates)
influences (resolves)
influences (leads to)
influences (results in)
influences (may result in)
influences (implies)
influences (impacts)
Risk & Impact viewpoint (custom)
18
Asset at risk: Any object,
including capability
Planned enhancements:
• Threat agent
• Opportunity
Assets at risk
19
SABSA view: The output of architecture work
is the creation of operational capability.
These operational capabilities are the
primary assets at risk.
Example: Capability to build and sustain
brand and reputation
SABSA based view of primary
vs. secondary assets:
«Indirect impacts»:
Example: An incident related to e.g. an IT
system «indirectly» impacts «Reputation» Either way, we can model it
Example impact viewpoint
20
Report example – impact analysis with output to Excel
Export of raw data to Excel for flexible analysis
21
EA 22
Navigating into our repository
23
The «complete» picture
Mandatory deliverables for new projects
24
EA 25
Template catalog
Easy access to templates and education
Click the
template and
get started
modeling
General
viewpoint
description
Examples
«Document
chapter»
26
A template example (Archimate Business Process)
© EnterCard, 18 December, 2012
Keep it simple – risk attribute for BPMN tasks
© EnterCard, 18 December, 2012
BPMN process modelers can choose to specify
a Risk attribute, in which case an «attribute
symbol» is automatically inserted.
More advanced modelers can create
connected Archimate models (with
extensions)
Change management is key
Library contents
C
h
a
n
g
e
m
a
n
a
g
e
m
e
n
t
Project deliverables
reuse QA
29
• SABSA’s Business Attribute Profiling and Business Attribute
Taxanomy
• The Open Group’s Risk Taxanomy (O-RT)
• ...
EA 30
Anticipated extensions to the modeling framework
• Building on the Archimate metamodel enables us to
consistenly model the entire enterprise architecture with full
traceability between risks and assets.
• This modeling framework supports traditional risk modeling
with a focus on threats and negative impacts as well as e.g.
the SABSA approach which also deals with opportunites and
positive impacts.
• Consequently, architecture and risk go hand in hand and
marries business improvement
EA 31
Conclusions
EA 33
Bonus slides
EA 34
The SABSA Matrix
EA 35
SABSA “Business Attribute Profiling” Alignment in the SABSA Matrix between Business Drivers
and Services through Business Attribute Profiling
EA 36
SABSA Business Attribute Taxonomy
Recommended