Frameworks Adopted

Skills Framework For The Information Age (SFIA)

We use this framework to describe the skill levels of our consultants within the SFIA categories. Its topologies also inform the changing terminology for job roles, such as DevOps.

The Open Group Architectural Framework (TOGAF)

This Enterprise Architecture Framework informs the ePatterns approach to all enterprise architecture. All our consultants are educated in the TOGAF framework.

Information Technology Infrastructure Library (ITIL)

Our consultants have many years of experience working with ITIL in the operational environments of large corporations, particularly with IT Service Management (ITSM) and IT Asset Management (ITAM).

National Institute of Standards and Technology (NIST) Cybersecurity Framework

ePatterns considers this the most essential, widely accepted best practice standard for cyber security, mitigating cyber risks. It provides a valuable framework for data privacy and an overall cyber taxonomy.

Internet of Things Security Institute (IoTSI) Framework for Smart Cities and Critical Infrastructure

This comprehensive set of facilitation guidelines and reference architecture for all supply chain participants provides the cyber and privacy principles from base delivery to completion. Our consultants use this to guide IoT cyber security delivery.

The IoTSI Enterprise Architecture Security Framework For IoT Blockchain Apps

This framework, co-authored by our consultants, provides an enterprise security framework to assess the cyber security risks posed by IoT blockchain apps.

U.S. Federal Reference Enterprise Architecture Framework (FEAF)

This reference model underpins and influences other reference models. It has found adoption worldwide.

Australian Government Architecture (AGA) Reference Models

These whole-of-government enterprise architecture sets of models, based on FEAF, provide a reference architecture within the states and federally in Australia.

Zachman Ontology for Enterprise Architecture

This well-established ontology from Zachman/IBM has seen good service; legacy architecture documents are sometimes authored around this schema. Our consultants understand the Zachman framework.

COBIT Governance Focus Areas

COBIT has wide adoption. It is from ISACA, the folk behind the CMMI Institute. It has comprehensive, valuable resources and a particular focus on IT governance. Resources include IT Control Objectives for Sarbanes-Oxley, DevOps Audit Program, and Information and Technology Risk.

Gartner Enterprise Architecture Framework (GEAF) Process Delivery

Gartner is well known for providing market insights into products and services and has worked similarly for enterprise architecture (EA) frameworks and tools. Whereas other vendors publish a static framework of information, Gartner recognises EA as a process delivery and looks at how successful EA programs can be delivered within organisations.

The Gartner Enterprise Architecture (EA) Process Model represents the foundation on which Gartner EA research is described. This provides a visual basis for thinking about how successful EA programs are created and maintained. EA is a process discipline. Done well, it becomes an institutionalised part of how organisations make decisions to direct their investments so that the organisation’s strategy can be realised. The EA process bridges the gap that otherwise exists between business strategy and technology implementation. High-performing organisations are process-disciplined. In turn, every high-performing process must be defined and documented, have process owners and be closed-loop with governance in place. The Gartner EA Process Model has been synthesised from best-practice research to document the EA process as a high-level model.

Enterprise Architecture in a Box 2.0 is particularly useful in establishing a new EA practice at an organisation.

“Enterprise architecture (EA) is a discipline for proactively and holistically leading enterprise responses to disruptive forces by identifying and analysing the execution of change toward desired business vision and outcomes. EA delivers value by presenting business and IT leaders with signature-ready recommendations for adjusting policies and projects to achieve target business outcomes that capitalise on relevant business disruptions.” — Gartner.

Agile Methods

Our consultants are experienced in Agile project delivery and coaching agile. As a collection of methods, organisations adopt and tailor the methods to their needs, so the experience tends to differ for each client.

Our consultants are experts at business analysis using INVEST user stories.

Agile is very prevalent in our client industries. We find it is used as a delivery method alongside other processes adopted by the organisation. Correctly administered, its preference for direct communication over documentation assists in identifying issues early.

We have found the Scrum I-N-V-E-S-T criteria for business analysis particularly effective for authoring useful user stories.

PRINCE2 – Version 7

Our consultants are experienced in delivering programs to the Projects IN Controlled Environments (PRINCE2) methodology.

Project Management Professional (PMP)

Wherever required, we adopt the PMBOK processes for PM professionals.

Capability Maturity Model Integrated (CMMI)

This excellent framework for assessing the process maturity of an organisation was initially developed at the Software Engineering Institute (SEI) at Carnegie Mellon University (CMU) and is now maintained by its institute. Our consultants have been instrumental in establishing QA departments in global engineering companies based on this model. Its initial popularity was in software engineering of mission-critical products, but it can be used to improve any organisation’s process maturity.

The framework assesses the maturity of processes from (1) initial, (2) managed, (3) defined, (4) quantitively managed, to (5) optimised. A key point of maturity is (3) defined, where all processes have been written down and are accessible to everyone in the organisation. Once this has been established, higher maturity levels can be achieved.

It has been noted that CMMI is not compatible with some other processes, such as extreme programming (XP), which prefers spoken requirements to written ones. However, LeanCMMI has been successfully developed, combining agile methods with CMMI to achieve lower-level maturity ratings (2 or 3).

Failure Mode and Effects Analysis (FMEA)

Design FMEA is more an engineering practice than a modern risk management organisational discipline, though it is a very valuable discipline in engineering product development. Its strength lies in analysing the effects of failures before they occur, particularly in a cross-functional context. This way, a product can be developed with known effects of failures, however unlikely their occurrence. This is particularly important in mission-critical systems.

Engineering Risk Analysis and Management (AS/NZS ISO 31000:2018)

This is a core engineering management discipline. It principally focuses on engineering failure and managing that risk. It forms the basis of ePatterns Consultants’ enterprise risk management.

NIST Risk Management Framework (RMF)

This RMF focuses on IT rather than engineering and prefers dedicated risk managers. It is qualitative and has a strong cybersecurity focus.

Open Group’s FAIR Body of Knowledge (O-RA 2.0.1)

The quantitative risk management framework from the Factor Analysis of Information Risk (FAIR™) Institute that The Open Group has adopted.

Risk is analysed and quantified in financial (dollar) terms. This is the leading methodology for quantifying information risk. It is best as a complement to qualitative methods.

The Open Group standards,

1. O-RT, Risk Taxonomy Standard, and
2. O-RA, Risk Analysis Standard,

fully embrace FAIR.  ePatterns Consultants have a high regard for this approach to risk management.