Optimizing Business Operations Solution Implementer Guide.

Optimizing Business Operations Solution Implementer Guide

Agenda Recap Discussions to Date Next Steps Solution Guidance Phase 1 Phase 2 Phase 3 Customize the Capability Requirements

Engagement Approach Audience Solution road map Solution areas Industry Horizontal Business strategy Integrated Capability Analysis > Projects, architecture, products 1. Present relevant integrated capabilities Present relevant integrated capabilities 2. Position the Integrated Capability approach Position the Integrated Capability approach 1. Present relevant integrated capabilities Present relevant integrated capabilities 2. Position the Integrated Capability approach Position the Integrated Capability approach Business executives 1. Understand business needs and priorities Understand business needs and priorities 2. Discuss range of potential solution capabilities Discuss range of potential solution capabilities 1. Understand business needs and priorities Understand business needs and priorities 2. Discuss range of potential solution capabilities Discuss range of potential solution capabilities IT executives Architects IT pro/dev executives

Integrated Capability Analysis Ensure target business capabilities cover process improvement priorities Translate business capabilities into required infrastructure capabilities Assess current infrastructure maturity Determine gaps to target infrastructure Build a road map for integrated capabilities and solution implementation Specify required architecture, technologies, and services Baseline road map for integrated capabilities

Integrated Capability Support for Priority Business Capabilities Note to presenter: This is a template. Prune, add, and prioritize per BDM feedback. Ensure consistency with “Business Priority Guide” Business DriverPhase 1Phase 2Phase 3 IMPROVE COLLABORATION Departmental access to information enabled with departmental document libraries Unified collaboration spaces and mailboxes support offline and online use Web-based, enterprise-wide workspaces and portals provide rich integration with desktop productivity tools and LOB and third-party business applications, enabling integrated search across multiple sources ENABLE SEAMLESS COMMUNICATION Unified messaging with mobile access to email and IM Integrated, presence-enabled LOB applications Seamless integration of desktop productivity tools with web conferencing and integrated presence in the LOB applications Voice/video communication integrated with IM, PBX Fusion of communication information and policy management, presence integrated in LOB applications Multi-departmental web conferencing and video conferencing using desktop productivity tools ENHANCE BUSINESS PRODUCTIVITY Manual business processes with integrated search indexes exist with simple workflows on documents and forms in document libraries Forms integrated with LOB applications, accessible through mobile devices Multi-tier development tools using lightweight methodologies help automate all core business processes and monitor critical ones Universal data access enabled through common data architecture across systems; workflow applications improve business productivity and process participation Forms/workflows have end-to-end visibility throughout the organization, enabling collaboration across organizational/company boundaries Integrated tools adhering to enterprise- wide SOA standards help integrate business processes within/across the enterprise, enabling the organization to quickly integrate new applications Workflows are fully automated and custom workflow applications help improve performance Universal data access across systems SECURE ACCESS WITH SIMPLIFIED IDENTITY MANAGEMENT Unified Directory for messaging and collaboration, simplified user provisioning/de- provisioning/maintenance Single sign-on for communications Certificate and smart card integration Workflow-driven provisioning Single sign-on for collaboration Federated directory services Self-service access management Enterprise single sign-on IMPROVE BUSINESS DECISION MAKING Authentication protocols integrate directly with Windows Certificate Services Administration identified through integrated toolsets and dashboards, linked to central directory and controlled via group policies Portal-based, centrally-managed, user- driven reporting of critical information and analysis of data for future development; reporting integrated into LOB apps Interactive departmental scorecards with key performance indicators Advanced visualization with key performance indicators Strategy-driven, enterprise-wide dashboards and scorecards with automated tools and centralized data management

Recap Discussions to Date Next Steps Solution Guidance Phase 1 Phase 2 Phase 3 Customize the Capability Requirements Agenda

Sophistication of the Solution ENHANCE BUSINESS PRODUCTIVITY SECURE ACCESS WITH SIMPLIFIED IDENTITY MANAGEMENT IMPROVE BUSINESS DECISION MAKING ENABLE SEAMLESS COMMUNICATION IMPROVE COLLABORATION Phase 1 Provides the fundamental solution allowing employees to collaborate and communicate more effectively Enables secure access to data Provides efficient data management and integrated search capabilities to simplify finding information Phase 2 Adds more collaboration tools Enhances process participation Improves communication and collaboration processes Improves data reporting and analysis Phase 3 Streamlines access to data, documents, and expert resources Enables seamless communication and collaboration with external partners Enables enterprise-wide reporting and analysis Maximizes productivity and business performance

Solution Guidance CONCEPTUAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES LOGICAL ARCHITECTURE CONCEPTUAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES LOGICAL ARCHITECTURE Phase Definition For each business driver, list the business challenges, solution features, and business benefits for this solution phase. Use this information and the “Support for Priority Business Capabilities” slides to structure the conversation with IT professional(s) for capturing, refining, and baselining business problems and solution functionality priorities. Mapping The Optimization mapping indicates the maturity level required for each capability of the solution to fully support the features specified in this solution phase. Use the mapping as a starting point to determine appropriate maturity levels for the solution. After mapping the solution, assess the gap between the current and desired infrastructure to: Understand the scope and sequencing of work required Organize a deployment road map Technologies Use the results of the Optimization mapping to determine the technologies required for the features and supporting capabilities specified in this solution phase. Conceptual Architecture Use this high-level, use case diagram to provide the “black box” definition of this solution phase. Customize to your solution definition during the integrated capability analysis. Logical Architecture Use this logical, component-level architecture view to show all software components and how they interact to support this solution phase. Tailor to fit your particular solution definition during the integrated capability analysis. Note: Physical architecture is covered in the Architecture Guide also used during the integrated capability analysis.

Agenda Recap Discussions to Date Next Steps Solution Guidance Phase 1 Phase 1 Phase 2 Phase 2 Phase 3 Phase 3 Customize the Capability Requirements

CHALLENGES BUSINESS CAPABILITIES BENEFITS IMPROVE COLLABORATION Difficult to find people and information Basic collaboration workspaces and portals in place, but limited ability to collaborate remotely Online/offline access to collaborative workspaces and portals Integrated content and records management with Information Rights Management Search across multiple data sources Effectively manage and repurpose content to gain increased business value Find and connect with people, team, and divisional information through one common portal ENABLE SEAMLESS COMMUNICATION Need for an integrated messaging platform that includes security, spam control and virus protection capabilities Limited remote or mobile access Access to messages while offline Corporate instant messaging and email available on mobile devices and PCs Secure messaging platform Securely, cost-effectively provide remote email capabilities Enable anywhere access to unified inbox ENHANCE BUSINESS PRODUCTIVITY Processes rely on manual workarounds Little process and workflow automation outside those locked within standalone applications Mobile forms accessible through email and offline through mobile devices and mobile PCs Forms integrated with line of business applications Reduce costs by adopting reusable, common approaches and services Reduce workload through automating repetitive tasks that are otherwise completed manually IMPROVE BUSINESS DECISION MAKING Information in data silos Limited automation of extraction, transformation and loading of data Burden on IT for reports and analysis Automated extract, transform, and loading packages Reporting and analytical tools connecting to subject oriented data Department-wide strategic alignment including interactive scorecards/dashboards Implement IT-driven, parameterized reports Enhance reporting and analysis with centrally- managed, subject-oriented data SECURE ACCESS WITH SIMPLIFIED IDENTITY MANAGEMENT No consistency in accessing resources Risk of unauthorized access to confidential information Lack of centrally-managed identities, no clear view of identity lifecycle Orphan accounts pose a security risk Unified directory for messaging, collaboration Simplified user provisioning/ de- provisioning Secure initiation protocol for secure communication Increase user productivity by simplifying the logon process Reduce the cost of managing user accounts and help desk Improve security CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION Phase 1

Business DriverPhase 1Phase 2Phase 3 IMPROVE COLLABORATION Departmental access to information enabled with departmental document libraries Unified collaboration spaces and mailboxes support offline and online use Web-based, enterprise-wide workspaces and portals provide rich integration with desktop productivity tools and LOB and third-party business applications, enabling integrated search across multiple sources ENABLE SEAMLESS COMMUNICATION Unified messaging with mobile access to email and IM Integrated, presence-enabled LOB applications Seamless integration of desktop productivity tools with web conferencing and integrated presence in the LOB applications Voice/video communication integrated with IM, PBX Fusion of communication information and policy management, presence integrated in LOB applications Multi-departmental web conferencing and video conferencing using desktop productivity tools ENHANCE BUSINESS PRODUCTIVITY Manual business processes with integrated search indexes exist with simple workflows on documents and forms in document libraries Forms integrated with LOB applications, accessible through mobile devices Multi-tier development tools using lightweight methodologies help automate all core business processes and monitor critical ones Universal data access enabled through common data architecture across systems; workflow applications improve business productivity and process participation Forms/workflows have end-to-end visibility throughout the organization, enabling collaboration across organizational/company boundaries Integrated tools adhering to enterprise- wide SOA standards help integrate business processes within/across the enterprise, enabling the organization to quickly integrate new applications Workflows are fully automated and custom workflow applications help improve performance Universal data access across systems SECURE ACCESS WITH SIMPLIFIED IDENTITY MANAGEMENT Unified Directory for messaging and collaboration, simplified user provisioning/de-provisioning/maintenance Single sign-on for communications Certificate and smart card integration Workflow-driven provisioning Single sign-on for collaboration Federated directory services Self-service access management Enterprise single sign-on IMPROVE BUSINESS DECISION MAKING Authentication protocols integrate directly with Windows Certificate Services Administration identified through integrated toolsets and dashboards, linked to central directory and controlled via group policies Portal-based, centrally-managed, user- driven reporting of critical information and analysis of data for future development; reporting integrated into LOB apps Interactive departmental scorecards with key performance indicators Advanced visualization with key performance indicators Strategy-driven, enterprise-wide dashboards and scorecards with automated tools and centralized data management Note to presenter: This is a template. Prune, add, and prioritize per BDM and TDM feedback. Ensure consistency with the “Business Discussion Guide” and the “Capability Discussion Guide.” Integrated Capability Support for Priority Business Capabilities

