This questionnaire is aimed at capturin

The scope of this questionnaire limited to only architecture and design

Introduction
uestionnaire is aimed at capturing technical and functional details for a given solution architecture project.

d to only architecture and design related areas, with a primary aim of assessing different areas of architecture and design and assessin

and design and assessing

Risk Categories

Standards Compliance

Fits with organisation standards framework & Bill of IT

Regulatory Compliance

Doesnt require any regulatory compliance

Strategic
Impact/Alignment
Business Impact
Privacy Needs

This is a tactical activity, which doesnt directly

support/impact strategy.
the solution is only used by non business critical
purpose.
There is no sensitive information used

Information Needs

The solution involves existing corporate information

Business Critical

No critical business process/operation is supported by

this solution
Is a local solution, will be used by only few users (i.e.
<50)
Doesnt impact the end users
This is an independent solution that doesnt integrate
with other solutions
Supported business process is very simple

Locale
Usability Impact
Integration complexity
Business Process
Complexity

Scaling
M
Slightly deviates from the standards framework & Bill of IT
Some parts of the project/solution might be subject to
regulatory compliance
The project partly or indirectly supports the BP startegy
The solution will supporte moderately critical business
process
sensitive information is used but in a controlled, internal BP
environment
the solution involes a small amount information
the solution will partially/indirectly support a business
critical operation
Is a regional system, supporting user population>500 more
than one region.
indirectly impact the end users
The integration with the other solution will be minimal (<5
solutions)
Supported business process is moderately complex

H
Significantly deviates from the standards
framework & Bill of IT
Significant/complex regulatory compliance required
The project is directly supporitng the BP startegy
The solution will support highly critical/complex
process, with high level of dependency
sensitive information is used and transmitted
outside the BP environment and shared with third
parties/partners.
the solution depends on information that has not
been previously defined or created
the solution directly supports the business critical
and complex operation
Is a global solution.
Directly impact the end users
The ingration is complex and several systems
across various business units will be integrated.
Supported business process is highly complex

Link to Questionnaire

Category

Sub category

1. General

General
General
General
General
General
General
General
General
General
2. Standards
General
General
General
General
Application Standard
Technical Standards
Technical Standards

Catalog
Functional
Functional
Functional
Functional
Functional
Non Functional
Non Functional
Non Functional
3. Requirements
Management

Non Functional

3. Requirements
Management

Non Functional
Non Functional
Non Functional
Non Functional
Non Functional
Non Functional
Regulatory
Tracibility
Tracibility
Tracibility

4. Functional

Business
Business
Business
Business
Business
Business
Business

Process
Process
Process
Process
Process
Process
Process

Business Process
Business Process
Business Context
Use Cases
Use Cases
Operate and Support
Operate and Support
Operate and Support
Operate and Support
Operate and Support
Operate and Support
Operate and Support

Operate and Support

Operate and Support
Operate and Support

Operate and Support

Integration
Integration
Integration

Integration
Integration
Integration
Integration
Integration
Integration
Integration
Integration
Infrastructure
5. Technical

Infrastructure
Infrastructure
Infrastructure
Infrastructure
Infrastructure
Infrastructure
Infrastructure
Infrastructure
Infrastructure
Infrastructure
Application
Application
Data
Data
Data
Data
Data

Data
Data
Data
Data
Data
Data
Build

6. Testing

Testing strategy & approach

Test Cases
Test Cases
Test Cases
Test Cases

6. Testing
Test Cases

7. Deployment

8. Reporting &
Archiving

Strategy & Approach

Rollout
Decommissioning

Reporting
Reporting
Reporting
Reporting
Archiving
Archiving

Question
What new or enhanced business capabilities will be provided through
this project?
What releases are planned?
Overall high level risk assessment?
What are the biggest risk areas already identified and how are they
addressed?
Are requirements complete and signed off?
Are the architecture and design deliverables complete?
Is there any new vendor involved?
Is this howegrown or packaged solution implementation?
When is the solution due to GoLive? Is it on track?
Have all architecture resources attained license to work?
Are stakeholder concerns and objectives captured and approved?
Is the ACP (Architecture common practice) being followed.
Project Lead Architect assigned?
Architecture Quality Plan agreed with Chief Architect and PM?
Design Reviews scheduled?
Are Key Design Decision and Architectural Risks and Issues being
formally captured and managed?
Are the appropriate architecture deliverables being produced for this
project?
In other words,
is the
AQP appropriate?
Has
the deliverables
been
reviewed
and signed off by the chief
architect?
Risks and Issues are formally captured and managed.
Architecture Principles and constrains are formally captured and
adhered to?
Deviations from standards is formally captured and approved?
Architecture change management process followed?
Engaged with the Risk manager from digital security?
Is there an alignment with Bill of IT? Capture any specific gaps or
misalignments
Does the solution adhere to the organisation standards framework?
Capture any gaps and misalignments.
In case of COTS implementation, is there any deviation from standard
specification (i.e. significant customisation)?
Is there a catalogue of requirements which is formally managed and
tracked?
Functional Requirements formally signed off by business stakeholders
Description of end-to-end business scenarios that the solution must
support
Business Users Identified
Use case captured, defined and agreed with the stakeholders
Business exceptions defined and handled
Explain the performance requirements & how are they addressed in
the design?
Explain the availability requirements & how are they addressed in the
design?
Explain the DR requiremens & how are they addressed in the design?
Explain the capabity requirements & how are they addressed in the
design?

