Slide 1

The Role of Security & Privacy in EA Program And EA Trends Please read all relevant texts chapters notably Bernard Chapter 11 and 13..

Slide 2

Privacy is the shield that protects a persons identity while actively sharing information via the web. Where privacy is about keeping the door locked, security is about the lock itself. Security is the actual online authentication and authorization protocols that networks use to protect information and the audit system used to verify the overall systems effectiveness. ( OConnell in IPSWITCH, 2011 ) OConnell in IPSWITCH, 2011

Slide 3

EA Project Management as a project management model Similar for an EA Program Management Plan Information security and privacy are important project governance & compliance requirements and is included as component in risk management requirements

Slide 4

EA Programs Risk Mgt Sub-Plan Similar for an EA Program Management Plan Why & how information security and privacy incidents are regarded as enterprise risks can be explained via:

Slide 5

EA Programs Security & Privacy sub-plan Similar for an EA Program Management Plan How Security & Privacy risks are managed is explained in an organisations corporate document and customised in the EA program mgts security & privacy plan:

Slide 6

Causes of Information Security & Privacy Risks & Key Prevention Areas 1.Information design access & authentication due measures 2.User Identification & training measures 3.Operations measures 4.Physical measures

Slide 7

EA Risk Management Vs EA PROGRAM Risk Management

Slide 8

Risk Management Processes : 1.Risk classification 2.Risk identification 3.Initial Risk assessment 4.Risk mitigation 5.Risk Monitoring Risk mgt for integration & Standards compliance risks A very comprehensive Risk Mgt for security & privacy risks Risk mgt for EA program/project performance variance and quality risks EA is a meta-discipline that includes risk management that affects all its activities (Bernard, Chapter 1 - Page 34 & Chapter 11 page 222) every EA activity is part of a living EA risk management process Business case evaluates all the EA risks identified This requires understanding what risk mgt is about, which Bernard does not explain in details, but tutors can research and share insights with students Risk mgt details for stakeholder & business risks (http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap31.html) EA Risk Management is everywhere in EA Program Plan

Slide 9

EA Programs Risk Management Plan Is like a projects risk management plan for controlling the project or programs performance variance in terms of: 1.Budget performance 2.Quality (including testing) performance 3.Timeline performance Project/programs risk management is NOT EA risk management which is about ensuring EA modelling and management work complies to EA standards and corporate/project governance policies/standards/guides.

Slide 10

EA Security & Privacy Plan As an EA Component Guides the design, implementation and use of protective controls for every EA component There is no 100% foolproof security because EA components are designed and managed by humans and insider access is the ultimate threat which cannot completely be overcome (Bernard, page 231)

Slide 11

Trends

Slide 12

Future Trends in EA Bernard, Chapter 13 Generally trends can pose as opportunities & threats. When EA trends create new or grow existing EA practice problems, they can be regarded as new and emerging or existing and growing EA issues

Slide 13

More EA Trends Not all EA trends are EA issues

Slide 14

More EA Trends Not all EA trends are EA issues Impacts of new technology designs on EA Trends

Slide 15

More EA Trends Not all EA trends are EA issues Impacts of new technology designs on EA Trends In order to identify Big Data Trends impacts on EA practice, one needs to firstly understand what is Big Data, its enterprise ramifications, including complexity challenges. Not all Big Data Trends impact EA practice.