Phase 1: Core IO BSRD Datacenter Mgt and Virtualization Data Center Mgt & Virtualization Automated build with defined deployment and provisioning processes. Deployment and management of software updates are tool based. Capacity management processes are manual and reactive, resource utilization and capacity are monitored periodically. The organization actively uses virtualization to consolidate resources for production workloads. Some Production server resources are virtualized. A virtualized server pool is offered as a service. Performance monitoring of physical and virtual hardware with defined SLAs; health monitoring of applications; supported across heterogeneous environments with manual remediation. IT services are audited for compliance based on documented company and industry-standard policies (HIPAA, SOX, and PCI); reports are generated monthly. Services are available during server failure (e.g. server clustering, hot spares, and/or virtualization recovery solution). Server Security Malware protection is centrally managed across server operating systems within organizations, including the host firewall. Protection for select mainstream/non-custom applications and services (such as e-mail, collaboration and portal applications, instant messaging), if available, is centrally managed. Integrated perimeter firewall, IPS, Web security, gateway anti-virus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across datacenter, application, organization, and cloud boundaries. Remote access is secure, standardized, and available to end users across the organization. Networking Redundant Domain Name System servers exist to provide fault tolerance. Dynamic Host Configuration Protocol servers are network-aware and with support for auto configuration. IPv4 for main transport services, using IPv6 for some transport services (eg. to achieve larger address range). Storage Critical data is backed up on a schedule across the enterprise; backup copies are stored offsite, with fully tested recovery or failover based on service-level agreements. Device Deployment and Management Device Mgt & Virtualization Users back up critical data locally according to corporate policy and by using the tool provided; when it is necessary, user state can be abstracted from the operating system image (such as for a session, virtual desktop infrastructure, or roaming profile). Software distribution to local and geographically dispersed users is automated. Desktop applications and system events are centrally monitored for critical desktop systems. Mobile device access configuration is automated and is pushed over-the-air. A solution is in place to configure and update devices. Mobile devices are managed by security policy provisioning (such as personal identification numbers) and remote wipe. All mobile access to internal systems is through a proxy technology (such as a messaging system and/or selective SSL). Device Security Protection against malware is centrally managed for desktop systems and laptops and includes a host firewall; non-PC devices are managed and protected through a separate process. Identity & Security Services Identity & Access To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods, and machines; access control is role-based. Multi-factor and certificate-based authentication are applied in some scenarios, such as remote access across boundaries (such as On Prem and Cloud). Self service password resets supported. There is a centralized group/role based access policy for business resources, managed through internal tools or manual processes. Most applications and services share a common directory for authentication across boundaries. Point-to-point synchronization exists across different directories. Information Protection & Control Persistent information protection exists within the trusted network to enforce policy across key sensitive data (such as documents and e-mail); policy templates are used to standardize rights and control access to information. IT Process & Compliance IT policies are documented for each IT service. Each IT service has a formal definition of reliability. IT service release and deployment processes are formally defined and consistently followed. Each IT service provides service-level and operational-level agreements. Processes to manage incidents are in place for each IT service. Monitoring, reporting, and notifications are centralized for protection against malware, protection of information, and identity and access technologies. Each IT service has its own change and configuration management process; standard changes are identified for each IT service. Risk and vulnerability are formally analyzed across IT services; IT compliance objectives and activities are defined and audited for each IT service. Self service objectives and/or agreement exists, IT Service request process exists, fulfillment is manual. MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Phase 1: BPIO BSRDCollaboration Workspaces Workspaces are centrally managed, customizable, and reusable, and provide users the capability to collaborate through Web browsers and mobile devices; offline synchronization is supported. Teams work on managed versions of content with controls and common space; team workspaces include group calendaring, shared contacts, user online presence, and simple workflows. IT driven onboarding; Integration with directory services for group level onboarding, training for users is available. Portals Users and groups can publish content directly to some portals; workflow for review and approval is built-in and automated. Users have widgets to customize their views of information; enterprise search is integrated with portals. Multiple portals exist; directory services, authentication, and authorization are not uniform across portals, requiring users to sign in multiple times; user management methods are redundant. Social Computing Project Mgt Teams plan, track, and share tasks in lists by using collaboration tools; multiple baselines exist. Teams can upload and share documents and files; project workspaces are integrated with desktop productivity applications. Portfolios are analyzed in graphical views that include status, resource allocations, and financial details. Information access Interactive experience and navigation Messaging Messaging The messaging solution (e-mail and calendar) includes basic anti-virus, anti-spam, and anti-phishing protection. Use of high availability technologies enables messaging system continuity at the server and service levels during outages. The e-mail platform supports message encryption (S/MIME) to enable digital signatures. Secure, remote, online and offline access to rich mailbox and calendar functionality exists inside and outside the firewall. IT manages mailbox provisioning by using a single directory. Users have separate discovery tools for live and archived mailbox data and must rely on the IT department to conduct searches. Unified Communications IM/Presence Users have secure access to an enterprise-managed online presence and IM infrastructure from inside and outside the firewall; peer-to-peer voice and video communications are based on a single directory. Multiple-party IM is managed by the enterprise. Online presence information (automatically refreshed user availability information based on communications, log-on, and calendar activities) is integrated into the e-mail client. Conferencing Voice Content Creation and Management Information Mgt Managed workspaces exist at the departmental level and are available from individual productivity applications. Metadata capture is enforced; however, the capture process is manual and labor-intensive. Process Efficiency The organization uses basic workflow tools to process, review, and approve documents; simple workflow routing is part of the collaborative workspace infrastructure. Compliance Policy definition occurs at the content repository level and covers retention and disposition of all types of content, including e-mail; reporting occurs manually. Content is stored in a well-managed repository and disposition rules are appropriately applied; content can be rapidly identified and preserved; business relies heavily on outsourcing for review and processing of evidence. Authoring Multi-Device Support Interoperability User Accessibility MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Phase 1: APO BSRD BI and Analytics Platform Business Intelligence IT engaged to create interactive reports to meet specific business needs. Reports are generated on a scheduled basis or on demand by IT and are then shared on reporting portals. Users have some ability to subscribe to reports. A standardized approach is in place for IT to provision data sources for access to users to search across structured and unstructured content. A basic interactive search experience is provided to users that incorporates filter information based on common or explicit metadata. Data Warehouse Management EDW is refreshed on a near real-time basis so that information is readily available to mission-critical applications, analytics, and reporting systems. A high degree of concurrency exists, with many users running complex queries and interacting with complex analytics tools simultaneously with data loading. Management and maintenance of storage, hardware, and supporting software is manual and ad hoc. Big Data Information Services and Marketplaces Database and LOB Platform Transaction Processing Data Management Data governance with documented, standardized policies and processes are established and automated for maintaining data consistency and security, but not necessarily optimized. Data access controls are consistently implemented and applied based on data classification. Centrally administered cryptography is used and audited for protection of data-at-rest and data-in-transit. A self-service interface exists for DBAs and/or authorized users to manage security. An information asset inventory and relationship map is able to predict impacts of changes in some areas. Systems are in place for retention backup. Organizational/departmental policies exist for how long items are stored and what is stored. Application Infrastructure Custom Development Internet Applications Component and Service Composition Enterprise Integration Development Platform Application Lifecycle Management MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Technology Guidance Client Technologies Microsoft Office Microsoft Office Outlook 2007 / Microsoft Outlook 2010, Microsoft Office Word 2007 / Microsoft Word 2010, Microsoft Office Excel 2007 / Microsoft Excel 2010, Microsoft Office PowerPoint 2007/ Microsoft PowerPoint 2010 Microsoft Office Groove 2007 / Microsoft SharePoint Workspace 2010 Microsoft Office SharePoint Designer 2007 / Microsoft SharePoint Designer 2010 Microsoft Office Project 2007 / Microsoft Project 2010 Windows Phone 7.5 / 8 Microsoft Forefront Endpoint Protection 2010 / Microsoft System Center 2012 Endpoint Protection Windows 7 / 8 Microsoft Office Communicator 2007 R2 / Microsoft Lync 2010 Server Technologies Server Technologies Microsoft Office SharePoint Server 2007 / Microsoft SharePoint Server 2010 Windows SharePoint Services 3.0 / Microsoft SharePoint Foundation 2010 Microsoft Exchange Server 2007 / 2010 Microsoft Office Communications Server 2007 R2 / Microsoft Lync Server 2010 Microsoft SQL Server 2008 R2 / 2012 Microsoft Server Security Microsoft Forefront Security for Exchange Server / Microsoft Forefront Protection 2010 for Exchange Server Microsoft Internet Security and Acceleration Server 2006 / Microsoft Forefront Threat Management Gateway 2010 Microsoft Intelligent Application Gateway 2007 / Microsoft Forefront Unified Access Gateway 2010 Microsoft Forefront Identity Manager 2010 / 2010 R2 Microsoft Windows Server 2008 R2 / 2012 Microsoft Windows Server Update Services 2.0 / 3.0 Microsoft System Center Microsoft System Center Operations Manager 2007 R2 / Microsoft System Center 2012 Operations Manager Microsoft System Center Data Protection Manager 2010 / Microsoft System Center 2012 Data Protection Manager Microsoft System Center Configuration Manager 2007 R3 / Microsoft System Center 2012 Configuration Manager Microsoft System Center Mobile Device Manager 2008 / Microsoft System Center 2012 Mobile Device Manager Microsoft System Center Virtual Machine Manager 2008 R2 / Microsoft System Center 2012 Virtual Machine Manager Microsoft System Center Service Manager 2010 / Microsoft System Center 2012 Service Manager Opalis / Microsoft System Center 2012 Orchestrator Microsoft System Center Cloud Services Process Pack Microsoft Desktop Optimization Pack 2011 / 2011 R2 Microsoft Diagnostics and Recovery Toolset 7.0 / 8.0 Microsoft Desktop Error Monitoring Windows Embedded Device Manager 2011 Microsoft Windows Storage Server 2008 / 2008 R2 Microsoft Hyper-V Server 2008 / 2008 R2 Microsoft Virtual Desktop Infrastructure Suite Microsoft Office Project Server 2007 / Microsoft Project Server 2010 Cloud Technologies BPOS / Microsoft Office 365 Microsoft Exchange Online Microsoft SharePoint Online Microsoft Office Communications Online / Microsoft Lync Online Windows Azure platform Windows Azure Active Directory Access Control Windows Intune Microsoft Office Web Apps Microsoft Exchange Hosted Services Microsoft Online Backup Service Tools, Add-ins, Libraries, and Frameworks Microsoft Security Assessment Tool Microsoft Software Inventory Analyzer 5.0 / 5.1 Microsoft Deployment Toolkit 2010 / 2012 Windows Automated Installation Kit Microsoft Security Compliance Management Toolkit Compliance Management Libraries 2.0 Data Classification Toolkit IT Governance, Risk and Compliance process management pack 2.0

Phase 1: Core IO BSRD Datacenter Mgt and Virtualization Data Center Mgt & Virtualization Compliance Management Libraries / 2.0; Data Classification Toolkit; Hyper-V Server 2008 / 2008 R2; Hyper-V Server 2008 / 2008 R2 (Server Consolidation); Hyper-V Server 2008 / 2008 R2 Standard; IT Governance, Risk and Compliance process management pack / 2.0; Microsoft Deployment Toolkit 2010 / 2012; Microsoft Software Inventory Analyzer 5.0 / 5.1; Opalis; Security Compliance Management Toolkit; Security Compliance Manager; Security Compliance Manager 2.x; Software Asset Management; System Center 2012 Configuration Manager; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Automated Installation Kit; Windows Azure; Windows Server 2008 R2; Windows Server 2008 R2 (Hyper-V); Windows Server 2008 R2 (Hyper-V, Clustering, and Network Load Balancing); Windows Server 2008 R2 Enterprise / Datacenter (Hyper-V); Windows Server 2008 R2 Standard / Enterprise (Hyper-V); Windows Server 2012; Windows Server Update Services 2.0 / 3.0 Server Security Forefront Endpoint Protection 2010; Forefront Protection 2010 for Exchange Server; Forefront Security for Exchange Server; Forefront Threat Management Gateway 2010 (Virtual Private Network); Forefront Threat Management Gateway 2010 (web antivirus/anti-malware protection, Network Inspection System); Forefront Unified Access Gateway 2010; Intelligent Application Gateway 2007; Internet Security and Acceleration Server 2006 (Multi-Networking); Internet Security and Acceleration Server 2006 (Virtual Private Network); System Center 2012 Endpoint Protection; Windows Azure; Windows Server 2008 R2 (Windows Firewall with Advanced Security); Windows Server 2008 R2 Enterprise (Network Policy and Access Services); Windows Server 2012 Networking Windows Azure; Windows Server 2008 R2 / 2012; Windows Server 2008 R2 (Domain Name System server); Windows Server 2008 R2 (Dynamic Host Configuration Protocol server) Storage Microsoft Online Backup Service; System Center 2012 Data Protection Manager; System Center Data Protection Manager 2010; Windows Server 2008 R2 (Backup and recovery); Windows Server 2012 (Backup/Recovery, Hyper-V Replica); Windows Storage Server 2008 / 2008 R2 (Backup and recovery) Device Deployment and Management Device Mgt & Virtualization Diagnostics and Recovery Toolset 7.0 / 8.0; Exchange Server 2007 / 2010; Exchange Server 2007 / 2012 (ActiveSync); Microsoft Deployment Toolkit 2010 / 2012; Microsoft Desktop Optimization Pack 2011 / 2011 R2 (Desktop Error Monitoring); System Center 2012 Configuration Manager; System Center 2012 Mobile Device Manager; System Center Configuration Manager 2007 R3; System Center Mobile Device Manager 2008; System Center Mobile Device Manager 2008 (Enrollment Auto Discovery); Virtual Desktop Infrastructure Suite; Windows 7 / 8 (Backup and Restore); Windows Azure; Windows Embedded Device Manager 2011; Windows Intune; Windows Intune (Exchange ActiveSync Integration); Windows Phone 7.5 / 8 Device Security Forefront Endpoint Protection 2010; System Center 2012 Endpoint Protection; Windows 7 (Firewall); Windows 8; Windows Intune; Windows Server 2008 R2 / 2012 Identity & Security Services Identity & Access Forefront Identity Manager 2010 (Credential Management); Forefront Identity Manager 2010 R2; Windows 7 / 8; Windows Azure; Windows Azure (Active Directory Access Control); Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2008 R2 (Active Directory Domain Services, Group Policy); Windows Server 2008 R2 Enterprise / Datacenter (Active Directory Certificate Services); Windows Server 2012 Information Protection & Control Microsoft SQL Server 2008 R2; SQL Server 2012; Windows Azure; Windows Server 2008 R2 (Active Directory Rights Management Services); Windows Server 2012 IT Process & Compliance Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010; Internet Security and Acceleration Server 2006; Microsoft Security Assessment Tool; Office SharePoint Server 2007; Opalis; SharePoint Server 2010; System Center 2012 Configuration Manager; System Center 2012 Data Protection Manager; System Center 2012 Endpoint Protection; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Cloud Services Process Pack; System Center Configuration Manager 2007 R3; System Center Data Protection Manager 2010; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Azure; Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2012 TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Phase 1: BPIO BSRDCollaboration Workspaces Exchange Server 2007 / 2010; Lync 2010; Lync Server 2010; Office 2007 (client integration with SharePoint); Office 2007 (Groove 2007: offline collaborative workspaces); Office 2010 (client integration with SharePoint); Office 2010 (SharePoint Workspace 2010: offline collaborative workspaces); Office 365 Dedicated (Dedicated is here for Hybrid); Office 365 E1 / E2 / E3 / E4; Office Communications Server 2007 R2; Office Communicator 2007 R2; Office SharePoint Server 2007 (Active Directory Domain Services integration with SharePoint); Office SharePoint Server 2007 (document workspaces); Office SharePoint Server 2007 (integrated presence, Outlook Web Access Web Parts, news and announcement Web Parts, out-of-the-box workflow); Office SharePoint Server 2007 (offline collaborative workspaces); SharePoint Designer 2007 / 2010 (Workflows); SharePoint Online (access/view documents, client integration, mobile device support); SharePoint Online (client integration, templates and Web Parts, presence, synch with Outlook, standard workflows); SharePoint Online (document workspaces, client integration); SharePoint Online P1 / P2; SharePoint Server 2010 (Active Directory Domain Services integration with SharePoint); SharePoint Server 2010 (document workspaces); SharePoint Server 2010 (integrated presence, Outlook Web Access Web Parts, news and announcement Web Parts, out-of-the-box workflow); SharePoint Server 2010 (offline collaborative workspaces, web applications and companions, mobile-device view) Portals Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (Active Directory Domain Services integration with SharePoint); Office SharePoint Server 2007 (out-of-the-box workflows, My Sites); Office SharePoint Server 2007 (widgets, search); SharePoint Designer 2007 / 2010 (out-of-the-box content publishing workflows); SharePoint Online (My Sites, standard workflows, site search); SharePoint Online (site search); SharePoint Online P1 / P2; SharePoint Server 2010 (Active Directory Domain Services integration with SharePoint); SharePoint Server 2010 (out-of-the-box workflows, My Sites); SharePoint Server 2010 (widgets, search) Social Computing Project Mgt Office 365 E1 / E2 / E3 / E4; Project 2007 / 2010; Project Server 2007 (visual reports, resource availability graphs, and budget tracking); Project Server 2010 (schedule management, financial management, time and task management); SharePoint Foundation 2010; SharePoint Online P1 / P2 Information access Interactive experience and navigation Messaging Messaging Exchange Hosted Archive; Exchange Hosted Encryption; Exchange Online; Exchange Online Kiosk; Exchange Online P1 / P2; Exchange Server 2007 / 2010; Office 365 E1 / E2 / E3 / E4 / K1 / K2; Outlook 2007 / 2010; Outlook 2007 / 2010 (enhanced search); Outlook Web Access 2007 / 2010 UnifiedCommuni-cations IM/Presence Exchange Online; Lync 2010; Lync Online; Lync Online P1 / P2; Lync Server 2010; Office 365 E1 / E2 / E3 / E4; Office Communications Online; Office Communications Server 2007 R2; Office Communicator 2007 R2; Outlook 2007 / 2010 (integrated presence indicator) Conferencing Voice Content Creation and Management Information Mgt Office 2007 (document information panel); Office 2010 (Backstage); Office 2010 (Backstage, auto discover document repository); Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (document workspaces); Office SharePoint Server 2007 (metadata capture); SharePoint Online (document workspace); SharePoint Online (metadata); SharePoint Online P1 / P2; SharePoint Server 2010 (document workspace); SharePoint Server 2010 (metadata capture) Process Efficiency Office 2007 (workflow integration); Office 2010 (workflow integration through Backstage); Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (out-of-the-box workflows); SharePoint Designer 2007 / 2010; SharePoint Online (out-of-the-box workflows); SharePoint Online P1 / P2; SharePoint Server 2010 (out-of-the-box workflows) Compliance Office 365 E3 / E4; Office SharePoint Server 2007 (records center); Office SharePoint Server 2007 (records repository); SharePoint Online (records center, records repository); SharePoint Server 2010 (records center, records repository) Authoring Multi-Device Support Interoperability User Accessibility TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Phase 1: APO BSRD BI and Analytics Platform Business Intelligence Office 365 E1 / E2 / E3 / E4 / K1 / K2; Office Professional 2010 (Excel 2010); Office SharePoint Server 2007; PowerPivot; Report Builder; SharePoint 2010 Standard; SharePoint Foundation 2010; SharePoint Online; SQL Server 2008 R2 / 2012 Data Warehouse Management SQL Server 2012; SQL Server 2008 R2 Parallel Data Warehouse Big Data Information Services and Marketplaces Database and LOB Platform Transaction Processing Data Management Office Professional 2010; Office SharePoint Server 2007; SharePoint 2010; SQL Server 2005 / 2008 / 2008 R2 / 2012 Application Infrastructure Custom Development Internet Applications Component and Service Composition Enterprise Integration Development Platform Application Lifecycle Management TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

