Heather Kreger, IBM, on SOA standards

It’s impossible for me to pass up a standards discussion (how sad is that?), so I switched from the business analysis stream to the SOA stream for Heather Kreger’s discussion of SOA standards at an architectural level. OASIS, the Open Group and OMG got together to talk about some of the overlapping standards impacting this: they branded the process as “SOA harmonization” and even wrote a paper about it, Navigating the SOA Open Standards Landscape Around Architecture (direct PDF link).

As Kreger points out, there are differences between the different groups’ standards, but they’re not fatal. For example, both the Open Group and OASIS have SOA reference architectures; the Open Group one is more about implementation, but there’s nothing that’s completely contradictory about them. Similarly, there are SOA governance standards from both the Open Group and OASIS

They created a continuum of reference architectures, from the most abstract conceptual SOA reference architectures through generic reference architectures to SOA solution architectures.

The biggest difference in the standards is that of viewpoint: the standards are written based on what the author organizations are trying to do with them, but contain a lot of common concepts. For example, the Open Group tends to focus on how you build something within your own organization, whereas OASIS looks more at cross-organization orchestration. In some cases, specifications can be complementary (not complimentary as stated in the presentation 🙂 ), as we see with SoaML being used with any of the reference architectures.

Good summary, and I’ll take time to review the paper later.

Ron Tolido, Capgemini, on (or not on) open BA methodology #ogtoronto

Ron Tolido of Capgemini presented on the case for an open methodology for business analysis. There’s a big component of standardization here, particularly a shared language (terminology, not necessarily natural language) to enable collaboration. He considers the core competencies of business analysis to be information analysis, subject matter expertise and business process management, there’s also an aspect of consultancy around managing change.

In spite of his categorization of BPM as an “IT tool”, he highlighted the importance of process in business analysis today, and how process orchestration (although he didn’t call it that) and business rules can create applications much faster than before. This allows business rules to be changed on the fly in order to tune the business processes, and the creation of configurable user experiences by non-IT people.

Echoing the confusion of the previous presentation on the IIBA, Tolido stated that business architecture and business analysis are different, although business analysts might be involved in business architecture work without being business architects themselves. It appears that he’s making the distinction of business analysts as project-specific resources, and business architects as enterprise resources, although it’s not clear what functions or capabilities are different. There was a lot of audience interest in this issue; there appears to be the will to combine the disciplines in some way, but it’s just not there yet. I’m not sure that there’s sufficient common understanding of the term “architecture” as it pertains to non-technical disciplines.

Kathleen Barret, IIBA, on the Business Analyst role #ogtoronto

Kathleen Barret of the International Institute of Business Analysis discussed how the role of Business Analyst moved from assistant Project Manager and scribe to the focal point for understanding and articulating the business need for a solution or change.

She started by talking about why there is such a strong case now for business analysts. Organizations have been designing solutions for years without proper business analysis, resulting in a spotty success rate; in today’s economy, however, no one can afford the misses any more, prompting the drive towards having solid business analysis built in to any project. There’s also a much stronger focus now on business rather than technology in most organizations, with business strategy driving the big projects.

IIBA was created 5 years ago to help support business analysis practices and create standards for practice and certification. Its goals are to develop awareness and recognition of the BA role, and to develop the BA Body of Knowledge (BABOK) to support BAs.

Business analysis is about understanding the organization: why it exists, its goals and objectives, how it accomplishes those objectives, how it works, and how it needs to change to meet its objectives and future needs. As Barret points out, there’s a big overlap with what business architects do (she posits that they are now the same, or that an enterprise business analyst is the same as a business architect – I’m not sure that IIBA has a well-thought-out position on this yet); the difference may be purely a matter of scope, or of general analysis versus project-specific analysis.

The BA works as a liaison amongst stakeholders in order to elicit, analyze, communicate and validate requirements for changes to processes, policies and systems. This could be at the enterprise level – probably what most of us would refer to as a business architect – or at the project level. This can be a subject matter expert or domain practitioner (which I don’t consider a true BA in many cases) or a consultative BA who works with SMEs to elicit business requirements. In a large, complex organization, there may be several types of BAs: there is a need for both specialists (in terms of business vertical, methodologies and technologies) and generalists.

IIBA will continue to extend the BABOK, and will be releasing a competency model by the end of 2009 to help BAs identify gaps in their capabilities and to help organization to assess current needs and capabilities. In my experience, “business analyst” is one of the most over-used and misused term in business today, so anything that IIBA does to help clarify the role and expected capabilities has to help the situation.

