Business Guide
simplicable technology guide   »  enterprise architecture   »  ea risks

8 Enterprise Architecture Risks

        posted by , June 18, 2016

Enterprise Architecture (EA) is intended to help manage IT risks — but is it possible that EA itself introduces new risks?

Many enterprise architects believe there is only one EA risk — the risk that EA will not be properly adopted across the enterprise. The truth is, EA is fraught with risks.

8.Security vulnerabilities and exposures

In theory enterprise architecture should provide common security frameworks that reduce enterprise security risks.

In practice, enterprise architects are seldom security experts and tend to shy away from security issues. Even large enterprise architecture frameworks such as the Federal Enterprise Architecture have failed to cover security.

What makes matters worse is that many popular architectural approaches such as SOA can complicate security and introduce new risks.

7.Distracting critical staff

Stakeholders often complain that Enterprise Architecture is cumbersome. Meetings, document reviews and training can distract critical staff from their core business responsibilities.

When EA fails to be focused, lean and results-focused it can end up being a massive waste of company resources.

6. Low adoption rates

This occurs when the enterprise architecture is defined — but then is largely ignored by IT managers, solution architects and other stakeholders.

It is much easier to define a enterprise architecture than to implement the governance required to implement it. EA programs often suffer from a lack of executive, project and departmental stakeholder support.

This is the most common EA risk but it is probably the least destructive.

5. Increasing solution costs

Common solutions are supposed to simplify things — right? Not always.

Enterprise architecture programs are often guilty of over-engineering. Enterprise architects tend to recommend enterprise-class solutions that provide architectural benefits such as scalability, re-usability etc.. While these solutions may be architecturally ideal they are often expensive — they may be overkill for the business problems at hand.

4. Decreasing user acceptance

Enterprise Architecture with its focus on common solutions introduces additional user acceptance risks.

Users often complain that common solutions are less adapted to the needs of their business unit. Departments often enjoy complete control over their silo-solutions. When they are forced to transition from a silo-solution to a common solution they are often unhappy.

Common solutions generally have a higher risk of user rejection.

3. Creating dependencies

Common solutions also introduce new dependencies between business units:

a.Change requests from multiple business units need to be prioritized.
b. Business units have different business cycles and may all request different change windows.
c.Change requests may conflict - there may be a lack of agreement on the roadmap for the solution amongst different business units.
At worst, these challenges can lead to infighting between business units and a complete breakdown of the change request process.

2. Project delays

EA governance processes add additional project check points such as compliance reviews. In theory, such check points validate the solution architecture and help avoid implementation roadblocks. However, in practice it is possible for EA processes to delay projects and add excessive overhead.

1. Be careful what you measure

EA often introduces business performance metrics. When these metrics are used to evaluate departments, teams and staff — there are sometimes unexpected and counter-productive results.

When people know they are being evaluated by metrics it dramatically changes their behaviour.

For example, consider forecast error metrics. Let's say a department manager is given a target to be within %5 +/- of a budget set at the start of the year. If the manager is under budget at the end of the year she may engage in wasteful spending to conform to target. In fact, the easiest way to hit this target is to underspend all year and then spend exactly the required amount in the last month of the year.

Enterprise architecture programs are increasingly under pressure to show tangible business results. Many EA programs now make metrics one of their key selling points — a way to bridge the gap between business goals and IT spending.

Metrics in themselves are not bad. They can provide business visibility and highlight operational bottlenecks and issues. However, metrics often introduce risks.

3 Shares Google Twitter Facebook

Related Articles

Enterprise Architecture
How to architect an organization.

ITIL implementation is no cakewalk. ITIL impacts your entire organization — your business, your IT department and your inflight projects.

Yes and no. There's no ITIL certification process offered by ITIL itself. However, an organization that's reached ITIL maturity can generally be ISO 20000 certified.

Technology doesn't have to be complex. Guides that break technology into nice bit-sized chunks.

How to tell if your Enterprise Architect is doing her job.

Recently on Simplicable

What Big Data Really Means

posted by John Spacey
The 3 things you need to know to cut through the big data hype.

9 Reasons You Need a Current State Architectural Blueprint

posted by Anna Mar
A current state enterprise architecture blueprint represents your organization's high level architecture. It's probably the most important documentation that any IT organization can create and maintain.

The 5 Levels of Enterprise Integration

posted by Anna Mar
Enterprise Integration has traditionally focused on moving data from one database to another. Recent technology trends have challenged this approach.

Do "Real" Architects Dislike Technology Architecture?

posted by Anna Mar
Go to any job site and query architect — you'll be hard pressed to find the adverts for construction architects in the sea of job postings for technology architects.


about     contact     sitemap     privacy     terms of service     copyright