IFN663 Enterprise and Security Architecture
To view more information for this unit, select Unit Outline from the list below. Please note the teaching period for which the Unit Outline is relevant.
| Unit code: | IFN663 |
|---|---|
| Prerequisite(s): | IFN635 |
| Assumed Knowledge: | Data and Information Management and Process Modelling |
| Credit points: | 12 |
| Timetable | Details in HiQ, if available |
| Availabilities |
|
| CSP student contribution | $1,164 |
| Domestic tuition unit fee | $3,816 |
| International unit fee | $5,352 |
Unit Outline: Semester 2 2025, Gardens Point, Internal
| Unit code: | IFN663 |
|---|---|
| Credit points: | 12 |
| Pre-requisite: | IFN635 |
| Assumed Knowledge: | Data & Information Management and Process Modelling |
| Coordinator: | Alistair Barros | alistair.barros@qut.edu.au |
Overview
This unit provides knowledge and skills for modelling IT systems, at the whole-of-enterprise level, using enterprise and security architecture. Enterprise architecture supports the capture of IT systems and how they align with business operations. Security architecture concerns systems and processes which protect IT systems from unauthorised access and cyberattacks. Both are critical for the planning, design, investment and governance of IT, given that cyberphysical landscapes, spanning organisations and IT, are now recognised as ‘critical infrastructure’. You will learn how to capture enterprise and security architecture using the multi-layered modelling method, Archimate, used in the widely framework, TOGAF (The Open Group Architecture Framework). Based on this higher-level architectural context, you will learn how to provide architectures of individual software applications through components, interactions and secure communications.
.
Learning Outcomes
On successful completion of this unit you will be able to:
- Explain how IT systems are managed, as a portfolio, for supporting business productivity and security protections using enterprise and security architecture.
- Create an enterprise and security architecture model using key concepts of business and IT systems from a cross functional perspective
- Create a solution architecture model using key concepts of IT systems for a specific business area
- Analyse a real-world case study, to identify different aspects of business and IT systems, and model a multi-layered enterprise and security architecture and a solution architecture
- Apply teamwork skills to manage a group project to produce an outcome for stakeholder/client within a strict timeline.
Content
This unit will cover Enterprise Architecture (EA) theory and practice based on TOGAF and EA modelling using Archimate. You will first learn how to profile businesses as high-level business capabilities (functions) and value streams (end-to-end processes), which are captured in Archimate’s business layer. You will then learn how to model IT systems (applications, platforms and infrastructure) in terms of Archimate software application and technology layers. All three layers will be aligned (with links), to allow analysis of IT landscapes such as gaps, overlaps and missing integration in systems and their support of business operations.
For the security perspective of architecture, you will learn about the requirements for managing treats and vulnerabilities. This will expose you to the types of IT systems and processes necessary for the key security considerations of confidentiality, integrity, and availability. Based on this knowledge, you will be able to extend EA models with critical security systems and their dependencies with IT systems used in enterprises.
Given that higher-level EA and security references are used for planning and governance purposes, the unit will finally provide you with knowledge of how to design individual software applications using the widely used Unified Modelling Language (UML) notation to capture software component structure and interactions. The modelling will take into account secure messaging and other security controls.
You will be exposed to real-world case studies to develop enterprise and security architecture, as well as individual solution architectures, through group-based exercises and assessments. This will involve case study interpretations and analysis, modelling, documentation and formal presentation of architecture proposals.
Learning Approaches
- Lectures: Weekly throughout the semester.
- Lectorial: Periodically throughout the semester, in place of lectures.
- Workshops: Weekly workshops throughout the semester.
A case-based approach will be used for this unit. Weekly lectures will provide a basic understanding of the knowledge and skills related to enterprise and security architecture while the workshops will enable you to further the understanding and development of the skills. You will be required to work in groups, as would be expected in an enterprise architecture related role.
Feedback on Learning and Assessment
Assessment is designed progressively across the semester to provide multiple opportunities for feedback and improvement. This includes a mix of oral and written feedback from peers and teachers on a portfolio-based learning report, assignment report and multi-choice exam.