CONCEPTUAL ARCHITECTURE MAPPING TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION CONCEPTUAL ARCHITECTURE Phase 1

LOGICAL ARCHITECTURE CONCEPTUAL ARCHITECTURE TECHNOLOGIES MAPPING PHASE DEFINITION LOGICAL ARCHITECTURE Phase 1

CHALLENGES BUSINESS CAPABILITIES BENEFITS IMPROVE COLLABORATION Portals lacking seamless integration with backend systems and line of business data Integration of line of business applications with workspaces and portals Enable access to line of business applications ENABLE SEAMLESS COMMUNICATION Need for secured remote/mobile access to departmental files and line of business information systems Standardized enterprise instant messaging and presence infrastructure in PC, web, and mobile scenarios, but no integration to line of business data Need for real-time communication via web conferencing No single, unified inbox with integrated voicemail and fax Integration of instant messaging infrastructure with line of business data Web conferencing Unified inbox with voicemail Increase presence with integration into line of business applications for real-time workflow process handling Simplify communications with a universal inbox for email, fax, voicemail, and voice access capabilities while consolidating messaging infrastructure and reducing complexity and cost ENHANCE BUSINESS PRODUCTIVITY Use standard package software on an enterprise-wide scale Manually performing repetitive tasks, including some departmental processes that span multiple applications Systems and applications are isolated, need for integration not prioritized or considered too expensive to implement Forms and workflow orchestration across systems and organizations Standardized package integration software Automation and monitoring of core business processes Ensure systems and applications work together, providing end-to-end capabilities, automation, and contribution Enhance processes and productivity through automation across workloads and departments Use workflows to automate business processes and content updates and publish approvals Service-oriented architecture and services allows reusability and reduces development cost and time SECURE ACCESS WITH SIMPLIFIED IDENTITY MANAGEMENT Unable to assign resources to specific users Users have multiple identities across systems Single sign on Certificate and Smart card authentication Provide a consistent user experience across computers based on business role Simplify process of modifying systems and adding functionality IMPROVE BUSINESS DECISION MAKING Need for centralized, efficient scorecards No self-service reporting Need for data warehouses User driven reporting Enterprise wide scorecards Centralized data management Quickly analyze business data from multiple sources Enhance business intelligence through higher service levels and user satisfaction Enable user-driven reporting CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION Phase 2

