Presentation is loading. Please wait.

Presentation is loading. Please wait.

LMI Enterprise Architecture and Information Assurance Integration Approach A Case Study.

Published byEugene Coaker Modified over 9 years ago

Similar presentations

Presentation on theme: "LMI Enterprise Architecture and Information Assurance Integration Approach A Case Study."— Presentation transcript:

1 LMI Enterprise Architecture and Information Assurance Integration Approach A Case Study

2 P A G E 2 Agenda Introduction Background/History Why Integrate EA and IA LMI LEAP Methodology Approach to EA IA integration Challenges encountered Solutions developed P A G E 2

3 P A G E 3 Overview of LMI—History Founded in 1961 by Secretary McNamara under the Kennedy administration “…to bring the best minds to bear on solving our government’s most complex management problems”

4 P A G E 4 Background/History —Continued LMI is an independent not-for-profit government consulting firm –Located in McLean, VA LMI has substantial experience assisting federal agencies with IT planning and implementation, including EA and IA.

5 P A G E 5 Background/History —Continued Dr. Didier Perdu and Dr. Roxanne Everetts LMI Research Fellows –Members of the EA and IA communities of practice Dr. Perdu is the EA Practice Technical Advisor; over 20 years experience with EA Dr. Everetts leads the IA Practice, over 28 years experience in IT, last 15 in IA

6 P A G E 6 Initial Problem LMI was asked to developed an IA EA integration implementation plan – in response to requirements from GAO EAMMF to capture security aspects in EA Conducted initial research to establish state of the practice and identify industry best practice for integration approach

7 P A G E 7 Findings Over-estimated maturity of the practice IA requirements are not included in EA models and artifacts IA has only been routinely integrated into Design Phase of the System Development Life Cycle (SDLC) Bottom line: There is limited integration between EA and IA

8 P A G E 8 Why integrate EA and IA EA can be used to express IA throughout SDLC EA provides enterprise-wide coordination and integration of processes, information, and technology EA enables multi-layered analysis of managerial, technical and operational elements EA can enable organizations to meet the challenge of ensuring the optimal allocation of resources while providing the highest level of security

9 P A G E 9 Call to Action Based on findings, LMI decided that its EA approach, LEAP should be modified to integrate IA –In response to increasing requests –To best serve our government clients –To align our practice with emerging industry standards and best practices

10 P A G E 10 What is LEAP? LMI Enterprise Architecture Practice (LEAP) is the approach used by LMI since 2000 to help federal agencies develop and implement Enterprise Architecture LEAP perspective is that EA is more than a set of products required to achieve compliance Interrelationship of architecture layers

11 P A G E 11 LMI EA/IA Integration Methodology Focus of IR&D project to integrate IA into EA program Formed team of EA and IA specialists Reviewed existing EA document Reviewed IA controls Mapped NIST Security controls to EA process layers Identified EA products/artifacts to address controls

12 P A G E 12 Challenges Encountered No common taxonomy Unsure of impact of IA controls on EA artifacts Gap between EA process oriented focus and IA system/technology focused approaches Lack of Industry Best Practices for integration approach

13 P A G E 13 Solutions Developed Extend BPMN to cover process areas where security controls apply –Bridge gap between process focus vs system focus For each IA control, identify changes to related EA artifacts to address security

14 P A G E 14 Solutions Developed —Continued

15 P A G E 15 Solutions Developed —Continued Initiate EA and IA staff orientation sessions –To develop common understanding and taxonomy Transform research into best practices –Reach out to both the EA and IA communities –Participate in the public discussion –Share our experience with the community

16 P A G E 16 Next Steps Normalize LEAP with Federal Segment Architecture Methodology (FSAM) Continue to monitor emerging industry standards and best practices Continue research and development activities

17 P A G E 17 For further information Dr. Didier Perdu 571-633-7757 DPerdu@LMI.org Dr. Roxanne Everetts 703-917-7271 REveretts@LMI.org

18 P A G E 18 Speakers’ Bio Roxanne B. Everetts, DM, CISSP, CISM, CBCP, is a Information Assurance Research Fellow at LMI with over twenty five years of progressively increasing information technology experience, including systems administration, database design and implementation, open systems migration, staff training and management, and general management experience. As a Research Fellow at LMI, Dr. Everetts uses her extensive technical background to provide high-level support in the areas of Information Systems Security, Information Assurance, Information Operations, and Critical Infrastructure Protection. She provides support to multiple government agencies, providing functional and operational expertise analyzing information security requirements to assist customers establishing information assurance and defensive information operations programs. Dr. Everetts performs extensive research on policy issues for a variety of customers. Dr. Didier Perdu is a Research Fellow with LMI Government Consulting and heads the Tools and Methods Group of the Enterprise Architecture Practice. He has more than twenty years of experience in modeling and evaluation of enterprise architecture and information systems using a variety of methodologies and software packages. Dr. Perdu has worked on many Enterprise Architecture projects for government clients such as GSA, OMB, US Army, CMS, and GPO. Dr Perdu holds a Ph.D. in Information Technology from George Mason University and a Master of Science in Technology and Policy from MIT.

