Client Problem

The Department of Defence required expert experience and assistance in determining the risks for a highly integrated Logistics Information Systems that utilised Service Oriented Architecture (SOA) and Enterprise Service Bus (ESB) architectural concepts.
 

The Department’s integration process had historically been limited to a project-centric approach that has created stovepipe systems and numerous duplicate systems that were costly to support and maintain. With the acquisition of new components for the Logistics Information System the department selected the use of a SOA architectural approach to integration and management, in order to foster a culture of reuse and support to current and future integration requirements. To ensure the risks to implementation were known and suitably managed the client required support in conducting a technical risk analysis.

SMS Approach

SMS produced a technical risk analysis to determine the risks, their risk level and suitable mitigation strategies following the AS/NZ 4360-2004 standard for Risk Management.

SMS conducted a review of industry best practice and lessons learnt from previous industry implementations of SOA and related technologies. Using this information and SMS expertise in architecting and building SOA environments, potential technical risks were identified. Each risk was analysed as to their likelihood and consequence based on SMS technical expertise and background research.

For medium and high risks, appropriate mitigation strategies were documented that the acquisition project could implement to ensure end goals were achieved without realising the identified risks or limit the potential impact if a risk was to occur.

Recommendation

SMS identified a number of significant technical risks to the acquisition project and made several recommendations on how to mitigate these risks.

These recommendations included:

• The early development of an SOA Governance approach and supporting artefacts.
• Investigation of the use of Federated Enterprise Service Bus (ESB) functionality.
• Creation of a SOA Centre of Excellence to pool limited staff skills and resources to share experiences and guide the implementation of SOA concepts and technologies within the department.
• A focus on requirements definition activities as this was required in order to develop a complete and correct Enterprise Architecture, Business Process Definition and resulting Business Services.
• The use of Enterprise Architecture to drive the overarching SOA design, service definition, process execution and roadmap for achieving the required outcomes.

Outcome

SMS’s Technical Risk Assessment was used to inform Senior Defence Officials on the technical risks for proceeding with the acquisition. In addition, the suggested mitigation strategies helped ensure suitable staff and resources were available to conduct the acquisition project.

The department now has a documented set of potential risks and mitigation strategies for implementing an SOA environment and has revised its implementation plan to align with SMS mitigation strategy.