Phase 2: Core IO BSRD Datacenter Mgt and Virtualization Data Center Mgt & Virtualization Automated build and deployment with consistent provisioning processes integrated with software and configuration library that includes virtual images; on demand reporting; self service portal for IT or end users to deploy. Software update management and auditing are policy-driven and monitored, including automated vulnerability detection. Isolation and remediation of vulnerable and non-compliant systems are automated. Service capacity and resource utilization are monitored continuously; analysis tools are used to predict the impact of proposed changes (software, hardware, usage, and topology); Workloads can be relocated manually. Chargeback is consumption based. The organization has a consolidated view and a consolidated management process across heterogeneous virtual environments, including branch offices. Performance monitoring of applications as well as physical and virtual hardware pools with enforceable SLAs; Service health monitoring with consistent reporting across heterogeneous environments. Policy enforcement occurs in near real time based on company and industry-standard polices that allow for immediate quarantine of non-compliant systems, and consistent compliance reporting and standards exist across all IT services. There are multiple levels of service availability clustering or load balancing. Virtualization and management is used to dynamically move applications and services when issues arise with datacenter compute, storage and network resources. Server Security Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Networking Redundant Domain Name System servers exist to provide fault tolerance. Dynamic Host Configuration Protocol servers are network-aware and with support for auto configuration. IPv4 for main transport services, using IPv6 for some transport services (eg. to achieve larger address range). Storage Critical data is backed up by taking snapshots using a centralized, application-aware system. Device Deployment and Management Device Mgt & Virtualization Users back up critical data locally according to corporate policy and by using the tool provided; when it is necessary, user state can be abstracted from the operating system image (such as for a session, virtual desktop infrastructure, or roaming profile). Software distribution to local and geographically dispersed users is automated. Desktop applications and system events are centrally monitored for critical desktop systems. Mobile device access configuration is automated and is pushed over-the-air. A solution is in place to configure and update devices. Mobile devices are managed by security policy provisioning (such as personal identification numbers) and remote wipe. All mobile access to internal systems is through a proxy technology (such as a messaging system and/or selective SSL). Device Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices; desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine. Identity & Security Services Identity & Access A centralized, group/role based access policy is defined for business resources, applications, and information resources, managed through industry accepted processes. A scalable directory that is integrated and automatically synchronizes with all remaining directories across multiple geographies and isolated domains for all applications with connectivity to cloud when applicable. Information Protection & Control Persistent information protection helps to enforce policy on sensitive data across boundaries, including data on mobile devices. Reporting is predefined for select server and back-office waypoints. IT Process & Compliance IT policies are integrated across all IT services, enabling or restricting use of resources as appropriate. Definitions of reliability for IT services are integrated across IT services and enforceable. IT service release processes are uniform across IT services; deployment is automated and offers self service where possible; management reviews each service for readiness to release before deployment. Service-level and operational-level agreements are integrated for IT services; management reviews operational health regularly; some tasks are automated. Processes to manage incidents are integrated across IT services via self service where appropriate. Monitoring and flexible, tenant/service reporting are aggregated across individual areas for protection against malware, protection of information, and identity and access technologies. Problem management processes are integrated across IT services, with incident management integration. The change and configuration management process is integrated across IT services; standard changes are identified across IT services and automated with self service where possible. Risk and vulnerability analysis is integrated across all IT services; IT compliance objectives and activities are integrated across IT services and automated where possible; management regularly audits to review policy and compliance. Defined orchestration with scripted processes to support manual execution. MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Phase 2: BPIO BSRDCollaboration Workspaces Self service onboarding, integration with identity systems, training for users is mandatory and enforced. Portals Portals (enterprise, departmental, and personal) are provisioned by IT and are deployed on a single productivity infrastructure; governance policies are fully in place, including single sign-on supported by uniform directory services. Line-of-business applications are routinely surfaced through the portal and have the capability to write securely to back-end systems and to maintain data integrity; information from multiple applications can be combined in dashboards. Social Computing Blogs, wikis, and podcasts are used occasionally, but may not be encouraged enterprise-wide; communities, if present, are largely through e-mail or are driven by forums. Personal profiles are available but cannot be customized; users can publish content on personal shared sites; people can be located based on profile information; the system sorts search results for people by users’ social graphs, which can be refined by using metadata; news feeds are typically delivered through RSS or e-mail alerts. Project Mgt Task assignments, task splitting, delegation, and reporting are automated; teams can plan against complex baselines. Project tasks and calendars are closely integrated with users’ online presence; teams can communicate with a single click; timely updates are available for accurate reporting. Collaboration happens across different mobile devices. Information access Most unstructured information from intranets, e-mail, and content management repositories is indexed; some structured content from databases, people, and expertise information is indexed. Search relevance is managed by IT, but is not consolidated with the many indexes that exist for different search-enabled business applications; as a result, search relevance can be influenced by how people use and tag search results. Search capability may be used as an application platform, but multiple search platforms are in use or they are separate from the general-purpose search solution. Interactive experience and navigation A basic interactive search experience incorporates faceted and filtered information based on common or explicit metadata. Messaging Messaging The messaging solution includes anti-spam, anti-phishing, and multiple-engine anti-virus protection. Use of high availability technologies enables continuity of messaging system services during full data center outages. Secure, policy-driven access to a unified inbox from PCs, phones, and Web browsers exists inside and outside the firewall. Provisioning of user inboxes is driven by business demand, uses a single directory, and provides features based on user needs. The messaging platform includes integrated search capabilities across multiple mailboxes and supports role-based access and delegation. Unified Communications IM/Presence Online presence, IM, and peer-to-peer voice and video are in place (including multiple-layer anti-malware and contextual content filtering) and are accessible from PCs, phones, and Web browsers. Persistent group chat is available to distributed or multifunctional teams. Conferencing Secure Web conferencing is managed by IT, has policy-based access control, uses a single directory, and is available from PCs and Web browsers inside and outside the firewall; an enterprise-wide, standalone audio conferencing service is also managed by IT. Desktop video conferencing is available outside the firewall only through room-based systems, and using methods such as virtual private networking and remote access services that are managed by IT; the end-user experience is disconnected (requires specialized end-user devices or applications). Voice Voice communications are based on a hybrid telephony infrastructure (IP and legacy time division multiplexing) that has limited integration with PCs and desktop applications. Voice mail is available online and offline from the e-mail client but messages are stored separately, there is no unified directory, and messages can be kept private only by caller request. Call routing between sites is based on lowest cost. Redundant call control servers within a cluster or pool provide resilience when failure occurs at a single point. Content Creation and Management Information Mgt Traditional and new media content types are managed consistently in a single repository that has integrated workflow. Metadata is centrally managed and deployed across the business; metadata capture is simplified through preemptive suggestions, or is automated based on location and context. Process Efficiency Custom solutions developed by IT are used to deliver and manage key forms electronically; form data and scanned paper-based content are stored in a custom data repository. Inbound and outbound communications are generated by automating productivity applications; IT creates custom connectors for line-of-business applications, so there is heavy reliance on IT to develop, manage, and maintain solutions; templates and output are centrally stored at the enterprise level but not managed as part of an information management strategy. Compliance Policy management is based on content type, location, and document libraries, and includes adherence of content used offline; an integrated solution for electronic discovery of information is in place; retention policies and holds on records are automated. Authoring Multi-Device Support Interoperability User Accessibility MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Phase 2: APO BSRD BI and Analytics Platform Business Intelligence Self-service reporting and analysis environment and tools established and maintained by IT. Access to data is decentralized but governed by IT with a well-defined process for stewardship and governance. Portals exist for dynamic reporting that supports rich report formats. Reports are generated with group or individual filter parameters and delivered via direct push or subscription and can vary by device. Users have the ability to share alerts and subscriptions with other users via limited collaboration and social networking. Users search for unstructured documents and structured reports based on metadata and content of reports. Using search on the BI portal allows users to find data, analyses, and reports, and users can launch tools for self service report generation and analysis from the search interface. IT provides access for users to sanctioned data sources as database connections, data feeds, or static data dumps, upon which users can easily perform ad-hoc queries and data analysis using Excel or other analysis tools. Users can share their analyses via a BI portal. Users may have access to more advanced self-service analytics tools to perform data mining or predictive analysis without dependence on IT or a Data Analyst. Some level of automation is in place to render data pulled from enterprise systems on dashboards, but is used for only strategic or high profile projects. Dashboards have integrated interfaces to allow users to roll-up and drill-down on live data. IT provisions and provides access to infrastructure, statistical analysis and data mining tools, and common sanctioned data sources to Data Analyst roles to analyze business data and build models to enable future decisions, predict trends, find correlations in business attributes, etc. Data Analysts publish the results of their analyses to business users via reports, spreadsheets, charts, visualizations, etc. Data Warehouse Management Real-time information is available to mission-critical applications, analytics, and reporting systems. Mature governance processes with integrated business rules are consistently applied for centralized data and data loading. EDW, data marts, and supporting storage and infrastructure are centrally managed. EDW serves as the hub that integrates data marts and enables a single view of data and data sets. EDW uses star/snowflake schemas with shared, conformed dimensions to simplify reporting and improve performance. Hardware architecture is balanced to optimize performance. Consistency in data warehouse operation and maintenance across distributed data marts is improved through use of common tools, policies, and sharing of best practices, driven by the EDW team. SLAs emerge. Data changes can be planned through standard impact analysis, and effective collaboration occurs across data mart and EDW teams. An IT-managed BI environment is in place and applications at the department level integrate with departmental data marts. IT designs, implements, and manages data schemas that are optimized for localized self-service reporting and analysis tools. Big Data Information Services and Marketplaces Database and LOB Platform Transaction Processing Data Management Metadata and taxonomies are defined, implemented, and formally managed in one or more repositories with more reliance upon policy-based management to ensure proper configuration and adherence to policies. Business has begun to consolidate data, management plans, and policies for consistency across information stores. Application Infrastructure Application messaging services used by development are aligned with standard application operating environments. Development and operations teams have the skills required to effectively and consistently make use of these technologies. Limited application component and service reuse strategies exist at the departmental or project level. Common application services and runtime application frameworks are selected jointly by development and operations teams as part of the application life-cycle management process. Operations is beginning to rationalize to the standard common services and consolidate runtime platforms. Custom Development Internet Applications Component and Service Composition Some use of reusable assets is supported by high-value services, components, and modules. Composition by IT departments requires advanced coding skills. Use of composition frameworks and tools happens on a project-by-project basis. SOA and portal components are not coordinated. A single platform is designated for portal infrastructure. Point solutions enable simple UI customization by end users. Business units are beginning to implement programs to migrate many of their solutions to the new standard platform. Tooling is difficult, as different stakeholders (analysts, developers, end users, etc.) have allegiance to their tools and the tools do not integrate well. Some independent end-user composition happens as a result of the portal deployment. No discoverability of services is in place. Application models are highly descriptive of the application components and dependencies. Manual checks against the application map are in place to avoid impacts on services by component changes. Components and low- level services are documented manually, though the culture of management of those components has not been pervasive across the organization. Enterprise Integration Development Platform Standard application frameworks, messaging, and other application services aligned with standard application operating environments are appropriately and consistently employed by application development teams. Tools for major development activities are standardized across the organization, though practices and versions are not. Application customization is performed through customization support offered by the application, on an isolated project basis with no standard approaches or consideration for future maintenance or integration. Application Lifecycle Management MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Technology Guidance Client Technologies Microsoft Office Microsoft Office Outlook 2007 / Microsoft Outlook 2010, Microsoft Office Word 2007 / Microsoft Word 2010, Microsoft Office Excel 2007 / Microsoft Excel 2010, Microsoft Office PowerPoint 2007/ Microsoft PowerPoint 2010 Microsoft Office InfoPath 2007 / Microsoft InfoPath 2010 Microsoft Office Groove 2007 / Microsoft SharePoint Workspace 2010 Microsoft Office SharePoint Designer 2007 / Microsoft SharePoint Designer 2010 Microsoft Office Project 2007 / Microsoft Project 2010 Windows Phone 7.5 / 8 Microsoft Office Mobile 2010 Microsoft Forefront Endpoint Protection 2010 / Microsoft System Center 2012 Endpoint Protection Windows 7 / 8 Microsoft Office Communicator 2007 R2 / Microsoft Lync 2010 Microsoft Office Live Meeting 2007 Server Technologies Server Technologies Microsoft Office SharePoint Server 2007 / Microsoft SharePoint Server 2010 Windows SharePoint Services 3.0 / Microsoft SharePoint Foundation 2010 Microsoft Exchange Server 2007 / 2010 Microsoft Office Communications Server 2007 R2 / Microsoft Lync Server 2010 Microsoft SQL Server 2008 R2 / 2012 Microsoft Server Security Microsoft Forefront Security for SharePoint / Microsoft Forefront Protection 2010 for SharePoint Microsoft Forefront Security for Exchange Server / Microsoft Forefront Protection 2010 for Exchange Server Microsoft Forefront Security for Office Communications Server Microsoft Internet Security and Acceleration Server 2006 / Microsoft Forefront Threat Management Gateway 2010 Microsoft Intelligent Application Gateway 2007 / Microsoft Forefront Unified Access Gateway 2010 Microsoft Forefront Identity Manager 2010 / 2010 R2 Microsoft Windows Server 2008 R2 / 2012 Microsoft Windows Server Update Services 2.0 / 3.0 Microsoft System Center Microsoft System Center Operations Manager 2007 R2 / Microsoft System Center 2012 Operations Manager Microsoft System Center Data Protection Manager 2010 / Microsoft System Center 2012 Data Protection Manager Microsoft System Center Configuration Manager 2007 R3 / Microsoft System Center 2012 Configuration Manager Microsoft System Center Mobile Device Manager 2008 / Microsoft System Center 2012 Mobile Device Manager Microsoft System Center Virtual Machine Manager 2008 R2 / Microsoft System Center 2012 Virtual Machine Manager Microsoft System Center Service Manager 2010 / Microsoft System Center 2012 Service Manager Opalis / Microsoft System Center 2012 Orchestrator Microsoft System Center Cloud Services Process Pack Microsoft System Center 2012 App Controller Microsoft Desktop Optimization Pack 2011 / 2011 R2 Microsoft Diagnostics and Recovery Toolset 7.0 / 8.0 Microsoft Desktop Error Monitoring Windows Embedded Device Manager 2011 Microsoft Windows Storage Server 2008 / 2008 R2 Windows Server AppFabric Microsoft Hyper-V Server 2008 / 2008 R2 Microsoft Virtual Desktop Infrastructure Suite Microsoft Office Project Server 2007 / Microsoft Project Server 2010 Microsoft BizTalk Server 2009 / 2010 Cloud Technologies BPOS / Microsoft Office 365 Microsoft Exchange Online Microsoft SharePoint Online Microsoft Office Communications Online / Microsoft Lync Online Microsoft Forefront Online Protection for Exchange Windows Azure platform Windows Azure Active Directory Access Control Microsoft SQL Azure Windows Intune Microsoft Office Web Apps Microsoft Office Communicator Web Access 2007 R2 Microsoft Exchange Hosted Services Microsoft Online Backup Service Development Tools Microsoft.NET Framework Microsoft Visual Studio 2010 Team Foundation Server / Microsoft Visual Studio 11 Team Foundation Server Microsoft Visual Studio Team System 2008 / 2010 / 11 Windows Communications Foundation (WCF) Services Tools, Add-ins, Libraries, and Frameworks Microsoft Security Assessment Tool Microsoft Software Inventory Analyzer 5.0 / 5.1 Microsoft Deployment Toolkit 2010 / 2012 Windows Automated Installation Kit Microsoft Security Compliance Management Toolkit Compliance Management Libraries 2.0 Windows SDK Data Classification Toolkit IT Governance, Risk and Compliance process management pack 2.0 Microsoft Windows PowerShell 2.0

