An Introduction to sentaire & Our Capabilities
Edmundo Llopis sentaire Partners, LLC. llopise@sentaire.com 917.207.7437
sentaire.com
Drawings by Hugh Macleod (www.gapingvoid.com)
1
Index • Challenges • How can an executive lower risk and improve systems H ti l i k di t portfolio management • sentaire’s Capabilities p – Risk Management – Information Management Frameworks
• Appendix A di – Information Management Framework Components
2
Technology is getting more complex and less predictable in the collaborative, interconnected world ‌.
And demands on applications and management requirements are increasing‌. 3
IT Executive Challenges IT Executives are often faced with investment decisions in IT Executives are often faced with investment decisions in technologies, obstacles in completing projects, limited availability of SMEs and consuming operational challenges without the bandwidth, and sometimes in‐house expertise, ih h b d id h d i i h i necessary to perform effective information technology and management evaluations and manage deliverables.
4
How can an executive lower risk and improve systems portfolio management? systems portfolio management? • EExpand the due diligence and management process to enable a d th d dili d t t bl richer risk assessment by establishing relationships with experienced companies that know how to evaluate and improve organizations process and technology organizations, process and technology • Increase capacity by routinely seeking fresh ideas and input by collaborating with experienced SMEs outside the Firm/company who can tap into, or create, communities of domain expertise using collaborative technologies
5
sentaire Capabilities •
sentaire Partners is a boutique management consulting firm comprised of highly experienced and results‐oriented professionals
•
Our team provides expertise and real‐world, international experience of O t id ti d l ld i t ti l i f complex technology systems and organizations in highly regulated environments
•
We focus on collaborating with Venture Capital, Private Equity and Financial W f ll b ti ith V t C it l P i t E it d Fi i l Services firms, helping our clients to make informed decisions regarding the information technology aspects of their investments
•
Our services are: O i – Risk Management • IT, Operational and Credit risk – Information Management I f i M • Designing, building and managing Information Frameworks for complex business processes – Provide temporary Subject Matter Experts P id t S bj t M tt E t 6
sentaire Capabilities ‐ Risk Management • Information Technology Advisory (pre and post) service is an area of focus. We gy y (p p ) add value by advising firms to evaluate the technology, or organization, by enhancing the due diligence process as follows: •
Reality
•
Uniqueness
•
Structural Soundness
•
Security
•
Management Controls
•
Effectiveness of Software Management Processes
•
Emerging Technology Awareness
• Regulatory and Compliance • Business Process & Internal Controls Business Process & Internal Controls • Runaway Project Organization Optimization and “Get Get Well Well” Plans Plans • Organization Optimization and Structural soundness, resilience, efficiency, security, control and compliance is in the DNA of all our experienced SMEs.
7
sentaire Capabilities – Information Management Business effectiveness and performance A hit t Architecture Maturity Stages M t it St Strategic Implications of IT Local/Functional 100%
Optimization
IT Efficiency 25%
Operational p Efficiency
Strategic g Agility
16%
15%
e.g. Funds Management System, Trading Systems
32%
34%
Enterprise Systems
Local Applications
Percentage of ITT Investment
36%
21%
e.g. Core System Replacement, Online Channels, Document Management, Workflow
18%
35%
11% 0%
Business Silos
40%
35%
33%
14%
17%
18%
Standardized Technology
Optimized Core
Business Modularity
75%
**
Shared Infrastructure e.g. IVR, voice and data network, enterprise processing services, data storage services, security services
Shared Data e.g. Group Data Warehouse, Operational Data Stores
A hi Architecture Maturity M i IT Budget*
100%
85%
8 *IT budgets from 103 firms are corrected for industry differences with business silos as the baseline. **Only five firms in stage four reported their IT budgets so data is not reliable.
Information Management Frameworks Summary The work of sentaire Partners is in the sweet spot of what is important f business effectiveness for ff and performance f • Federated Q Queryy
Metadata Repository
Smart Query
Routing//Msg. Middlewa are
Portal Integration at Th Glass The Gl
Common J2EE Business Components & Intelligent Routing Capabilities
Data Source
Data Source S
•
– To quickly integrate user interactions into portals and other channels
•
Security Mechanisms – Ensure that interactions are secure whether it be an employee, contractor, customer, prospect or business partner using the system using the system.
