Tarun Bulchandani
← All writing
From LinkedIn ↗ by Tarun Bulchandani

Creating an Effective Process for Application Review in Enterprise Architecture Governance

As an enterprise architect, I understand that introducing or adding new applications to the enterprise estate is a critical task that requires careful planning and review. A structured process must be followed to ensure that new applications meet the organisation’s business needs

As an enterprise architect, I understand that introducing or adding new applications to the enterprise estate is a critical task that requires careful planning and review. A structured process must be followed to ensure that new applications meet the organisation’s business needs and are aligned with the overall enterprise architecture. In this article, I will provide a detailed process for application review that can be used to introduce or add new applications to the enterprise estate.

Here's a quick list:

  1. Identify the Business Need: The first step in the application review process is to identify the business need for the new application. This includes identifying the business process that the application will support and understanding the requirements of the stakeholders.
  2. Evaluate the Current State: The next step is to evaluate the current state of the enterprise architecture. This involves identifying the existing applications that support the business process, as well as the infrastructure and technology that is currently in use.
  3. Identify the Technology Options: Once the business need and current state have been established, the next step is to identify the technology options that can be used to support the business process. This includes evaluating the available commercial off-the-shelf (COTS) applications, as well as the potential for custom development.
  4. Evaluate the Application Options: After identifying the technology options, the next step is to evaluate the specific application options that are available. This includes reviewing the features and capabilities of each application and assessing how well they meet the requirements of the business process and stakeholders.
  5. Assess the Impact: Before making a final decision on the application, it is important to assess the impact of the application on the enterprise architecture. This includes evaluating how well the application fits within the existing infrastructure and technology landscape, as well as assessing the potential for integration with other systems.
  6. Develop a Plan: Once the application has been selected, the next step is to develop a plan for implementation. This includes developing a project plan that outlines the specific tasks that need to be completed, as well as identifying the resources that will be required.
  7. Review and Approval: The final step in the application review process is to review and approve the plan. This includes obtaining approval from the relevant stakeholders, as well as ensuring that the application aligns with the overall enterprise architecture.

By following this process, organisations can ensure that new applications are introduced to the enterprise estate in a structured and controlled manner, which reduces the risk of disruption to the business and ensures that the application aligns with the overall enterprise architecture.

Here is a step-by-step process for each of the areas outlined above:

1. Application Request Submission

- The business unit submits a request to the Enterprise Architecture team for a new application to be added to the enterprise estate.

- The request should include details about the business need for the application, its intended users, functionality, and any technical requirements.

- The request should also include information about any potential vendors, including their capabilities, pricing, and support options.

- The request is logged into a central repository for tracking purposes.

2. Initial Assessment

- The Enterprise Architecture team reviews the application request to ensure that it aligns with the enterprise architecture principles and strategy.

- The team evaluates the request against the existing application portfolio to determine if there are any overlaps or potential integration issues.

- The team assesses the feasibility of the application based on technical and financial constraints.

3. Vendor Assessment

- If the request includes a potential vendor, the Enterprise Architecture team evaluates the vendor's capabilities and compatibility with the enterprise architecture.

- The team assesses the vendor's support and maintenance options, including their ability to provide updates and patches.

- The team reviews the vendor's pricing structure to ensure that it aligns with the enterprise budget and procurement policies.

4. Security Assessment

- The Enterprise Architecture team evaluates the security implications of the proposed application.

- The team assesses the application's vulnerability to cyber threats and risks to the enterprise's overall security posture.

- The team reviews the application's compliance with relevant security standards, such as ISO 27001.

5. Data Assessment

- The Enterprise Architecture team evaluates the data requirements of the proposed application.

- The team assesses the application's ability to integrate with existing data sources and ensure data quality and integrity.

- The team reviews the application's compliance with relevant data privacy regulations, such as GDPR.

6. Technical Assessment

- The Enterprise Architecture team evaluates the technical requirements of the proposed application.

- The team assesses the application's compatibility with existing infrastructure and systems.

- The team reviews the application's scalability, reliability, and performance requirements.

7. Review and Approval

- Based on the assessments outlined above, the Enterprise Architecture team makes a recommendation to the relevant stakeholders.

- The recommendation may include approval of the request, approval with conditions, or rejection of the request.

- The relevant stakeholders, such as the business unit and IT leadership, review the recommendation and make a final decision.

- If approved, the application is added to the enterprise estate, and the Enterprise Architecture team works with the business unit to ensure successful implementation.

Following this process helps ensure that new applications are thoroughly evaluated before being added to the enterprise estate, reducing the risk of compatibility issues, security breaches, and data privacy violations. It also helps ensure that new applications align with the enterprise architecture strategy and deliver value to the business.