David Foote on EA careers #ogtoronto

Foote presented some interesting – but for this primarily Canadian audience, not completely relevant – statistics on US unemployment; he added the comment “I assume it’s the same in Canada”. Would have been good if he had actually taken 5 minutes to research our job market before presenting here, because there are some significant differences, although many similarities. He followed this with the rather obvious observation that there is always a shortage of talented people with specific skills, and that in an economic downturn, companies are looking to hire quality rather than quantity.

He brought forward recent Gartner research that showed that more than half of EA programs will be stopped in 2009, and that the remaining ones will embrace cloud computing but will struggle with framework and information management problems. Foote pooh-poohed this, and said that there were only a handful of good analysts out there, and that this was not based in fact. The implication is, of course, that he’s one of those good analysts. 🙂

There’s some pretty interesting numbers about pay scales for architects in his research, which was gathered from cities across the US and Canada: although there are a lot of people out of work and salaries are going down, architects with certain certifications are holding steady or even increasing their worth. Whereas the value (presumably measured by pay) of web developers has dropped by over 28% in the past 12 months, architects and project managers – which were, inexplicably, combined – increased by over 4%. Topping the list are Check Point Certified Master Architects and Microsoft Certified Architects, each of which increased in value by 20% in the past 12 months. There are some non-certified skills gaining in value, too: I’m not at all surprised to see process leading the pack at 8.3% increase, since an economic downturn favors process improvement projects.

He showed us some detailed stats on pay scales for architects across a range of US and Canadian cities, and summarized for each country: enterprise architects, data architects, information architects, senior applications architects, applications architects, security architect and director of architecture. He presents these (and therefore architecture in general) as purely IT roles: this is all in the context of IT pay scales, and contains nothing on business architects.

The presentation finished with some of the barriers to enterprise architecture:

  • Many EAs live in a siloed world, funded by business silo, and are expected to bridge silos with “nickel and dime” funding
  • There is a disconnect between IT leadership and EA governance, with many CIOs focused on short-term operational demands versus long-term optimization
  • EAs will have to go through various stages of maturity before their job potential is fulfilled
  • The EA role is not defined well enough to model and operate a successful EA organization

This last bit was interesting, but didn’t really flow from the remainder of the presentation, which presented the IT architect job and pay survey results.

Minaz Sarangi, TD Bank, on EA in financial services #ogtoronto

I still haven’t posted my notes from yesterday – I made the mistake of not bringing my laptop yesterday, and my notes are trapped in my paper notebook until I get a chance to review and transcribe them.

I only caught the last 10 minutes of Minaz Sarangi’s presentation due to a meeting elsewhere, but was able to download the presentation and get caught up in time for the Q&A. TD has grown significantly through mergers and acquisitions, including the major acquisition of Canada Trust in 2000, and a big part of their enterprise architecture efforts are to standardize across the various IT infrastructures that exist in the subsidiaries in order to simplify the platforms. This is not fundamentally different from most large financial services, although in many cases, the acquired companies are run as siloed business units, leading to inefficiencies and inability to provide a complete customer view across all product lines.

TD, in developing a true enterprise architecture strategy that spans all the business units, is having the business strategy guide their EA efforts and their enterprise technology strategies. They’ve developed architecture domain practices for business, applications, data, security and technology, and define prescriptive architectures in order to align solutions delivery with their enterprise standards. All of the technology building blocks are defined in the context of the EA, and each has both a strategy and a reference architecture in order to articulate the current and future state, the roadmap, current and future capabilities required, deployed solutions associated with the capabilities, reference implementations, and technology standards.

From a business standpoint, the key goals are to make employees more productive and to enhance customer experience, but there’s also issues of risk reduction, security, system availability and cost reductions due to standardized technology platforms.

How TD is achieving this is through what they call “EA simplification”:

  • Reduction of operational footprint for greater agility, through application rationalization and enterprise shared services
  • Consolidation and standardization of core technology platform for scalability
  • Automation of repetitive architectural and engineering processes for sustainability, for risk reduction and process optimization

They’re starting to see some success with this approach, but as can be expected from such a diverse organization, it’s slow going. They have some enterprise shared services, including content management, and are getting the sponsorship and commitment in place that they require to push forward.

