Alfabet

Data capture for the class Application

An application is an IT product that provides functionality to end users and supports the business to accomplish its mission. An application has a defined lifecycle and may have predecessor and successor versions. Applications can be bundled in application groups in order to evaluate the applications from different perspectives.

Overview of data to capture for applications:

Column	Attribute/ Reference	Type	Mandatory	Explanation
Name	Name	String 255	x	The application name.
Short Name	ShortName	String 16		A short name to identify the application.
Version	Version	String 128	x	The application version.
Description	Description	Text		A short description of the application.
Start Date	StartDate	Date	x	The start date is the date when the application is actively used.
End Date	EndDate	Date	x	The end date is the date when the application is no longer used.
Object State	ObjectState	String - Enum	x	Describes the operational status of the application and indicates whether it is actively used, planned to be used, or has been used in the past. The application's start and end dates indicate the planned period when the application will be used. Possible values are: Plan , Active, Retired
Status	Status	String - Enum	x	Specifies the approval status of an application and determines whether or not the application can be edited or deleted. Possible values are: Data imported, Draft, Under Review, Approved, Trash
Architecture Type	SAG_ArchitectureType	String - Enum		The architecture type of the application: Possible values are: Client-Server: Applications that divide tasks or workloads between the providers and consumers of a resource or service. Cloud-Based: An application that runs on SaaS cloud environments. The cloud infrastructure could be local or remote to the organization. Distributed: Applications that run on multiple computers within a network. The network boundary can extend from private intranets to public clouds. External Webpage: An external resource represented through a web link. Mainframe: Applications used by large organization to carry out critical processing tasks such as bulk processing of data, transactions, planning or statistical activities. Stand-Alone: A self contained application, that does not rely on external entities to complete a task. Unknown: The architectural type has not yet been assessed.
Development Type	SAG_DevelopmentType	String - Enum		The application development type. Bespoke: An application created specifically to address a unique use case. COTS - Configured: A commercial off-the-shelf application that has been configured or supports configuration to fulfill the requirements of the enterprise and is fully supported and upgrade-stable. COTS - Customized: A commercial off-the-shelf application that is customized or contains organization-specific code/programming to suit the requirements of the enterprise. Unknown: The application development type has not yet been assessed.
Authentication	SAG_Authentication	String - Enum		The authentication used in the application. Autonomous: The application supports autonomous methods such as Direct Autonomous Authentication (DAA) for authentication. This can be carried out through mobile or remote authentication systems. Basic Access: The applications support basic authentication based on a username and password. Protocols and layers such as HTTPS, SSL. or TLS could be used to enhance security but these are not mandatory. Multi-Factor: The application requires more than one method of authentication from independent verification sources to verify the transactional identity. Multi-Factor & SSO: The application supports both multi-factor authentication (MFA) and single sign-on (SSO) authentication methods. No Authorization: The application does not support authentication. Single Sign-On: The application supports the use of a single ID and password to gain access to several related or unrelated systems. Unknown: The authentication mode has not yet been assessed.
Alias	SAG_Alias	String 512		A unique suffix used to identify this application.
Recommendation	SAG_Recommendation	String - Enum		The strategic recommendation regarding future investment for the application. Possible values are: Tolerate: Invest in the application Invest: Consider the application as a migration candidate Migrate: Sundown the application Eliminate: Discontinue the application
Strategic	SAG_StrategicApplication	Boolean		Indicates whether the application is strategic for the business.
PACE Governance	SAG_PACEGovernance	String - 256		Classification of application according to the Pace-Layered Application Strategy. Possible values are: System of Differentiation: Applications that enable unique company processes or industry-specific capabilities. They have a medium lifecycle (one to three years) but need to be reconfigured frequently to accommodate changing business practices or customer requirements. System of Innovation: New applications that are built on an ad-hoc basis to address new business requirements or opportunities. These are typically short lifecycle projects (zero to 12 months) using departmental or outside resources and consumer-grade technologies. System of Record : Established packaged applications or legacy homegrown systems that support core transaction processing and manage the organization's critical master data. The rate of change is low because the processes are well-established and common to most organizations and often are subject to regulatory requirements.
Successor	NextVersion	Reference		The application's successor application.
Cloud Migration Strategy	SAG_CloudStrategy	String - Enum		The strategy to migrate the application to the cloud. Possible values include: Retain: The application supports a business capability for which the Business Relevant indicator is set to Business Enabling or Business Operating and the application cannot be migrated to the cloud immediately. Or the application is at the end of its lifecycle and is about to be retired. Rehost: The application is SaaS-enabled but is either outdated or would require rehosting to the cloud platform. Refactor: The application requires some changes in code to be eligible for migration to the cloud. The application can be modular or a self-contained application with services that can easily be refactored. Rearchitect: The application requires additional effort to make it cloud enabled. For example, this might be due to application health monitoring, application security, data backup and policies, scalability and replication zones, disaster recovery, network utilization, multi-channel communication, or identity management. Rebuild: The application could be made cloud ready but would require a change in the build process to ensure seamless delivery. The concepts of CI/CD (continuous integration/continuous delivery) could be leveraged for these applications. Migrated: The application has been migrated to the cloud successfully. Unknown: The cloud migration strategy is unknown for the application. This may be the case for applications for which the Architecture Type attribute is not set to Cloud-Based.
