IT Architecture Process Maturity Levels (Level 1: Initial (Processes are…
IT Architecture Process Maturity Levels
Level 1: Initial
Processes are ad hoc and localized. Some IT architecture processes are defined.
IT architecture processes, documentation, and standards are established by a variety of ad hoc means and are localized or informal.
Minimal, or implicit linkage to business strategies or business drivers.
Limited management team awareness or involvement in the architecture process.
Limited operating unit acceptance of the IT architecture process.
The latest version of the operating unit's IT architecture documentation is on the web. Little communication exists about the IT architecture process and possible process improvements.
IT security considerations are ad hoc and localized.
No explicit governance of architectural standards.
Little or no involvement of strategic planning and acquisition personnel in the enterprise architecture process. Little or no adherence to existing standards.
Level 2: Under Development
The architecture process has developed clear roles and responsibilities.
IT vision, principles, business linkages, baseline, and Target Architecture are identified.
Explicit linkage to business strategies.
Management awareness of architecture effort.
Responsibilities are assigned and work is underway.
The DoC and operating unit IT architecture web pages are updated periodically and are used to document architecture deliverables.
IT security architecture has defined clear roles and responsibilities.
Governance of a few architectural standards and some adherence to existing Standards Profile.
Little or no formal governance of IT investment and acquisition strategy.
Level 3: Defined
The architecture is well defined and communicated to IT staff and business management with operating unit IT responsibilities.
Gap analysis and migration plan are completed. Fully developed TRM and Standards Profile.
IT architecture is integrated with capital planning and investment control.
Senior management team aware of and supportive of the enterprise-wide architecture process.
Most elements of operating unit show acceptance of or are actively participating in the IT architecture process.
Architecture documents updated regularly on DoC IT architecture web page.
IT security architecture Standards Profile is fully developed and is integrated with IT architecture.
Explicit documented governance of majority of IT investments.
IT acquisition strategy exists and includes compliance measures to IT enterprise architecture
Level 4: Managed
IT architecture process is part of the culture.
IT architecture documentation is updated on a regular cycle to reflect the updated IT architecture.
Capital planning and investment control are adjusted based on the feedback received and lessons learned from updated IT architecture.
Senior management team directly involved in the architecture review process.
The entire operating unit accepts and actively participates in the IT architecture process.
Architecture documents are updated regularly, and frequently reviewed for latest architecture developments/standards.
Performance metrics associated with IT security architecture are captured.
Explicit governance of all IT investments. Formal processes for managing variances feed back into IT architecture.
All planned IT acquisitions and purchases are guided and governed by the IT architecture.
Level 5: Optimizing
Concerted efforts to optimize and continuously improve architecture process.
A standards and waivers process is used to improve architecture development process.
Business involved in the continuous process improvements of IT architecture.
Senior management involvement in optimizing process improvements in architecture development and governance.
Feedback on architecture process from all operating unit elements is used to drive architecture process improvements.
Architecture documents are used by every decision-maker in the organization for every IT-related business decision.
Feedback from IT security architecture metrics are used to drive architecture process improvements.
Explicit governance of all IT investments.
No unplanned IT investment or acquisition activity.