Phase 2: Core IO BSRD Datacenter Mgt and Virtualization Data Center Mgt & Virtualization Compliance Management Libraries / 2.0; Data Classification Toolkit; Hyper-V Server 2008 / 2008 R2; Hyper-V Server 2008 / 2008 R2 (Mixed OS Virtualization, Branch Office Consolidation); Hyper-V Server 2008 / 2008 R2 (Server Consolidation); Hyper-V Server 2008 / 2008 R2 Enterprise; Hyper-V Server 2008 / 2008 R2 Standard; IT Governance, Risk and Compliance process management pack / 2.0; Microsoft Deployment Toolkit 2010 / 2012; Microsoft Software Inventory Analyzer 5.0 / 5.1; Opalis; Security Compliance Management Toolkit; Security Compliance Manager / 2.x; Software Asset Management; System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Automated Installation Kit; Windows Azure; Windows Server 2008 R2 / 2012; Windows Server 2008 R2 (Hyper-V); Windows Server 2008 R2 (Hyper-V, Clustering, and Network Load Balancing); Windows Server 2008 R2 Enterprise / Datacenter (Hyper-V); Windows Server 2008 R2 Standard / Enterprise (Hyper-V); Windows Server Update Services 2.0 / 3.0 Server Security Forefront Endpoint Protection 2010; Forefront Protection 2010 for Exchange Server; Forefront Protection 2010 for SharePoint; Forefront Security for Exchange Server; Forefront Security for Office Communications Server; Forefront Security for SharePoint; Forefront Threat Management Gateway 2010 (Virtual Private Network); Forefront Threat Management Gateway 2010 (Web antivirus/anti-malware protection, Network Inspection System); Forefront Unified Access Gateway 2010; Intelligent Application Gateway 2007; Internet Security and Acceleration Server 2006 (Multi-Networking, Virtual Private Network); System Center 2012 Endpoint Protection; Windows Azure; Windows Server 2008 R2 (Windows Firewall with Advanced Security); Windows Server 2008 R2 Enterprise (Network Policy and Access Services); Windows Server 2008 R2 Enterprise (Windows Firewall, Network Policy, and Access Services); Windows Server 2012 Networking Windows Azure; Windows Server 2008 R2 / 2012; Windows Server 2008 R2 (Domain Name System server); Windows Server 2008 R2 (Dynamic Host Configuration Protocol server) Storage Microsoft Online Backup Service; System Center 2012 Data Protection Manager; System Center Data Protection Manager 2010; Windows Server 2008 R2 (Backup and recovery); Windows Server 2012 (Backup/Recovery, Hyper-V Replica); Windows Server 2012 (Hyper-V Replica); Windows Storage Server 2008 / 2008 R2 (Backup and recovery) Device Deployment and Management Device Mgt & Virtualization Diagnostics and Recovery Toolset 7.0 / 8.0; Exchange Server 2007 / 2010; Exchange Server 2007 / 2010 (ActiveSync); Microsoft Deployment Toolkit 2010 / 2012; Microsoft Desktop Optimization Pack 2011 / 2011 R2 (Desktop Error Monitoring); System Center 2012 Configuration Manager; System Center 2012 Mobile Device Manager; System Center Configuration Manager 2007 R3; System Center Mobile Device Manager 2008; System Center Mobile Device Manager 2008 (Enrollment Auto Discovery); Virtual Desktop Infrastructure Suite; Windows 7 / 8 (Backup and Restore); Windows Azure; Windows Embedded Device Manager 2011; Windows Intune; Windows Intune (Exchange ActiveSync Integration); Windows Phone 7.5 / 8 Device Security Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010 (Network Inspection System); Internet Security and Acceleration Server 2006; System Center 2012 Endpoint Protection; Windows 7 (Firewall); Windows 8; Windows Intune (not for non-PC devices); Windows Server 2008 R2 / 2012; Windows Server 2008 R2 (Network Access Protection) Identity & Security Services Identity & Access Forefront Identity Manager 2010 (Credential Management, Policy Management, User Management); Forefront Identity Manager 2010 R2; Hyper-V Server 2008 / 2008 R2 (Read- Only Domain Controller); Windows 7 / 8; Windows Azure; Windows Azure (Active Directory Access Control); Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2008 R2 (Active Directory Domain Services, Group Policy); Windows Server 2008 R2 (Active Directory Domain Services, Read-Only Domain Controller); Windows Server 2008 R2 Enterprise / Datacenter (Active Directory Certificate Services); Windows Server 2012 Information Protection & Control Forefront Threat Management Gateway 2010; Internet Security and Acceleration Server 2006; Microsoft SQL Server 2008 R2; SQL Server 2012; Windows Phone 7.5 / 8; Windows Server 2008 R2 (Active Directory Rights Management Services); Windows Server 2012 `IT Process & Compliance Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010; Internet Security and Acceleration Server 2006; Microsoft Security Assessment Tool; Office SharePoint Server 2007; Opalis; PowerShell 2.0; SharePoint Server 2010; System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Data Protection Manager; System Center 2012 Endpoint Protection; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Cloud Services Process Pack; System Center Configuration Manager 2007 R3; System Center Data Protection Manager 2010; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Azure; Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2012 TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Phase 2: BPIO BSRDCollaboration Workspaces Exchange Server 2007 / 2010; Lync 2010; Lync Server 2010; Office 2007 / 2010 (client integration with SharePoint); Office 2007 (Groove 2007: offline collaborative workspaces); Office 2010 (SharePoint Workspace 2010: offline collaborative workspaces); Office 365 Dedicated; Office 365 Dedicated (Dedicated is here for Hybrid); Office 365 E1 / E2 / E3 / E4; Office Communications Server 2007 R2; Office Communicator 2007 R2; Office SharePoint Server 2007 (Active Directory Domain Services integration with SharePoint); Office SharePoint Server 2007 (integrated presence, Outlook Web Access Web Parts, news and announcement Web Parts, out-of-the-box workflow); Office SharePoint Server 2007 (offline collaborative workspaces); SharePoint Designer 2007 / 2010 (Workflows); SharePoint Online (access/view documents, client integration, mobile device support); SharePoint Online (client integration, templates and Web Parts, presence, sync with Outlook, standard workflows); SharePoint Server 2010 (Active Directory Domain Services integration with SharePoint); SharePoint Server 2010 (integrated presence, Outlook Web Access Web Parts, news and announcement Web Parts, out-of-the-box workflow); SharePoint Server 2010 (offline collaborative workspaces, web applications and companions, mobile-device view) Portals Office 365 Dedicated; Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007; Office SharePoint Server 2007 (out-of-the-box workflows, My Sites); Office SharePoint Server 2007 (SharePoint site administration, Active Directory Domain Services integration with SharePoint, audit trail); Office SharePoint Server 2007 (widgets, search); SharePoint Designer 2007 / 2010 (out-of-the-box content publishing workflows); SharePoint Online (custom code support); SharePoint Online (My Sites, standard workflows, site search); SharePoint Online (site manager); SharePoint Online (site search); SharePoint Online P1 / P2; SharePoint Server 2010; SharePoint Server 2010 (Business Connectivity Services); SharePoint Server 2010 (out-of-the-box workflows, My Sites); SharePoint Server 2010 (SharePoint site administration, Active Directory Domain Services integration with SharePoint, audit trail); SharePoint Server 2010 (widgets, search) Social Computing Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (My Sites, RSS content syndication, email alerts and notifications); Office SharePoint Server 2007 (wikis, blogs, discussion boards, email-enabled lists); SharePoint Online (email alerts and notifications, RSS content syndication, My Sites); SharePoint Online (surveys, email-enabled lists, blogs, wikis); SharePoint Online P1 / P2; SharePoint Server 2010 (My Sites, RSS content syndication, email alerts and notifications); SharePoint Server 2010 (wikis, blogs, discussion boards, email-enabled lists) Project Mgt Exchange Server 2007 / 2010; Lync 2010; Lync Server 2010; Office 2007 / 2010; Office 365 E1 / E2 / E3 / E4; Office Communications Server 2007 R2; Office Communicator 2007 R2; Office SharePoint Server 2007 (document collaboration, document workspaces); Project 2007 / 2010; Project 2007 (Gantt charts, calendars, task sheets, and visual reports); Project 2010 (Gantt charts, calendars, task sheets, visual reports, resource scheduling view, user-controlled scheduling, top-down summary tasks, task inspector, timeline view, incremental/granular leveling, synchronize with SharePoint task lists); Project Server 2007 (resource leveling, Outlook integration, automated email notifications, project updates, server-side scheduling); Project Server 2007 (task creation and delegation, status reports, timesheets); Project Server 2007 (visual reports, resource availability graphs, and budget tracking); Project Server 2010 (enhanced collaboration and reporting, resource management, resource leveling, Outlook integration, automated email notifications, project updates, server-side scheduling); Project Server 2010 (schedule management, financial management, time and task management); Project Server 2010 (task creation and delegation, status reports, timesheets, time tracking improvements, user delegation); SharePoint Foundation 2010; SharePoint Online P1 / P2; SharePoint Server 2010 (document collaboration); SharePoint Server 2010 (document workspaces) Information access Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (out-of-the-box indexing connectors, search filters); Office SharePoint Server 2007 (out-of-the-box search); Office SharePoint Server 2007 (synonyms, query correction, ranking factors, out-of-the-box search); SharePoint Online (out-of-the-box search); SharePoint Online (relevance); SharePoint Online (search across enterprise content sources); SharePoint Online P1 / P2; SharePoint Server 2010 (out-of-the-box indexing connectors, search filters); SharePoint Server 2010 (out-of-the-box search); SharePoint Server 2010 (synonyms, query correction, ranking factors, out-of-the-box search) Interactive experience and navigation Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (faceted search, filtering, navigation); SharePoint Online (faceted search, filtering); SharePoint Online P1 / P2; SharePoint Server 2010 (faceted search, filtering, navigation) TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Phase 2: BPIO Continued BSRD Messaging Messaging Exchange Hosted Archive; Exchange Hosted Continuity; Exchange Hosted Encryption; Exchange Hosted Filtering; Exchange Online; Exchange Online (connects to on-premises Private Branch Exchange); Exchange Online (Forefront Online Protection for Exchange); Exchange Online (Standard and Deskless); Exchange Online Kiosk; Exchange Online P1, P2; Exchange Server 2007 / 2010; Forefront Protection 2010 for Exchange Server; Forefront Security for Exchange Server; Office 365 E1 / E2 / E3 / E4 / K1 / K2; Outlook 2007 / 2010; Outlook 2007 / 2010 (enhanced search); Outlook Mobile 2007 / 2010; Outlook Web Access (premium experience) Unified Communications IM/Presence Exchange Online; Forefront Security for Office Communications Server; Lync 2010; Lync Online / P1 / P2; Lync Server 2010; Lync Server 2010 (Group Chat Server); Office 365 E1 / E2 / E3 / E4; Office Communications Online; Office Communications Server 2007 R2; Office Communications Server 2007 R2 (Group Chat Server); Office Communicator 2007 R2; Office Communicator Web Access 2007 R2; Outlook 2007 / 2010 (integrated presence indicator) Conferencing Lync Online; Lync Online P1 / P2; Lync Server 2010; Office 365 E1 / E2 / E3 / E4; Office Communications Server 2007 R2; Office Live Meeting 2007 Voice Exchange Online P2; Exchange Server 2007 (unified inbox); Lync 2010; Lync Server 2010; Office 365 E3 / E4; Office 365 E4 (Requires On-Prem Infrastructure and Lync Server 2010); Office Communications Server 2007 R2; Office Communicator 2007 R2; Outlook 2007 Content Creation and Management Information Mgt Office 2007; Office 2007 (document information panel); Office 2007 (integrated workflows); Office 2010 (Backstage); Office 2010 (Backstage, location-based metadata defaults, automated population of metadata); Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (metadata capture, metadata tagging, out-of-the-box workflows); SharePoint Online; SharePoint Online (metadata); SharePoint Online (out-of-the-box workflows); SharePoint Online P1 / P2; SharePoint Server 2010 (metadata capture); SharePoint Server 2010 (metadata tagging, location-based metadata defaults, automated population of metadata); SharePoint Server 2010 (out-of-the-box workflows) Process Efficiency Office 2007 (InfoPath 2007: form templates); Office 2007 (workflow integration); Office 2010 (InfoPath 2010: form templates); Office 2010 (workflow integration through Backstage); Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (form libraries, forms development environment, forms solutions repository); Office SharePoint Server 2007 (out-of-the-box workflows); Office SharePoint Server 2007 (out-of-the-box workflows, templates); SharePoint Designer 2007 / 2010; SharePoint Online (form libraries); SharePoint Online (out-of-the-box workflows); SharePoint Online P1 / P2; SharePoint Server 2010 (form libraries, forms development environment, forms solutions repository, form layout templates); SharePoint Server 2010 (out-of-the-box workflows); SharePoint Server 2010 (out-of-the-box workflows, templates) Compliance Office 365 E3 / E4; Office SharePoint Server 2007 (information rights management, retention and auditing policies, document retention and expiration policies, legal holds, retention schedule); Office SharePoint Server 2007 (records center); SharePoint Online (information rights management, retention and auditing policies, document retention and expiration policies, legal holds, retention schedule); SharePoint Online (records center); SharePoint Server 2010 (information rights management, retention and auditing policies, document retention and expiration policies, legal holds, retention schedule); SharePoint Server 2010 (records center) Authoring Multi-Device Support Interoperability User Accessibility TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Phase 2: APO BSRD BI and Analytics Platform Business Intelligence Office 365 E1 / E2 / E3 / E4 / K2; Office Professional 2010 (Excel 2010); Office SharePoint Server 2007; PivotViewer; Power View; PowerPivot; Report Builder; SharePoint 2010 Enterprise (Activity Feeds, Visio Services); SharePoint 2010 Enterprise (Excel Services); SharePoint 2010 Standard; SharePoint Foundation 2010; SQL Azure; SQL Azure Reporting; SQL Server 2008 R2 / 2012; SQL Server Analytic Services; SQL Server Reporting Services; Visio 2007 / 2010 Data Warehouse Management SQL Server 2008 / 2008 R2; SQL Server 2008 R2 Data Center; SQL Server 2008 R2 Enterprise; SQL Server 2008 R2 Parallel Data Warehouse; SQL Server 2012; Visual Studio 11 / 2010; Visual Studio 2008 (BI Development Studio) Big Data Information Services and Marketplaces Database and LOB Platform Transaction Processing Data Management Office Professional 2010; Office SharePoint Server 2007; SharePoint 2010; SQL Server 2008 / 2008 R2 / 2012 Application Infrastructure Microsoft.NET Framework; Internet Information Services 6 / 7 / 8; Office SharePoint Server 2007; SharePoint 2010; SQL Server 2008 R2 / 2012; Visual Studio 11 / 2008 / 2010; Window Server 2008; Windows Communications Foundation Services; Windows Server 2008 / 2008 R2 / 2012; Windows Server 2008 R2 (Hyper-V); Windows Server AppFabric Custom Development Internet Applications Component and Service Composition BizTalk Server 2006 R2 / 2009; Office Professional 2010 (Access 2010); Office SharePoint Server 2007; Office SharePoint Server 2007 (Business Data Catalog); SharePoint 2010; SharePoint 2010 (Business Connectivity Services); System Center 2007 / 2012; Visual Studio 2008 / 2010; Windows Server AppFabric Enterprise Integration Development Platform Office Professional 2010; SQL Server 2008 R2; Visual Studio 2008; Visual Studio 2010 Professional; Visual Studio Team Foundation Server 2010; Windows SDK Application Lifecycle Management TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

