• Decrease font size
  • Return font size to normal
  • Increase font size
U.S. Department of Health and Human Services

About FDA

  • Print
  • Share
  • E-mail

SMG 3230.2

FDA STAFF MANUAL GUIDES, VOLUME III - GENERAL ADMINISTRATION

INFORMATION RESOURCES MANAGEMENT

INFORMATION SYSTEMS ARCHITECTURE (ISA)

ENTERPRISE ARCHITECTURE POLICY

Effective Date: 06/30/2004

[PDF Version]

 1. Purpose
 2. Background
 3. Definitions
 4. Policy
 5. Development Policy
 6. Maintenance Policy
 7. Responsibilities
 8. Supersession
 9. Effective Date
 10. History

1. PURPOSE 

This Staff Manual Guide establishes Agency policy and outlines the roles and responsibilities of Enterprise Architecture (EA) to ensure compliance with legislative and executive level guidance.

2. BACKGROUND 

Government and private industry must improve services and reduce costs to optimize performance in the current political and economic environment. The Clinger-Cohen Act (CCA) of 1996 was passed to compel Federal organizations to be more accountable for economic and efficient management of IT, and directed agencies to establish a Chief Information Officer (CIO) position specifically with the responsibility of "developing, maintaining, and facilitating the implementation of a sound and integrated information technology architecture."

OMB Memorandum M-97-16. M-97-16 establishes the minimum criteria for an agency information technology architecture (ITA) required in the CCA. For the purpose of conforming to the requirements of CCA, a complete EA is the documentation of the relationships among business and management processes and information technology that ensure alignment of the requirements for information systems (as defined in OMB Circular A-130) with the processes that support the agency's missions; adequate interoperability, redundancy, and security of information systems; and the application and maintenance of a collection of standards (including technical standards) by which the agency evaluates and acquires new systems.

3. DEFINITIONS 

Architecture: Design; the way components fit together. May be conceived of any complex system such as "software architecture" or "network architecture" [Free On-line Dictionary of Computing]. An IT architecture is a design for the arrangement and interoperation of technical components that together provide an organization its information and communication infrastructure.

Current Enterprise Architecture: The current state of an enterprise's architecture; the set of work products that portray the existing enterprise, the current business practices, and technical infrastructure.

Enterprise: A system of business endeavor within a particular business environment. An enterprise architecture is a design for the arrangement and interoperation of business components (e.g., policies, operations, infrastructure, information) that together make up the enterprise's means of operation.

Enterprise Architecture: Known as information technology architecture in the CCA, EA provides a technical and procedural foundation upon which an organization can efficiently plan, implement and field new systems as well as modify existing ones. EA ensures better coordinated IT initiatives across business areas, reduces redundancy in development efforts, and provides more efficient information systems and infrastructure by ensuring compliance with the agency's target architecture. Such architecture establishes common procedures, standards and policies to be used Agency-wide. The Federal Enterprise Architecture Framework (FEAF) authored by the Federal CIO Council provides guidance for the establishment of enterprise architectures within the Federal Government. These frameworks look at the enterprise by focusing on key business roles within the organization and examining their needs within the context of IT and business strategies.

Infrastructure Architecture Council: Provide a forum to identify current and future information technology projects. Review and discuss all new and existing IT project initiatives with regard to architectural alignment, compliance with IT standards and technical health of IT investments. Provide information and guidance to the Agency CIO and Information Technology Investment Review Board (ITIRB). Facilitate the exchange of information on strategic project issues. The agency enterprise architect chairs the IAC. The OITSS Director of Project Management is the vice-chair. The membership is inclusive of the center IT directors, center EA reps, agency ISSO, CTO, Director of OITSS and the OITSS division directors.

Enterprise Architecture Review Board (EARB): The EARB is an IT governance body that is chaired by the Agency's Chief Enterprise Architect and comprised of Center/Office Enterprise Architects. The Agency ISSO, CTO and Data Council Chair provide guidance in their respective disciplines. The EARB provides a forum to review all new and existing project initiatives with regard to architectural alignment for the upcoming budget year.

