EA case study - Architecture or not?

What is within the scope of Enterprise Architecture? Let us continue with an example from our project list.

Lack of needed contracts is paramount in majority of productions and we need to manage this area to be on the safe side.

The situation now are as:

We have legal obligation to keep copyright agreements for at least 70 years.
We have a few architecture principles that guides development of our solutions.
We have a defined business process in our Production Handbook that require those agreements to be in place before start shooting.
The agreements includes personal identifiable information as defined in GDPR.
Agreements are classified as company confidential. If we one day get a Star Wars contract will it be classified as “company secret”.
The different types of agreements are implemented as Word templates. Unsigned contracts are stored in teams for each production. Each individual contract is printed in two copies and signed by both parties. We also have blank contract on paper with us as a backup if there are late changes in plans.
The signed document is scanned and stored in Microsoft Teams per production. The signed original is kept in a paper archive, one tab per production, until copyright ends.
The production code and name, e.g. “10117 Saving Mimosa”, is managed in the financial systems.
The production code and name, e.g. “10117 Saving Mimosa”, is managed in the media management systems.
The list of which person is part of which production need to solved by another project as part of pre-production process.

What of above parts are Enterprise Architecture for you? Please explain why and why not.

Info

1 Comment

How to control your privacy architecture?

In the previous chapters we have discussed the details on how to document and measure privacy in a mid/large company. However, on key aspect is always governance.

A short definition of governance is: making decisions and then assuring they follow compliance mechanisms via strong organizational and operational metrics. The functional parts of a governance structure are:

Organizational model: The purpose and the structure of the body that manages and partitions responsibilities for each company priority area across the different organizational entities -- corporate, functional groups, and geographies
Decision making: Definition of the decision making and funding processes for on-going planning and management of privacy activities
Process and people: Infrastructure and capabilities for pre and post-deployment support

Typically, in the field of GDPR you have the following roles/people:

DPO (Data protection officer): is the point of contact for the body of authority and normally issues recommendations and best practice for the rest of the organisation.
Controller: is the responsible for processing privacy data and in this model, we have allocated the process owner. The reason is two folded 1) privacy is a business issue not and IT issue 2) each process owner has the means and purpose of the actual data processing.
Processor: is responsible for processing data given by the controller. In our model we do not have that role. The reason is that it normally is the same as the controller from a governance point of view, however limited to what the controller has given permission to execute.

Info

Privacy in the future

We follow Greger Wikstrand in to the world of science fiction to talk about AI and privacy

Info

EA case study - Agile but not agile

Susan Hasty shared an article on LinkedIn by Joost Minnaar, about how to organize a large company without middle management.

Her question to us working with EA was how we will incorporate this in our work.

EA case study - Project portfolio

Our project portfolio starts from the business side, not from an IT perspective.

Disruptive architecture