Assessment
Overview
The assessments in this unit have been designed so that you develop an understanding on different perspectives involved in the work of enterprise and security architects. You will develop the skills to individually learn and engage in reflective practice. You will also develop the skills to work collaboratively on an enterprise and security architecture project, to demonstrate effective interpersonal skills, and to develop the particular oral skills for formally presenting architecture proposals. The assessments are designed to give you proficiency and confidence at understanding and developing enterprise and security architectures at different levels.
In first assessment (project), you will learn how to analyse real-world case study descriptions of organisational and IT landscapes to provide an enterprise and security architecture based on the Archimate modelling technique. This will involve correct and modular representations of business operations in terms of business capabilities and value streams, business processes and services, and actors and roles operating inside and outside company boundaries of an enterprise. In addition, you will model IT systems using Archimate’s software application and technology layers and link business, software application and technology layers.
In the second assessment you will provide a detailed solution architecture of an individual software application in terms of UML Class Diagrams and UML Sequence Diagrams. This will utilise knowledge and contexts provided through the higher-level enterprise and security architectures.
The third assessment is designed to consolidate your knowledge, through multi-choice exam.
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Project (applied)
Project-based learning to develop an enterprise and security architecture (written and oral communication)
Working within a team, you will be given a real-world case study description and Internet references, and be asked to develop a an enterprise and security architecture model in Archimate. This will enable you to understand how enterprise architectures can be used for capturing organisational and IT landscapes which can be planned and governed as critical infrastructure for steering digital assets, investments and IT projects towards business outcomes and business protections. This is part of an assignment which relates to second assessment.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Assessment: Project (applied)
Project based learning to develop a solution architecture (written)
You will solution architecture models to show how they are structured and interact taking into account required functionality and secure communications involving encrypted message exchange.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Assessment: Examination (written)
The exam covers concepts applying to knowledge and theory of enterprise and security architecture, the business and security contexts of architecture, and solution architecture, taught in the unit. The exam will complement what is covered as parts of the first two assessments. This will include knowledge associated with the modelling techniques taught in the unit, however it will not cover construction/interpretation of models at the level applied in the project assessments.
Academic Integrity
Academic integrity is a commitment to undertaking academic work and assessment in a manner that is ethical, fair, honest, respectful and accountable.
The Academic Integrity Policy sets out the range of conduct that can be a failure to maintain the standards of academic integrity. This includes, cheating in exams, plagiarism, self-plagiarism, collusion and contract cheating. It also includes providing fraudulent or altered documentation in support of an academic concession application, for example an assignment extension or a deferred exam.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Breaching QUT’s Academic Integrity Policy or engaging in conduct that may defeat or compromise the purpose of assessment can lead to a finding of student misconduct (Code of Conduct – Student) and result in the imposition of penalties under the Management of Student Misconduct Policy, ranging from a grade reduction to exclusion from QUT.
Resources
Library and web-based information for supplementary reading as will be indicated through lecture material.
Resource Materials
Recommended text(s)
M. Lankhorst et al. Enterprise Architecture at Work: Modelling, Communication and Analysis (2nd Ed). Springer-Verlag, 2009.
Risk Assessment Statement
There are no out of the ordinary risks associated with this unit. You will be made aware of evacuation procedures and assembly areas in the first few lectures. In the event of a fire alarm sounding, or on a lecturer's instruction, you should leave the room and assemble in the designated area which will be indicated to you. You should be conscious of your health and safety at all times whilst on campus or in the field.
Course Learning Outcomes
This unit is designed to support your development of the following course/study area learning outcomes.IN20 Master of Information Technology
- Demonstrate advanced specialist IT knowledge in at least one information technology discipline.
Relates to: ULO1, Project (applied), Project (applied), Examination (written) - Critically analyse complex IT problems and opportunities and use creativity and problem-solving skills to generate innovative and novel solutions that are convincingly justified.
Relates to: ULO2, ULO3, ULO4, Project (applied), Project (applied), Examination (written) - Integrate advanced, industry-best practice, IT methods, tools and techniques to develop and implement complex IT systems, processes and/or software.
Relates to: ULO2, ULO4, Project (applied), Project (applied), Examination (written) - Employ leadership and initiative in both self-directed and collaborative contexts to create value for others.
Relates to: ULO5, Project (applied), Project (applied)