CORA Foundation

CORA Foundation
Organizations who want to introduce new business models and technologies (i.e. create a stable innovation platform) need an IT landscape supporting both flexibility as well as regulatory demands. This is explained in more detail based upon two existing models, the Architectural Maturity by means of the Ross model and Governance by means of the Crown model. Both models provide the foundation for the layering of the CORA. Based on this foundation the connection with existing Vendor Reference Architectures is described.

The “Architecture Maturity Model”
The Architecture Maturity Model was the result of 10 years of research by Dr Jeanne Ross, the Principle Research Scientist at the MIT Center for Information Systems Research. This model shows the four stages organizations move through when building an IT landscape designed to create an innovation platform.


Business Silos architecture
Organizations focus their investments on delivering solutions for local business problems. Interaction between IT systems is complex and expensive due to technology standards not being used. The main force pushing organizations to the next level is the high IT costs of interfacing and not the existence of isolated systems.

Standardized Technology architecture
In this stage organizations shift their IT investments from local applications to shared infrastructure. Instead of looking for technology that best suits a solution, organizations choose the best possible solution within the chosen technology platform.

Optimized Core architecture
In this stage organizations move from a local view of data and applications to an enterprise view. IT investments shift from local applications and shared infrastructure to enterprise systems and shared data. Optimizing core processes and data is a major managerial challenge, because this stage involves taking control over local business unit leaders. 

Business Modularity architecture
Strategic agility can be achieved through customized and reusable modules. According to Ross two approaches can be applied. One is to create reusable modules (i.e. webservices) and allow business units to select customer-oriented processes from a menu of options. A second approach is to grant business unit managers greater discretion in the design of front-end processes, which they can individually build or buy as modules connecting to core data and back-end processes.

This model indicates that taking control over local business unit leaders is necessary to facilitate local deviations in a later stage. This has to do with the fact that individual modules must be build on a standardized core and link to other modules through standardized interfaces in order to provide a stable platform for innovation.

Emering new (Web 2.0) technologies and the Crown model
With the emergence of Web 2.0 technologies new business models are created because of changes in the way information is shared and communicated. These Web 2.0 technologies can be separated into three different categories.

The first category is called ‘Rich Internet Application’. A Rich Internet application (RIA) is a Web application designed to deliver the same features and functions normally associated with desktop applications, such as drag and drop, menus and toolbars. Because the richness is related to functionality, RIA’s are classified as function oriented.

‘Mashups’ are where data and data streams from various sources are fused into a representation that allows for the derivation of new information or added value. With the help of Mashups it is possible to create and share information in a personalized way. The last category is called ‘Socialization of the web’. This where information on the web is tagged by users, not only for individual structuring and ordering, but also for evaluation by other users. This way information is structured and classified in an ‘organic’ way.

Although these new (Web 2.0) technologies can create new flexible business models, they also need to co-exist within standardized (‘compliant’) processes, data and roles.This apparent contradiction is explained in the Crown Model, developed by Andy Mulholland, former global CTO of Capgemini.


Personalize (interaction)
As explained earlier, more and more (Web 2.0) technology such as weblogs, wikis and virtual networks (i.e. Facebook, Twitter and LinkedIn) as well as ‘consumerization’ technology (i.e. Smartphone’s and iPods) is available to gain and share knowledge andinformation in a unique personal way. The use of ‘Mashups’, widgets and gadgets is a growing part of this layer as individuals seek to create their own ‘view’ of the immense amount of content that is now available for them to use.

Differentiate (interaction)
Organizations use (Web 2.0) technology such as ‘Rich Internet Applications’ to be able to create innovative solutions with limited delay when business circumstances change. Changes such as trying to gain market share by increasing the variety of offerings to capture more specialised elements of the market. The challenge is that these solutions must connect at some time and in some way with the Enterprise procedures, labelled as ‘Comply’ in the Crown model.

Organize (transaction)
This layer connects the interaction based Differentiation & Personalisation layers to the transaction based Enterprise Applications in the ‘Comply’ layer by using technology standards. The ‘Organise’ layer is where ‘Orchestration’ of internal as well as ‘Choreography’ of external activities (i.e. ‘services’) are managed. The ‘Organize’ layer is the crucial linking and integrating capability layer. To make the role of the ‘Organize’ layer clear it is necessary to move to the lowest layer and describe the role of the ‘Comply’ layer.

Comply (transaction)
Because every organization needs to have strong procedures that manage the integrity of their transactions it is very important to rely on standardized data, roles, authorization and basic processes. The pressure for ‘compliance’ in the form of strong procedures that manage the integrity of the transactions, with resulting data recorded, has grown both through legislation and auditing requirements.

Relationship between Ross and Crown

Both models have a different scope: Ross is a maturity model, Crown is a governance model.


From a maturity perspective Ross’s model emphasizes the managerial challenge needed to facilitate this. For this reason stages should not be skipped due to major organizational changes being encountered at each stage. Ross’s research shows that especially PBS-implementations that tried to skip stages had to be halted or scaled back. From a governance perspective the Crown model emphasizes the influence which individuals have on the behavior of organizations, regarding the way knowledge and information is gained and shared in a personal way.

When comparing the two, both models indicate that implementing an innovation platform to support new business models can only be achieved when the core is stable and technology & governance standards are used. Both models also show that a stable innovation platform is an essential part of the IT architecture landscape. The layering in both models is therefore used as a foundation for the CORA.

Relationship between ‘Crown’, ‘Ross’ and CORA

When using the approach of Ross and Crown to support an architectural guided transformation, the effect on the IT landscape has to be determined and showed to effectively identify and scope IT projects. This becomes clear when the Crown model is mapped to the CORA.

‘Personalize’ and ‘Differentiate’ can be realized by the top three layers ‘Channel access’, ‘Presentation’ and ‘Composition’. They enable flexibility based on a solid integration foundation and business functionality (application and data). ‘Organize’ is possible using the orchestration capabilities of ‘Composition’ and the integration capabilities of ‘Integration’. ‘Comply’ (to rely on standardized data, roles, authorization and basic processes) is mainly focused on ‘Application’, ‘Data’ (and of course ‘Security’).

By combining these three models, an instrument becomes available to effectively guide transformation.

Vendor architectures compared
Various vendors (including Microsoft, SAP, Oracle, IBM/Open Group and Intel) have created their own reference architecture. These architectures are usually aimed at the product stack of the vendor. Therefore they cannot be used solely at Enterprise Level where a variety of technologies and vendors may need to exist. The risk of vendor locking will be inevitable. It must be remembered that the CORA is a vendor agnostic model. Mapping a vendor architecture to the CORA helps to better understand the vendor architecture itself. If no vendor architecture is present it can be designed by using the CORA. It is advisable to use the CORA as a reference architecture and apply vendor architectures to it when vendor products are actually chosen. Various vendor reference architectures (i.e. SAP, Oracle, IBM/Open Group and Microsoft) are mapped onto the CORA.