I’m pleased to announce the recent publication of the Forrester IT Management Systems Architecture.
IT (information technology) uses a wide variety of systems to effectively run itself. Unlike other business areas, the discipline of IT management still relies on point, best-of-breed solutions, which require extensive integration to make them all work together. This foundational report presents a new layered architecture for understanding the systems used for secure IT delivery and discusses how this architecture will evolve in the future. This new report is a companion architecture to the Forrester Reference IT Capability Map. We maintain these two different views, in keeping with architecture best practices:
The capability map shows your IT management concerns from an operating model perspective. In general, you own the development and evolution of these capabilities — they are not simply a matter of sourcing.
The systems architecture classifies what you can source in the market to support your IT management capabilities, assisting you with managing this complex portfolio and identifying key integration areas and systems redundancy.
A key scoping boundary is between layer 1 and 2. Most of the multi-trillion global IT budget is spent at layer 1, representing the actual computing resources under management. Layer 1 is not in scope for the IT management systems architecture, per se. The systems in layers 2–5, while numerous and representing billions of dollars economically, are orders of magnitude less in terms of the overall share of the global IT market. The layers are defined as follows, with example systems (see the report for complete system classifications):
Layer
Description
5. Govern
This is the layer at which IT investments are directed, monitored, and evaluated at the highest enterprise level and risks are tracked and controlled. It includes strategic portfolio management, enterprise architecture, risk management, and IT financial management.
4. Execute
Work is defined, planned, and tracked here at a higher level, roughly aligned to a “team of teams.” This is where finances are tracked as well as higher-order concerns such as engineering performance, architecture, and technical debt. It includes value stream management (aka engineering performance), AIOps, and the recent trend toward security data pipeline management, among other categories.
3. Deliver
This is the level of work management, the primary team layer. Work is coordinated and executed here, including preplanned as well as interrupt-driven work (which still must be resourced). It includes enterprise service management, security analytics, collaborative work management, and other products supporting team-level collaboration, among other categories.
2. Control
This is the “closest to the metal” layer of the overall control plane. It is the layer of the individual contributor. It represents element management tooling that directly interacts with the resources under management, discovering, instantiating, and configuring them, facilitating the construction and deployment of new software, and monitoring and correcting exceptions. It includes products such as integrated software delivery platforms (DevOps platforms), testing automation (including security testing such as software composition analysis), endpoint management, and infrastructure automation, among other categories.
1. IT resources
These are the core IT “things”: physical and virtual machines, clusters, serverless resources, software installed on them, networking, storage/data, and security infrastructure, along with the myriad configuration settings controlling all of this. This may be on-premises, in the cloud, or hybrid. This layer is out of scope for the architecture per se.
What’s next in this research stream? Patterns of integration, which may ultimately drive market behavior. Recently, we’ve identified five major integration focal points in the overall architecture:
Core portfolio (configuration management database [CMDB] + enterprise architecture)
AIOps
Engineering performance/value stream management
FinOps
Risk and security operations
These focus areas bring together data from most of the rest of the IT management systems. From an architecture perspective, the core portfolio is leveraged heavily by the other four (hence the durability of the often-maligned CMDB), and there is growing concern among enterprise architects I talk to about redundancy across the data marts that these product categories represent — integrations add complexity and maintenance costs.
If you are an end user figuring out the big picture of your IT management systems or a vendor with a value proposition here (especially an integrative value proposition), I’d love to talk to you.