CHALLENGES BUSINESS CAPABILITIES BENEFITS IMPROVE COLLABORATION Portals lacking seamless integration with backend systems and line of business data Limited support of collaboration with partners and suppliers Difficult to find information and people across the enterprise Rich integration of portals with line of business and third party business applications Secure workspace solution for collaborating with partners/suppliers Enterprise wide metadata driven search Provide seamless collaboration and access to trusted suppliers, partners, and customers across the firewall ENABLE SEAMLESS COMMUNICATION Need for audio/video conferencing Limited support of collaboration with partners and suppliers Audio/video conferencing Secure communication solution for collaborating with partners/suppliers Provide federation of communication information Extend instant messaging and presence to all users, establishing rich, secure, auditable, and real-time connectivity from partners to end customers ENHANCE BUSINESS PRODUCTIVITY Loosely-coupled applications, services, and data Need for enterprise-wide use of service- oriented architecture and process abstraction Enterprise-wide use of service-oriented architecture Workflows with end-to-end visibility Reduce operations costs by integrating automated, business-to-business into internal workflows Integrate new applications and standards across the enterprise with service-oriented architecture and process abstraction IMPROVE BUSINESS DECISION MAKING Need for business intelligence mapped to corporate goals and monitored at all levels User-driven reporting Enterprise wide scorecards Enable enterprise-wide reporting and analysis SECURE ACCESS WITH SIMPLIFIED IDENTITY MANAGEMENT No central user provisioning No clear view of organization’s identity landscape Federated directory services Single sign-on across the enterprise Self-service access management Ensure various identity repositories are connected, federated within firewall, or trusted to allow provisioning of identity workflow Develop established, trusted relationships with external organizations Provide automated identity account de- provisioning and lifecycle management CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION Phase 3

Phase 3: Core IO BSRD Datacenter Mgt and Virtualization Data Center Mgt & Virtualization Majority of production server resources are virtualized. Resource pooling implementation supports compliance and cost management strategies, such as Auditing and Reporting, Policy Management, Metered Usage, Multi-Tenancy and Process Automation. Server Security Malware protection is centrally managed across server operating systems within organizations, including host firewall, host IPS/vulnerability shielding, and quarantine, with defined SLAs. Protection is deployed and centrally managed for all applications and services. Networking Redundant Domain Name System servers exist on a separate network to provide fault tolerance and isolation, including ability to do zone transfer across boundaries. Storage Critical data is backed up by taking snapshots using a centralized, application-aware system. Device Deployment and Management Device Mgt & Virtualization A centralized store of user profiles enables profiles to roam with users. Storage of user state is centralized, including retention policies that align with corporate mandates (security and policy). Users have self-service capabilities to find, request, and install approved applications appropriate to their roles. A solution is in place to automatically identify devices to deploy, configure, and update while maintaining device security. Device Security Protection against malware is centrally managed for desktop systems, laptops, and non-PC devices; desktop systems and laptops include a host firewall, host intrusion prevention system or vulnerability shield, and quarantine. Identity & Security Services Identity & Access Centralized IT offering of Federation services. Multiple Federation and trust relations between separate organizations 1 to 1 relationship. Information Protection & Control Reporting for server, back-office, and end-user waypoints; analysis capabilities exist to provide investigation of critical incidents. IT Process & Compliance A self service catalog is defined with SLAs/SLOs and consumed via a self service portal supported by some automated fulfillment. Comprehensive service life cycle orchestration that is automated for some workloads. MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Phase 3: BPIO BSRDCollaboration Workspaces Team members can simultaneously author, edit, and review content across Clients (including Devices). Portals Publishers can direct content to specific audience targets; portals deliver a customized, targeted, or aggregated view of information to individuals based on user identity, role, and device on which content is consumed. Users get targeted information based on their profiles, their roles in the organization, and mobile devices being used. Social Computing Blogs, wikis, and podcasts are used enterprise-wide and compose a significant amount of enterprise content; communities have dedicated, actively managed sites that often are customized for specific needs, This Content is accessible through multiple mobile devices. Profiles are highly customizable; personal sites offer organizational, attention management, and public commenting capabilities; social networking and business productivity tools are integrated; enterprise news feeds complement RSS and e-mail alerts. Social networking capability is available via applications on mobile devices. Project Mgt Portfolios are analyzed and proposals are selected based on alignment with business goals. Information access Unstructured content from the Web, collaborative and content-managed data repositories, databases, and line-of-business applications is indexed; indexing processes incorporate browsing by people and ranking of expertise. Search relevance is influenced by a blend of indexing and the federation infrastructure; advanced content processing includes the ability to extract entities to add metadata, tags, and structure to unstructured information; as a result, organizations can display best-bets results and provide industry-specific dictionaries. A single platform provides an organization-wide search experience; structured data is incorporated and exposed in search-driven applications. Interactive experience and navigation An advanced interactive search experience incorporates faceted information based on extracted metadata and other user experience elements to guide users; the search experience is unified across desktop systems, mobile devices, servers, and Internet searches. Messaging Messaging The e-mail platform supports advanced, policy-driven message controls that include automatic application of rights protection. Provisioning of user inboxes occurs automatically based on needs of individual users and spans on-premises and off-premises messaging environments. Unified Communications IM/Presence Online presence information and contextual “click to communicate” are integrated into the enterprise productivity and collaboration platform. Conferencing A secure, unified conferencing platform that enables rich audio, video, and data collaboration is managed by IT and is available from enterprise productivity applications; the platform also has a single user interface, a single directory, and is available across organizational boundaries. Voice Voice communications are secure, encrypted, extended to remote and mobile workers using different mobile devices and integrated within enterprise productivity and collaboration platforms. Voice mail is part of a unified inbox that features single storage and a unified directory; retention and protection policies are enforced by the organization; messages are available as voice or transcribed text and are accessible from PCs, phones, or Web browsers. Call routing within an organization is based on identity and online presence. Server pools that are split across data centers or replicated provide resilience to data centers when disaster occurs. Content Creation and Management Information Mgt Traditional and new media content types are managed consistently in a single repository that has integrated workflow. Metadata is centrally managed and deployed across the business; metadata capture is simplified through preemptive suggestions, or is automated based on location and context. Process Efficiency Users are empowered to create and deploy electronic forms by using visual design tools; data from forms (stored in an open format) and scanned paper-based content are managed as part of an electronic information management strategy; a framework provides leverage for integration of data from forms with line-of-business applications. The organization gains leverage from visual workflow models and declarative workflow tools to create workflow solutions that have limited integration with line-of-business applications; people can design and validate customized parallel or serial workflows visually as needed, run them manually or automatically, and monitor them in real time. Inbound and outbound communications are generated by scalable, server-based, automated processes; processes and line-of-business applications are integrated within a framework; templates and output are stored and managed at the enterprise level as part of an information management strategy that provisions core document and records management capabilities. Compliance All information is well managed in accordance with government and industry regulations; content can be rapidly identified and preserved, and the in-house aspect of the discovery process is managed by automated workflow; some content resulting from electronic discovery is initially refined in-house to reduce the volume of content given to external council. Authoring Multi-Device Support Interoperability User Accessibility MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Phase 3: APO BSRD BI and Analytics Platform Business Intelligence Symbiotic relationship and process between self-service and managed BI. IT has visibility into self-service activities that it uses to recommend and guide the enhancement of the managed BI environment and data structures that support self-service. From the BI portal, users are able to connect to internal and external data sources and combine them in a single report or data set for further analysis. Users can do sophisticated analysis and build rich BI applications using Excel or other analysis tools. BI portal has reporting and analysis capabilities that include exception highlighting, guided analysis, and predictive analysis with rich logic. Dashboards are consistently used to provide operational and strategic views of the business from real time or periodically refreshed data. BI portal experience has rich visualizations, dashboards and scorecards with full data interactivity (slicing, filtering, etc.) consistent with self service reporting and analysis tools. Users have the ability to create unique personal and/or shared views of data that are actually combinations of multiple views (i.e. mashups). Data Analysts use powerful data management workbench with integrated access to tools for data preparation, cleansing, multi-variate analysis, and a sophisticated set of data mining algorithms with extensibility and tuning options. Data Analysts can easily publish their findings and data sets for access by business users. Data Warehouse Management Master data management of the EDW and data marts is centrally governed, although implementation, operations, and maintenance is still distributed. Data warehouse and data mart resources are explicitly governed. Audit information is available for performance, history, and forensic information. An IT-managed BI environment and applications at the department level are aligned with the enterprise data warehouse (EDW) environment and applications. IT proactively builds, maintains, and manages key reports and analysis models that are used regularly across the business. IT designs, implements, and manages semantic models (such as OLAP) and data schemas optimized for managed and self-service reporting and analysis. Big Data Information Services and Marketplaces Database and LOB Platform Transaction Processing Data Management Metadata and taxonomies are defined, implemented, and formally managed in one or more repositories with more reliance upon policy-based management to ensure proper configuration and adherence to policies. Business has begun to consolidate data, management plans, and policies for consistency across information stores. Application Infrastructure A common application messaging services infrastructure is in place and well managed for larger mission-critical applications. A range of application services and infrastructure is provided across operating environments with central governance. A central engineering practices group co-sponsored by development and operations has formed and is providing valuable guidance to application development teams. Application developers consistently build applications using these application frameworks, so hosting, application services requirements, and management are predictable. Operating systems provide support for multiple application frameworks. Custom Development Internet Applications Component and Service Composition Developers have tools that allow them to automate the creation of components usable by end users out of low-level services, and to publish them to the central repository and obtain basic metrics of usage. Tooling for solution assembly is simplified. A central repository of components for end users is designated to allow them to discover and use components to build solutions. Central IT provides mechanisms to create new business processes that integrate with existing ones, primarily through new workflow actions and specialized rules. Facilities exist to surface line-of-business events to end users' compositions and workflows. The organization overall realizes that services and UI needs to blend, start rationalizing which UI standard they will be driving to, and move to a point where every service has a “face” that is consumable for composing new applications. End users can share their created solutions back to the repository. Mechanisms exist to allow for ranking and rating of solutions and components. A managed central repository of all configuration items, assets, and systems provides dependency maps, reporting, and metrics for development and operations teams across the organization to manage integrations, performance, and scale. Enterprise Integration Development Platform The organization has selected and implemented a common set of frameworks for major application development and operating environment needs. Developer skill and use of standard frameworks is consistent. A central architecture and engineering practices group has formed with the participation of development and operations teams, and provides valuable guidance to development teams. A standard set of tools and common development approaches are used across multiple development teams in the organization. Developed applications extend line-of-business (LOB) systems (at UX level and mid-tier), extending LOB business logic. IT manages a service-based infrastructure of composite applications that connect and surface best-of-breed LOB systems. Application Lifecycle Management MAPPING CONCEPTUAL ARCHITECTURE TECHNOLOGIES LOGICAL ARCHITECTURE PHASE DEFINITION

Technology Guidance Client Technologies Microsoft Office Microsoft Office Outlook 2007 / Microsoft Outlook 2010, Microsoft Office Word 2007 / Microsoft Word 2010, Microsoft Office Excel 2007 / Microsoft Excel 2010, Microsoft Office PowerPoint 2007/ Microsoft PowerPoint 2010 Microsoft Office InfoPath 2007 / Microsoft InfoPath 2010 Microsoft Office Visio 2007 / Microsoft Visio 2010 Microsoft Office Groove 2007 / Microsoft SharePoint Workspace 2010 Microsoft Office SharePoint Designer 2007 / Microsoft SharePoint Designer 2010 Microsoft Office Project 2007 / Microsoft Project 2010 Windows Phone 7.5 / 8 Microsoft Office Mobile 2010 Microsoft Forefront Endpoint Protection 2010 / Microsoft System Center 2012 Endpoint Protection Windows 7 / 8 Microsoft Office Communicator 2007 R2 / Microsoft Lync 2010 Microsoft Office Live Meeting 2007 Server Technologies Server Technologies Microsoft Office SharePoint Server 2007 / Microsoft SharePoint Server 2010 Microsoft FAST Search Server 2010 for SharePoint Windows SharePoint Services 3.0 / Microsoft SharePoint Foundation 2010 Microsoft Exchange Server 2007 / 2010 Microsoft Office Communications Server 2007 R2 / Microsoft Lync Server 2010 Microsoft SQL Server 2008 R2 / 2012 Microsoft Server Security Microsoft Forefront Security for SharePoint / Microsoft Forefront Protection 2010 for SharePoint Microsoft Forefront Security for Exchange Server / Microsoft Forefront Protection 2010 for Exchange Server Microsoft Forefront Security for Office Communications Server Microsoft Internet Security and Acceleration Server 2006 / Microsoft Forefront Threat Management Gateway 2010 Microsoft Intelligent Application Gateway 2007 / Microsoft Forefront Unified Access Gateway 2010 Microsoft Forefront Identity Manager 2010 / 2010 R2 Microsoft Windows Server 2008 R2 / 2012 Microsoft Windows Server Update Services 2.0 / 3.0 Microsoft System Center Microsoft System Center Operations Manager 2007 R2 / Microsoft System Center 2012 Operations Manager Microsoft System Center Data Protection Manager 2010 / Microsoft System Center 2012 Data Protection Manager Microsoft System Center Configuration Manager 2007 R3 / Microsoft System Center 2012 Configuration Manager Microsoft System Center Mobile Device Manager 2008 / Microsoft System Center 2012 Mobile Device Manager Microsoft System Center Virtual Machine Manager 2008 R2 / Microsoft System Center 2012 Virtual Machine Manager Microsoft System Center Service Manager 2010 / Microsoft System Center 2012 Service Manager Opalis / Microsoft System Center 2012 Orchestrator Microsoft System Center Cloud Services Process Pack Microsoft System Center 2012 App Controller Microsoft Desktop Optimization Pack 2011 / 2011 R2 Microsoft Diagnostics and Recovery Toolset 7.0 / 8.0 Microsoft Desktop Error Monitoring Windows Embedded Device Manager 2011 Microsoft Windows Storage Server 2008 / 2008 R2 Windows Server AppFabric Microsoft Hyper-V Server 2008 / 2008 R2 Microsoft Virtual Desktop Infrastructure Suite Microsoft Office Project Server 2007 / Microsoft Project Server 2010 Microsoft BizTalk Server 2009 / 2010 Cloud Technologies BPOS / Microsoft Office 365 Microsoft Exchange Online Microsoft SharePoint Online Microsoft Office Communications Online / Microsoft Lync Online Microsoft Forefront Online Protection for Exchange Windows Azure platform Windows Azure Active Directory Access Control Microsoft SQL Azure Windows Intune Microsoft Office Web Apps Microsoft Office Communicator Web Access 2007 R2 Microsoft Exchange Hosted Services Microsoft Online Backup Service Development Tools Microsoft.NET Framework Microsoft Visual Studio 2010 Team Foundation Server / Microsoft Visual Studio 11 Team Foundation Server Microsoft Visual Studio Team System 2008 / 2010 / 11 Windows Communications Foundation (WCF) Services Tools, Add-ins, Libraries, and Frameworks Microsoft Security Assessment Tool Microsoft Software Inventory Analyzer 5.0 / 5.1 Microsoft User State Migration Tool 3.0 / 4.0 Microsoft Deployment Toolkit 2010 / 2012 Windows Automated Installation Kit Microsoft Security Compliance Management Toolkit Compliance Management Libraries 2.0 Windows SDK Data Classification Toolkit IT Governance, Risk and Compliance process management pack 2.0 Distributed Connectivity Services Microsoft Windows PowerShell 2.0 BizTalk ESB Toolkit Data Mining Add-ins for Microsoft Office