Subject to Compliance Regulation	SAG_ComplianceRegulation	Boolean		Indicates whether the application is bound to compliance regulations. This is relevant for cloud migration analytics.
Authorized User Group	User Group	Reference		The user groups who have access permissions to the application.
Organization: Business Owner	Organization	Reference		An organization who owns the application and is responsible for managing the functional requirements.
Organization: IT Owner	Organization	Reference		An IT organization owning the application and thus typically responsible for approval decisions.
Organization: Operations	Organization	Reference		An IT organization responsible for the operations of the application.
Organization: Stakeholder	Organization	Reference		An organization that has an interest in the application and therefore requires read-only access permissions.
Person / User: Application Manager	Person	Reference		A person who is the subject matter expert for the application from a functional and technical point of view.
Person / User: Architect	Person	Reference		A person who is responsible for the governance of the application.
Person / User: Business Owner	Person	Reference		A person who owns the application and is responsible for managing the functional requirements.
Person / User: IT Owner	Person	Reference		A person owning the application and thus typically responsible for approval decisions.
Person / User: Stakeholder	Person	Reference		A person that has an interest in the application and therefore requires read-only access permissions.
Application Assessment: Geographical Reach	Indicator	String - Enum		An application's area of usage and distribution reach. This allows you to determine the geographical reach of your portfolio based on application local, regional, or global usage. . 0- Local 1- Regional 2- Global
Application Assessment: Mobile Capability	Indicator	String - Enum		Mobile capability is used to determine whether an application is complaint for mobile platforms. An application that fully supports all mobile platforms (Smartphones, Tablets, Smart TVs, Smart Watches, etc.) is considered to be fully mobile-compliant. An application supporting one or many but not all of the mobile platforms is considered to partially mobile-compliant. 0- Not Supported 1- Only Mobile Website 2- Partially Supported 3- Fully Supported
Application Assessment: Multi Language Support	Indicator	String - Enum		Indicates the level of support an application provides for multiple languages: 0- Unknown, 1- No, 2- Yes
Application Assessment: Number of Users	Indicator	String - Enum		Indicates the number of users using this application. 0: 0 1: 1-10 2: 11-100 3: 101-1.000 4: 1.001-10.000 5: >10.000
Application Assessment: SCA Compliance	Indicator	String - Enum		Strong Customer Authentication (SCA) is a European regulatory requirement to reduce fraud and make online payments more secure. SCA requires authentication to use at least two of the following three elements: 1. Something the customer knows (PIN/Password), 2. Something the customer has (Phone/Hardware token), 3. Something the customer is (Fingerprint/Face recognition). Possible values are: 0- Not required, 1- No but required, 2- Yes
Application Classification: 1 Confidentiality	Indicator	String - Enum		1-Not Critical 2-Essential 3-Critical.
Application Classification: 2 Integrity	Indicator	String - Enum		1-Not Critical 2-Essential 3-Critical.
Application Classification: 3 Availability	Indicator	String - Enum		1-Not Critical 2-Essential 3-Critical.
Application Classification: DPIA Rating	Indicator	String - Enum		A data protection impact assessment (DPIA) is a privacy-related assessment whose objective is to identify and analyze certain actions or activities that might affect data privacy. Under the GDPR regulations, data protection impact assessments are mandatory in certain cases such as when profiling activities are carried out using personal data. Possible values are: 5- Very High, 4- High, 3- Medium, 2- Low, 1- Very Low, 0- Not Required
Disaster Recovery: Recovery Point Objective (Hrs)	Indicator	String - Enum		Indicates the recovery point objective in hours: 0-< 1 Hr 1-1-2 Hr 2-2-3 Hrs 3-3-5 Hrs 4-5-12 Hrs 5-> 12 Hrs.
Disaster Recovery: Recovery Time Objective (Hrs)	Indicator	String - Enum		Indicates the recovery time objective in hours: 0-< 1 Hr 1-1-2 Hr 2-2-3 Hrs 3-3-5 Hrs 4-5-12 Hrs 5-> 12 Hrs.
Cloud Assessment: Does the app have peaks in the workload?	Indicator	String - Enum		1-No 2-Yes (Exceptionally) 3-Yes (Regularly).
Cloud Assessment: Is the license eligible for cloud?	Indicator	String - Enum		1-No 2-Yes.
Plan Start Date	Lifecycle Phase	Date		This is the start date of the lifecycle phase Plan. The end date will be set to the minimum of the next maintained lifecycle phase's start date and the lifecycle end date.
Pilot Start Date	Lifecycle Phase	Date		This is the start date of the lifecycle phase Pilot. The lifecycle phase will be set to the minimum of the next maintained lifecycle phase's start date and the lifecycle end date.
Production Start Date	Lifecycle Phase	Date		This is the start date of the lifecycle phase Production. The lifecycle phase will be set to the minimum of the next maintained lifecycle phase's start date and the lifecycle end date.
Sunset Start Date	Lifecycle Phase	Date		This is the start date of the lifecycle phase Sinset. The lifecycle phase will be set to the minimum of the next maintained lifecycle phase's start date and the lifecycle end date.
Retired Start Date	Lifecycle Phase	Date		Start Date of "Retired" Phase. The End Date of the "Retired" Phase will be set to the Lifecycle End Date. This is the start date of the lifecycle phase Retired. The endt date will be set to the lifecycle end date.
Lifecycle End Date	Lifecycle Phase	Date		This is the end date of the last lifecycle phase.