  • Monitors and analyzes ongoing and candidate investments for compliance with target architecture, technical standards and overall project health.
  • Analyzes candidate investments for technical feasibility. Recommendations are provided to the IRMC as input to their review process.
  • Recommends corrective action where compliance is judged to be missing or insufficient.
  • Approves technical approach prior to entering full-scale development

Migration Plan: The portion of the Enterprise Architecture that describes plans for how to move from the Current EA to the Target EA.

Target Enterprise Architecture: Representation of a desired future state or "to be built" architecture for the enterprise with the context of the strategic direction.

4. POLICY 

It is the policy of FDA to develop, maintain, and facilitate the implementation of a sound and integrated information technology architecture that is consistent with Federal and Department EAs in compliance with the following policies:

a. All IT investment proposals must be mapped to the Business Reference Model (BRM) and approved by the Center / Office architect before entering full-scale development. This is achieved by the preparation of an Investment Boundary Document (IBD) that includes: business use case(s), a context level diagram, project scope, project description, a glossary of business terms, and identified lines of business, stakeholders, and user goals. An IBD template can be obtained from the OCIO's Project Management Office (PMO). The business lead is responsible for preparing the IBD and engaging the appropriate Center / Office IT organization(s) in a support capacity.

b. All IT investments must undergo an Impact Analysis conducted by a Center Enterprise Architect. The analysis will describe the impact to the current environment, various scenarios for implementation and any impact on other systems resulting from resource re-allocation.

c. Center / Office Architects will serve as EA advisors to all IT project teams in their respective organization.

d. All IT projects are required follow the Agency's System Development Lifecycle (SDLC) and complete the core artifacts and consider suggested artifacts that support sound EA practices.

e. IT investments must undergo stage-gate reviews at specific phases of the investments lifecycle before advancing to the next phase of the investment's lifecycle to ensure compliance with FDA's EA/IT technical standards. At minimum, stage gate reviews include a review of completed artifacts at the completion of the following phases: Concept Development (before entering the planning phase), Design (before entering the development phase) and Integration/Test (before implementation). Cross cutting and major investments are reviewed by the Agency's Enterprise Architecture Review Board (EARB). All other investments will be reviewed by a Center / Office level EARB body under the authority of the appropriate IT Director. Center Enterprise Architecture certification at SDLC stage-gate reviews in order to proceed to the next stage of the SDLC. All Center / Office Level EARB results will be periodically reported to the FDA Chief Enterprise Architect.

f. IT projects require a business sponsor who is responsible for ensuring compliance with FDA's target enterprise architecture.

g. Investments will align with Enterprise Architecture reference models: Technical, Business, Performance, Data and Service Component.

h. Centers / Offices will allocate funding for agency-wide IT management support services. A percentage (to be determined) of programmatic budgets will be directed to support Enterprise Architecture.

i. Agency information technology designs and architectures must be reviewed by the EARB for inclusion into the FDA enterprise architecture.

5. DEVELOPMENT POLICY 

It is FDA policy that architectural deliverables shall be established including: Business, Data, Application, Technology and Security architectures. All EA deliverables shall be developed using the following documents as guidelines: The FEA reference models, which have been chosen as the FDA framework, FDA Information Technology standards, EA Principles (Business, Data, Applications and Security), EA governance document and using the format of the EA target architecture and transition plan.

A. The FDA enterprise architecture shall be developed using a federated methodology. The FDA shall develop an overarching architecture, which shall be inclusive of the 8 FDA centers. The FDA architecture shall be developed reflecting all crosscutting IT initiatives and their business, data, security, application, technology and operational relationships. The FDA centers shall develop center architectures, which reflect initiatives in the individual centers only. The centers shall use the guidelines set by the FDA EA program in developing their architectures. The development of center architectures shall be traceable to an FDA strategic goal and business need.

B. The FDA shall develop architectures using the Federal Enterprise Architecture Reference Model as the FDA framework. An FDA architecture product shall be directly mapped to the business, data, service and technology reference models in the FEA. The centers shall use the acknowledged FDA framework and will not deviate from this framework without the approval of the FDA Chief Enterprise Architect.