App
Legacy
Pre‐built Components – To speed up the development of cross p p p channel service solutions Templates and Abstraction Layers
•
Meta‐models, Taxonomy and Information Architecture – To help manage all the content, syndicated or company created or company created
•
Toolkits and Expertise – To link together business processes that span multiple systems
9
International Portal and Wiki Framework (IPF) IPF supports fast and cost effective implementation of core building blocks using a services oriented architecture: Portal, Security, Content Management, Application Integration.
Business Mgr
Admin
clickstream data
Clickstream
Clickstream
C Content Repository
Search Engine
Meta data
Portlets
User
Clickstream data as profile attributes
Interwoven Content Management System
Rules, Segments, Profile attributes
Metadata by open deploy
Runtime Environment
Web Server
metadata
Content by open deploy
raw Offline clickstream environment data
Analytics Author, A th Editor, Admin
Portal Presentation Services
Virtual profile repository
Profile Service
Rules Engine
b KYW Web Services
Rules
Personalization Service Aggregate user profile
SOA CitiSOA Infra.
KYP KYP Web Web Services Application Integration Messaging API
Authentication, Authorization
Local Repository
Security Service Service Security SSO
Entitlements g Engine
Golden RITS Source Data Application content/ data
Existing pp Apps Existing Apps Existing Apps
Secure Email Admin
outbound email
IPF Case Study ‐ Leading US Financial Issues – – –
Service channels not integrated, inconsistent customer experience Scalability and performance constraints, sites keep going down High cost of ownership for e‐solutions because of proliferation of platforms High cost of ownership for e‐solutions because of proliferation of platforms
–
Migrated all sites to a single, standardized portal platform • • •
–
Migrated access management to unified, scalable security platform • • • •
–
Integrates 3 different content managers using a standard interface
E Encapsulating key re‐usable business functionality l i k bl b i f i li •
–
Migrated several million users from the problem security product to new product while in production Provided Single‐Sign Provided Single Sign On across all BUs and their portals On across all BUs and their portals Other channels now integrating to common security service Scaling issues addressed in portal and service applications
Implemented support for multiple content managers with a single application interface •
–
Common Portal Platform, which supports tiered BU portals Methodology defined the migration process Portal supports standards such as WSRP, JSR 168 , JSR 170, etc.
Rolling out Web Services based business functions
Result • • •
State of the art implementation. Faster time to market. Consolidation and cost savings Scalability, stability issues addressed, sites now stable with several thousand concurrent users Platform based on industry standards, can evolve to meet growing business requirements
Federated Query Services Fast, highly cost effective integrations for business processes
•
Pros ▫ ▫
▫ ▫
▫ ▫
▫
•
Golden Source Data is exposed as a web service Middleware defines a node in a Data Service Grid for query processing (complex data access, aggregation, modeling, and rendering) Message patterns are enforced and exploited on the middleware Middle‐tier integrates for performance across backend systems (14 request‐response integrations inherently slow) Middle‐tier manages asynchronous workflows for web service consumers Middle‐tier consolidates software interfaces to simplify management and ease integration for service consumers (Information Architecture) Integrations become strategic rather than tactical
SOA
App-1 App C3PAR 1 XML C3PAR
App-2 Armor Armor
Start Start
callback
JWS JWS Queue Queue Queue
XML
method Vendors CASP
App-3 CSRS CSRS
method
callback
XML
Assets Netinfo
App-4 App CRMR 4 CRMR
jms control
XML
method
callback
…
▫
method
…
▫
As levels of reuse rise, more sophisticated capacity planning required Dependencies between different groups (both development and run‐time) Better process management, governance and SDLC required
RITS C3PAR Middleware Workforce Query C3PAR Middleware Middleware W k h Workshop
service control
Cons ▫
Non-SOA
STOP STOP
WL8.1/Solaris
Structure of Federated Query Services
Service Consumers
Service Structure defines effective roles and responsibilities for governance, and should lend itself to the analysis of the economics
Service Domains • Business Services of broad interest and utility • NOT Golden Sources for the information; only a delivery service • High-degree of inter-operability • Support common interfaces • Certification (WS-I Basic and Security Profile Compliant, etc.) • Reporting R ti
Compliance Risk Management Corporate p Investment Purchasing International Trade & FX Retail
… Secu urity Master Data Mgmt.
