This Executive Report is an update to a 2015 edition that introduced a process for deriving enterprise architecture (EA) value metrics that align with the value drivers particular to an organization — those important to both the core business capabilities of the organization as well as its key stakeholders. It contains refinements to the process as well as additional information and perspectives from the field regarding the strategic use of value metrics that will, over time, allow the EA organization to be viewed as a strategic resource/partner and eventually earn a seat at the strategic planning table.

This Executive Summary accompanies an update to a 2015 Executive Report that introduced a process for deriving enterprise architecture (EA) value metrics that align with the value drivers particular to an organization — those important to both the core business capabilities of the organization as well as its key stakeholders. It contains refinements to the process as well as additional information and perspectives from the field regarding the strategic use of value metrics that will, over time, allow the EA organization to be viewed as a strategic resource/partner and eventually earn a seat at the strategic planning table.

We believe that at the heart of the ability to manage an ongoing and multilayered organizational transformation rests a sophisticated enterprise architecture capability with a specific charter to act as a transformation engine connecting strategic intent and execution excellence.

Risk is not just about what we do; it is also inherent in what we don’t do. Standing still while the world moves can be as dangerous as moving out of step with real events. Architecture, too, like everything else, has risk, and it is probabilistic in nature.

It is a given that architects need to find ways to address the “absolutes” around a solution — the things that we know to be true for sure — in an effective, efficient, and elegant manner. Yet solving problems that truly matter generally involves a high degree of uncertainty. Unfortunately, the more ambitious the objectives, the more unfamiliar the context, and the bigger the unknowns, the greater the likelihood that those uncertainties — when unaddressed — will impede the emergence of a good architecture.

The definition of “Agile architecture” is neither clear nor concrete. Instigated by hype, EA managers may rush to implement fashionable Agile approaches to the detriment of their organizations. Instead, they should strike a balance between up-front planning and agility — because no firms can plan their future in every detail, and not one single company can avoid planning altogether to stay perfectly Agile. As we explore in this Executive Update, EA managers should determine the “golden mean” between total planning and full agility that best meets the specific needs of their organizations.

Timothy Chiu discusses how data and digital architectures require improved application security and how the new security framework from the US National Institute of Standards and Technology (NIST) endorses this view. As more and more organizations move rapidly to the cloud, he argues, applications and their associated data are increasingly at risk. With support­ing data from multiple sources, Chiu frames the risks through examples of data breaches across multiple industries and geographies. Fortunately, he says, NIST is on the case.