Explain the scalability requirements & how are they addressed in the
design?
Explain the security requirements & how are they addressed in the
design?
Explain the integration requirements & how are they addressed in the
design?
Explain the configuration and customisation requirements & how are
they addressed
the design?
Explain
the datainprivacy
needs and how are they addressed in the
design?
What service levels have been agreed with the business?
What are the regulatory requirements and how are they addressed in
the design?
Requirements can be traced and mapped to the target architecture
and
design
Requirements
can be traced and mapped to the target operating
model
Requirements can be traced to requestor/ stakeholders
Summary of the key changes/impact on the business
process/operations
Developed Business Process Models and captured in ARIS
Business Users, Roles and Groups defined and embedded in design
Business Activity Catalogue developed and captured in ARIS
Business Events Catalogue developed and captured in ARIS
Target matrix of Application to Business Process (CRUD) developed
Business Activities vs. Data CRUD matrix developed
Contextual view to describe how process models fit in Area Target
Operating Model
Developed Business Data Flows
What new or enhanced business capabilities will be provided by this
solution?
Are all the architectural significant use cases defined and agreed with
the stakeholders?
How
many users are going to use this solution and where are they
located
How does the design allow for ease of operation?
What degree of manual steps/intervention required in the operation
and support of the solution?
How does the design cater to the monitoring needs?
What degree of disaster recovery is being planned in the design?
What testing has been done on this?
What is the plan to dicommission the existing system (if applicable)
Is there operational model documented and approved?
Has the impact of downtime documented and agreed with the
stakeholders?
does the system enable the standard processes to be followed for
software upgrade? Is there an automated deploy/rollback capability
for the system, its configuration, code and data
How will bug fixing and enhancements be managed in the future?
Has impact of downtime assessed and documented?
What systems monitoring for end-to-end going to be managed?
Describe the instrumentation included in the application that allows
for the health and performance of the application to be monitored
What is the overall integration strategy and approach.?
How many interfaces are bring designed?
What integration technologies are used and why? (Bus, FTP, etc)

What integration patterns are applied and why? (i.e. real time, batch,
web services, etc.)
Source
data systems
systems to
providing
data -has
have
been
identified
Data
within
be extracted
been
identified
(e.g. live
deals)
Source system availability /batch window has been documented.
Existing interfaces will be re-used.
Data extraction approach is well document and understood
Is the approach for data loading documented?
Are the data load volumesmonitored?
What are the key components and interfaces/data flows in the current
and target states?
Doed high level technical architecture exist, clearly articulating the
target, baseline and the gaps?
Does the detailed technical architecture exist, detailing all technology
components?
Is there an approved technical infrastructure plan?
Is the technical exceptions and handlind approach defined?
Is there a mapping between technical infrastructure and application
components?
i.e. component
which application
which (i.e.
server?
Are the technical
knownsits
andon
defined
which type of
server will be user, what type of storage device is going to be used,
etc.)?
Is there an evidence of calculations/method used ifor working out the
storage, network, and computing capacity?
Is there a clear view of capacity growth in the future?
What is the impact of NFRs on netwok? Is it known?
What is the impact of NFRs on storage? Is it known?
Whats the design for different user access protocols for different sites
(Portal, SAPGUI/Citrix, internal/Internet)?
Is there a logical and physical application architecture defined (high
and low level), for both baeline and target and gaps identified?
Is there a mapping between applications and business process?
Is there a clearly articulated target (logical and physical) data
architecture?
Does data models reflect 3NF?
Entities and Attributes descriptions are verbose and defined using
business terminology
Data model entities/attributes are fully aligned to ARIS process models
Interfaces are well defined with name and short description
Application architecture has been produced showing data flows
Timeliness requirements of interfaces are documented (real time vs.
Batch etc)
List Publishing criteria (business event/triggers) for each message are
documented (where they exist in ARIS - they should be referenced)
Is the data lifecycle defined? (i.e. how and where the data is created,
used and archived)
What is the data migration approach?
What is the data quality and cleanse approach
How are the data privacy needs handled?
Explain the overall testing strategy and approach adopted
Does end-to-end and detailed test cases exist?
Is the positive and negative functional testing performed?
Is the success criteria rigorously defined
is UAT planned?

Can the test case be traced back to requirements?

Whatwill
is the
deployment
rolloutfor
approach?
How
theoverall
software
rollout be and
managed
current and future
releases?
Will the deployment also decommission some existing systems?
Architecture supports reporting (drill down / aggregation /
historization)
Inventory of reports and report categories has been produced
Report timeliness and report usage criteria are known
User/ user profiles are defined
Archiving strategy defined
Archiving arrangement defined and embedded into design

Findings/ Observation

Assessment Result
Adequate
Adequate
Adequate

Adequate
Adequate
Adequate
Adequate
Adequate
Needs
Needs
Needs
Needs
Needs

attention
attention
attention
attention
attention

Needs attention
Needs attention
Inadequate
Inadequate
Inadequate
Inadequate
Inadequate
Inadequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate

Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate

Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate

Adequate
Adequate
Adequate

Adequate
Adequate
Adequate
Adequate

Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate

Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate

Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate
Adequate