Reference Data agement Mana
Know-Your-Assets ur-Systems anagement Profile Ma
Know-Your--Workforce Profile Mgm mt.
-Workforce Know-Your Know-You W ur-Partners& urProfilePro Mg gmt.Mgmt. Partners ofile
Know-Your-Customer Profile Management
Service Domains
…
Supply-and-Demand Analysis • Derives Service Domains • Service Suitability • Service Roadmap • Basis for ROI arguments
Federated Query Case Study ‐ y y Leading US Financial g Issues – – –
–
Operational Risk Compliance Findings increase breadth and depth of information security Rapid growth, mergers and ‘federal” organization model leads to multiple applications, systems and user directories leading to integration and management problems leading to integration and management problems Security exposure because of multitude of applications and access mechanisms, leading to inability to implement security policies consistently
Security Services introduced to implement: • • •
–
Key applications now share the same Enterprise Services •
–
Enterprise Services containing all employees, contractors, and vendors Access Control: Identification, Authentication and Authorization of users User Profile synchronization for all participating applications Automatically populated from HR systems and synchronized when employees join, move, leave or get assigned new roles
Result • • • •
Information Security compliance Information Security compliance Centralized management of Security Policies Consistent Profile Information across consuming applications Security Framework can be extended to include customers, partners and other stakeholders
Information Retrieval Frameworks Shared Services Architecture provides consistent, platform independent support for Operational Risk applications
Asset Service Domain
Application
Application
Media Transfer
3rd Party y Access AccessRegistry Registry (J2EE)
3rd Party Information Security Assmt. (.NET)
Information Security Incident Mgmt (J2EE/.NET)
Systems Inventory (Application)
Systems Inventory (Network)
Continuity of Business
Sarbanes-Oxley (Corp. Finance)
…
Security, Privacy & g Provisioning Compliance (Info. Security)
Know Your Assets
…
Capacity, Business Continuity, and Contingency
…
Basel II (Capital Msrmt. And Standards)
Network (.NET) Tech. (.NET) Empl (Sybase) Vendor (.NET) SW (.NET) ( NET) Real Est. (DB) Risk (J2EE, .NET)
GLBA
US Patriot & AML Compliance
Application
…
Corporate Compliance
Shared Services
In ntegrated Risk Management M Dashboard
Risk Manager
Application
Workf orce Service Domain Empl (Sybase) Vendor (.NET) Prod. (.NET) Org (.NET) Risk (J2EE, .NET) Identity Mgmt. HR Systems
Customer Service Domain CIF (J2EE) D&B (J2EE) Vendor ((.NET)) US Patriot (J2EE)
…
Mantas 3
Smart Query Case Study ‐ y y Leading US Financial g Issues
–
Basel II increases traceability and transparency requirements for Credit Risk Reporting across distributed systems that cut across all lines‐of‐business, both wholesale and retail Data Quality Governance essential to reducing Capital Adequacy requirements e g absent data requires worst case Data Quality Governance essential to reducing Capital Adequacy requirements, e.g., absent data requires worst case RWA calculation Scope leads to multiple application, system and supporting service integrations and management problems
–
Centralized metadata repository implements:
– –
• • •
–
Key applications share the same metadata repository •
–
A management point to ensure consistent, unified business, logical and physical data model across system components Richer distributed data model support with centralized “linking tables” D Dynamically generated queries based on current meta‐data i ll t d i b d t t d t Automatically populated from Basel II sub‐systems
Result • • •
Better management capabilities for data quality Better management capabilities for data quality Ability to execute real‐time traceability and transparency in regulatory reporting Flexible queries across distributed data sources that automatically adapt to changes to the data model
Basel II Traceability and Transparency Smart Query Framework provide centralized management of business entity metadata and taxonomies for dynamically generated, optimized queries across distributed sources
Market Risk
Operational Risk
Sarbox G/L
3rd Party Reference: Design Time Model-Based Mapping: Run Time
Credit R Risk
Transparency Pivot
ETL
Whole Sale
Corp Rep.