I’m of two minds about programs like this: I certainly see the need for technology standardization within an organization, but it seems like some of these massive EA efforts serve to just extend the delays for new technology implementation and create a significant set of rapids in advance of the still very waterfall methodologies.

The Open Group Conference

I was already planning to attend the Open Group Conference in Toronto next week to catch up on what’s happening in the enterprise architecture space, and now I’ve been invited to join Dana Gardner’s panel on Monday morning, which will also be recorded as a podcast. The panel is on architecture’s scope extending beyond the enterprise, bringing together elements of EA, SOA and cloud computing. Also on the panel will be John Gotze, president of the Associate of Enterprise Architects, and Tim Westbrock from EAdirections. There are big aspects of business process to this, specifically when you start orchestrating processes that span the enterprise’s boundaries, and I hope that we’ll have time to explore that.

I’ll probably be at the conference each day to check out some of the other sessions, and I may stick around for some of the evening events, such as CloudCamp on Wednesday. If you’re there, drop by my session and say hi.

Open Text Social Media briefing

I had a chance to meet with Cheryl McKinnon from Open Text while here at the Enterprise 2.0 conference for a briefing and a demo of Open Text Social Media, their enterprise social software offering to be released within a few weeks. This is a part of the Enterprise 2.0 market that I’m really interested in: how do we add a social layer on existing enterprise platforms, such as enterprise content management (ECM)?

Open Text already has some amount of collaboration around document management in their product portfolio, as well as web content management. Since they have a solid content management platform backing all of the content, they’re able to add the necessary aspects of governance, compliance and security that has to surround certain content without, hopefully, that getting in the way of collaboration. The Open Text Social Media product is pushing that a step further, adding more social aspects to content collaboration. Most content management – and content collaboration that goes with it – focuses on connecting people to content; OTSM also connects people to people in a content-centric manner.

Open Text Social Media home screenThey started with a few basic principles: keep the user interface simple so that there would be few barriers to adoption, while maintaining the security, auditability and records management functionality from the underlying ECM suite. They’ve removed the requirement for the content to be viewed in the hierarchical folder-type fashion that is inherent in the ECM system, and added discussions and wikis as well as maintaining a social graph of person-to-person interactions. This provides three key areas of functionality:

  • The social network inside an enterprise
  • A social marketplace with customers and partners
  • A repository for “corporate memory”

Open Text Social Media profileWe moved on to a demo, starting with the personal dashboard home screen that shows the status and presence indicator of people who I follow, communities to which I belong, and content that I have flagged to follow. My personal profile contains structured information, some of which can be pulled from LDAP/ActiveDirectory, plus Facebook-like status messages – this is what appears on the home screen of people who follow me – and my blog. Also, anywhere where my name appears within the site, hovering over the link pops up a mini view of my profile.

Communities are a combination of wikis, documents and discussions, and can be designated as public, public read-only, private and secret. All of these security designations are inside the firewall: “public”, for example, means that everyone inside the enterprise can see and contribute to it. Private read-only could be used for more traditional broadcast intranet content; private means that the content is hidden but the community is visible and anyone could request membership in the community; secret means that the community is hidden and available only by direct invitation. Discussions within a community appear on the “Feed” tab, and are fairly standard topic-based discussions where you can read and reply to the thread, with the additional ability to flag a topic so that it appears in my flagged items on my home screen, where new replies to the topic would be indicated: a sort of content subscription. There is no ability (yet) to include an external feed into a community, although there’s a bookmarklet to make it easy to share external links as part of a discussion. The “Documents” tab in a community is (I assume) a view into the underlying content repository, but is a flat list view rather than a folder-based hierarchy since presumably there would be a small number of documents in the community. I’m not sure how well that user interface will scale if a community has hundreds of documents on that tab, although there are filtering capabilities. The wiki tab within the community allows multiple wiki pages to be created, also apparently in a flat navigation structure which may not scale well. The wiki has pretty standard (and easy to use) edit and comment functionality, plus the ability to flag content to follow in my home page. There’s a complete revision history stored for each wiki page, and you can roll back to an earlier version if required.

All of the community content can be pushed into the ECM archive, which would enforce records retention and other governance rules, although we didn’t get into the details of how seamless that would be to community authors and readers.

Open Text Social Media search resultsThe searching is where we really start to see the people-to-people capabilities: searches locate content, as you would expect, but also locate people and communities that are contributing to or discussing that content, as well as people who have the search terms in their profile or their blog posts.