C. The FDA EA shall be developed using an iterative approach that includes: Planning, Baseline, Establishment and Transition phases. The Establishment and Transition phases are iterative as we move toward the desired target architecture for the agency. Currently, the EA program is in the Establishment phase capturing the "to-be" environment in selected lines of business in FDA. A complete description of the FDA EA development approach can be found on the FDA EA web site (http://intranet.fda.gov/oc/oms/ocio/SITP/EA) as documented in the Project Oversight Plan and EA Governance document.

6. MAINTENANCE POLICY 

It is FDA policy that FDA architectural products shall be established and published utilizing the FDA enterprise architecture information repository standard. Architectural products shall reference the following architectural layers: Business, Data, Application, Technology and Security architectures.

A. Each center and office shall place its EA products under configuration management control utilizing agency standard configuration management tools and processes published by the FDA EA program. As they are developed, a baseline of each architectural product shall be established, configuration and version identification data attached, and the products captured in a configuration management system.

B. The FDA shall maintain the EA through a collaborative process that involves continuous improvement of the EA through business stakeholder involvement and improving practices. EA model changes shall be done in cooperation with the business stakeholders, be traceable to business strategic goals, and be approved by the FDA EA Review Board. A more complete description of the FDA EA maintenance approach can be found on the FDA EA web site (http://intranet.fda.gov/oc/oms/ocio/SITP/EA/) as documented in the EARepository documents.

7. RESPONSIBILITIES 

A. Chief Information Officer: As outlined in the CCA, each agency must designate a CIO whose responsibilities include developing, maintaining, and facilitating the implementation of a sound and integrated IT architecture.

B. Chief Enterprise Architect: The Chief Enterprise Architect role is to define FDA's Enterprise Architecture and to set information technology standards for the agency. The Chief Enterprise Architect serves as the chair for the Enterprise Architecture Review Board (EARB).

C. Enterprise Architecture Review Board (EARB):

The EARB is chaired by the Agency's Chief Enterprise Architect and comprised of Center Enterprise Architects. The Agency ISSO, CTO and Data Council Chair provide guidance in their respective disciplines. The EARB provides a forum to review all new and existing project initiatives with regard to architectural alignment for the upcoming budget year.

  • Monitors and analyzes ongoing and candidate investments for compliance with target architecture, technical standards and overall project health.
  • Analyzes candidate investments for technical feasibility. Recommendations are provided to the IRMC as input to their review process.
  • Recommends corrective action where compliance is judged to be missing or insufficient.
  • Approves technical approach prior to entering full-scale development.

D. Center Enterprise Architect: At the Center Level, EA representatives review IT project boundary documents for compliance with IT/EA standards. The Center EA monitors project progress throughout the system life cycle to ensure continued alignment with the Center EA and FDA EA. Center EAs serve as members on the EARB.

E. Business Sponsor: FDA Executive that champions business concepts with strategic value and/or potential to improve the performance of a program via an IT solution. Business sponsors continue to provide leadership and oversight throughout the system lifecycle.

F. IT Project Manager: Member of OCIO that: manages the day-to-day activities of the IT project team; ensures delivery of IT investments (systems or products) to business users; interacts with Business Sponsor on investment funding and scope; and reports periodic investment status to Portfolio Coordinators and IT Management

G. Infrastructure Architecture Council: Provides a forum to identify current and future information technology projects. Review and discuss all new and existing IT projects initiatives with regard to architectural alignment, compliance with IT standards and technical health of IT investments. Provides information and guidance to the Agency CIO and Information Technology Review Board. Facilitate the exchange of information on strategic projects issues. Encourages cross-center utilization and leveraging of investments.

8. SUPERSESSION 

None.

9. EFFECTIVE DATE 

June 30, 2004.

10. Document History -- SMG 3230.2, Enterprise Architecture Policy  

STATUS (I, R, C)DATE APPROVEDLOCATION OF CHANGE HISTORYCONTACTAPPROVING OFFICIAL
Initial03/31/2005N/aStrategy and Planning Staff, OCIO, HFA-83Rod Bond, Director