Risk
ETL
ETL
Data Sources
Retail
RWA Calc.
Legal Entity Local Rep.
sentaire Capabilities – Information Management Key Benefits y •
•
• •
18
Reduces complexity, improves integration capabilities • Cross channel, services based architecture • Conforms to the SOA approach now adopted by all major players f h h d d b ll j l Lowers operational cost • Rationalization and consolidation of application platforms and lowers cost • Reliability Availability Manageability Performance Security improvements y y g y y p • No dependency on any single vendor solution, mitigates product risks Lowers development cost • Full service offering with offshore cost advantages I Increases predictability, reduces risk di t bilit d ik • Proven methodology SEI Level 5 SW development life cycle processes • Strong reference implementations
Appendices
19
Increase Portfolio Efficiency thru shared services Tiers
…
Presentation
Business Process Integration
Application Infrastructure
1
A
Application
Business Service
Technical Service
2
B
…
HR Application HR Application
Z
1
2
AML Application AML Application
…
…
Id&EM Application
…
Monitor transaction <t>
Log <x> on <y>
…
Y
Is <prospect> on AML list
Open <type> Account
Enterprise Applications (SFA, CRM, Custom, Legacy, Mainframe)
…
Authenticate <user>
Configure a new instance of <x>
Specialty Infrastructure Directory, Search, Content, etc
…
Data and Information
20
X
Database
Data Warehouse
CMDB
Customer Single View
Worker Identity Store
Enterprise e Service Bus
Technical Infrastructure
E Enterprise Service B Bus
Application
C
Presentation Tier Security Services (User Authentication and SSO) Portal Server (JSR 168)
Web Server
Web Content Server (JSR 170)
Enterprise Content Mgmt.
Customization Admin
Caching JSP, JSF
Entitlements Admin
Localization
Look & Feel Look & Feel
Localization
Look & Feel Look & Feel
Search
Digital Asset Mgmt Mgmt.
Navigation
JSR 168/WSRP
Navigation
Web Services
Collaboration
Document Mgmt.
Click Stream
Records Mgmt.
Transpareency
Caching Personalization
Tiles
Struts (MVC), moving toward Shale
Business Processing Tier Business Processing Tier
Services
BPEL Workflow
Logging
BPMN
Configuration
Traceeability
Dist. TP (XA)
Info. Integration
Golden Source Frameworks
Core, WEB, ORM DAO ORM, DAO, AOP
Workflow
Meta‐Data
EII
WS‐Security SOAP 1 0 SOAP 1.0
WSDL 1.0
Golden Sources
Enterprise Information Integration (EII)
GS Mediator GS Mediator GS Producer
WS‐Interop
SAML
Information Middleware
Services Metadatta (CWM)
Business Intelli.
Spring Container
BPEL Engine
S i St d d Service Standards Reporting
App Server (J2EE)
Profile Mgmt.
Work Force Partners
ODS
Data Warehouse ETL
App DB
Assets Financial Ref.
21
Presentation Tier Security Services (User Authentication and SSO)
Transparency
SharePoint Portal SharePoint Portal
IIS ( NET) IIS (.NET)
Enterprise Content Mgmt.
Caching
Customization
Caching
Entitlements
Profile Mgmt.
Personalization
Admin
ASP.Net
Admin
Search
Localization
Look & Feel
Localization
Look & Feel
Digital Asset g Mgmt.
Collaboration
WSRP
Navigation
Web Services
Document Mgmt.
Navigation
Click Stream
Records Mgmt.
Business Processing Tier
Services
BPEL Workflow
Logging
BPMN
Configuration
Tracceability
Dist. TP (XA)
Info. Integration
Golden Source Frameworks
Core, WEB, ORM, DAO, , , AOP
Workflow
Meta‐Data
EII
WS‐Security SOAP 1.0
WSDL 1.0
Golden Sources
Enterprise Information Integration (EII)
GS Mediator GS Producer
WS‐Interop
SAML
Information Middleware
Services Metadaata (CWM)
Business Intelli.
Spring.Net Container
BPEL Engine
Service Standards Reporting
.NET App Server
22
Web Content Web Content Server (JSR 170)
Work Force Partners
ODS
Data Warehouse ETL
App DB
Assets Financial Ref.