They round it all out with some pretty slick applications for a Blackberry or iPhone. These are applications, not mobile versions of a website, so include persistent cache for use when you’re offline.

There’s an obvious overlap with SharePoint functionality here, and there will undoubtedly be a battle inside some organizations between these two proven enterprise platforms when it comes to social media. Open Text’s advantage is their ECM repository, which far out-performs anything that SharePoint has to offer, and can be used as the back-end content repository for SharePoint even if a customer decides to go that direction for their enterprise social networking. That’s not unique to Open Text; other ECM vendors such as IBM/FileNet also have SharePoint connectors to allow their repositories to be used to manage SharePoint content transparently. Open Text, however, goes beyond that by offering direct social networking extensions to their ECM platform that have the potential to replace SharePoint in an organization that has already standardized on Open Text’s ECM. This direct integration with a robust content repository provides them with a distinct advantage over the Enterprise 2.0 point solutions, and make them the one for the other ECM vendors to beat in the social enterprise content collaboration market.

Social media and marketing #e2conf

Peter Kim moderated a panel of three people from end-user organizations – Ben Foster of Allstate Life Insurance, Greg Matthews of Humana, and Morgan Johnston of JetBlue – on social media adoption for both external as well as internal use by enterprises.

Allstate recently launched the consumer-facing Good Hands Community, including both a social site and a Twitter presence, for both traditional marketing and sales purposes, but also to maintain a relationship with ex-customers who may have left for financial reasons but still could benefit from Allstate information and potentially become a customer again in the future. It includes tools and calculators, discussion forums and other information.

JetBlue uses social media – specifically Twitter, where they have 730,000 followers as of today – to engage customers, inform customers about what’s happening at JetBlue, and even provide updates on weather and other information that impacts their service delivery.

Humana has a social site run by their consumer innovation center – a sort of center of excellence for enterprise social media – that they are using to try and transform how they interact with their customers and partners; unfortunately, my bandwidth right now won’t allow it to actually load, so I’ll have to take their word for it. This is run separately from their corporate website, and doesn’t include any private customer data.

All of these are intended to engage the consumers, both for informing and for gathering feedback. Social media can be a sort of “canary in a coal mine” about impending problems, and it’s a valuable channel to monitor in order to hear how people are talking about your products or services, potentially heading off PR and customer service disasters before they occur. It’s also a sales lead generation channel, with companies like Dell using Twitter to broadcast deals that aren’t available anywhere else, generating significant revenue from those tweeted deals.

It’s important for multiple departments in an organization to contribute their ideas and needs for consumer-facing social media. It’s not just an IT project, although IT is going to be involved in order to deploy the platform, and there’s a need for rapid prototyping and changes to the site without having to go through an old-fashioned waterfall development approach: this might dictate that the existing corporate IT not be involved, but a new team formed to support this sort of agile approach.

One of the panelists noted that you can see the trends in conferences: social media is now on the agenda at IT conferences, at marketing/PR conferences, at HR conferences and at customer service conferences, indicating that people from multiple areas within organizations that have an interest and a stake in social media.

You have to learn by doing with social media: people have to get in there and start producing content, then see what the consumer feedback is like for that content in order to tune the message and style. That’s a scary thing for most companies, but these three are setting a good example.

The Future of Social Messaging in the Enterprise #e2conf

An eight-person panel discussed how organizations can use social messaging to improve internal and external communication and collaboration. I’m not even going to try to track who says what, since I’ve lost track of who’s who (except for the lone woman on the panel), so just random notes:

  • Unified Communications vendors need to open up their products to allow social messaging to participate. Voice seems to be ignored in Enterprise 2.0 (note that there are no sessions on voice at this conference), but needs to be a part of it. This is especially true when we consider devices such as the iPhone, which is used to participate both through social media and voice. People don’t want think about what tool to use, they want to focus on the problem that they’re trying to solve.
  • Enterprise 2.0 isn’t about giving people “one more thing to do”, but to help make people more effective. This is a big one that I see when trying to get people within my clients to collaborate, often because they don’t give up doing things the old way, so see the new collaboration tools/methods and an additional step rather than a replacement for an old and inefficient way to do things.
  • Social messaging is about forming weak ties, not necessarily about pre-targeted recipients. The ROI may not be obvious up front, but serendipitous discovery of information and people provides unexpected value.
  • We need to stop focusing on the tools and applications, and start focusing on the people and use cases. That is especially obvious in this panel, which still has too much of a tool focus – Marcia Conner from Pistachio Consulting has to keep dragging the conversation back to the people, practices and conversations.
  • The same issues of information security apply to social messaging as to any other form of communications. Social messaging tools don’t equate to information leakage, they just provide another platform for what is likely already happening by voice, email and other methods if you have employees that don’t adhere to your security policies. Governance begins with individuals, and if you can’t trust your employees, you need to monitor their activities. If the corollary is true – that if you monitor your employees’ activities, that means that you don’t trust them – then I see a lot of companies with no trust in the people whom them so carefully recruit and hire. It’s impossible to completely lock down data in any organization, so there needs to be policies (and education about those policies) that lead to self-policing.
  • There is insufficient granularity of presence: with most social platforms, there is a single view of you that is exposed to everyone who you choose to expose it to, and you can’t tune the experience for different audiences. In other words, don’t put anything on Twitter that you wouldn’t want your employer, your competitor or your mother to read. I’ve noticed that although platforms like Facebook are providing tools to allow you to limit what parts of your profile are available to different groups of your contacts, very few people bother to use them.
  • Enterprises matter less; relationships and conversations matter more. Don’t limit yourself to just an enterprise conversation, think about a participatory culture. (I think that I won the Enterprise 2.0 buzzword bingo on that last statement)

These are just the high points; you can check out the Twitter stream for this session or the replay of the video if you want to hear the entire panel.

Applying the Social Dimension to the Lockheed Martin Mission #e2conf

The morning started with Andrew McAfee interviewing Shawn Dahlen and Chris Keohane from Lockheed Martin about how they’ve progressed on their internal social network since we heard about it at last year’s conference.

Back in 2004, they approached the CIO to get project seed money for internal blogging, since there was a need for internal communications that wasn’t being met by company newsletters. For a few thousand dollars, they were able to set up a blogging platform that allowed internal affinity groups to communicate, then realized that they needed to lock down some of the information for security purposes and closed down some of the access, particularly to employees outside the US.

The 9/11 commission report noted that the existence silos of people and information – a “need to know” environment – was part of the problem in government and defense industries, providing Lockheed with the motivation to start opening up some of their information across the company, regardless of location. They worked closely with their internal legal department to make sure that they were

They took their SharePoint environment, which was already in use for document collaboration, and added more social networking aspects by upgrading the blog and wiki capability. This allowed them to evolve an existing, familiar platform into something more social, providing an easier migration for Lockheed’s 150,000 employees. The revolutionary part was to make these communities open to all employees by default, rather than defaulting to a closed site, and currently 65% of their thousands of communities are open.

Because they were making SharePoint do things that it didn’t naturally do, there was a lot of customization involved, but what they’ve ended up with is the ability for anyone to create a community. Apparently, HR resisted this, and lobbied for more centralized control of who could create an internal site rather than allowing self-service, but with the number of internal communities, this would have seriously crippled the spread of the tools to support collaboration within the company.

McAfee asked the question about how easily Lockheed’s aging workforce adopted these social solutions; interestingly, some of the 20-something engineers were some of the ones that had problems with the social community, since although they knew how to use the tools, they didn’t have the business experience to make the tools support the Lockheed business processes. Some of their most prolific bloggers are from the over-40’s workforce, probably because they just have more knowledge to contribute. In other words, enterprise social networking isn’t about age, it’s about appropriate tools, motivation and having something worthwhile to share. You need to have the younger and older parts of the workforce work together in order to achieve the best results.

They went through – and are still experiencing – challenges with acceptance by the executives and across the organization, and have learned that social media needs to be grounded in the challenges of your enterprise. You need to create tools that support what people need to do, not just push something in and force people to use it. The result is that they have leaders within the company who blog regularly, but more importantly, who read, comment and act on what they read in blogs: this shows that management is participating, and that they see it as a channel for

They didn’t set rules around what content should or shouldn’t be included on the sites, but it has taken on the form of what would be normal employee behavior, which is pretty much what we heard yesterday from IBM, Deloitte and EMC. They provided two examples of “misuse” that were removed from the sites: one where someone was talking about their new car, and the other where someone was complaining about the employee review process using questionable tone and/or language.

There’s a breakout session this afternoon with the two Lockheed guys, going into more detail about their social networking platform and its adoption.