There are six reference models in the common approach to Federal EA:
- Performance Reference Model – PRM
- Business Reference Model – BRM
- Data Reference Model – DRM
- Application Reference Model – ARM
- Infrastructure Reference Model – IRM
- Security Reference Model – SRM
These reference models are taxonomies that provide standardized categorization for strategic, business, and technology models and information. This supports analysis and reporting across agency EAs and each of the documentation domains.
Each reference model will have its own taxonomy, methods, touch points, and use cases. The associated meta-model will illustrate the relationship between the reference models, with the use cases providing examples of how each reference model can be applied.
Performance Reference Model
The Performance Reference Model (PRM) supports architectural analysis and reporting in the strategy sub-architecture view of the overall EA. The PRM is both a taxonomy and a standard method for performance measurement as it provides for a common approach to performance and outcome measurements throughout the Executive Branch of the Federal Government, as is required by the Government Performance and Results Modernization Act of 2010 (Public Law 111-352). The PRM allows agencies to better manage the business of government at a strategic level, by providing a means for using the EA to measure the success of investments and their impact on strategic outcomes. The PRM accomplishes these goals by establishing a common language to describe the outputs and measures used to achieve strategic objectives through coupled business services (mission and support). The PRM shows the linkage between internal business components and the achievement of business and customer-centric outputs and outcomes. Most importantly, the PRM helps to support planning and decision-making based on comparative determinations of which programs and services are more efficient and effective. The PRM focuses on three main objectives:
- Produce enhanced performance information to improve strategic and daily decision-making;
- Improve the alignment and better articulate the contribution of inputs to outputs, thereby creating a clear “line of sight” to desired results; and
- Identify performance improvement opportunities that span traditional organizational structures and boundaries.
The PRM structure is designed to clearly express the cause–and-effect relationship between inputs and outputs. This line of sight is articulated through the PRM’s hierarchical taxonomy and the use of “Measurement Area”, “Category”, “Grouping”, and “Indicator” information areas, as well as a representation of related organizational units at the Department, Bureau (sub-agency), Line of Business (operating unit), and Program levels.
Business Reference Model
The Business Reference Model (BRM) supports architectural analysis and reporting in the business services sub-architecture view of the overall EA. This updated version of the BRM (v3.0) combines prior versions of the Business Reference Model and the Service Reference Model, so as to now be able to directly map an organization’s lines of business and business activities to services within and between Federal Government organizations. The BRM provides a functional view rather than a structural (organization chart) view of Federal Government organizations and their lines of business, including mission and support business services. The BRM describes an organization through a taxonomy of common (shared) mission and support service areas instead of through a stove-piped single organizational view. The BRM therefore promotes intra- and inter-agency collaboration and serves as the underlying foundation for sector and federal-wide shared services strategies.
Data Reference Model
The Data Reference Model (DRM) is the supporting foundation for the overall EA with a focus on two core questions: What information is available for sharing and re-use, and what are the information gaps needing correction? The DRM is designed to provide a flexible common framework for effective sharing of government information across organizational boundaries, increase integration and re-use opportunities, and support semantic interoperability while respecting security, privacy, and appropriate use of that information. It enables agencies to manage information as national assets to better serve the American public and meet mission needs. As a catalyst, the DRM multiplies the value of existing data holdings residing in “silos” through better discovery and understanding of the meaning of the data, how to access it, and how to work it to support performance results.
The DRM provides a standard means by which data may be described, categorized, and shared. These are reflected within each of the DRM’s three standardization areas:
- Data Description: Provides a way to uniformly describe data to convey meaning, thereby supporting its discovery and sharing;
- Data Context: Facilitates discovery of data through an approach to the categorization of data according to taxonomies. Additionally, enables the definition of authoritative data assets within a Common operating environment; and
- Data Sharing: Supports the access and exchange of data where access consists of ad-hoc requests (such as a query of a data asset), and exchange consists of fixed, reoccurring transactions between parties. This is enabled by capabilities provided by both the Data Context and Data Description standardization areas.
Application Reference Model
The Application Reference Model (ARM) supports architectural analysis and reporting in the applications sub-architecture view of the overall EA. The ARM is a component-driven taxonomy that categorizes the system and application related standards and technologies that support and enable the delivery of service components and capabilities. It also unifies existing agency application portfolios and guidance on standard desktop configurations by providing a foundation to advance the reuse and standardization of technology and service components from a Federal Government perspective.
Aligning agency capital investments to the ARM leverages a common, standardized vocabulary, allowing interagency discovery, collaboration, and interoperability. Agencies and the Federal Government will benefit from economies of scale by identifying and reusing the best solutions and technologies for applications that are developed/provided or subscribed to support their business functions, mission, and target architecture.
Infrastructure Reference Model
The Infrastructure Reference Model (IRM) supports architectural analysis and reporting in the host infrastructure sub-architecture view of the overall EA. The IRM is a component-driven taxonomy that categorizes the network/cloud related standards and technologies to support and enable the delivery of voice, data, video, and mobile service components and capabilities. The IRM also unifies existing agency infrastructure portfolios and guidance on standard desktop configurations by providing a foundation to advance the reuse and standardization of technology and service components from a Federal Government perspective.
Aligning agency capital investments to the IRM leverages a common, standardized vocabulary, allowing interagency discovery, collaboration, and interoperability. Agencies and the Federal Government will benefit from economies of scale by identifying and reusing the best solutions and technologies for applications that are developed/provided or subscribed to support their business functions, mission, and target architecture.
Security Reference Model
The Security Reference Model (SRM) supports architectural analysis and reporting across all of the sub-architecture views of the overall EA. The SRM is both a taxonomy for the itemization of security controls in a architecture, and the overall EA, as well as a scalable, repeatable and risk-based methodology for addressing information security and privacy requirements within and across systems, segments, agencies, and sectors. The SRM provides a common language for discussing security and privacy in the context of federal agencies’ business and performance goals. The SRM:
- Provides a roadmap that assists agencies in integrating IT security/privacy with EA;
- Provides a mechanism for identifying security and privacy requirements;
- Promotes inclusion of security and privacy in business activities and processes;
- Integrates the NIST “Risk Management Framework” and the organization’s system development life cycle processes to ensure that relevant security and privacy requirements are integrated and continuous monitoring is implemented; and
- Helps program executives understand how the Federal Information Processing Standards (FIPS) 199 of confidentiality, integrity, and availability and the eight privacy Fair Information Practice Principles (FIPPs) fit within enterprise architecture planning, while leveraging standards and services that are common to the enterprise and the government.
Federal Government organizations are mandated to implement both security and privacy protections for federal information and information systems. The SRM demonstrates how intertwined these two requirements are in the design and implementation of a federal architecture. All too often, security and privacy have been considered at the end of program development, resulting in higher costs and implementation delays. The SRM brings security and privacy requirements to the forefront of the decision-making process.