Enterprise Architecture Management Solution

The vendor is required to provide enterprise architecture practices and seeks an EA management solution that will:
• Capture and manage detailed data and information about the organization's technology and application assets including technical details, solution architectures, integrations and dependencies, risks, features and capabilities, and associated people and business processes;
• Provide comprehensive insight and holistic management of the overall enterprise technology and application portfolio, including technology lifecycle management, solution architecture modeling, technology road mapping, technology risk management, technology trending and "what if" scenario analysis, all using a centralized and collaborative approach;
• Reduce technology risk, optimize technology investments, assist with business technology alignment, and guide technology decision making and digital transformation; and
• Assist with analyzing, planning and executing on technology and business strategies.
- Security and privacy requirements (for off-premise, hybrid or “as a service” solutions)
• Describe any applicable physical security safeguards for the facility hosting the services and data.
• The policies, procedures and safeguards that are in place to ensure confidentiality, security, accuracy and integrity of city information and to protect information against risks such as unauthorized use, access, disclosure, alternation, retention or destruction.
• The policies, procedures and safeguards should also address the sensitivity of the information and the medium in which the information is stored, handled, transmitted and transferred.
• The policies, procedures and safeguards that are in place to ensure the security of confidential information in electronic form when the computer hardware or removable electronic storage devices on which it is being recorded are being disposed of or transported for any reason including the transfer of data or the repair of equipment.
• The policies and procedures in place for the recording of security breaches and for notifying the city if law enforcement wants access to the data, including corrective procedures to address such breaches.
• Provide information on the policy and protocol for notifying the city of security breaches or threats.
• The security procedures in place relating to the transfer of information and data to the city or third party identified by the city upon expiration or termination of the agreement with the city.
• The solution secures data at rest and in transit between all applicable components and interfaces of the solution (ex. encryption, DLP etc.).
• The process for purging data when record retention has been met. provide details on how the city will be notified and that the information is removed and destroyed in a manner that protects privacy.
• The system provides audit and logging capabilities, including:
o Recording relevant system events
o Recording changes to configurations, profiles etc.
o Recording changes to solution related data
o Recording user logins & associated activities
o Providing secure read-only access to audit trail data to enable reporting
o Flexibility in configuring audited items
o The secure audit functionality
- Solution platform & integration
• The platforms on which your proposed solution can be deployed and any specific requirements
• If different products or components are required for different platforms, indicate which products address which platforms.
• If your solution is deployed “as a service” and o/s is irrelevant, please use this section to list the browsers and version numbers that are support by or compatible with your proposed solution
• The proposed solution integrates with the microsoft 365 suite of products (SharePoint, MS teams, outlook, word, excel, power bi, etc.) and how this can be leveraged to facilitate or streamline solution functionality
• Provide relevant descriptive architecture and data flow diagrams along with any relevant architecture information.
- Functional requirements
• The modelling capabilities of your solution and what tools are used be used to create models with respect to:
o Conceptual, logical, physical architectural models
o Security architecture capabilities (NIST etc.)
o Business architecture modelling
o Support for architectural modelling standards
o Creation of reference architectures
o Integration or import from other modelling tools
• The solution integrates between different types of models (ex. to provide traceability from strategy to architecture, and from architecture to process, data or infrastructure models).
• The solution supports modelling the progression of architectures over time, from current state to alternative future states, with possible intermediate steps and lifecycles of individual elements, to facilitate planning holistic roadmaps for the evolution of business and it architectures.
• The solution’s application and technology portfolio management capabilities including but not limited to:
o Application and technology lists with all artifact metadata
o Tech stack mapping
o Connections and integrations
o Dependencies
o Data flows and system data classifications
o Capability mapping
o Vendor mapping
- The solution’s ability to analyze and optimize application and technology architectures including but not limited to:
o Risk analysis
o Impact analysis
o Gap analysis
o Systems rationalization
o “What if” scenario analysis
• The solution’s ability to manage strategic architecture and project initiatives with respect to tracking, prioritization, views, project management integration capabilities, reporting etc.
• The solution’s capabilities to synchronize all connected artifacts, entities, models, and reports when metadata or information is changed.
• The solution’s collaboration, sharing, feedback, workflow and self-service capabilities and how this is achieved, including pre-defined templates, customizable data constraints, approval and compliance workflows, change notifications, version control, audit trails etc.
• The reporting, dashboard and presentation capabilities of your solution, including live dashboards, formal reports, automated reports for items like metrics, roadmaps, lifecycles, risk reports, current and future state, transformation status etc.
• The solution is easy to learn and use by leveraging usability features such as intuitive ui, inline help, drag and drop, pre-built algorithms, easily modified templates and models, reducing the need for complex coding or scripting, etc.
- Contract Period/Term: 1 year
- Questions/Inquires Deadline: May 30, 2025