Download ppt "LMI Enterprise Architecture and Information Assurance Integration Approach A Case Study."

Similar presentations

Understanding Student Learning Objectives (S.L.O.s)

Understanding Student Learning Objectives (S.L.O.s)
Business Alignment Using Enterprise Architecture

Business Alignment Using Enterprise Architecture
© 2008 IBM Corporation IBM Information Infrastructure Assessment Tool Suite June 18, 2009 Jean Wingler, Funda Eceral, Mike Barton, Mike Dickson, Eileen.

© 2008 IBM Corporation IBM Information Infrastructure Assessment Tool Suite June 18, 2009 Jean Wingler, Funda Eceral, Mike Barton, Mike Dickson, Eileen.
[Imagine School at North Port] Oral Exit Report Quality Assurance Review Team School Accreditation.

[Imagine School at North Port] Oral Exit Report Quality Assurance Review Team School Accreditation.
Managing Compliance Related to Human Subjects Research Review Joseph Sherwin, Ph.D. Office of Regulatory Affairs University of Pennsylvania Fourth Annual.

Managing Compliance Related to Human Subjects Research Review Joseph Sherwin, Ph.D. Office of Regulatory Affairs University of Pennsylvania Fourth Annual.
Presidents FY13 Federal Budget Crop Protection Funding Line Susan T. Ratcliffe Ph.D. Crop Protection Visioning Teleconference March 7, 2012 1.

Presidents FY13 Federal Budget Crop Protection Funding Line Susan T. Ratcliffe Ph.D. Crop Protection Visioning Teleconference March 7,
2 Session Objectives Increase participant understanding of effective financial monitoring based upon risk assessments of sub-grantees Increase participant.

2 Session Objectives Increase participant understanding of effective financial monitoring based upon risk assessments of sub-grantees Increase participant.
ASYCUDA Overview … a summary of the objectives of ASYCUDA implementation projects and features of the software for the Customs computer system.

ASYCUDA Overview … a summary of the objectives of ASYCUDA implementation projects and features of the software for the Customs computer system.
. . . a step-by-step guide to world-class internal auditing

. . . a step-by-step guide to world-class internal auditing
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
FMS. 2 Fires Terrorism Internal Sabotage Natural Disasters System Failures Power Outages Pandemic Influenza COOP/ Disaster Recovery/ Emergency Preparedness.

FMS. 2 Fires Terrorism Internal Sabotage Natural Disasters System Failures Power Outages Pandemic Influenza COOP/ Disaster Recovery/ Emergency Preparedness.
International Financial Reporting Standards The views expressed in this presentation are those of the presenter, not necessarily those of the IASC Foundation.

International Financial Reporting Standards The views expressed in this presentation are those of the presenter, not necessarily those of the IASC Foundation.
Data Architecture at CIA Dave Roberts Chief Technical Officer Application Services, CIO CIA

Data Architecture at CIA Dave Roberts Chief Technical Officer Application Services, CIO CIA
CPIC Training Session: Enterprise Architecture

CPIC Training Session: Enterprise Architecture
An Overview of the Federal Segment Architecture Methodology

An Overview of the Federal Segment Architecture Methodology
1 DOE Safety Committee Handbook. 2 Effective Safety Committee! Make it work for you!

1 DOE Safety Committee Handbook. 2 Effective Safety Committee! Make it work for you!
0 - 0.

0 - 0.
Addition Facts 1 - 20.

Addition Facts
Modern Systems Analyst and as a Project Manager

Modern Systems Analyst and as a Project Manager
MSCG Training for Project Officers and Consultants: Project Officer and Consultant Roles in Supporting Successful Onsite Technical Assistance Visits.

MSCG Training for Project Officers and Consultants: Project Officer and Consultant Roles in Supporting Successful Onsite Technical Assistance Visits.

Similar presentations

Ads by Google