Technology risk calculation
Assess the technology risks of your business applications by calculating their risks at the software product (considering the model and full version) level and then at the business application level.
Starting with the Xanadu release, the legacy Technology Portfolio Management module has been deprecated from Enterprise Architecture (formerly Application Portfolio Management). However, if you’re an existing user of Enterprise Architecture (formerly Application Portfolio Management), you can still use the legacy Technology Portfolio Management module. If you’re a new activation user, the legacy Technology Portfolio Management module isn’t available.
You can leverage the same functionality by using the Technology Portfolio Management store application within the Enterprise Architecture Workspace. To learn more, see Manage the Technology Portfolio Management (TPM) in Enterprise Architecture Workspace.
Technology risks are calculated at the hardware model and software product (considering the model and full version) levels to determine the risk at the business application level.
Lifecycle stage - Internal and External
The range set for a risk value at each level such as very high, late, moderate, low, and none vary from one organization to another. You can set the risk value for each lifecycle phase based on your organizational requirements. Use the software product lifecycle form to associate the lifecycle phase for each software model with a risk. Based on the selected risk the parameter risk is determined.
The risk values in the lifecycle table are very high, high, moderate, low, and none. Accordingly the risk is also very high, high, moderate, low, or none.
For lifecycle stage parameters, only the risk value is considered irrespective of the lifecycle phase.
Aging - Internal and External
Similarly, the aging internal and external has the following risk values:
- 0–90 days is high risk.
- 90–180 days is moderate risk.
- More than 180 days is low risk.
- If there is a single High risk, then the risk of the software model is High.
- If there is a single Moderate risk, then the risk of the software model is Moderate.
- The risk of the software model is Low only if the risk of all the underlying components are Low.
- If there is a single High risk, then the risk of the hardware model is High.
- If there is a single Moderate risk, then the risk of the hardware model is Moderate.
- The risk of the hardware model is Low only if the risk of all the underlying components are Low.
The risk calculation for aging parameters are scripted and you can edit as required.
Parameters to determine software product risk
Risk on a software model is calculated based on four parameters, namely internal lifecycle stage, external lifecycle stage, internal aging, and external aging.
Parameters to determine hardware model risk
Risk on a hardware model is calculated based on four parameters. The parameters are internal stage risk, publisher stage risk, internal aging risk, and publisher aging risk.
Calculating technology risk at business application level
A business application can run on many software models. The risk of a business application due to its underlying software models is derived from the risk of the individual software models.
- Risk at hardware model level
- Based on the four hardware risk parameters, the technology model suggestion engine calculates the risk of the hardware model and the highest risk value is assigned to the hardware model. If the risk of hardware is high, then the risk of the application service, which runs on the hardware, is evaluated to be high. The engine stores the risk data of the hardware model in the Hardware Model Risks [sn_apm_tpm_hardware_model_risk] table.
- Risk at software model level
- Based on the four software risk parameters, the technology model suggestion engine calculates the risk of the software model. If the risk of software is high, then the risk of the application service, which runs on the software, is evaluated to be high. The engine stores the risk data of the software model in the Software Model Risks [sn_apm_tpm_software_model_risk] table. This data is rendered on the software model timeline.
- Risk at application service level
- If any of the hardware or software models on which the application service runs is evaluated to be on high risk, then the application service is determined to be at a high risk.
- Risk at business application level
If the application service is of high risk, then the business application which runs on the application service is also high.
- If one of the software models is at High risk, then the business application is at High risk.
- If one of the software models is at Medium risk, then the business application is at Medium risk.
- The risk of the business application is Low only if all the underlying software models have a Low risk.
- If one of the hardware models is at High risk, then the business application is at High risk.
- If one of the hardware models is at Medium risk, then the business application is at Medium risk.
- The risk of the business application is Low only if all the underlying hardware models have a Low risk.
You can customize the script that is executed to calculate the risks at the product model risk level (hardware and software models), application service risk level, and business application risk level. For more information, see Configure risk bubble up logic.