Phase 3: Core IO BSRD Datacenter Mgt and Virtualization Data Center Mgt & Virtualization Compliance Management Libraries / 2.0; Data Classification Toolkit; Hyper-V Server 2008 / 2008 R2; Hyper-V Server 2008 (Mixed OS Virtualization, Branch Office Consolidation); Hyper-V Server 2008 / 2008 R2 Enterprise; Hyper-V Server 2008 R2 (Mixed OS Virtualization, Branch Office Consolidation); IT Governance, Risk and Compliance process management pack / 2.0; Microsoft Deployment Toolkit 2010 / 2012; Opalis; Security Compliance Manager / 2.x; System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Configuration Manager 2007 R3; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Automated Installation Kit; Windows Azure; Windows Server 2008 R2 / 2012; Windows Server 2008 R2 (Hyper-V); Windows Server 2008 R2 (Hyper- V, Clustering, and Network Load Balancing); Windows Server 2008 R2 Enterprise / Datacenter (Hyper-V); Windows Server Update Services 2.0 / 3.0 Server Security Forefront Endpoint Protection 2010; Forefront Protection 2010 for Exchange Server; Forefront Protection 2010 for SharePoint; Forefront Security for Exchange Server; Forefront Security for Office Communications Server; Forefront Security for SharePoint; Forefront Threat Management Gateway 2010 (Virtual Private Network); Forefront Threat Management Gateway 2010 (web antivirus/anti-malware protection, Network Inspection System); Forefront Unified Access Gateway 2010; Intelligent Application Gateway 2007; Internet Security and Acceleration Server 2006 (Multi-Networking); Internet Security and Acceleration Server 2006 (Virtual Private Network); System Center 2012 Endpoint Protection; Windows Azure; Windows Server 2008 R2 (Windows Firewall with Advanced Security); Windows Server 2008 R2 Enterprise (Network Policy and Access Services); Windows Server 2008 R2 Enterprise (Windows Firewall, Network Policy, and Access Services); Windows Server 2012 Networking Windows Azure; Windows Server 2008 R2 / 2012; Windows Server 2008 R2 (Domain Name System server); Windows Server 2008 R2 (Dynamic Host Configuration Protocol server) Storage System Center 2012 Data Protection Manager; System Center Data Protection Manager 2010; Windows Server 2012 (Hyper-V Replica) Device Deployment and Management Device Mgt & Virtualization Diagnostics and Recovery Toolset 7.0 / 8.0; Exchange Server 2007 / 2010; Exchange Server 2007 / 2010 (ActiveSync); Microsoft Deployment Toolkit 2010 / 2012; Microsoft Deployment Toolkit 2010 (Zero-Touch Installation); Microsoft Desktop Optimization Pack 2011 (Desktop Error Monitoring); Microsoft Desktop Optimization Pack 2011 R2 (Desktop Error Monitoring); System Center 2012 Configuration Manager; System Center 2012 Mobile Device Manager; System Center 2012 Service Manager; System Center Configuration Manager 2007 R3; System Center Mobile Device Manager 2008; System Center Mobile Device Manager 2008 (Enrollment Auto Discovery); System Center Service Manager 2010; User State Migration Tool 3.0; Virtual Desktop Infrastructure Suite; Windows 7 / 8(Backup and Restore); Windows Automated Installation Kit (User State Migration Tool 4.0); Windows Azure; Windows Embedded Device Manager 2011; Windows Intune; Windows Intune (Exchange ActiveSync Integration); Windows phone 7.5 / 8; Windows Server 2008 R2 (roaming profile); Windows Server 2012 (roaming profile) Device Security Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010 (Network Inspection System); Internet Security and Acceleration Server 2006; System Center 2012 Endpoint Protection; Windows 7 (Firewall); Windows 8; Windows Intune (not for non-PC devices); Windows Server 2008 R2 (Network Access Protection); Windows Server 2012 Identity & Security Services Identity & Access Forefront Identity Manager 2010 (Credential Management); Forefront Identity Manager 2010 (Policy Management); Forefront Identity Manager 2010 (User Management); Forefront Identity Manager 2010 R2; Hyper-V Server 2008 / 2008 R2 (Read-Only Domain Controller); Windows 7 / 8; Windows Azure; Windows Azure (Active Directory Access Control); Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2008 R2 (Active Directory Domain Services, Group Policy); Windows Server 2008 R2 (Active Directory Domain Services, Read-Only Domain Controller); Windows Server 2008 R2 Enterprise / Datacenter (Active Directory Certificate Services); Windows Server 2008 R2 Enterprise / Datacenter (Active Directory Federation Services); Windows Server 2012 Information Protection & Control Forefront Threat Management Gateway 2010; Internet Security and Acceleration Server 2006; Microsoft SQL Server 2008 R2 / 2012; System Center 2012 Operations Manager; System Center Operations Manager 2007 R2; Windows Phone 7.5 / 8; Windows Server 2008 R2 (Active Directory Rights Management Services); Windows Server 2012 IT Process & Compliance Distributed Connectivity Services; Forefront Endpoint Protection 2010; Forefront Threat Management Gateway 2010; Internet Security and Acceleration Server 2006; Microsoft Security Assessment Tool; Office SharePoint 2007; Office SharePoint Server 2007; Opalis; PowerShell 2.0; SharePoint 2010; SharePoint Server 2010; System Center 2012 App Controller; System Center 2012 Configuration Manager; System Center 2012 Data Protection Manager; System Center 2012 Endpoint Protection; System Center 2012 Operations Manager; System Center 2012 Orchestrator; System Center 2012 Service Manager; System Center 2012 Virtual Machine Manager; System Center Cloud Services Process Pack; System Center Configuration Manager 2007 R3; System Center Data Protection Manager 2010; System Center Operations Manager 2007 R2; System Center Service Manager 2010; System Center Virtual Machine Manager 2008 R2; Windows Azure; Windows Server 2008 R2 (Active Directory Domain Services); Windows Server 2012 TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Phase 3: BPIO BSRDCollaboration Workspaces Exchange Server 2010; Lync 2010; Lync Server 2010; Office 2007 / 2010; Office 2007 (client integration with SharePoint); Office 2007 (Groove 2007: offline collaborative workspaces); Office 2010 (client integration with SharePoint); Office 2010 (SharePoint Workspace 2010: offline collaborative workspaces); Office 365 Dedicated; Office 365 Dedicated (Dedicated is here for Hybrid); Office 365 E1 / E2 / E3 / E4; Office Communications Server 2007 R2; Office Communicator 2007 R2; Office SharePoint Server 2007; Office SharePoint Server 2007 (Active Directory Domain Services integration with SharePoint); Office SharePoint Server 2007 (integrated presence, Outlook Web Access Web Parts, news and announcement Web Parts, out-of-the-box workflow); Office SharePoint Server 2007 (offline collaborative workspaces); SharePoint Designer 2007 / 2010; SharePoint Designer 2007 / 2010 (Workflows); SharePoint Online; SharePoint Online (access/view documents, client integration, mobile device support); SharePoint Online (client integration, templates and Web Parts, presence, synch with Outlook, standard workflows); SharePoint Server 2010 (Active Directory Domain Services integration with SharePoint); SharePoint Server 2010 (co-authoring); SharePoint Server 2010 (integrated presence, Outlook Web Access Web Parts, news and announcement Web Parts, out-of- the-box workflow); SharePoint Server 2010 (offline collaborative workspaces, web applications and companions, mobile-device view) Portals Office 365 Dedicated; Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007; Office SharePoint Server 2007 (audience targeting); Office SharePoint Server 2007 (role-based access, audience targeting); Office SharePoint Server 2007 (SharePoint site administration, Active Directory Domain Services integration with SharePoint, audit trail); SharePoint Designer 2007 / 2010; SharePoint Online (audience targeting, custom code support, site manager); SharePoint Online P1 / P2; SharePoint Server 2010; SharePoint Server 2010 (audience targeting); SharePoint Server 2010 (Business Connectivity Services); SharePoint Server 2010 (role-based access, audience targeting); SharePoint Server 2010 (SharePoint site administration, Active Directory Domain Services integration with SharePoint, audit trail) Social Computing Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (My Sites, RSS content syndication, email alerts and notifications, social networks); Office SharePoint Server 2007 (wikis, blogs, discussion boards, customized sites); SharePoint Online (email alerts and notifications, RSS content syndication, My Sites); SharePoint Online (surveys, blogs, wikis); SharePoint Online P1 / P2; SharePoint Server 2010 (My Sites, RSS content syndication, email alerts and notifications, social networks); SharePoint Server 2010 (wikis, blogs, discussion boards, customized sites) Project Mgt Exchange Server 2007 / 2010; Lync 2010; Lync Server 2010; Office 2007 / 2010; Office 365 E1 / E2 / E3 / E4; Office Communications Server 2007 R2; Office Communicator 2007 R2; Office SharePoint Server 2007 (document collaboration, document workspaces); Project 2007 / 2010; Project 2007 (Gantt charts, calendars, task sheets, and visual reports); Project 2010 (Gantt charts, calendars, task sheets, visual reports, resource scheduling view, user-controlled scheduling, top-down summary tasks, task inspector, timeline view, incremental/granular leveling, synchronize with SharePoint task lists); Project Portfolio Server 2007 (portfolio builder, portfolio governance workflow engine, portfolio prioritization, proposal management); Project Server 2007 (resource leveling, Outlook integration, automated email notifications, project updates, server-side scheduling); Project Server 2007 (task creation and delegation, status reports, timesheets); Project Server 2007 (visual reports, resource availability graphs, and budget tracking); Project Server 2010 (business driver definition and prioritization, project portfolio prioritization, governance); Project Server 2010 (enhanced collaboration and reporting, resource management, resource leveling, Outlook integration, automated email notifications, project updates, server-side scheduling); Project Server 2010 (schedule management, financial management, time and task management); Project Server 2010 (task creation and delegation, status reports, timesheets, time tracking improvements, user delegation); SharePoint Server 2010 (document collaboration, document workspaces) Information access FAST Search Server 2010 for SharePoint (federated search, connectors and content ingestion); FAST Search Server 2010 for SharePoint (relevancy control, visual best bets); FAST Search Server 2010 for SharePoint (structured data search); Office 2007; Office 2010 (location-based metadata defaults); Office 2010 (Outlook: keyword tagging for email); Office 2010 (search across business data); Office 365 Dedicated; Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (federated search connectors, entity extraction, automatic best bets, dictionaries); Office SharePoint Server 2007 (federated search connectors, people search); Office SharePoint Server 2007 (federated search connectors, Search-driven applications); SharePoint Online (relevance); SharePoint Online (search federations, people search, relevance); SharePoint Online (Structured data search); SharePoint Online P1 / P2; SharePoint Server 2010 (FAST search usage rights, federated search connectors, entity extraction, automatic best bets, dictionaries); SharePoint Server 2010 (FAST search usage rights, federated search connectors, people search); SharePoint Server 2010 (FAST search usage rights, federated search connectors, Search-driven applications) Interactive experience and navigation FAST Search Server 2010 for SharePoint (faceted search, personalization, visual search); Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (metadata-driven faceted search, unified search, personalization); SharePoint Online (faceted search, unified search); SharePoint Online P1 / P2; SharePoint Server 2010 (FAST search usage rights, metadata-driven faceted search, unified search, personalization); Windows 7 (search); Windows 8 TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Phase 3: BPIO Continued BSRD Messaging Messaging Exchange Hosted Archive; Exchange Hosted Continuity; Exchange Hosted Filtering; Exchange Online; Exchange Online (connects to on-premises Private Branch Exchange); Exchange Online (Standard and Deskless); Exchange Online (Forefront Online Protection for Exchange); Exchange Online (requires on-premises Rights Management Services); Exchange Online Kiosk; Exchange Online P1 / P2; Exchange Online P1 / P2 (dependency on RMS); Exchange Server 2007 / 2010; Forefront Protection 2010 for Exchange Server; Forefront Security for Exchange Server; Office 365 E1 / E2 / E3 / E4 / K1 / K2; Outlook 2007 / 2010; Outlook 2007 / 2010 (enhanced search); Outlook Mobile 2007 / 2010; Outlook Web Access (premium experience); Windows Server 2008 R2 (Active Directory Rights Management Services); Windows Server 2012 Unified Communications IM/Presence Forefront Security for Office Communications Server; Lync 2010; Lync Online / P1 / P2Lync Server 2010; Lync Server 2010 (Group Chat Server); Office 365 E1 / E2 / E3 / E4; Office Communications Online; Office Communications Server 2007 R2; Office Communications Server 2007 R2 (Group Chat Server); Office Communicator 2007 R2; Office Communicator Web Access 2007 R2; Office SharePoint Server 2007; SharePoint Online; SharePoint Server 2010 Conferencing Lync 2010; Lync Online / P1 / P2; Lync Server 2010; Office 365 E1 / E2 / E3 / E4; Office Communications Server 2007 R2; Office Communicator 2007 R2; Office Live Meeting 2007; Outlook 2007 / 2010 (integrated conferencing) Voice Exchange Online; Exchange Online P2; Exchange Server 2007 / 2010 (unified inbox); Lync 2010; Lync Online; Lync Server 2010; Office 365 E3 / E4; Office 365 E4 (Requires On- Prem Infrastructure and Lync Server 2010); Office Communications Online; Office Communications Server 2007 R2; Office Communicator 2007 R2; Outlook 2007 / 2010; Windows Phone 7 / 7.5 Content Creation and Management Information Mgt Office 2007; Office 2007 (document information panel, integrated workflows); Office 2010 (Backstage); Office 2010 (Backstage, location-based metadata defaults, automated population of metadata); Office 365 E1 / E2 / E3 / E4; Office SharePoint Server 2007 (metadata capture, metadata tagging, out-of-the-box workflows); SharePoint Online; SharePoint Online (metadata, out-of-the-box workflows); SharePoint Online P1 / P2; SharePoint Server 2010 (metadata capture); SharePoint Server 2010 (metadata tagging, location-based metadata defaults, automated population of metadata); SharePoint Server 2010 (out-of-the-box workflows) Process Efficiency Office 2007 (InfoPath 2007: browser-based forms, mobile forms); Office 2007 (workflow integration); Office 2010 (InfoPath 2010: WCAG compliant browser forms); Office 2010 (workflow integration through Backstage); Office 365 Dedicated; Office 365 E3 / E4; Office SharePoint Server 2007 (custom non-code workflows, document management site templates); Office SharePoint Server 2007 (custom workflows); Office SharePoint Server 2007 (forms integrated with LOB systems/processes, browser-based forms, mobile forms, centralized forms management and control); SharePoint Designer 2007; SharePoint Designer 2010 (visualize workflows); SharePoint Online (browser-based forms, custom non- code workflows, custom workflows); SharePoint Server 2010 (custom non-code workflows, document management site templates); SharePoint Server 2010 (forms integrated with LOB systems/processes, browser-based forms, mobile forms, centralized forms management and control, WCAG compliant browser forms); SharePoint Server 2010 (reusable workflows); Visio 2007 / 2010 Compliance Office 365 E3 / E4; Office SharePoint Server 2007 (information rights management, retention and auditing policies, document retention and expiration policies, legal holds, retention schedule); Office SharePoint Server 2007 (support for industry standards: Dublin Core, Sarbanes-Oxley); SharePoint Online (information rights management, retention and auditing policies, document retention and expiration policies, legal holds, retention schedule); SharePoint Online (support for industry standards); SharePoint Server 2010 (information rights management, retention and auditing policies, document retention and expiration policies, legal holds, retention schedule); SharePoint Server 2010 (support for industry standards: Dublin Core, Sarbanes-Oxley) Authoring Multi-Device Support Interoperability User Accessibility TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Phase 3: APO BSRD BI and Analytics Platform Business Intelligence Data Mining Add-ins for Microsoft Office; Office 365 E1 / E2 / E3 / E4; Office Professional 2010 (Excel 2010); Office SharePoint Server 2007; PivotViewer; Power View; PowerPivot; Report Builder; SharePoint 2010 Enterprise; SharePoint 2010 Enterprise (Excel Services, PerformancePoint Services, Visio Services); SharePoint 2010 Enterprise (Activity Feeds, Visio Services); SharePoint 2010 Enterprise (Excel Services); SharePoint 2010 Enterprise (Excel Services, Visio Services, PerformancePoint Services); SharePoint 2010 Enterprise (Insights, Excel Services, Visio Services, PerformancePoint Services); SharePoint 2010 Standard; SharePoint Foundation 2010; SharePoint Online (Insights, Excel Services, Visio Services); SQL Azure; SQL Azure Reporting; SQL Server 2008 R2 / 2012; SQL Server Analytic Services; SQL Server Reporting Services; Visio 2007 / 2010 Data Warehouse Management SQL Server 2008 R2 Data Center; SQL Server 2008 R2 Enterprise; SQL Server 2008 R2 Parallel Data Warehouse; SQL Server 2012; Visual Studio 11 / 2010; Visual Studio 2008 (BI Development Studio) Big Data Information Services and Marketplaces Database and LOB Platform Transaction Processing Data Management Office Professional 2010; Office SharePoint Server 2007; SharePoint 2010; SQL Server 2008 / 2008 R2 / 2012 Application Infrastructure Microsoft.NET Framework; BizTalk Server 2006 R2 / 2009 / 2010; Internet Information Services 6 / 7 / 8; Office SharePoint Server 2007; SharePoint 2010; SQL Server 2008 R2 / 2012; System Center 2007 / 2012; Visual Studio 11 / 2008 / 2010; Window Server 2008; Windows Communications Foundation Services; Windows Server 2008 / 2008 R2 / 2012; Windows Server 2008 R2 (Hyper-V); Windows Server AppFabric Custom Development Internet Applications Component and Service Composition BizTalk ESB Toolkit; BizTalk Server 2006 R2 / 2009 / 2010; Office Professional 2010 (Access 2010); Office SharePoint Server 2007; Office SharePoint Server 2007 (Business Data Catalog); SharePoint 2010; SharePoint 2010 (Business Connectivity Services); System Center 2007 / 2012; Visual Studio 11 / 2008 / 2010; Windows Server AppFabric Enterprise Integration Development Platform SQL Server 2008 R2 / 2012; Visual Studio 11 / 2008 / 2010; Visual Studio Team Foundation Server 2010; Windows SDK Application Lifecycle Management TECHNOLOGIES CONCEPTUAL ARCHITECTURE LOGICAL ARCHITECTURE MAPPING PHASE DEFINITION TECHNOLOGIES

