Minimum Enterprise Requirements

Posted on September 18, 2014 by Vincenzo Marchese

Believe it or not, many people in IT and business are still struggling with the concept of Enterprise Architecture, and the actual value it provides to the organisation. The theory is clear, less so how it translates into real value in practice.

The need for well articulated and clear Requirements, however, is well understood. And people generally understand that designing and implementing IT Systems to satisfy requirements generates value to the firm.

Rather than EA and Architecture Standards, I prefer to talk about Minimum Enterprise Requirements (MERs).

Enterprise Requirements are requirements that exist beyond the boundary of a project or program. They are Minimum when satisfying them is not discretionary. Typically, requirements deriving from a security policy, regulatory demands or strict business  constraints are good candidates for MERs.

A MER is a requirement coupled with a clear applicability trigger criteria. This is important, because designing and implementing MERs can (and normally is) expensive. Whether a MER applies to a specific IT System needs to make business sense. Implementing Security MERs to provide a very high level of assurance, for example, makes only sense if the IT System stores/processes/displays data that is classified as strictly confidential.

I often use the example of Building Regulations to explain MERs and triggers. MERBuilding regulations contain the rules for building work in new and altered buildings to make them safe and accessible and limit waste and environmental damage. People carrying out building work must usually arrange for their work to be checked by an independent third party to make sure that their work meets the required standards. In some cases the installer can certify themselves that their work complies (https://www.gov.uk/government/policies/providing-effective-building-regulations-so-that-new-and-altered-buildings-are-safe-accessible-and-efficient). In other words, if you’re building a hospital, there is a MER for disabled access. It’s applicable to all hospitals, and is not discretionary!

To evaluate whether a MER is a good MER I have devised a TUSIV test. As such, MERs must be:

  • Traceable (to a business approved firm policy, standard or directive)
  • Unambiguous
  • Singular
  • Implementable
  • Verifiable

About Vincenzo Marchese

passionate, energetic and pragmatic (in that order!), always keen to learn, engage with people, and tackle new challenges. Having started my career as a software engineer, in more recent roles I have been accountable for professionalising and measurably improving the value delivered by the architecture practice of large global organisations. Throughout my career I have built a strong professional network, and I am highly regarded by those I worked with. I have strong interpersonal and communication skills and have spoken at a number of international conferences. I was born in Sicily, and studied Computer Science at the University of Pisa. I moved to London in 1995, where I now live with my wonderful family. I volunteer in my local community. Specialties: - Establish/transform EA practice - Responsible and ethical AI - Enterprise Architecture Methodology - TOGAF
This entry was posted in Uncategorized and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s