Business application vs non-business applications
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello dear forum! We're back with the question of how to exactly define business applications - or more importantly, how to manage the applications which are NOT business apps. Since the definition for business app calls for it to provide a business capability, we would leave out items such as Active Directory. This used to not be a huge problem, but the EA product has grown significantly and we have wonderful new features such as Digital Integration Management and great UI to support the Information Portfolio concepts. The thing is, active directory has digital interfaces and integrations and it contains and accesses information objects. As such, we're left with two options:
1) customize DIM and similar products and build new UIs to support the use of information objects etc for other classes than business applications
2) accept AD as an business application.
#2 sounds more lucrative, but then we proceed to evaluate more tools. Turns out we want to manage the application risk (with IRM-EA integration), model digital integrations and maintain a complete information portfolio, so app after another the decision would be to manage it as an business application.
At this point, it feels like the definition of business app is failing us. The old rationale for using SAM features to manage software tools, or the old wish for having assessments on TRM items no longer help the teams forward. It feels like we would need another design domain concept, which can be used in the EA like a business application.
So: given that IRM, DIM, Information Portfolio, etc. use business application as the key concept, should one promote any application using these concepts as a business application or is there an alternative path forward?
- 549 Views
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi,
I would argue that Active Directory does qualify as a Business Application. We have always described it as a Shared System. In fact, it is one of the core examples in CSDM as a shared system. What Business Capabilities? Many capabilities you'd associate are indeed more technical in nature but i'd argue every organization in the world needs/has the Business Capability To Authenticate and Authorize users.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 weeks ago
Thanks, looks like we agree on the case of Active Directory.
But how to make the general rule? If one wants to map and manage application risk, list the digital interfaces provided by an application, indicate that application accesses information object, should the application be modeled as a Business Application - regardless of any other considerations?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
I think it makes sense to have all applications as 'business applications' - so there is a 'bucket' where every CI in the CMDB can roll up to. So every ci can inherit an owner, manager, assessment of criticality, the container that holds the 'does it have a DR plan', here is the design. But Mark Bodman does not agree - he said about 40% of companies do it this way - and they will continue to support this method. He said everything should be a business or technical service - but that is 2 buckets! I create a 'Business Application ID' that gets tagged on every widget that gets built and as the organisation 'primary key' for integration with other systems.
