Martha Stewart isn�t the only one to get caught in the rush to enforce the year-old Sarbanes-Oxley legislation. Sarbanes-Oxley is a federal mandate for change in the areas of corporate accountability, control, audit, and reporting. And since most of that is done nowadays on the computer, the enterprise systems running most NYSE, NASDAQ, and other publicly traded companies can be either the best means for enforcing Sarbanes-Oxley legislation, or the biggest booby trap.
I have been advised by one of our clients, Visible Systems Corporation, that Sarbanes-Oxley is likely to cause the same kind of panic that Y2K engendered in the months before the turn of the century. However, with Y2K you could go in once, change the dates, and fix things once and for all; Sarbanes -Oxley compliance follows the company into the future, and thus could change the way software is developed and maintained forever.
Most companies have a hodge podge of custom developed and off-the-shelf software. They look, from a software development perspective, like thirty-year-old houses that have had numerous additions and updates tacked on without a building permit. These legacy systems – complex application systems built to satisfy application processing needs of the 1970s and 1980s – are still with us. And many of them are mission-critical: they can�t just be discarded. But as businesses change to address the competitive pressures of today and tomorrow, these systems must also change. The problem is not just the complexity of technologies of yesterday, or of today; the problem is the changing nature of organizations as they re-engineer to compete.
About twenty-five years ago, a man named John Zachman began observing how the architecture and construction industries, and the engineering and manufacturing industries, evolved over hundreds of years to be able to handle the construction of complex products �the launch of the space shuttle, the making of a Ford Taurus. Zachman applied these concepts to the construction of other complex products: the design and change of enterprises and the computer systems that support them.
The Zachman Framework is an innovative result of these observations: it enables senior business managers and IT professionals to understand the implications of key business and IT strategies. As a consequence, John Zachman has become a cult figure to business and the IT industry in the USA, Europe and Australia.
The kind of organizational modelling that Zachman developed becomes increasingly necessary under Sarbanes-Oxley, which requires organizations to define their essences and processes graphically. This goes far beyond an org chart.
Visible Systems takes the Zachman Framework and makes it into a toolset that can model both the enterprise and its computer systems. The Zachman Enterprise Workbench can contain all 50 of Zachman�s universal meta-models in addition to the design models specific to a single organization. Using it, the essential architecture of an entire business entity can be graphically designed, manipulated, and stored with complete simplicity, complying with the Sarbanes-Oxley mandate to define enterprise processes.
It is said that Zachman�s framework could have managed the building of the pyramids, just as it can be used to figure out the process chains in a modern corporation.
By focusing on process chains within a company, the Zachman Workbench can ferret out its inherent core competencies and value-added activities. And for corporations that do not (yet) have their process chains defined in models, the Zachman Workbench can reverse-engineer them. To put it bluntly, Visible�s product allows executives a window through which to see the enterprise for which they are responsible.
The Zachman technology is applicable to legacy applications, new development, and planned future systems. Clearly, one of the big challenges for large companies is what to do with their outstanding �islands of automation.� Any company that has been doing business since the dawn of technology probably has a large patchwork quilt of disparate legacy applications. With Zachman technology and another Visible product LCSIS, these islands can be bridged with greater clarity and integration.
For corporations developing software now, this approach saves enormous time with planning, documentation, and infrastructure.
Because of Sarbanes-Oxley, corporations must think of better ways to design systems to help architects who must facilitate past, present, and future applications, ideally on one application back-plane. A logically integrated suite of products is the only way to do this reliably.
In addition to the IT parts of Sarbanes-Oxley, there�s the famous section 404 of the Act. This section, entitled �Internal Control Reporting Requirements�, highlights a rigorous set of guidelines for information content, flow, accountability, audit, control, and decision-making. By making the applications that control these processes visible, Visible Systems Corporation helps its customers define integrity in the world of software systems.