Critical Analysis for a Case Study

Posted: August 26th, 2021

Student’s Name

Professor’s Name

Course

Date

Critical Analysis for a Case Study

Article Summary

The article: Enterprise Architecture Security Assessment Frameworkauthored by Bandar Mzel Alshammari is a journal of computer sciences that focuses on developing a framework in accordance with well-established concepts of Enterprise Architectures (EA) like Zachman and TOGAF.  In this case, it targets to utilize compositional layers such as processes, information, and application that build the basic functions of these architectures. As such, the study established by the paper involves a combination of principles of data flow analysis critical in tracing the potential flow of information between the low – and high – security enterprise mechanisms. Primarily, the article examines a variety of enterprise architecture frameworks with the objective to show how enterprise architecture frameworks are developed in line with the flow of information security of an organization. Hence, the author clarifies that sucha framework should have the capability to define security-related guidelines and metrics of the established Enterprise Architecture. These are key in facilitating the development of security measures customizable to a particular organization’s information flow.

Literature Review and Theoretical Framework

The literature review looks at various works related to the development of Enterprise Architecture, guiding security principles and key designs in the development of a secure information system for organizations. The author acknowledges the works of other researchers who are concerned that organizations are adopting information technologies although their strategies are yet to align with the effects such changes are introducing. As a result, there are negative implications as most organizations continue wasting resources to match operations withnewinformation technologies. Also, some of the releases of different versions of EA that have been effective in supporting the performance of organizations are mentioned. For instance, the Federal Enterprise Architecture Framework (FEAF), the Ministry of Defense Architecture Framework (MoDAF) and Oracle Enterprise Architecture Framework (OEAF), among others, are used as some of the EA that has been instrumental in helping organizations align with changes in information technology. However, the author analyzes some faults in these EAs, for instance, failure to respond adequately to the needs of Enterprise management especially in decision-making. In this case, therefore, the author takes the opportunity to retrace the direction of the study to focus on the objectives of the paper.

The Open Group Architecture Framework (TOGAF) is the objective and the focus in the literature review. The framework is an intellectual property of the United States Department of Defense (US DOD), developed to help organizations improve their efficiency. The section further acknowledges the security design principles and metrics before drawing a theoretical framework for assessing the EA Security framework. Thus, in the review of related works in this section, the author was exhaustive by attempting to appreciate studies in the same field. 

Study Design and Method

The section begins by highlighting the focus of the paper, which puts the reader updated on the objectives of the study. The study design is structured, making it easy to follow through. The author appreciates the concept of clarity and being specific throughout the methods as they are categorized into phases. Hence, with the help of flow charts and architecture designs, the methods adopted by the paper are appropriate for assessment.

Results and Discussion

The section expounds on topical issues raised in previous parts of the paper such as security metrics, principles, and architecture frameworks among others. The results of the assessment for the Enterprise Architecture Assessment Framework (EASAF) are presented as the author strives to give meaning to these aspects through discussions. In this way, since the aim of developing EA is to help the efficient functioning of different parts of an organization, the author categorizes the principlesand related design metrics under security, employee, process, application and information architectures and assessment. Lastly, the article confirms the aim of EASAF as a suitable framework applicable to any organization’s Enterprise Architecture. Therefore, the results and discussion part of the article furnishes on the study objective by clarifying the concepts while streamlining the intention of the article.