Example: Steps to Customize the Solution Identify your top-priority business drivers Identify the business capabilities in the Capability Discussion Guide that match your priorities (see below) Choose the phase (Phase 1, Phase 2, or Phase 3) that corresponds to your priorities Add, remove, or adjust capabilities Customize the pre-defined solutions (Phase 1, Phase 2, or Phase 3) by doing the following: Understand your priorities Choose a starting point Adjust the mapping

Example Solution Area: Phase 1BSRD Datacenter Mgt and Virtualization Data Center Mgt & Virtualization Deployment and management of software updates are tool based. The organization actively uses virtualization to consolidate resources for production workloads. Some production server resources are virtualized. A virtualized server pool is offered as a service. Performance monitoring of physical and virtual hardware with defined SLAs; health monitoring of applications; supported across heterogeneous environments with manual remediation. Services are available during server failure (for example, server clustering, hot spares, and virtualization recovery solution). Server Security Protection against malware is centrally managed across server operating systems within organizations, including the host firewall. Protection for select mainstream/non-custom applications and services (such as email, collaboration and portal applications, and instant messaging), if available, is centrally managed. Integrated perimeter firewall, IPS, web security, gateway antivirus, and URL filtering are deployed with support for server and domain isolation; network security, alerts, and compliance are integrated with all other tools to provide a comprehensive scorecard view and threat assessment across data center, application, organization, and cloud boundaries. Remote access is secure, standardized, and available to end users across the organization. Networking Redundant Domain Name System servers exist to provide fault tolerance. Dynamic Host Configuration Protocol servers are network-aware and include support for automatic configuration. Network quality of service (basic prioritization of applications and services) is standard, with manual allocation of available bandwidth. IPv4 is present for main transport services, using IPv6 for some transport services (for example, to achieve a larger address range). Storage If a single disk or system component fails, no data is lost but data availability may be interrupted. Critical data is backed up on a schedule across the enterprise; backup copies are stored offsite, with fully tested recovery or failover based on service-level agreements. Device Deployment and Management Device Mgt & Virtualization ? Mobile device access configuration is automated and is pushed over-the-air. A solution is in place to configure and update devices. Mobile phones are used for over-the-air synchronization with email, calendar, and contacts. Device Security Protection against malware is centrally managed for desktop systems and laptops and includes a host firewall; non-PC devices are managed and protected through a separate process. Identity & Security Services Identity & Access ? To control access, simple provisioning and de-provisioning exists for user accounts, mailboxes, certificates or other multi-factor authentication methods and machines; access control is role-based. Password policies are set within a directory service to enable single sign-on across boundaries for most applications. Password resets occur through internal tools or manual processes. There is a centralized group/role based access policy for business resources, managed through internal tools or manual processes. Most applications and services share a common directory for authentication across boundaries. Point-to-point synchronization exists across different directories. Information Protection & Control Persistent information protection exists within the trusted network to enforce policy across key sensitive data (such as documents and email); policy templates are used to standardize rights and control access to information. IT Process & Compliance  IT policies are documented for each IT service. Each IT service has a process to manage bug handling and design changes; IT services are tested according to defined test plans based on specifications. IT service release and deployment processes are formally defined and consistently followed. Each IT service provides service-level and operational-level agreements. Processes to manage incidents are in place for each IT service. Monitoring, reporting, and notifications are centralized for protection against malware, protection of information, and identity and access technologies. Problem management processes are in place for each IT service, with self-service access to knowledge base. Risk and vulnerability are formally analyzed across IT services; IT compliance objectives and activities are defined and audited for each IT service. Example: Customized Solution Requirements

Example: Tips to Customize the Solution Server Security helps protect and secure the server infrastructure at the data center from viruses, spam, malware, and other intrusions. Consider using an alternate maturity level that corresponds to your requirements Identify, document, and discuss how a capability may be relevant Keep a capability if you are unsure whether you need it

Engagement Approach Audience Solution road map Solution areas Industry Horizontal Business strategy Integrated Capability Analysis => Projects, architecture, products 1. Present relevant integrated capabilities Present relevant integrated capabilities 2. Position the Integrated Enterprise Platform approach Position the Integrated Enterprise Platform approach 1. Present relevant integrated capabilities Present relevant integrated capabilities 2. Position the Integrated Enterprise Platform approach Position the Integrated Enterprise Platform approach Business executives 1. Understand business needs and priorities Understand business needs and priorities 2. Discuss range of potential solution capabilities Discuss range of potential solution capabilities 1. Understand business needs and priorities Understand business needs and priorities 2. Discuss range of potential solution capabilities Discuss range of potential solution capabilities IT executives Architects IT pro/dev executives

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Optimizing Business Operations Solution Implementer Guide.

Similar presentations

Presentation on theme: "Optimizing Business Operations Solution Implementer Guide."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Optimizing Business Operations Solution Implementer Guide.

Similar presentations

Presentation on theme: "Optimizing Business Operations Solution Implementer Guide."— Presentation transcript:

Similar presentations

About project

Feedback