Architecture Governance

Set of tools which can be used for developing a broad range of different architecture perspectives integrated usually as a common Architecture Framework.
Elements that the governance process must cover are:

Describe a method for defining an information system in terms of a set of building blocks
Show how the building blocks fit together
Technical roadmap for the standards list
Contain a set of tools, and enforce a technology standards list
Provide a common vocabulary
Governance processes to ensure that existing solutions and new IT services are aligned witht he framework.

Cloud Controls Matrix (CCM) Data

RM-01 | Release Management | New Development / Acquisition

Control Specification +-

Architectural Relevance +-

Physical	Network	Compute	App	Data
True	True	True	True	True

Corp Gov Relevance +-

Corp Gov Relevance
True

Cloud Service Delivery Model Applicability +-

SaaS	PaaS	IaaS
True	True	True

Supplier Relationship +-

Service Provider	Tenant / Consumer
True	False

Scope Applicability +-

COBIT 4.1	HIPAA / HITECH Act	ISO/IEC 27001-2005
A12 A16.1		A.6.1.4 A.6.2.1 A.12.1.1 A.12.4.1 A.12.4.2 A.12.4.3 A.12.5.5 A.15.1.3 A.15.1.4

NIST SP800-53 R3	FedRAMP (Final 2012) Low Impact	FedRAMP (Final 2012) Moderate Impact	PCI DSS v2.0
CA-1 CM-1 CM-9 PL-1 PL-2 SA-1 SA-3 SA-4	NIST SP 800-53 R3 CA-1 NIST SP 800-53 R3 CM-1 NIST SP 800-53 R3 PL-1 NIST SP 800-53 R3 PL-2 NIST SP 800-53 R3 SA-1 NIST SP 800-53 R3 SA-3 NIST SP 800-53 R3 SA-4	NIST SP 800-53 R3 CA-1 NIST SP 800-53 R3 CM-1 NIST SP 800-53 R3 CM-9 NIST SP 800-53 R3 PL-1 NIST SP 800-53 R3 PL-2 NIST SP 800-53 R3 SA-1 NIST SP 800-53 R3 SA-3 NIST SP 800-53 R3 SA-4 NIST SP 800-53 R3 SA-4 (1) NIST SP 800-53 R3 SA-4 (4) NIST SP 800-53 R3 SA-4 (7)	6.3.2

BITS Shared Assessments SIG v6.0	BITS Shared Assessments SIG v5.0	GAPP (Aug 2009)
I.1.1, I.1.2, I.2. 7.2, I.2.8, I.2.9, I.2.10, I.2.13, I.2.14, I.2.15, I.2.18, I.2.22.6, L.5	I.2	1.2.6

Jericho Forum	NERC CIP
Commandment #1 Commandment #2 Commandment #3

Consensus Assessments Initiative Questionnaire (CAIQ) Data

Release Management (RM) | ID #RM-01.1

Are policies and procedures established for management authorization for development or acquisition of new applications, systems, databases, infrastructure, services, operations, and facilities?

Architecture Governance

RM-01 | Release Management | New Development / Acquisition

Control Specification +-

Architectural Relevance +-

Corp Gov Relevance +-

Cloud Service Delivery Model Applicability +-

Supplier Relationship +-

Scope Applicability +-

Release Management (RM) | ID #RM-01.1

Are policies and procedures established for management authorization for development or acquisition of new applications, systems, databases, infrastructure, services, operations, and facilities?

Compliance Mapping +-

Model Applicability +-

Scope Applicability +-